Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying CompTIA Security+ Practice Tests SY0-501
  • Table Of Contents Toc
CompTIA Security+ Practice Tests SY0-501

CompTIA Security+ Practice Tests SY0-501

By : Ian Neil
4.6 (33)
close
close
CompTIA Security+ Practice Tests SY0-501

CompTIA Security+ Practice Tests SY0-501

4.6 (33)
By: Ian Neil

Overview of this book

CompTIA Security+ is a core security certification that will validate your baseline skills for a career in cybersecurity. Passing this exam will not only help you identify security incidents but will also equip you to resolve them efficiently. This book builds on the popular CompTIA Security+ Certification Guide, which mirrors the SY0-501 exam pattern. This practice test-based guide covers all six domains of the Security+ SY0-501 exam: threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; cryptography and PKI; and risk management. You’ll take six mock tests designed as per the official Security+ certification exam pattern, each covering significant aspects from an examination point of view. For each domain, the book provides a dedicated cheat sheet that includes important concepts covered in the test. You can even time your tests to simulate the actual exam. These tests will help you identify gaps in your knowledge and discover answers to tricky exam questions. By the end of this book, you’ll have developed and enhanced the skills necessary to pass the official CompTIA Security+ exam.
Table of Contents (9 chapters)
close
close

Cheat Sheet

The cheat sheet is a condensed format of the main facts that you need to know before taking the exam. We must learn the exam concepts and not just the answers to a bank of questions.

Access Control Lists (ACLs)

  • Firewalls and routers use ACL. No allow rule means implicit deny.

Firewalls

  • Unified Threat Management (UTM)– all in one URL and content filter
  • Stateful firewall – inspect deep into the packet, including size and commands
  • Stateful firewall – protects against DDoS attacks
  • Web application firewall – protect the web server and web applications
  • Host-based – only protects the local computer
  • Network-based – only protects the network

Network Protection

  • Network Intrusion Prevention System (NIPS) – additional layer of protection placed close to firewall
  • Network Intrusion Detection System (NIDS) – detects changes in network, uses sensor and collectors, and alerts the NIPS
  • Signature-based – work from a local database
  • Anomaly-based – start with a database but can learn new patterns

Proxy Server

  • URL filter
  • Content filter
  • Caches web pages

Reverse Proxy

  • Authenticates incoming connections
  • Decrypts incoming traffic

Load Balancer

  • Deals with a high load of web traffic
  • Sends traffic to the least utilized host
  • Affinity – sends the host to the same web server
  • Round robin – balances traffic using DNS A records

SIEM System

  • Real-time monitoring
  • Correlates events on the network
  • Measures account lockout, even with attempts on different computers
  • Needs the correct filter, otherwise false position

Tools

  • Packet sniffer/protocol analyzer – analyze network traffic
  • Banner grabbing – analyze web server
  • Banner grabbing – three main tools: Telnet, Nmap, and Netcat (nc)
  • Nmap – maps out whole network – identifies new hosts
  • NAC – ensures network clients are fully patched
  • DLP – prevents exfiltration of PII, sensitive information, or credit card details
  • Mail gateway – filters out spam
  • Wireless scanner – troubleshoots WAP problems
  • Wireless scanner and SSID decloak device – finds the SSID even if it's disabled
  • Password cracker – can find the hash of a password
  • Honeypot – looks like a legitimate website with lower security
  • Honeypot – analyzes attack methods being used

Data Sanitization Tools

  • Hard drive – best to worst: shred, pulverize, then degauss
  • Paper – best to worst: pulping then shredding
  • Paper – classified – burn bag – destroy by third party – certificate given

Command-Line Tools

  • Netstat – shows established connection
  • Netcat (nc) – shows established connections on Linux
  • Tcpdump – Linux packet analyzer
  • Nslookup – troubleshoot DNS issues
  • DIG – Linux – troubleshoot DNS issues

Mobile Devices

  • Mobile device management – policies and management of mobile devices
  • Download manager – controls download speed
  • Remote wipe – lost or stolen devices – back to factory reset
  • Camera – can record videoconferencing, conversations, or take pictures
  • Protect access – screen locks and strong passwords
  • Protect data at rest – FDE – Full Disk Encryption or small devices Full Device Encryption
  • Containerization/storage segmentation – separates private and business data
  • BYOD – needs AUP and on/offboarding policies
  • Geofencing – prevent theft of devices
  • Geolocation – shows the location of the device
  • Carrier unlocking – jailbreaking/rooting followed by sideloading the app
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
CompTIA Security+ Practice Tests SY0-501
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon