search for books and compare prices
Tables of Contents for Security+ Practice Questions
Chapter/Section Title
Page #
Page Count
Introduction
xv
Chapter 1 General Security Concepts
1
58
Objective 1.1: Access Control
1
7
Objective 1.1.1: MAC
2
2
Objective 1.1.1: DAC
4
2
Objective 1.1.1: RBAC
6
2
Objective 1.2: Authentication
8
9
Objective 1.2.1: Kerberos
9
3
Objective 1.2.2: CHAP
12
1
Objective 1.2.3: Certificates
12
1
Objective 1.2.4: Username/Password
13
1
Objective 1.2.5. Tokens
14
1
Objective 1.2.6: Multi-Factor
15
1
Objective 1.2.7: Mutual Authentication
16
1
Objective 1.2.8: Biometrics
16
1
Objective 1.3: Nonessential Services and Protocols
17
3
Objective 1.4: Attacks
20
20
Objective 1.4.1: DOS/DDOS
21
4
Objective 1.4.2: Back Door
25
1
Objective 1.4.3: Spoofing
26
4
Objective 1.4.4: Man in the Middle
30
1
Objective 1.4.5: Replay
31
1
Objective 1.4.6: TCP/IP Hijacking
31
1
Objective 1.4.7: Weak Keys
32
1
Objective 1.4.8: Mathematical
32
1
Objective 1.4.9: Social Engineering
33
1
Objective 1.4.10: Birthday
33
1
Objective 1.4.11: Password Guessing
34
2
Objective 1.4.12: Software Exploitation
36
1
Objective 1.4.12: SYN attack
36
2
Objective. 1.4.12: Buffer Overflow
38
2
Quick Check Answer Key
40
4
Answers and Explanations
44
15
Chapter 2 Communication Security
59
48
Objective 2.1: Remote Access
59
9
Objective 2.1.1: 802.1x
59
1
Objective 2.1.2: VPN
60
1
Objective 2.1.3: RADIUS
61
1
Objective 2.1.4: TACACS/+
61
1
Objective 2.1.5: L2TP/PPTP
62
1
Objective 2.1.6: SSH
63
1
Objective 2.1.7: IPSec
64
3
Objective 2.1.8: Vulnerabilities (of Remote Access)
67
1
Objective 2.2: Email
68
5
Objective 2.2.1: S/MIME
69
1
Objective 2.2.2: PGP
70
2
Objective 2.2.3: Vulnerabilities (of Email)
72
1
Objective 2.3: Web
73
9
Objective 2.3.1: SSL/TLS
73
2
Objective 2.3.2: HTTP/S
75
1
Objective 2.3.3: Instant Messaging
75
3
Objective 2.3.4: Vulnerabilities (of the Web)
78
4
Objective 2.4: Directory-Recognition Not Administration
82
1
Objective 2.4.1: SSL/TLS
82
1
Objective 2.4.2: LDAP
83
1
Objective 2.5: File Transfer
83
3
Objective 2.5.1: S/FTP
84
1
Objective 2.5.2: Blind FTP/Anonymous
84
1
Objective 2.5.3: File Sharing
85
1
Objective 2.5.4: Vulnerabilities (of File Transfer)
85
1
Objective 2.6: Wireless
86
5
Objective 2.6.1: WTLS
86
1
Objective 2.6.2: 802.11x
87
1
Objective 2.6.3: WEP/WAP
88
1
Objective 2.6.3: WAP
89
1
Objective 2.6.4: Vulnerabilities (of Wireless)
89
2
Quick Check Answer Key
91
4
Answers and Explanations
95
12
Chapter 3 Infrastructure Security
107
44
Objective 3.1: Devices
107
9
Objective 3.1.1: Firewalls
107
2
Objective 3.1.2: Routers
109
2
Objective 3.1.3: Switches
111
1
Objective 3.1.4: Wireless
111
1
Objective 3.1.5: Modems
111
1
Objective 3.1.6: RAS
112
1
Objective 3.1.7: Telecom/PBX
112
1
Objective 3.1.8: VPN
113
1
Objective 3.1.9: IDS
114
1
Objective 3.1.10: Network Monitoring/Diagnostic
114
1
Objective 3.1.11: Workstations
115
1
Objective 3.1.12: Servers
115
1
Objective 3.1.13. Mobile Devices
116
1
Objective 3.2: Media
116
5
Objective 3.2.1: Coax
117
1
Objective 3.2.2: UTP/STP
117
1
Objective 3.2.3: Fiber
118
1
Objective 3.2.4: Removable Media
119
2
Objective 3.3: Security Topologies
121
4
Objective 3.3.1: Security Zones
122
1
Objective 3.3.2: VLANs
123
1
Objective 3.3.3: NAT
123
2
Objective 3.3.4: Tunneling
125
1
Objective 3.4: Intrusion Detection
125
3
Objective 3.4.1: Network Based
126
1
Objective 3.4.2: Host Based
127
1
Objective 3.4.3: Honey Pots
127
1
Objective 3.4.4: Incident Response
128
1
Objective 3.5: Security Baselines
128
8
Objectives 3.5.1: OS/NOS Hardening (Concepts and Processes)
128
1
Objective 3.5.2: Network Hardening
129
2
Objective 3.5.3: Application Hardening
131
5
Quick Check Answer Key
136
4
Answers and Explanations
140
11
Chapter 4 Basics of Cryptography
151
34
Objective 4.1: Algorithms
151
6
Objective 4.1.1: Hashing
151
1
Objective 4.1.2: Symmetric
152
4
Objective 4.1.3: Asymmetric
156
1
Objective 4.2: Concepts of Using Cryptography
157
4
Objective 4.2.1: Confidentiality
158
1
Objective 4.2.2: Integrity
158
2
Objective 4.2.3: Authentication
160
1
Objective 4.2.4: Non-Repudiation
160
1
Objective 4.2.5: Access Control
161
1
Objective 4.3: PKI
161
5
Objective 4.3.1: Certificates-Distinguish Which Certificates Are Used for What Purpose. Basics Only
162
2
Objective 4.3.2: Revocation
164
1
Objective 4.3.3: Trust Models
165
1
Objective 4.4: Standards and Protocols
166
1
Objective 4.5: Key Management/Certificate Lifecycle
166
7
Objective 4.5.1: Centralized Versus Decentralized
167
1
Objective 4.5.2: Storage
167
1
Objective 4.5.3: Escrow
168
1
Objective 4.5.4: Expiration
169
1
Objective 4.5.5: Revocation
169
1
Objective 4.5.6: Suspension
170
1
Objective 4.5.7: Recovery
170
1
Objective 4.5.8: Renewal
171
1
Objective 4.5.9: Destruction
171
1
Objective 4.5.10: Key Usage
171
2
Quick Check Answer Key
173
3
Answers and Explanations
176
9
Chapter 5 Operational/Organizational Security
185
50
Objective 5.1: Physical Security
185
6
Objective 5.1.1: Access Control
186
2
Objective 5.1.2: Social Engineering
188
1
Objective 5.1.3: Environment
189
2
Objective 5.2: Disaster Recovery
191
3
Objective 5.2.1: Backups
191
2
Objective 5.2.2: Secure Recovery
193
1
Objective 5.2.3: Disaster Recovery Plan
193
1
Objective 5.3: Business Continuity
194
2
Objective 5.3.1: Utilities
195
1
Objective 5.3.2: High Availability/Fault Tolerance
195
1
Objective 5.3.3: Backups
196
1
Objective 5.4: Policy and Procedures
196
5
Objective 5.4.1: Security Policy
197
4
Objective 5.4.2: Incident Response Policy
201
1
Objective 5.5: Privilege Management
201
4
Objective 5.5.1: User/Group/Role Management
202
1
Objective 5.5.2: Single Sign-on
202
1
Objective 5.5.3: Centralized Versus Decentralized
203
1
Objective 5.5.4: Auditing (Privilege, Usage, Escalation)
204
1
Objective 5.5.5: MAC/DAC/RBAC
205
1
Objective 5.6: Forensics (Awareness, Conceptual Knowledge, and Understanding-Know What Your Role Is)
205
3
Objective 5.6.1: Chain of Custody
206
1
Objective 5.6.2: Preservation of Evidence
207
1
Objective 5.6.3: Collection of Evidence
207
1
Objective 5.7: Risk Identification
208
3
Objective 5.7.1: Asset Identification
208
1
Objective 5.7.2: Risk Assessment
208
1
Objective 5.7.3: Threat Identification
209
1
Objective 5.7.4: Vulnerabilities
210
1
Objective 5.8: Education-Training of End Users, Executives, and HR
211
2
Objective 5.8.1: Communication
211
1
Objective 5.8.2: User Awareness
212
1
Objective 5.8.3: Education
212
1
Objective 5.8.4: Online Resources
212
1
Objective 5.9: Documentation
213
4
Objective 5.9.1: Standards and Guidelines
213
1
Objective 5.9.2: Systems Architecture
214
1
Objective 5.9.3: Change Documentation
214
1
Objective 5.9.4: Logs and Inventories
214
1
Objective 5.9.5: Classification
215
1
Objective 5.9.6: Retention/Storage
216
1
Objective 5.9.7: Destruction
216
1
Quick Check Answer Key
217
5
Answers and Explanations
222
13
Appendix A CD Contents and Installation Instructions
235
Multiple Test Modes
235
1
Study Mode
235
1
Certification
235
1
Custom Mode
236
1
Adaptive Mode
236
1
Missed Question Mode
236
1
Non-Duplicate Mode
236
1
Question Types
236
1
Random Questions and Order of Answers
236
1
Detailed Explanations of Correct and Incorrect Answers
237
1
Attention to Exam Objectives
237
1
Installing the CD
237
3
Creating a Shortcut to the MeasureUp Practice Tests
239
1
Installing the CD-ROM for MeasureUp Microsoft Office Specialist (MOS) Test Engines
239
1
Technical Support
240