Book Image

CompTIA Security+ Practice Tests SY0-501

By : Ian Neil
Book Image

CompTIA Security+ Practice Tests SY0-501

By: Ian Neil

Overview of this book

CompTIA Security+ is a core security certification that will validate your baseline skills for a career in cybersecurity. Passing this exam will not only help you identify security incidents but will also equip you to resolve them efficiently. This book builds on the popular CompTIA Security+ Certification Guide, which mirrors the SY0-501 exam pattern. This practice test-based guide covers all six domains of the Security+ SY0-501 exam: threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; cryptography and PKI; and risk management. You’ll take six mock tests designed as per the official Security+ certification exam pattern, each covering significant aspects from an examination point of view. For each domain, the book provides a dedicated cheat sheet that includes important concepts covered in the test. You can even time your tests to simulate the actual exam. These tests will help you identify gaps in your knowledge and discover answers to tricky exam questions. By the end of this book, you’ll have developed and enhanced the skills necessary to pass the official CompTIA Security+ exam.

Related Content you might be interested in

Current Title:

Small book image
CompTIA Security+ Practice Tests SY0-501
Ian Neil
Jan, 2020 | 252 pages
Small book image
CompTIA Security+: SY0-601 Certification Guide
John Neil
Dec, 2020 | 550 pages
Small book image
Security+® Practice Tests
Mike Chapple
Oct, 2019 | 390 pages
Small book image
CompTIA Security+ SY0-701 Certification Guide
John Neil
Jan, 2024 | 622 pages
Table of Contents (9 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Threats, Attacks, and Vulnerabilities Practice Tests
Threats, Attacks, and Vulnerabilities Practice Tests
Practice Test 1 – Open Questions – Threats, Attacks, and Vulnerabilities
Practice Test 2 – Fill The Gaps – Threats, Attacks, and Vulnerabilities
Practice Test 3 – Drag and Drops – Threats, Attacks, and Vulnerabilities
Practice Test 4 – Mock Exam 1
Cheat Sheet
Free Chapter
2
Technologies and Tools Practice Tests
Technologies and Tools Practice Tests
Practice Test 5 – Open Questions – Technologies and Tools
Practice Test 6 – Fill The Gaps – Technologies and Tools
Practice Test 7 – Drag and Drops – Technologies and Tools
Practice Test 8 – Mock Exam 2
Cheat Sheet
3
Architecture and Design Practice Tests
Architecture and Design Practice Tests
Practice Test 9 – Open Questions – Architecture and Design
Practice Test 10 – Fill The Gaps – Architecture and Design
Practice Test 11 – Drag and Drop – Architecture and Design
Practice Test 12 – Mock Exam 3
Cheat Sheet
4
Identity and Access Management Practice Tests
Identity and Access Management Practice Tests
Practice Test 13 – Open Questions – Identity and Access Management
Practice Test 14 – Fill The Gaps – Identity and Access Management
Practice Test 15 – Drag and Drop – Identity and Access Management
Practice Test 16 – Mock Exam 4
Cheat Sheet
5
Cryptography and PKI Practice Tests
Cryptography and PKI Practice Tests
Practice Test 17 – Open Questions – Cryptography and PKI
Practice Test 18 – Fill The Gaps – Cryptography and PKI
Practice Test 19 – Drag and Drop – Cryptography and PKI
Practice Test 20 – Mock Exam 5
Cheat Sheet
6
Risk Management
Risk Management
Practice Test 21 – Open Questions – Risk Management
Practice Test 22 – Fill The Gaps – Risk Management
Practice Test 23 – Drag and Drops – Risk Management
Practice Test 24 – Mock Exam 6
Cheat Sheet
7
Assessment
Chapter 1: Threats, Attacks, and Vulnerabilities Practice Tests
Chapter 2: Technologies and Tools Practice Tests
Chapter 3: Architecture and Design Practice Tests
Chapter 4: Identity and Access Management Practice Tests
Chapter 5: Cryptography and PKI Practice Tests
Chapter 6: Risk Management
8
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Cheat Sheet

The cheat sheet is a condensed format of the main facts that you need to know before taking the exam. We must learn the exam concepts and not just the answers to a bank of questions.

Access Control Lists (ACLs)

  • Firewalls and routers use ACL. No allow rule means implicit deny.

Firewalls

  • Unified Threat Management (UTM)– all in one URL and content filter
  • Stateful firewall – inspect deep into the packet, including size and commands
  • Stateful firewall – protects against DDoS attacks
  • Web application firewall – protect the web server and web applications
  • Host-based – only protects the local computer
  • Network-based – only protects the network

Network Protection

  • Network Intrusion Prevention System (NIPS) – additional layer of protection placed close to firewall
  • Network Intrusion Detection System (NIDS) – detects changes in network, uses sensor and collectors, and alerts the NIPS
  • Signature-based – work from a local database
  • Anomaly-based – start with a database but can learn new patterns

Proxy Server

  • URL filter
  • Content filter
  • Caches web pages

Reverse Proxy

  • Authenticates incoming connections
  • Decrypts incoming traffic

Load Balancer

  • Deals with a high load of web traffic
  • Sends traffic to the least utilized host
  • Affinity – sends the host to the same web server
  • Round robin – balances traffic using DNS A records

SIEM System

  • Real-time monitoring
  • Correlates events on the network
  • Measures account lockout, even with attempts on different computers
  • Needs the correct filter, otherwise false position

Tools

  • Packet sniffer/protocol analyzer – analyze network traffic
  • Banner grabbing – analyze web server
  • Banner grabbing – three main tools: Telnet, Nmap, and Netcat (nc)
  • Nmap – maps out whole network – identifies new hosts
  • NAC – ensures network clients are fully patched
  • DLP – prevents exfiltration of PII, sensitive information, or credit card details
  • Mail gateway – filters out spam
  • Wireless scanner – troubleshoots WAP problems
  • Wireless scanner and SSID decloak device – finds the SSID even if it's disabled
  • Password cracker – can find the hash of a password
  • Honeypot – looks like a legitimate website with lower security
  • Honeypot – analyzes attack methods being used

Data Sanitization Tools

  • Hard drive – best to worst: shred, pulverize, then degauss
  • Paper – best to worst: pulping then shredding
  • Paper – classified – burn bag – destroy by third party – certificate given

Command-Line Tools

  • Netstat – shows established connection
  • Netcat (nc) – shows established connections on Linux
  • Tcpdump – Linux packet analyzer
  • Nslookup – troubleshoot DNS issues
  • DIG – Linux – troubleshoot DNS issues

Mobile Devices

  • Mobile device management – policies and management of mobile devices
  • Download manager – controls download speed
  • Remote wipe – lost or stolen devices – back to factory reset
  • Camera – can record videoconferencing, conversations, or take pictures
  • Protect access – screen locks and strong passwords
  • Protect data at rest – FDE – Full Disk Encryption or small devices Full Device Encryption
  • Containerization/storage segmentation – separates private and business data
  • BYOD – needs AUP and on/offboarding policies
  • Geofencing – prevent theft of devices
  • Geolocation – shows the location of the device
  • Carrier unlocking – jailbreaking/rooting followed by sideloading the app
Previous Section
End of Chapter 2
Next Chapter