CompTIA Security+ SY0-501 Cert Guide, Academic Edition, 2nd edition

Published by Pearson IT Certification (December 1, 2017) © 2018

  • Dave Prowse Best-selling CompTIA author and expert trainer



  • Available for purchase from all major ebook resellers, including
  • To request a review copy, click on the "Request a Review Copy" button.

  • A print text (hardcover or paperback) 
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including



  • Includes the full Pearson e-text, pre- and post-assessments, quizzes, videos, and more
  • Provides hands-on skills to bridge conceptual knowledge and real-world application
  • Powerful student management tools yet easy to implement, customize, and manage

Learn, prepare, and practice for CompTIA Security+ SY0-501 exam success with this full-color CompTIA Authorized Cert Guide, Academic Edition from Pearson IT Certification, a leader in IT Certification learning. This book includes access to four complete practice tests, chapter summaries, and case studies including simulations and hands-on video exercises to reinforce the learning.

This is the most comprehensive core study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive
coverage offers all the information and insight readers need to succeed. From start to finish, the book has been organized and edited to improve retention and help network andsecurity professionals focus on areas where they need the most assistance. Its features include: " End-of-chapter case studies and hands-on video exercises help students
practice what they've learned " Three full practice tests based on the real Security + exam - with new video explanations of all answers " Quizzes, memory tables, studystrategies, tips, notes, cautions, key terms, troubleshooting scenarios, and much more. Security training expert David L. Prowse covers every Security+ exam objective,
including: communication security, infrastructure security, operational security, general security concepts, and more.

Introduction xxii

Chapter 1 Introduction to Security 2

Foundation Topics 3

Security 101 3

    The CIA of Computer Security 3

    The Basics of Information Security 4

Think Like a Hacker 6

Threat Actor Types and Attributes 7

Chapter Review Activities 9

Chapter 2 Computer Systems Security Part I 12

Foundation Topics 13

Malicious Software Types 13

    Viruses 13

    Worms 14

    Trojan Horses 14

    Ransomware 15

    Spyware 15

    Rootkits 16

    Spam 16

    Summary of Malware Threats 17

Delivery of Malware 17

    Via Software, Messaging, and Media 18

    Botnets and Zombies 19

    Active Interception 19

    Privilege Escalation 19

    Backdoors 19

    Logic Bombs 20

Preventing and Troubleshooting Malware 20

    Preventing and Troubleshooting Viruses 20

    Preventing and Troubleshooting Worms and Trojans 23

    Preventing and Troubleshooting Spyware 24

    Preventing and Troubleshooting Rootkits 25

    Preventing and Troubleshooting Spam 26

    You Can’t Save Every Computer from Malware! 27

    Summary of Malware Prevention Techniques 27

Chapter Review Activities 29

Chapter 3 Computer Systems Security Part II 34

Foundation Topics 35

Implementing Security Applications 35

    Personal Software Firewalls 35

    Host-Based Intrusion Detection Systems 36

    Pop-Up Blockers 38

    Data Loss Prevention Systems 38

Securing Computer Hardware and Peripherals 39

    Securing the BIOS 39

    Securing Storage Devices 41

        Removable Storage 41

        Network Attached Storage 41

        Whole Disk Encryption 42

        Hardware Security Modules 43

    Securing Wireless Peripherals 43

Securing Mobile Devices 44

    Malware 44

    Botnet Activity 45

    SIM Cloning and Carrier Unlocking 45

    Wireless Attacks 46

    Theft 46

    Application Security 47

    BYOD Concerns 49

Chapter Review Activities 53

Chapter 4 OS Hardening and Virtualization 58

Foundation Topics 59

Hardening Operating Systems 59

    Removing Unnecessary Applications and Services 59

    Windows Update, Patches, and Hotfixes 65

        Patches and Hotfixes 66

        Patch Management 68

    Group Policies, Security Templates, and Configuration Baselines 69

    Hardening File Systems and Hard Drives 71

Virtualization Technology 74

    Types of Virtualization and Their Purposes 74

    Hypervisor 75

    Securing Virtual Machines 76

Chapter Review Activities 79

Chapter 5 Application Security 86

Foundation Topics 87

Securing the Browser 87

    General Browser Security Procedures 88

        Implement Policies 88

        Train Your Users 90

        Use a Proxy and Content Filter 91

        Secure Against Malicious Code 92

    Web Browser Concerns and Security Methods 92

        Basic Browser Security 92

        Cookies 92

        LSOs 93

        Add-ons 94

        Advanced Browser Security 94

Securing Other Applications 95

Secure Programming 99

    Software Development Life Cycle 99

    Core SDLC and DevOps Principles 100

    Programming Testing Methods 102

        White-box and Black-box Testing 102

        Compile-Time Errors Versus Runtime Errors 102

        Input Validation 103

        Static and Dynamic Code Analysis 104

        Fuzz Testing 104

    Programming Vulnerabilities and Attacks 104

        Backdoors 105

        Memory/Buffer Vulnerabilities 105

        Arbitrary Code Execution/Remote Code Execution 106

        XSS and XSRF 107

        More Code Injection Examples 107

        Directory Traversal 109

        Zero Day Attack 109

Chapter Review Activities 111

Chapter 6 Network Design Elements 118

Foundation Topics 119

Network Design 119

    The OSI Model 119

    Network Devices 120

        Switch 120

        Bridge 122

        Router 122

    Network Address Translation, and Private Versus Public IP 123

    Network Zones and Interconnections 125

        LAN Versus WAN 125

        Internet 126

        Demilitarized Zone (DMZ) 126

        Intranets and Extranets 127

    Network Access Control (NAC) 128

    Subnetting 128

    Virtual Local Area Network (VLAN) 130

    Telephony 131

        Modems 131

        PBX Equipment 132

        VoIP 132

Cloud Security and Server Defense 133

    Cloud Computing 133

    Cloud Security 135

    Server Defense 137

        File Servers 137

        Network Controllers 137

        E-mail Servers 138

        Web Servers 139

        FTP Server 140

Chapter Review Activities 142

Chapter 7 Networking Protocols and Threats 148

Foundation Topics 149

Ports and Protocols 149

    Port Ranges, Inbound Versus Outbound, and Common Ports 149

    Protocols That Can Cause Anxiety on the Exam 155

Malicious Attacks 155

    DoS 155

    DDoS 158

    Sinkholes and Blackholes 158

    Spoofing 159

    Session Hijacking 159

    Replay 161

    Null Sessions 161

    Transitive Access and Client-Side Attacks 162

    DNS Poisoning and Other DNS Attacks 162

    ARP Poisoning 164

    Summary of Network Attacks 164

Chapter Review Activities 167

Chapter 8 Network Perimeter Security 174

Foundation Topics 175

Firewalls and Network Security 175

    Firewalls 175

    Proxy Servers 179

    Honeypots and Honeynets 181

    Data Loss Prevention (DLP) 182

NIDS Versus NIPS 183

    NIDS 183

    NIPS 184

    Summary of NIDS Versus NIPS 185

    The Protocol Analyzer’s Role in NIDS and NIPS 185

    Unified Threat Management 186

Chapter Review Activities 187

Chapter 9 Securing Network Media and Devices 194

Foundation Topics 195

Securing Wired Networks and Devices 195

    Network Device Vulnerabilities 195

        Default Accounts 195

        Weak Passwords 195

        Privilege Escalation 196

        Back Doors 197

        Network Attacks 197

        Other Network Device Considerations 197

    Cable Media Vulnerabilities 198

        Interference 198

        Crosstalk 199

        Data Emanation 199

        Tapping into Data and Conversations 200

Securing Wireless Networks 201

    Wireless Access Point Vulnerabilities 202

        The Administration Interface 202

        SSID Broadcast 202

        Rogue Access Points 202

        Evil Twin 203

        Weak Encryption 203

        Wi-Fi Protected Setup 205

        Ad Hoc Networks 205

        VPN over Open Wireless 205

    Wireless Access Point Security Strategies 205

    Wireless Transmission Vulnerabilities 208

    Bluetooth and Other Wireless Technology Vulnerabilities 209

        Bluejacking 209

        Bluesnarfing 210

    RFID and NFC 210

        More Wireless Technologies 210

Chapter Review Activities 212

Chapter 10 Physical Security and Authentication Models 218

Foundation Topics 219

Physical Security 219

    General Building and Server Room Security 219

    Door Access 220

    Biometric Readers 221

Authentication Models and Components 222

    Authentication Models 222

    Localized Authentication Technologies 224

        802.1X and EAP 224

        LDAP 226

        Kerberos and Mutual Authentication 227

        Remote Desktop Services 229

    Remote Authentication Technologies 230

        Remote Access Service 230

        Virtual Private Networks 231

        RADIUS Versus TACACS 234

Chapter Review Activities 236

Chapter 11 Access Control Methods and Models 244

Foundation Topics 245

Access Control Models Defined 245

    Discretionary Access Control 245

    Mandatory Access Control 246

    Role-Based Access Control (RBAC) 247

    Attribute-based Access Control (ABAC) 248

    Access Control Wise Practices 249

Rights, Permissions, and Policies 250

    Users, Groups, and Permissions 251

    Permission Inheritance and Propagation 255

    Moving and Copying Folders and Files 256

    Usernames and Passwords 256

    Policies 258

    User Account Control (UAC) 261

Chapter Review Activities 262

Chapter 12 Vulnerability and Risk Assessment 270

Foundation Topics 271

Conducting Risk Assessments 271

    Qualitative Risk Assessment 272

    Quantitative Risk Assessment 273

    Security Analysis Methodologies 274

    Security Controls 275

    Vulnerability Management 276

        Penetration Testing 277

        OVAL 279

        Additional Vulnerabilities 279

Assessing Vulnerability with Security Tools 280

    Network Mapping 280

    Vulnerability Scanning 282

    Network Sniffing 283

    Password Analysis 284

Chapter Review Activities 287

Chapter 13 Monitoring and Auditing 294

Foundation Topics 295

Monitoring Methodologies 295

    Signature-Based Monitoring 295

    Anomaly-Based Monitoring 295

    Behavior-Based Monitoring 296

Using Tools to Monitor Systems and Networks 296

    Performance Baselining 297

    Protocol Analyzers 299

        Wireshark 299

    SNMP 301

    Analytical Tools 302

    Use Static and Dynamic Tools 304

Conducting Audits 304

    Auditing Files 305

    Logging 306

    Log File Maintenance and Security 310

    Auditing System Security Settings 311

    SIEM 314

Chapter Review Activities 315

Chapter 14 Encryption and Hashing Concepts 322

Foundation Topics 323

Cryptography Concepts 323

    Symmetric Versus Asymmetric Key Algorithms 326

        Symmetric Key Algorithms 326

    Asymmetric Key Algorithms 327

    Public Key Cryptography 327

    Key Management 328

    Steganography 328

Encryption Algorithms 329

    DES and 3DES 329

    AES 329

    RC 330

    Blowfish and Twofish 331

    Summary of Symmetric Algorithms 331

    RSA 331

    Diffie-Hellman 333

    Elliptic Curve 333

    More Encryption Types 334

        One-Time Pad 334

        PGP 335

        Pseudorandom Number Generators 336

Hashing Basics 336

    Cryptographic Hash Functions 337

        MD5 338

        SHA 338

        RIPEMD and HMAC 338

    LANMAN, NTLM, and NTLMv2 339

        LANMAN 339

        NTLM and NTLMv2 340

    Hashing Attacks 341

        Pass the Hash 341

        Happy Birthday! 341

    Additional Password Hashing Concepts 342

Chapter Review Activities 343

Chapter 15 PKI and Encryption Protocols 350

Foundation Topics 351

Public Key Infrastructure 351

    Certificates 351

        SSL Certificate Types 352

        Single-Sided and Dual-Sided Certificates 352

        Certificate Chain of Trust 352

        Certificate Formats 352

    Certificate Authorities 353

    Web of Trust 356

Security Protocols 356

    S/MIME 357

    SSL/TLS 357

    SSH 359

    PPTP, L2TP, and IPsec 359

        PPTP 359

        L2TP 359

        IPsec 360

Chapter Review Activities 361

Chapter 16 Redundancy and Disaster Recovery 368

Foundation Topics 369

Redundancy Planning 369

    Redundant Power 370

    Redundant Power Supplies 371

    Uninterruptible Power Supplies 371

    Backup Generators 372

    Redundant Data 374

    Redundant Networking 376

    Redundant Servers 377

    Redundant Sites 378

    Redundant People 379

Disaster Recovery Planning and Procedures 379

    Data Backup 379

    DR Planning 382

Chapter Review Activities 385

Chapter 17 Social Engineering, User Education, and Facilities Security 390

Foundation Topics 391

Social Engineering 391

    Pretexting 391

    Malicious Insider 391

    Diversion Theft 392

    Phishing 392

    Hoaxes 393

    Shoulder Surfing 394

    Eavesdropping 394

    Dumpster Diving 394

    Baiting 394

    Piggybacking/Tailgating 394

    Watering Hole Attack 395

    Summary of Social Engineering Types 395

User Education 396

    Facilities Security 398

    Fire Suppression 398

        Fire Extinguishers 398

        Sprinkler Systems 399

        Special Hazard Protection Systems 399

    HVAC 400

    Shielding 401

    Vehicles 402

Chapter Review Activities 404

Chapter 18 Policies and Procedures 410

Foundation Topics 411

Legislative and Organizational Policies 411

    Data Sensitivity and Classification of Information 411

    Personnel Security Policies 413

        Privacy Policies 414

        Acceptable Use 414

        Change Management 414

        Separation of Duties/Job Rotation 415

        Mandatory Vacations 415

        Onboarding and Offboarding 415

        Due Diligence 416

        Due Care 416

        Due Process 416

        User Education and Awareness Training 416

        Summary of Personnel Security Policies 417

    How to Deal with Vendors 417

    How to Dispose of Computers and Other IT Equipment Securely 419

Incident Response Procedures 420

IT Security Frameworks 424

Chapter Review Activities 426

Chapter 19 Taking the Real Exam 432

    Getting Ready and the Exam Preparation Checklist 432

    Tips for Taking the Real Exam 435

    Beyond the CompTIA Security+ Certification 438

Practice Exam 1: SY0-501 440

Glossary 458


Elements Available Online

Appendix A: Answers to the Review Questions

Answers to Practice Exam 1

View Recommended Resources

Real-World Scenarios

Flash Cards



9780789759122   TOC   10/31/2017


David L. Prowse is an author, technologist, and technical trainer. He has penned a dozen books for Pearson Education, including the well-received CompTIA A+ Exam Cram. He also develops video content, including the CompTIA A+ LiveLessons video course. Over the past two decades he has taught CompTIA A+, Network+, and Security+ certification courses, both in the classroom and via the Internet. David has 20 years of experience in the IT field and loves to share that experience with his readers, watchers, and students.

He runs the website in support of his books and videos.

Need help? Get in touch


The Pearson uCertify Courses and Labs combine Pearson's authorized and peer-reviewed content with uCertify's accessible, flexible, and scalable online learning platform. All Courses and Labs are mapped directly to Pearson texts to make integration into your current courses easy and convenient

The uCertify Courses are a foundational learning tool and come with the complete Pearson interactive e-text, pre- and post- assessments, quizzes, exercises, tests, instructional videos, and more. The uCertify Labs and Simulators provide hands-on skills and bridge the gap between conceptual knowledge and real-world application

Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.Â