Book Image

CompTIA Security+ Practice Tests SY0-501

By : Ian Neil
Book Image

CompTIA Security+ Practice Tests SY0-501

By: Ian Neil

Overview of this book

CompTIA Security+ is a core security certification that will validate your baseline skills for a career in cybersecurity. Passing this exam will not only help you identify security incidents but will also equip you to resolve them efficiently. This book builds on the popular CompTIA Security+ Certification Guide, which mirrors the SY0-501 exam pattern. This practice test-based guide covers all six domains of the Security+ SY0-501 exam: threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; cryptography and PKI; and risk management. You’ll take six mock tests designed as per the official Security+ certification exam pattern, each covering significant aspects from an examination point of view. For each domain, the book provides a dedicated cheat sheet that includes important concepts covered in the test. You can even time your tests to simulate the actual exam. These tests will help you identify gaps in your knowledge and discover answers to tricky exam questions. By the end of this book, you’ll have developed and enhanced the skills necessary to pass the official CompTIA Security+ exam.
Table of Contents (9 chapters)

Cheat Sheet

The cheat sheet is a condensed format of the main facts that you need to know before taking the exam. We must learn the exam concepts and not just the answers to a bank of questions.

Certificate Hierarchy

  • CA has a root key
  • Stage 1do you want to install a public or private CA
  • Public CA required for trading on the internet (B2B)
  • Architect builds the CA and intermediary authorities
  • Intermediary authorities issue the certificates
  • Certificate pinning—prevents CA compromise and fraudulent certificates

Certificate Validation

  • Certificate Revocation List (CRL)checks certificate validity
  • OCSPused only when the CRL is going slow
  • Certificate staplingwhen the web server bypasses the CRL and goes directly to the OCSP

Private Keys

  • Always retainednever given away
  • P12 format, .pfx extension, password protected
  • Used to decrypt data
  • Used to digitally sign emailprovides integrity
  • Key Escrowholds the private keys for third parties...