Protecting PII and PHI

Data policies help protect Personally Identifiable Information (PII) and Personal Health Information (PHI) by helping to prevent data leakage. If you’re planning to take the SY0-501 version of the Security+ exam, you should have a basic understanding of different elements that may be contained in a data policy. This includes protecting PII and PHI.

For example, can you answer this question?

Q. An organization is preparing to hire additional network administrators. They decide to perform background checks on all personnel after obtaining written permission. Which of the following items is NOT appropriate to include in a background check?

A. Social media presence

B. Criminal background

C. Financial history

D. Medical history

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

PII and PHI

Personally Identifiable Information (PII) is personal information that can be used to personally identify an individual. Personal Health Information (PHI) is PII that includes health information.

Some examples of PII are:
• Full name
• Birthday and birth place
• Medical and health information
• Street or email address information
• Personal characteristics, such as biometric data
• Any type of identification number, such as a Social Security number (SSN) or driver’s license number

In general, you need two or more pieces of information to make it PII. For example, “John Smith” is not PII by itself because it can’t be traced back to a specific person. However, when you connect the name with a birth date, an address, medical information, or other data, it is PII.

When attackers gain PII, they often use it for financial gain at the expense of the individual. For example, attackers steal identities, access credit cards, and empty bank accounts. Whenever possible, organizations should minimize the use, collection, and retention of PII. If it’s not kept, it can’t be compromised. On the other hand, if they collect PII and attackers compromise the data, the company is liable.

Protecting PII and PHI
The number of security breach incidents resulting in the loss of PII continues to rise. For example, a Veteran’s Affairs (VA) employee copied a database onto his laptop that contained PII on over 26 million U.S. veterans. He took the laptop home and a burglar stole it. The VA then went through the painful and expensive process of notifying all of the people who were vulnerable to identity theft, and the affected individuals spent countless hours scouring their records for identity theft incidents. Even though police later recovered the laptop, the VA paid $20 million to settle a lawsuit in the case.

This is not an isolated incident. The Identity Theft Resource Center tracks data breaches and lists them on their site (http://www.idtheftcenter.org/). Their 2015 report reported the number of known U.S. data breaches at 780, exposing more than 177 million records containing PII and/or PHI. Some data breaches were small, affecting only a few hundred people. Others were large such as the attack on Scottrade, accessing more than 4.6 million records. Many times, the companies don’t even report how many records were accessed, so the number of data records in the hands of criminals is very likely much higher.

Each of these instances resulted in potential identity theft and the loss of goodwill and public trust of the company. Both customers and employees were negatively impacted, and the companies were forced to spend time and energy discussing the incident, and spend money trying to repair their reputations.

Protecting PII and PHI

Organizations have an obligation to protect PII. There are many laws that mandate the protection of PII, including international laws, federal laws, and local regulations. Organizations often develop policies to identify how they handle, retain, and distribute PII, and these policies help ensure they are complying with relevant regulations. When a company doesn’t use a specific PII policy, it usually identifies methods used to protect PII in related data policies.

Many laws require a company to report data losses due to security breaches. If an attack results in the loss of customer PII data, the company is required to report it and notify affected individuals. As an example, Arizona enacted a security breach notification law that requires any company doing business in Arizona to notify customers of security breaches. Most states in the United States have similar laws, and similar international laws exist.

One of the common reasons data seems to fall into the wrong hands is that employees don’t understand the risks involved. They might not realize the value of the data on a laptop, or they might casually copy PII data onto a USB flash drive. It is important to note that data classification and labeling procedures help employees recognize the data’s value and help protect sensitive data.

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Training is also important. One of the goals of security professionals is to reinforce the risks of not protecting PII. When employees understand the risks, they are less likely to risk customer and employee data to identity theft.

Additionally, if employees need to transmit PII over a network, they can ensure it’s protected by using encryption. Encrypting data-in-transit provides strong protection against loss of confidentiality.

Many governments have enacted laws mandating the protection of both PII and PHI. Also, there are many documents that provide guidance on how to protect it. The National Institute of Standards and Technology (NIST) created Special Publication (SP) 800-122 “Guide to Protecting the Confidentiality of Personally Identifiable Information (PII).” It identifies many specific safeguards that organizations can implement to protect PII along with steps to take in response to a data breach involving PII. You can access all the NIST publications at http://csrc.nist. gov/publications/PubsSPs.html.


Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Q. An organization is preparing to hire additional network administrators. They decide to perform background checks on all personnel after obtaining written permission. Which of the following items is NOT appropriate to include in a background check?

A. Social media presence

B. Criminal background

C. Financial history

D. Medical history

Answer is D. Medical history is not appropriate to include in a background check.

However, it is common to check a potential employee’s social media presence, criminal background, and financial history.

See Chapter 11 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on protecting data.

Read More

Wireless Security Protocols

Wireless security has improved over the years, but wireless networks are still susceptible to vulnerabilities. Unfortunately, many users just don’t understand how to lock down a wireless network adequately. If you’re planning to take the SY0-501 version of the Security+ exam, you should understand how to install and configure wireless security settings.

For example, can you answer this question?

Q. You want to implement the STRONGEST level of security on a wireless network. Which of the following supports this goal?

A. Implementing WPA with TKIP

B. Disabling SSID broadcast

C. Enabling MAC filtering

D. Implementing WPA2 with CCMP

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Wireless Cryptographic Protocols

Wireless Security ProtocolsBecause wireless networks broadcast over the air, anyone who has a wireless transceiver can intercept the transmissions. You can secure wireless networks with several different steps, but the most important step is to implement a strong security protocol, such as Wi-Fi Protected Access II (WPA2). The primary security protocols available for wireless networks includes WPA, WPA2, and TKIP.

WPA

Wi-Fi Protected Access (WPA) was an interim replacement for Wired Equivalent Privacy (WEP). WEP has known vulnerabilities and should not be used. WPA provided an immediate solution to the weaknesses of WEP without requiring users to upgrade their hardware. Even when WPA replaced WEP, its developers recognized that WPA wasn’t solid enough to last for an extended period. Instead, WPA improved wireless security by giving users an alternative to WEP with existing hardware while the developers worked on creating the stronger WPA2 protocol.

WPA is susceptible to password-cracking attacks, especially when the AP has a weak passphrase. The attacker uses a wireless protocol analyzer to capture the authentication traffic and then uses an offline brute force attack to discover the passphrase. Attackers often use a disassociation attack to force the user to reauthenticate.

WPA2

Wi-Fi Protected Access II (WPA2) is the permanent replacement for WPA. WPA2 (also known as IEEE 802.11i) uses stronger cryptography than WPA. The Wi-Fi Alliance requires all devices carrying its WI-FI CERTIFIED logo to meet WPA2 standards, including the use of the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP).

Although WPA2 provides significant security improvements over previous wireless encryption techniques, some enterprises need stronger security. Another step you can take is to enable authentication with Enterprise mode.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

TKIP Versus CCMP

Temporal Key Integrity Protocol (TKIP) is an older encryption protocol used with WPA, and CCMP is a newer encryption protocol used with WPA2. IEEE has deprecated WPA and TKIP due to various security issues, but many wireless networks are still using these older protocols. IEEE recommends using WPA2 with CCMP because it provides significantly more security.

A benefit of TKIP is that it didn’t require new hardware. WEP users could upgrade software and/or firmware and implement WPA with TKIP without the need to replace the hardware. Newer hardware supports WPA2, so the usage of WPA and TKIP is waning. However, you might still see some legacy hardware using WPA and TKIP.

Later implementations of WPA support Advanced Encryption Standard (AES) instead of TKIP. It is a very strong and efficient encryption algorithm. Many applications beyond WPA/WPA2 use AES to provide secure encryption and ensure confidentiality. Several people have been successful at cracking WPA with TKIP, so whenever possible, it’s best to upgrade WPA to WPA2, or at least upgrade TKIP to use AES.

WPA2 supports CCMP, which is based on AES and is much stronger than WPA using TKIP. WPA2 also employs much more secure methods of managing the encryption keys than WPA.

Authentication Protocols

Wireless networks support several different authentication protocols. Many are built on the Extensible Authentication Protocol (EAP), an authentication framework that provides general guidance for authentication methods. IEEE 802.1X servers typically use one of these methods to increase the level of security during the authentication process. Additionally, while they are often used in wireless networks, they can also be used anywhere an 802.1X server is implemented.

A key point to remember for each of the methods is if they support or require certificates. Some methods are EAP, EAP- FAST, PEAP, EAP-TTLS, EAP-TLS, and RADIUS federation.

Note that EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) supports digital certificates, but they are optional. Protected EAP (PEAP) and EAP-Tunneled TLS (EAP-TTLS) require a certificate on the server, but not the clients. EAP-TLS requires certificates on both the servers and the clients. As an introduction, certificates help provide strong authentication and encryption services. However, a Certificate Authority (CA) must issue certificates, so an organization must either purchase certificates from a public CA, or implement a private CA within the network.


Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Q. You want to implement the STRONGEST level of security on a wireless network. Which of the following supports this goal?

A. Implementing WPA with TKIP

B. Disabling SSID broadcast

C. Enabling MAC filtering

D. Implementing WPA2 with CCMP

Answer is D. Wi-Fi Protected Access II (WPA2) with Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) provides the strongest level of security of the given choices.

Temporal Key Integrity Protocol (TKIP) is an older encryption protocol used with WPA and it isn’t as strong as CCMP.

Disabling service set identifier (SSID) broadcast hides the network from casual users, but attackers can still discover it because the SSID is still included in some packets in plaintext.

Attackers can bypass media access control (MAC) address filtering by spoofing authorized MAC addresses.

See Chapter 4 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on securing network.

Read More

Identifying Common Commands

If you’re planning to take the SY0-501 version of the Security+ exam, you should have a basic understanding of common commands that you can run on your primary computer or within a virtual machine. The CompTIA Security+ objectives list several command-line tools that you should know to help you assess the security posture of an organization.

For example, can you answer this question?

Q. You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections?

A. arp

B. ipconfig

C. ping

D. netstat

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Ipconfig, ifconfig, and ip

The ipconfig command (short for Internet Protocol configuration) shows the Transmission Control Protocol/Internet Protocol (TCP/IP) configuration information for a system. This includes items such as the computer’s IP address, subnet mask, default gateway, MAC address, and the address of a Domain Name System (DNS) server. The command shows the configuration information for all network interface cards (NICs) on a system, including both wired and wireless NICs. Technicians often use ipconfig as a first step when troubleshooting network problems.

Linux-based systems use ifconfig (short for interface configuration) instead of ipconfig. A benefit is that ifconfig has more capabilities than ipconfig, allowing you to use it to configure the NIC in addition to listing the properties of the NIC.Identifying Common Commands

The following list shows some common commands:
ipconfig. Entered by itself, the command provides basic information about the NIC, such as the IP address, subnet mask, and default gateway.
ipconfig /all. This command shows a comprehensive listing of TCP/IP configuration information for each NIC. It includes the media access control (MAC) address, the address of assigned DNS servers, and the address of a Dynamic Host Configuration Protocol (DHCP) server if the system is a DHCP client. You can use ifconfig -a on Linux systems.
ipconfig /displaydns. Each time a system queries DNS to resolve a host name to an IP address, it stores the result in the DNS cache and this command shows the contents of the DNS cache. It also shows any host name to IP address mappings included in the hosts file.
ipconfig /flushdns. You can erase the contents of the DNS cache with this command. Use this when the cache has incorrect information and you want to ensure that DNS is queried for up-to-date information.

The following commands are unique to Linux systems:
ifconfig eth0. This command shows the configuration of the first Ethernet interface (NIC) on a Linux system. If the system has multiple NICs, you can use eth1, eth2, and so on. You can also use wlan0 to view information on the first wireless interface.
ifconfig eth0 promisc. This command enables promiscuous mode on the first Ethernet interface. Promiscuous mode allows a NIC to process all traffic it receives. Normally, a NIC is in non-promiscuous mode and it ignores all packets not addressed to it. You can disable promiscuous mode with this command: ifconfig eth0 -promisc.
ifconfig eth0 allmulti. This command enables multicast mode on the NIC. This allows the NIC to process all multicast traffic received by the NIC. Normally, a NIC will only process multicast traffic for multicast groups that it has joined. You can disable multicast mode with this command: ifconfig eth0 -allmulti.

Normally, a NIC uses non-promiscuous mode and only processes packets addressed directly to its IP address. However, when you put it in promiscuous mode, it processes all packets regardless of the IP address. This allows the protocol analyzer to capture all packets that reach the NIC.

The ifconfig command was deprecated in 2009 in Debian distributions of Linux. Deprecated means that its use is discouraged but tolerated. The ifconfig command is part of the net-tools package and Linux Debian developers are no longer maintaining that package. However, you’ll still see ifconfig and other tools in the net-tools package on most Linux systems, including Kali Linux.

Instead of using ifconfig, Linux developers recommend you use ip instead. Although the ip command can display information and configure network interfaces, it doesn’t use the same commands or have the same abilities. For example, it doesn’t have a command you can use to enable promiscuous mode on a NIC. Here are a few commands that you can use with ip:
ip link show. Shows the interfaces along with some details on them
ip link set eth0 up. Enables a network interface
ip -s link. Shows statistics on the network interfaces

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Netstat

The netstat command (short for network statistics) allows you to view statistics for TCP/IP protocols on a system. It also gives you the ability to view active TCP/IP network connections. Many attacks establish connections from an infected computer to a remote computer. If you suspect this, you can often identify these connections with netstat.

Some of the common commands you can use with netstat are:
Netstat. Displays a listing of all open TCP connections.
Netstat -a. Displays a listing of all TCP and User Datagram Protocol (UDP) ports that a system is listening on, in addition to all open connections. This listing includes the IP address followed by a colon and the port number, and you can use the port number to identify protocols. As an example, if you see an IP address followed by :80, it indicates the system is listening on the default port of 80 for HTTP. This indicates this system is likely a web server.
Netstat –r. Displays the routing table.
Netstat -e. Displays details on network statistics, including how many bytes the system sent and received.
Netstat -s. Displays statistics of packets sent or received for specific protocols, such as IP, ICMP, TCP, and UDP.
Netstat -n. Displays addresses and port numbers in numerical order. This can be useful if you’re looking for information related to a specific IP address or a specific port.
Netstat -p protocol. Shows statistics on a specific protocol, such as TCP or UDP. For example, you could use netstat -p tcp to show only TCP statistics.
You can combine many of the netstat switches to show different types of information. For example, if you want to show a listing of ports that the system is listening on (-a), listed in numerical order (-n), for only the TCP protocol (-p tcp), you could use this command:

netstat -anp tcp

Netstat displays the state of a connection, such as ESTABLISHED to indicate an active connection. RFC 793 (https://tools.ietf.org/rfc/rfc793.txt) formally defines these states.


Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Q. You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections?

A. arp

B. ipconfig

C. ping

D. netstat

Answer is D. The netstat command displays active connections on a system.

Arp displays information related to media access control (MAC) addresses.

Ipconfig displays TCP/IP configuration information for wired and wireless network interface cards.

Ping checks connectivity with remote systems.

See Chapter 1 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on using command-line tools.

Read More

Understanding Access Management Controls

If you’re planning to take the SY0-501 version of the Security+ exam, you should have a good understanding of identity and access management controls.

For example, can you answer this question?

Q. Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?

A. DAC

B. MAC

C. Role-BAC

D. ABAC

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Role-Based Access Control

Role-based access control (role-BAC) uses roles to manage rights and permissions for users. This is useful for users within a specific department who perform the same job functions. An administrator creates the roles and then assigns specific rights and permissions to the roles (instead of to the users). When an administrator adds a user to a role, the user has all the rights and permissions of that role.

Understanding Access Management Controls

Rule-Based Access Control

Rule-based access control (rule-BAC) uses rules. The most common example is with rules in routers or firewalls. However, more advanced implementations cause rules to trigger within applications, too.

Routers and firewalls use rules within access control lists (ACLs). These rules define the traffic that the devices allow into the network, such as allowing Hypertext Transfer Protocol (HTTP) traffic for web browsers. These rules are typically static. In other words, administrators create the rules and the rules stay the same unless an administrator changes them again.

However, some rules are dynamic. For example, intrusion prevention systems can detect attacks, and then modify rules to block traffic from an attacker. In this case, the attack triggers a change in the rules.

As another example, it’s possible to configure user applications with rules. For example, imagine you want to give Homer additional permissions to a database if Marge is absent. You can configure a database rule to trigger a change to these permissions when the system recognizes that Marge is absent.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Discretionary Access Control

In the discretionary access control (DAC) model, every object (such as files and folders) has an owner, and the owner establishes access for the objects. Many operating systems, such as Windows and most Unix-based systems, use the DAC model.

A common example of the DAC model is the New Technology File System (NTFS) used in Windows. NTFS provides security by allowing users and administrators to restrict access to files and folders with permissions.

Attribute-Based Access Control

An attribute-based access control (ABAC) evaluates attributes and grants access based on the value of these attributes. Attributes can be almost any characteristic of a user, the environment, or the resource. ABAC uses policies to evaluate attributes and grant access when the system detects a match in the policy.

As a simple example, Homer is a Nuclear Safety Inspector at the Springfield Nuclear Power Plant. His user account may be defined with the following attributes: employee, inspector, and nuclear aware. A file server at the plant includes a share called Inspector and it holds documents commonly used by nuclear safety inspectors. An ABAC policy for the share might grant access to the share for any subjects that have the attributes of employee, inspector, and nuclear aware. Many software defined networks (SDNs) use ABAC models. Instead of rules on physical routers, policies in the ABAC system control the traffic. These policies typically use plain language statements. For example, an ABAC policy rule for a company that employs researchers might be “Allow logged-on researchers to access research sites via the main network.” Policy statements typically include four elements:

Subject. This is typically a user. You can use any user property as an attribute such as employment status, group memberships, job roles, logged-on status, and more. In the example, the subject is identified as being logged on and a member of a researchers group.

Object. This is the resource (such as a file, database, or application) that the user is trying to access. In the example, the object is research sites. The research sites object would include Internet access via a proxy server along with a specific list of URLs of research sites.

Action. The action is what the user is attempting to do, such as reading or modifying a file, accessing specific web sites, and accessing web site applications. The example allows access to specific web sites.

Environment. The environment includes everything outside of the subject and object attributes. This is often referred to as the context of the access request. It can include the time, location, protocols, encryption, devices, and communication method. In the example, it specifies the main network as an environmental attribute.

An ABAC system has a lot of flexibility and can enforce both a DAC and a MAC model. There are also many similarities between the ABAC model and the DAC and MAC models. In the DAC model, owners have control over the access and in an ABAC model, owners can create policies to grant access.

The MAC model uses labels assigned to both subjects and objects and grants access when the labels match. The ABAC model uses attributes that identify both subjects and objects, and grants access when a policy identifies a match.


Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Q. Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?

A. DAC

B. MAC

C. Role-BAC

D. ABAC

Answer is D. A software defined network (SDN) typically uses an attribute-based access control (ABAC) model, which is based on attributes that identify subjects and objects within a policy.

A discretionary access control (DAC) model has an owner, and the owner establishes access for the objects.

A mandatory access control (MAC) model uses labels assigned to subjects and objects.

A role-based access control (role-BAC) model uses roles or groups to assign rights and permissions.

See Chapter 2 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on access control models.

Read More

Tax Scams

It’s tax season and you know that means. More tax scams.

A neighbor recently reported that she received a phone call from someone stating she was from the Commonwealth of Virginia. The caller (let’s call her the scammer) said my neighbor was due a refund. However, the scammer needed a copy of her 2018 W2s to process the refund.

Thankfully, my neighbor recognized this as a scam and didn’t send the information.

When people fall for this scam, the scammers (let’s call them what they are – criminals) use it to file the person’s 2019 taxes and take the refund. The criminals get the money and the people that fall for the scam don’t realize it until they file their taxes. By that time, their money is long gone.

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Tax Identity Theft Awareness Week

February 3 to 7 is Tax Identity Theft Awareness Week. Many government agencies are using this time to educate people about tax scams.

The Federal Trade Commission (FTC) launched the Tax Identity Theft Awareness Week webpage. It has a lot of valuable resources and they have also scheduled webinars from Jan 29 to Feb 6.

They give the following basic advice to avoid identity theft through tax scams:

  • Protect your SSN throughout the year. Don’t give it out unless there’s a good reason and you’re sure who you’re giving it to.
  • File your tax return as early in the tax season as you can.
  • Use a secure internet connection if you file electronically, or mail your tax return directly from the post office.
  • Research a tax preparer thoroughly before you hand over personal information.
  • Check your credit report at least once a year for free at annualcreditreport.com. Make sure no one has opened a new account in your name.

Tax Scams from the “IRS”

Another neighbor reported receiving five calls in a single day from the “IRS.” The criminal used neighbor spoofing techniques to make the call look like it was coming from a local IRS office. Each of the calls threatened to arrest her if she didn’t call back immediately. She ignored the calls. No, she wasn’t arrested.

This scam is so common that the FTC created this infographic to describe it.

IRS Tax Scam

Social Security Scams

It’s not just tax scams. The Social Security Administration reported receiving more than 115,000 complaints in the past three months. Some people have reported losing as much as $150,000.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Best Defense against Tax Scams

The best defense against tax scams and other scams related to phone calls is simple. Don’t answer any phone calls from numbers you don’t recognize.

If it’s important (and legitimate), the caller will leave a message.

Just let it ring

Recognizing Tax Scams

If the criminals leave a message, there is usually a simple way to recognize it’s a scam. They add a sense of urgency.

This could say something like “If you don’t call us back within 30 minutes,” followed by a threat, such as you’ll be arrested.

Legitimate government agencies (and other organizations) will not issue threats such as this. Of course, they will not give short deadlines, such as 30 minutes, for action either.

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Other Tips to Avoid Tax Scams

The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, businesses, and tax professionals to review this FTC announcement and the following resources for more information:

Why Do Tax Scams Continue

Why do these tax scams (and other related scams) continue?

Because, they succeed. Criminals continue to steal money from unsuspecting, or uninformed, people.

As an IT professional knowledgeable about security, you may recognize these scams and how to avoid them. However, others in your sphere of influence may not.

Think about your parents, siblings, children, friends, co-workers, and neighbors.

Do they know that these scams are common? Do they know that they can avoid most by simply not answering calls from unknown callers? Do they know that they can often recognize a scam when it’s accompanied by a sense of urgency?

If not, feel free to share this article with them.

Read More

Risk Assessment Methods

If you’re planning to take the SY0-501 version of the Security+ exam, you should have a basic understanding of risk management processes and concepts. This includes risk assessment methods used by organizations to mitigate risks using different types of security controls.

For example, can you answer this question?

Q. Martin is performing a risk assessment on an e-commerce web server. While doing so, he created a document showing all the known risks to this server, along with the risk score for each risk. What is the name of this document?

A. Quantitative risk assessment

B. Qualitative risk assessment

C. Residual risk

D. Risk register

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Risk management is the practice of identifying, monitoring, and limiting risks to a manageable level. It doesn’t eliminate risks, but instead identifies methods to limit or mitigate them. The amount of risk that remains after managing risk is residual risk.

Risk Assessment

A risk assessment, or risk analysis, is an important task in risk management. It quantifies or qualifies risks based on different values or judgments. A risk assessment starts by first identifying assets and asset values.

An asset includes any product, system, resource, or process that an organization values. The asset value identifies the worth of the asset to the organization. It can be a specific monetary value or subjective value, such as Low, Medium, and High. The asset value helps an organization focus on the high-value assets and avoid wasting time on low-value assets.

After identifying asset values, the risk assessment then identifies threats and vulnerabilities and determines the likelihood a threat will attempt to exploit a vulnerability. A risk assessment attempts to identify the impact of potential threats and identify the potential harm, and prioritizes risks based on the likelihood of occurrence and impact. Last, a risk assessment includes recommendations on what controls to implement to mitigate risks.

A risk assessment is a point-in-time assessment, or a snapshot. In other words, it assesses the risks based on current conditions, such as current threats, vulnerabilities, and existing controls. For example, consider a library computer that has up-to-date antivirus protection and cannot access the Internet. Based on these conditions, the risks are low. However, if administrators connect the system to the Internet, or fail to keep the antivirus software up to date, the risk increases.
Risk Assessment Methods
It’s common to perform risk assessments on new systems or applications. For example, if an organization is considering adding a new service or application that can increase revenue, it will often perform a risk assessment. This helps it determine if the potential risks may offset the potential gains.

Risk assessments use quantitative measurements or qualitative measurements. Quantitative measurements use numbers, such as a monetary figure representing cost and asset values. Qualitative measurements use judgments. Both methods have the same core goal of helping management make educated decisions based on priorities.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Risk Registers

Some risk assessments use a risk register. There are different definitions for a risk register, depending on which standard you’re following. For example, ISO 73:2009 defines it as a “record of information about identified risks.” Projects IN Controlled Environments (PRINCE2), a detailed project management method, defines a risk register as a “repository for all risks identified and includes additional information about each risk.”

An easy way to create a risk register is in a table format. As an example, imagine you are evaluating risks related to a new e-commerce web site that accesses a back-end database. Your risk register might include the following columns:
Category. Risk categories could include downtime due to hardware failures, outages from an attack, downtime to database server failure, data breaches, and more.

Specific risk. One of the risks related to hardware failures could be hard drive failure. Of course, there are other potential hardware failures, but the remaining columns for this risk will focus on hard drive failure. For this example, imagine that one drive holds the operating system and applications. A second drive holds data.

Likelihood of occurrence. Medium. This assumes that the installed hard drives are not currently using a redundant array of inexpensive disks (RAID) disk subsystem.

Impact. High. If a hard drive fails, it will probably disable the entire web site.

Risk score. 50 (out of 100). This assumes a score of Medium has a value of 5 and a score of High has a value of 10 (5 × 10 = 50). Note that organizations can assign any desired values to the likelihood of occurrence and impact. The values used here are simply an example.

Security controls or mitigation steps. Implement a RAID-1 to protect the hard drive hosting the operating system. Implement a RAID-6 to protect the data.

Contingencies. Ensure backups exist and are kept up to date.

Risk score with security controls. 10 (out of 100). With the RAID-1 and RAID-6 in place, the likelihood of occurrence is now Low, but the impact remains High. The new score assumes a score of Low has a value of 1 and a score of High has a value of 10 (1 × 10 = 10).

Action assigned to. A risk register may document who has responsibility for implementing the security control.

Action deadline. The deadline identifies when the security control should be implemented.

Organizations might use columns such as these or modify them as they see fit. The key is that the risk register documents relevant risks based on the needs of the organization.

Remember this

A risk register is a comprehensive document listing known information about risks. It typically includes risk scores along with recommended security controls to reduce the risk scores.


Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Q. Martin is performing a risk assessment on an e-commerce web server. While doing so, he created a document showing all the known risks to this server, along with the risk score for each risk. What is the name of this document?

A. Quantitative risk assessment

B. Qualitative risk assessment

C. Residual risk

D. Risk register

Answer is D. A risk register lists all known risks for an asset, such as a web server, and it typically includes a risk score (the combination of the likelihood of occurrence and the impact of the risk).

Risk assessments (including quantitative and qualitative risk assessments) might use a risk register, but they aren’t risk registers.

Residual risk refers to the remaining risk after applying security controls to mitigate a risk.

See Chapter 8 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on risk management tools.




Read More
CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2020 Get Certified Get Ahead. All Rights Reserved.