- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
CompTIA Security+ SY0-301 Practice Questions Exam Cram, Third Edition, offers all the exam practice you'll need to systematically prepare, identify and fix areas of weakness, and pass your exam the first time. This book and CD complement any Security+ study plan with more than 800 practice test questions-all supported with complete explanations of every correct and incorrect answer-covering all Security+ exam objectives, including network security; compliance and operation security; threats and vulnerabilities; application, host and data security; access control and identity management; and cryptography.Limited Time Offer: Buy CompTIA Security+ SY0-301 Practice Questions Exam Cram and receive a 10% off discount code for the CompTIA Security+ SYO-301 exam. To receive your 10% off discount code: 1. Register your product at pearsonITcertification.com/register2. Follow the instructions 3. Go to your Account page and click on "Access Bonus Content"Covers the critical information you'll need to know to score higher on your Security+ exam!Features more than 800 questions that are organized according to the Security+ exam objectives, so you can easily assess your knowledge of each topic. Use our innovative Quick-Check Answer System (TM) to quickly find answers as you work your way through the questions. Each question includes detailed explanations! Our popular Cram Sheet, which includes tips, acronyms, and memory joggers, helps you review key facts before you enter the testing center.Diane M. Barrett (MCSE, CISSP, Security+) is the director of training for Paraben Corporation and an adjunct professor for American Military University. She has done contract forensic and security assessment work for several years and has authored other security and forensic books. She is a regular committee member for ADFSL's Conference on Digital Forensics, Security and Law, as well as an academy director for Edvancement Solutions. She holds many industry certifications, including CISSP, ISSMP, DFCP, PCME, and Security+. Diane's education includes a MS in Information Technology with a specialization in Information Security. She expects to complete a PhD in business administration with a specialization in Information Security shortly.Companion CDCD-ROM Features 800+ Practice Questions Detailed explanations of correct and incorrect answers Multiple test modes Random questions and order of answers Coverage of each Security+ exam objective
Contents
Introduction . 5Who This Book Is For 5What You Will Find in This Book 5Hints for Using This Book 6Need Further Study? . 7Chapter One Domain 1.0: Network Security 9Practice Questions 10Objective 1.1: Explain the security function and purpose of network devices and technologies 10Objective 1.2: Apply and implement secure network administration principles . 16Objective 1.3: Distinguish and differentiate network design elements and compounds . 23Objective 1.4: Implement and use common protocols 32Objective 1.5: Identify commonly used ports . 36Objective 1.6: Implement wireless network in a secure manner 40Quick-Check Answer Key 44Objective 1.1: Explain the security function and purpose of network devices and technologies 44Objective 1.2: Apply and implement secure network administration principles . 44Objective 1.3: Distinguish and differentiate network design elements and compounds . 45Objective 1.4: Implement and use common protocols 45Objective 1.5: Identify commonly used ports . 46Objective 1.6: Implement wireless network in a secure manner 46Answers and Explanations 47Objective 1.1: Explain the security function and purpose of network devices and technologies 47Objective 1.2: Apply and implement secure network administration principles . 52Objective 1.3: Distinguish and differentiate network design elements and compounds 58Objective 1.4: Implement and use common protocols 65Objective 1.5: Identify commonly used ports . 70Objective 1.6: Implement wireless network in a secure manner 71Chapter Two Domain 2.0: Compliance and Operational Security . 75Practice Questions 76Objective 2.1: Explain risk related concepts. 76Objective 2.2: Carry out appropriate risk mitigation strategies . 83Objective 2.3: Execute appropriate incident response procedures . 85Objective 2.4: Explain the importance of security related awareness and training . 87Objective 2.5: Compare and contrast aspects of business continuity 92Objective 2.6: Explain the impact and proper use of environmental controls . 94Objective 2.7: Execute disaster recovery plans and procedures . 98Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 105Quick-Check Answer Key . 108Objective 2.1: Explain risk related concepts . 108Objective 2.2: Carry out appropriate risk mitigation strategies 108Objective 2.3: Execute appropriate incident response procedures 108Objective 2.4: Explain the importance of security related awareness and training 109Objective 2.5: Compare and contrast aspects of business continuity . 109Objective 2.6: Explain the impact and proper use of environmental controls. . 109Objective 2.7: Execute disaster recovery plans and procedures 110Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 110Answers and Explanations . 111Objective 2.1: Explain risk related concepts . 111Objective 2.2: Carry out appropriate risk mitigation strategies 117Objective 2.3: Execute appropriate incident response procedures 118Objective 2.4: Explain the importance of security related awareness and training 120Objective 2.5: Compare and contrast aspects of business continuity . 123Objective 2.6: Explain the impact and proper use of environmental controls. . 125Objective 2.7: Execute disaster recovery plans and procedures 128Objective 2.8: Exemplify the concepts of confidentiality, integrity, and availability. 133Chapter Three Domain 3.0: Threats and Vulnerabilities . 135Practice Questions . 136Objective 3.1: Analyze and differentiate among types of malware. 136Objective 3.2: Analyze and differentiate among types of attacks 144Objective 3.3: Analyze and differentiate among types of social engineering attacks 154Objective 3.4: Analyze and differentiate among types of wireless attacks. 156Objective 3.5: Analyze and differentiate among types of application attacks 160CompTIA Security+ SY0-301 Practice Questions Exam CramObjective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 165Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 174Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versusvulnerability scanning . 177Quick-Check Answer Key . 180Objective 3.1: Analyze and differentiate among types of malware. 180Objective 3.2: Analyze and differentiate among types of attacks. . 180Objective 3.3: Analyze and differentiate among types of social engineering attacks 181Objective 3.4: Analyze and differentiate among types of wireless attacks. 181Objective 3.5: Analyze and differentiate among types of application attacks 181Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques. 182Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 182Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. 183Answers and Explanations . 184Objective 3.1: Analyze and differentiate among types of malware 184Objective 3.2: Analyze and differentiate among types of attacks. . 191Objective 3.3: Analyze and differentiate among types of social engineering attacks . 200Objective 3.4: Analyze and differentiate among types of wireless attacks 202Objective 3.5: Analyze and differentiate among types of application attacks. . 206Objective 3.6: Analyze and differentiate among types of mitigation and deterrent techniques 210Objective 3.7: Implement assessment tools and techniques to discover security threats and vulnerabilities 216Objective 3.8: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning. 219Chapter Four Domain 4.0: Application, Data, and Host Security . 223Practice Questions . 224Objective 4.1: Explain the importance of application security . 224Objective 4.2: Carry out appropriate procedures to establish host security. 232Objective 4.3: Explain the importance of data security 239Quick-Check Answer Key . 248Objective 4.1: Explain the importance of application security . 248Objective 4.2: Carry out appropriate procedures to establish host security. 248Objective 4.3: Explain the importance of data security 249Answers and Explanations . 250Objective 4.1: Explain the importance of application security . 250Objective 4.2: Carry out appropriate procedures to establish host security . 257Objective 4.3: Explain the importance of data security 262Chapter Five Domain 5.0: Access Control and Identity Management . 269Practice Questions . 270Objective 5.1: Explain the function and purpose of authentication services 270Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 275Objective 5.3: Implement appropriate security controls when performing account management 285Quick-Check Answer Key . 293Objective 5.1: Explain the function and purpose of authentication services 293Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 293Objective 5.3: Implement appropriate security controls when performing account management . 294Answers and Explanations . 295Objective 5.1: Explain the function and purpose of authentication services 295Objective 5.2: Explain the fundamental concepts and best practices related to authorization and access control . 299Objective 5.3: Implement appropriate security controls when performing account management 309Chapter Six Domain 6.0: Cryptography . 317Practice Questions . 318Objective 6.1: Summarize general cryptography concepts . 318Objective 6.2: Use and apply appropriate cryptographic tools and products 323Objective 6.3: Explain core concepts of public key infrastructure 329Objective 6.4: Implement PKI, certificate management, and associated components 333Quick-Check Answer Key . 338Objective 6.1: Summarize general cryptography concepts . 338Objective 6.2: Use and apply appropriate cryptographic tools and products 338Objective 6.3: Explain core concepts of public key infrastructure 339Objective 6.4: Implement PKI, certificate management, and associated components 339Answers and Explanations . 340Objective 6.1: Summarize general cryptography concepts . 340Objective 6.2: Use and apply appropriate cryptographic tools and products 343Objective 6.3: Explain core concepts of public key infrastructure 348Objective 6.4: Implement PKI, certificate management, and associated components 3519780789748287, TOC, 11/09/2011
