CompTIA® Security+ SY0-201 Practice Questions Exam Cram, Second Edition Diane Barrett CompTIA®Security+ SY0-201 Practice Questions Exam Cram, Publisher Second Edition Paul Boger Copyright ® 2010 by Pearson Education, Inc. Associate Publisher All rights reserved. No part of this book shall be reproduced, stored in a retrieval sys- David Dusthimer tem, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is Acquisitions Editor assumed with respect to the use of the information contained herein. Although every Betsy Brown precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for dam- Senior Development ages resulting from the use of the information contained herein. Editor ISBN-13: 978-0-7897-4258-2 Christopher ISBN-10: 0-7897-4258-6 Cleveland Library of Congress Cataloging-in-Publication data is on file. Managing Editor Printed in the United States of America Patrick Kanouse First Printing: October 2009 Technical Editor 10 09 08 07 06 4 3 2 1 Pawan Bhardwaj Trademarks Project Editor All terms mentioned in this book that are known to be trademarks or service marks Seth Kerney have been appropriately capitalized. Pearson cannot attest to the accuracy of this infor- mation. Use of a term in this book should not be regarded as affecting the validity of Copy Editor any trademark or service mark. Keith Cline Warning and Disclaimer Every effort has been made to make this book as complete and as accurate as possi- Proofreader ble, but no warranty or fitness is implied. The information provided is on an “as is” Water Crest basis. The author and the publisher shall have neither liability nor responsibility to any Publishing, Inc. person or entity with respect to any loss or damages arising from the information con- tained in this book or from the use of the CD or programs accompanying it. Publishing Coordinator Bulk Sales Vanessa Evans Que Publishing offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact Multimedia U.S. Corporate and Government Sales Developer 1-800-382-3419 Dan Scherf [email protected] Cover Designer For sales outside the U.S., please contact Gary Adair International Sales [email protected] Page Layout Bronkella Publishing LLC Table of Contents Introduction.........................................................1 Who This Book Is For..........................................1 What You Will Find in This Book................................1 Hints for Using This Book......................................2 Need Further Study? ...........................................3 Chapter 1: Domain 1.0: Systems Security .........................................5 Practice Questions .............................................6 Objective 1.1: Differentiate among various systems security threats. .................................................6 Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.................................14 Objective 1.3: Implement OS hardening practices and procedures to achieve workstation and server security.........19 Objective 1.4: Carry out the appropriate procedures to establish application security. .............................26 Objective 1.5: Implement security applications................31 Objective 1.6: Explain the purpose and application of virtualization technology. ................................36 Quick-Check Answer Key......................................41 Objective 1.1: Differentiate among various systems security threats.................................................41 Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.................................41 Objective 1.3: Implement OS hardening practices and procedures to achieve workstation and server security.........42 Objective 1.4: Carry out the appropriate procedures to establish application security. .............................42 Objective 1.5: Implement security applications................43 Objective 1.6: Explain the purpose and application of virtualization technology. ................................43 Answers and Explanations......................................44 Objective 1.1: Differentiate among various systems security threats.................................................44 Objective 1.2: Explain the security risks pertaining to system hardware and peripherals.................................51 Objective 1.3: Implement OS hardening practices and procedures to achieve workstation and server security.........54 Objective 1.4: Carry out the appropriate procedures to establish application security. .............................60 Objective 1.5: Implement security applications................64 Objective 1.6: Explain the purpose and application of virtualization technology. ................................68 Chapter 2: Domain 2.0: Network Infrastructure....................................73 Practice Questions ............................................74 Objective 2.1: Differentiate between the different ports & protocols, their respective threats, and mitigation techniques. ...74 Objective 2.2: Distinguish between network design elements and components.........................................81 Objective 2.3: Determine the appropriate use of network security tools to facilitate network security. .................86 Objective 2.4: Apply the appropriate network tools to facilitate network security.........................................92 Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices. ..........................96 Objective 2.6: Explain the vulnerabilities and mitigations associated with various transmission media.................100 Objective 2.7: Explain the vulnerabilities and implement mitigations associated with wireless networking.............101 Quick-Check Answer Key.....................................107 Objective 2.1: Differentiate between the different ports & protocols, their respective threats, and mitigation techniques.............................................107 Objective 2.2: Distinguish between network design elements and components........................................107 Objective 2.3: Determine the appropriate use of network security tools to facilitate network security. ................108 Objective 2.4: Apply the appropriate network tools to facilitate network security........................................108 Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices. .........................108 Objective 2.6: Explain the vulnerabilities and mitigations associated with various transmission media.................109 Objective 2.7: Explain the vulnerabilities and implement mitigations associated with wireless networking.............109 Answers and Explanations.....................................110 Objective 2.1: Differentiate between the different ports & protocols, their respective threats, and mitigation techniques. ..110 Objective 2.2: Distinguish between network design elements and components........................................114 Objective 2.3: Determine the appropriate use of network security tools to facilitate network security. ................119 Objective 2.4: Apply the appropriate network tools to facilitate network security........................................123 Objective 2.5: Explain the vulnerabilities and mitigations associated with network devices. .........................128 Objective 2.6: Explain the vulnerabilities and mitigations associated with various transmission media.................133 Objective 2.7: Explain the vulnerabilities and implement mitigations associated with wireless networking.............134 Chapter 3: Domain 3.0: Access Control .........................................141 Practice Questions ...........................................142 Objective 3.1: Identify and apply industry best practices for access control methods..................................142 Objective 3.2: Explain common access control models and the differences between each.............................145 Objective 3.3: Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges..........................149 Objective 3.4: Apply appropriate security controls to file and print resources.........................................152 Objective 3.5: Compare and implement logical access control methods. .............................................154 Objective 3.6: Summarize the various authentication models and identify the components of each. .....................159 Objective 3.7: Deploy various authentication models and identify the components of each..........................162 Objective 3.8: Explain the difference between identification and authentication (identity proofing).....................167 Objective 3.9: Explain and apply physical access security methods. .............................................168 Quick-Check Answer Key.....................................172 Objective 3.1: Identify and apply industry best practices for access control methods..................................172 Objective 3.2: Explain common access control models and the differences between each.............................172 Objective 3.3: Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges..........................172 Objective 3.4: Apply appropriate security controls to file and print resources. ....................................173 Objective 3.5: Compare and implement logical access control methods. .............................................173 Objective 3.6: Summarize the various authentication models and identify the components of each. .....................173 Objective 3.7: Deploy various authentication models and identify the components of each..........................174 Objective 3.8: Explain the difference between identification and authentication (identity proofing).....................174 Objective 3.9: Explain and apply physical access security methods. .............................................174 Answers and Explanations.....................................175 Objective 3.1: Identify and apply industry best practices for access control methods..................................175 Objective 3.2: Explain common access control models and the differences between each.............................178 vi CompTIA®Security+ SY0-201 Practice Questions Exam Cram, Second Edition Objective 3.3: Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges..........................182 Objective 3.4: Apply appropriate security controls to file and print resources. ....................................184 Objective 3.5: Compare and implement logical access control methods. .............................................186 Objective 3.6: Summarize the various authentication models and identify the components of each. .....................190 Objective 3.7: Deploy various authentication models and identify the components of each..........................192 Objective 3.8: Explain the difference between identification and authentication (identity proofing).....................196 Objective 3.9: Explain and apply physical access security methods. .............................................197 Chapter 4: Domain 4.0: Assessments & Audits...................................201 Practice Questions ...........................................202 Objective 4.1: Conduct risk assessments and implement risk mitigation.............................................202 Objective 4.2: Carry out vulnerability assessments using common tools. ........................................205 Objective 4.3: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning...................................209 Objective 4.4: Use monitoring tools on systems and networks and detect security-related anomalies......................210 Objective 4.5: Compare and contrast various types of monitoring methodologies...............................215 Objective 4.6: Execute proper logging procedures and evaluate the results.............................................219 Objective 4.7: Conduct periodic audits of system security settings. ..............................................223 Quick-Check Answer Key.....................................229 Objective 4.1: Conduct risk assessments and implement risk mitigation.............................................229 Objective 4.2: Carry out vulnerability assessments using common tools. ........................................229 Objective 4.3: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning...................................229 Objective 4.4: Use monitoring tools on systems and networks a nd detect security-related anomalies.......................230 Objective 4.5: Compare and contrast various types of monitoring methodologies...............................230 Objective 4.6: Execute proper logging procedures and evaluate the results.............................................230 vii Contents Objective 4.7: Conduct periodic audits of system security settings. ..............................................231 Answers and Explanations.....................................232 Objective 4.1 Conduct risk assessments and implement risk mitigation.............................................232 Objective 4.2: Carry out vulnerability assessments using common tools. ........................................234 Objective 4.3: Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning...................................237 Objective 4.4: Use monitoring tools on systems and networks and detect security-related anomalies......................238 Objective 4.5: Compare and contrast various types of monitoring methodologies...............................242 Objective 4.6: Execute proper logging procedures and evaluate the results.............................................245 Objective 4.7: Conduct periodic audits of system security settings. ..............................................248 Chapter 5: Domain 5.0: Cryptography...........................................251 Practice Questions ...........................................252 Objective 5.1: Explain general cryptography concepts.........252 Objective 5.2: Explain basic hashing concepts and map various algorithms to appropriate applications.....................258 Objective 5.3: Explain basic encryption concepts and map various algorithms to appropriate applications..............261 Objective 5.4: Explain and implement protocols. ............265 Objective 5.5: Explain core concepts of public key cryptography...........................................269 Objective 5.6: Implement PKI and certificate management. ...273 Quick-Check Answer Key.....................................278 Objective 5.1: Explain general cryptography concepts.........278 Objective 5.2: Explain basic hashing concepts and map various algorithms to appropriate applications..............278 Objective 5.3: Explain basic encryption concepts and map various algorithms to appropriate applications..............279 Objective 5.4: Explain and implement protocols. ............279 Objective 5.5: Explain core concepts of public key cryptography...........................................279 Objective 5.6: Implement PKI and certificate management. ...280 Answers and Explanations.....................................281 Objective 5.1: Explain general cryptography concepts.........281 Objective 5.2: Explain basic hashing concepts and map various algorithms to appropriate applications.....................285 Objective 5.3: Explain basic encryption concepts and map various algorithms to appropriate applications..............286 viii CompTIA®Security+ SY0-201 Practice Questions Exam Cram, Second Edition Objective 5.4: Explain and implement protocols. ............289 Objective 5.5: Explain core concepts of public key cryptography...........................................292 Objective 5.6: Implement PKI and certificate management. ...296 Chapter 6: Domain 6.0: Organizational Security ..................................301 Practice Questions ...........................................302 Objective 6.1: Explain redundancy planning and its components. ..........................................302 Objective 6.2: Implement disaster recovery procedures........307 Objective 6.3: Differentiate between and execute appropriate incident response procedures.............................310 Objective 6.4: Identify and explain applicable legislation and organizational policies. .................................312 Objective 6.5: Explain the importance of environmental controls...............................................319 Objective 6.6: Explain the concept of and how to reduce the risks of social engineering. ..............................324 Quick-Check Answer Key.....................................328 Objective 6.1: Explain redundancy planning and its components. ..........................................328 Objective 6.2: Implement disaster recovery procedures........328 Objective 6.3: Differentiate between and execute appropriate incident response procedures.............................328 Objective 6.4: Identify and explain applicable legislation and organizational policies. .................................329 Objective 6.5: Explain the importance of environmental controls...............................................329 Objective 6.6: Explain the concept of and how to reduce the risks of social engineering. ..............................329 Answers and Explanations.....................................330 Objective 6.1: Explain redundancy planning and its components. ..........................................330 Objective 6.2: Implement disaster recovery procedures........334 Objective 6.3: Differentiate between and execute appropriate incident response procedures.............................336 Objective 6.4: Identify and explain applicable legislation and organizational policies. .................................338 Objective 6.5: Explain the importance of environmental controls...............................................343 Objective 6.6: Explain the concept of and how to reduce the risks of social engineering. ..............................346 ix Contents About the Author Diane Barretthas been involved in the IT industry for about 20 years. She spent 7 years in software development before becoming involved in education, securi- ty, and forensics. Currently she is the Faculty Council Chair for the Systems Development Group at the University of Advancing Technology and both develops curriculum and teaches in the Computer Forensics and Network Security programs. In addition, she does contract forensic and security work. Diane belongs to the local chapters of several security user groups, including HTCIA, ISSA, and InfraGard. She holds about 15 industry certifications, including CISSP, ISSMP, and Security+. She has also authored several other security and forensic books. Diane received her master of science degree in computer technology with a specialization in information security from Capella University and is currently working on a Ph.D. in business administration with a specialization in information security. Dedication To my nephew Ryan, who is always a bright spot in my day. Acknowledgments Publishing a book takes the collaboration and teamwork of many individuals. Thanks to everyone involved in this process at Pearson Education, especially Betsy and Chris. To the editorial and technical reviewers, thank you for making sure that my work was sound and on target. Special thanks to my husband for all his support and patience while I worked on this project.