Symmetric Encryption Concepts

Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data. If you’re planning to take the SY0-501 exam, you should have a basic understanding of cryptography concepts such as cipher types and cipher modes.

For example, can you answer this practice test question?

Q. Which of the following is a symmetric encryption algorithm that encrypts data 1 bit at a time?

A. Block cipher

B. Stream cipher

C. AES

D. DES

E. MD5

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Get Certified Get Ahead

Block Versus Stream Ciphers

Most symmetric algorithms use either a block cipher or a stream cipher. They are both symmetric, so they both use the same key to encrypt or decrypt data. However, they divide data in different ways.

A block cipher encrypts data in specific-sized blocks, such as 64-bit blocks or 128-bit blocks. The block cipher divides large files or messages into these blocks and then encrypts each individual block separately. A stream cipher encrypts data as a stream of bits or bytes rather than dividing it into blocks.

In general, stream ciphers are more efficient than block ciphers when the size of the data is unknown or sent in a continuous stream, such as when streaming audio and video over a network. Block ciphers are more efficient when the size of the data is known, such as when encrypting a file or a specific-sized database field.

An important principle when using a stream cipher is that encryption keys should never be reused. If a key is reused, it is easier to crack the encryption.

Remember this

Stream ciphers encrypt data a single bit, or a single byte, at a time in a stream. Block ciphers encrypt data in a specific-sized block such as 64-bit or 128-bit blocks. Stream ciphers are more efficient than block ciphers when encrypting data in a continuous stream.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Cipher Modes

Block ciphers can use a variety of different modes of operation. It’s important to have a basic understanding of these modes when choosing cipher suites.

The Electronic Codebook (ECB) mode of operation is the simplest cipher mode mentioned in this blog. Algorithms that use ECB divide the plaintext into blocks and then encrypt each block using the same key. This represents a significant weakness. If any of the plaintext blocks are the same, the resulting ciphertext is the same, making it much easier to crack. ECB is not recommended for use in any cryptographic protocols today.

Cipher Block Chaining (CBC) mode is used by some symmetric block ciphers. It uses an IV for randomization when encrypting the first block. It then combines each subsequent block with the previous block using an XOR operation. Because encryption of each block is dependent on the encryption of all previous blocks, CBC sometimes suffers from pipeline delays, making it less efficient than some other modes.

Symmetric Encryption Algorithm

Counter (CTM) mode effectively converts a block cipher into a stream cipher. It combines an IV with a counter and uses the result to encrypt each plaintext block. Each block uses the same IV, but CTM combines it with the counter value, resulting in a different encryption key for each block. Multiprocessor systems can encrypt or decrypt multiple blocks at the same time, allowing the algorithm to be quicker on multiprocessor or multicore systems. CTM is widely used and respected as a secure mode of operation.

It’s worthwhile noting that the CompTIA objectives list CTM and include CTM in the acronym list as Counter-Mode. However, it’s much more common to see it listed as CTR or CM.

Galois/Counter Mode (GCM) is a mode of operation used by many block ciphers. It combines the Counter mode of operation with the Galois mode of authentication. Note that it doesn’t authenticate users or systems, but instead provides data authenticity (integrity) and confidentiality. In addition to encrypting the data for confidentiality, it includes hashing techniques for integrity. It is widely used due to its efficiency and performance, allowing systems to quickly encrypt and decrypt data.

Remember this

The Electronic Codebook (ECB) mode of operation is deprecated and should not be used. Cipher Block Chaining (CBC) mode combines each block with the previous block when encrypting data and sometimes suffers from pipeline delays. Counter (CTM) mode combines an IV with a counter to encrypt each block. Galois/Counter Mode (GCM) combines Counter mode with hashing techniques for integrity.


Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Q. Which of the following is a symmetric encryption algorithm that encrypts data 1 bit at a time?

A. Block cipher

B. Stream cipher

C. AES

D. DES

E. MD5

Answer is B. A stream cipher encrypts data a single bit or a single byte at a time and is more efficient when the size of the data is unknown, such as streaming audio or video.

A block cipher encrypts data in specific-sized blocks, such as 64-bit blocks or 128-bit Advanced Encryption Standard (AES) and Data Encryption Standard (DES) are block ciphers.

Message Digest 5 (MD5) is a hashing algorithm.

See Chapter 10 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on cryptography concepts.

Read More

Understanding Secure Coding Concepts

Secure coding concepts are important for application developers to understand. Additionally, IT security managers who manage development projects should understand these concepts, even if they aren’t writing the code. If you’re planning to take the SY0-501 exam, you should have a basic understanding of some common secure application development and deployment concepts.

For example, can you answer this practice test question?

Q. Developers have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified. Which of the following methods provides the BEST solution?

A. Code signing

B. Input validation

C. Code obfuscation

D. Stored procedures

E. Normalization

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Cryptographic Techniques

In general, sensitive data is often encrypted to prevent the unauthorized disclosure of data. If an application is accessing any sensitive data, developers need to ensure that this access doesn’t result in inadvertent data exposure. For example, if an application accesses encrypted data on a different server, the application needs to ensure that the data is encrypted while in transit.

Applications need to decrypt data before processing it. When done processing the data, applications need to encrypt the data before storing it. Additionally, applications need to ensure that all remnants of the data are flushed from memory.

Certificates are used for various purposes such as authenticating users and computers. They can also be used to authenticate and validate software code. As an example, developers can purchase a certificate and associate it with an application or code. This code signing process provides a digital signature for the code and the certificate includes a hash of the code. This provides two benefits. First, the certificate identifies the author. Second, the hash verifies the code has not been modified. If malware changes the code, the hash no longer matches, alerting the user that the code has been modified.
Secure Coding Concepts

Code Reuse and SDKs

Developers are encouraged to reuse code whenever possible. As an example, imagine a developer created code for a web application to create, modify, and authenticate users and this code has been in use for a year. The code has gone through internal testing and has survived the use within the application. Instead of creating brand-new code for a new application, it’s best to use this tested code. Code reuse saves time and helps prevent the introduction of new bugs.

However, when reusing code, developers should ensure that they are using all the code that they copy into another application. As an example, imagine a developer has created a module that has three purposes: create users, modify users, and authenticate users. While working on a new application, he realizes he needs a module that will authenticate users. If he simply copies the entire module into the new application, it creates dead code. Dead code is code that is never executed or used. In this example, the copied code to create and modify users isn’t used in the new application, so it is dead code.

Logic errors can also create dead code. For example, imagine a function tests the value of a variable called Donuts. If Donuts has a value (such as 12), it squares it. If Donuts is null (a value of nothing), it returns an error and exits the function.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Next, the function checks to see if Donuts is null and if so, it prints a message in an error log. Do you see the error? The code to print to an error log never executes. If Donuts is null, the previous check exited the function, so the second check never occurs. This logic error creates the dead code.

Another popular method of code reuse is the use of third-party libraries. As an example, JavaScript is a rich, interpreted language used by many web applications. Netscape originally developed it and it was ultimately standardized as an open source language.

Software development kits (SDKs) are like third-party libraries, but they are typically tied to a single vendor. For example, if you’re creating an Android app, you can use the Android SDK. It includes software tools that will help you create apps for Android-based devices.

Get Certified Get Ahead

Code Obfuscation

Developers often spend a lot of time developing code. If it is JavaScript, it is rather easy for other developers to just copy the code and use it. One way to slow this down is with an obfuscation/camouflage method.

Obfuscation attempts to make something unclear or difficult to understand. Code obfuscation (or code camouflage) attempts to make the code unreadable. It does things like rename variables, replace numbers with expressions, replace strings of characters with hexadecimal codes, and remove comments. For example, a meaningful variable of strFirstName might be renamed to 94mdiwl, and the number 11 might be changed to 0xF01B – 0x73 – 0xEF9D (which still results in the decimal number 11).

It’s worth noting that most security experts reject security through obscurity as a reliable method of maintaining security. Similarly, code obfuscation might make the code difficult to understand by most people. However, it’s still possible for someone with skills to dissect the code.


Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Q. Developers have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified. Which of the following methods provides the BEST solution?

A. Code signing

B. Input validation

C. Code obfuscation

D. Stored procedures

E. Normalization

Answer is A. Code signing provides a digital signature for the code and verifies the publisher of the code and verifies that it hasn’t been modified since the publisher released it.

None of the other answers verify the application hasn’t been modified.

Input validation verifies data is valid before using it.

Code obfuscation makes the code more difficult to read.

Stored procedures are used with SQL databases and can be used for input validation.

Normalization refers to organizing tables and columns in a database to reduce redundant data and improve overall database performance.

See Chapter 7 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on secure coding concepts.

Read More

A Tale of Two Test Takers

It was the best of test taking days. It was the worst of test taking days.

It was the age of critical thinking. It was the age of memorization.

It was a time of celebration and elation. It was a time of sadness and grief.

It was the spring of career advancement. It was the winter of career reevaluation.

It was a day of passing Security+. It was a day of failing Security+.

Lisa passed. Bart failed.*

Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

How To Pass Security+ (SY0-501)

Gratefully, I hear from people almost every day from people telling me that they passed the Security+ exam using the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide and/or study materials on the gcgapremium.com site. Over time, I’ve discovered some basic steps people such as Lisa can follow to pass the SY0-501 Security+ exam using these materials.

Step 1) Use all the materials you have. For example, if you’re using the online materials, take all the quizzes.

Step 2) Get scores of at least 90% on all the quizzes.

Step 3) Don’t memorize quiz questions and answers. This is a sure recipe for failure. Except for a random quiz (that gives you random questions), don’t take the same quiz twice in a day.

– Why not?

– This encourages your brain to memorize the questions and answers.

– It is also misleading. Your score is sure to improve because you just saw the correct answers to all the questions. However, the increased score doesn’t give you an accurate view of your comprehension, but instead it indicates you were able to memorize the questions and answers.

In contrast, if you take a practice quiz on Monday and then again on Wednesday, your score on Wednesday is a much better gauge of your understanding.

4) Read the explanations for all of the practice test questions, not just the ones you missed.

5) Ensure you understand why each answer is correct, and why each answer is incorrect.

– Why?

Practice test questions are typically multi-layered. On the surface, they are helping you understand why the correct answer is correct. However, most questions can be slightly reworded to make one or more other answers correct. By taking the to understand why the incorrect answers are incorrect, a single practice test question helps you understand several potential questions.

This practice gives you the best chance of accurately interpreting the questions on the live exam and answering them correctly.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

How To Fail Security+ (SY0-501)

Unfortunately, I occasionally hear from people letting me know that they failed the Security+ exam after using online materials. Looking at their online scores, I can easily see that they are not following these steps.

As an example, I recently heard from someone (I’ll call him Bart) that wrote: “Sadly today I failed…. I went through all the quizzes multiple times, most chapters I have done well.”

However, looking at Bart’s quiz history the facts show a different story.

Step 1) Bart didn’t use all the materials.

As an example, I’ve added over 35 new practice test questions to the SY0-501 online materials since first publishing the book. It’s called the Extras Test Bank.

Unfortunately, Bart’s quiz history doesn’t show any record of him taking the quiz. Similarly, his quiz history doesn’t show any record of him taking the pre-assessment quiz.

Step 2) Bart didn’t get scores of at least 90% on all the quizzes.

As an example, despite taking the Performance-Based Questions quizzes several times, he never achieved 90% on any of them.

Step 3) Bart routinely took the same quizzes twice or more times in a day. As an example, he only took the Cryptography quiz twice, both times on July 25. Here are his scores:

  • July 25 3:43 am 25%
  • July 25 4:22 am 90%

In this example, a score of 90% is a good reflection on his short-term memory. However, it isn’t a good reflection on his long-term understanding of the topics.

Also, he was left with the following impression “most chapters I have done well.” If he took the quiz a couple of days later, he may have gotten a better evaluation of his understanding.

Steps 4 and 5) Some of his scores indicate that he didn’t take the time to read the explanations and remind himself why the correct answers were correct and why the incorrect answers were incorrect.  As an example, here are his scores for the Managing Risk quiz, which he took only twice.

  • July 25 2:18 am 40%
  • July 25 2:25 am 90%

Notice that he finished the second quiz within 7 minutes of finishing the first quiz. This equates to about 21 seconds per question. This is enough time to remember the answers for questions someone just reviewed. However, it isn’t enough time for most people to go through all the questions reminding himself why the correct answers are correct and why the incorrect answers are incorrect.

Get Certified Get Ahead

Summary

When you plan to take the Security+ exam, your study practices may be a good predictor of whether or not it will be the best of test taking days or not. I encourage you to implement these steps in your studies, no matter what materials you use.

* Just as Charles Dickens tells the story of two men experiencing the same time period in astonishingly different ways (A Tale of Two Cities), Lisa and Bart experienced the same day differently as they took the Security+ exam.

Read More

Managing Accounts Principles

When an account is active, access control methods are used to control what the user can do. Additionally, administrators use access controls to control when and where users can log on.  If you’re planning to take the SY0-501 version of the Security+ exam, you should have a basic understanding of managing accounts. This includes differentiating common account management practices, along with some basic principles used with account management.

For example, can you answer this practice test question?

Q. Members of a project team chose to meet at a local library to complete some work on a key project. All of them are authorized to work from home using a VPN connection and have connected from home successfully. However, they found that they were unable to connect to the network using the VPN from the library and they could not access any of the project data. Which of the following choices is the MOST likely reason why they can’t access this data?

A. Role-based access control

B. Time-of-day access control

C. Location-based policy

D. Discretionary access control

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Get Certified Get Ahead

Time-of-Day Restrictions

Time-of-day restrictions specify when users can log on to a computer. If a user tries to log on to the network outside the restricted time, the system denies access to the user.

As an example, imagine a company operates between 8:00 a.m. and 5:00 p.m. on a daily basis. Managers decide they don’t want regular users logging on to the network except between 6:00 a.m. and 8:00 p.m., Monday through Friday. You could set time-of-day restrictions for user accounts, as shown in the figure. If a user tries to log on outside the restricted time (such as during the weekend), the system prevents the user from logging on.

Managing Accounts Principles

User account properties with time restrictions

If users are working overtime on a project, the system doesn’t log them off when the restricted time arrives. For example, if Maggie is working late on a Wednesday night, the system doesn’t log her off at 8:00 p.m. (assuming the time restrictions are set as shown in the figure). However, the system will prevent her from creating any new network connections.

CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Location-Based Policies

Location-based policies restrict access based on the location of the user. For example, geolocation technologies can often detect a location using the IP address, and block any traffic from unacceptable addresses, such as from foreign countries. It’s also possible to identify a set of IP addresses as the only addresses that are acceptable. This is often referred to as whitelisting the IP addresses.

Within a network, it’s possible to restrict access based on computer names or MAC addresses. For example, imagine Bart has been logging on to multiple computers with his account. It is possible to restrict his account to only his computer. When he tries to log on to his account, he is successful. If he tries to log on to another computer, the location-based policy blocks him.

Remember this

Time-of-day restrictions prevent users from logging on during restricted times. They also prevent logged-on users from accessing resources during certain times. Location-based policies restrict access based on the location of the user.

Expiring Accounts and Recertification

It’s possible to set user accounts to expire automatically. When the account expires, the system disables it, and the user is no longer able to log on using the account.

If you look back at the figure, it shows the properties of an account. The Account Expires section is at the bottom of the page, and the account is set to expire on September 1. When September 1 arrives, the account is automatically disabled and the user will no longer be able to log on.

It’s common to configure temporary accounts to expire. For example, an organization may hire contractors for a 90-day period to perform a specific job. An administrator creates accounts for the contractors and sets them to expire in 90 days. This automatically disables the accounts at the end of the contract.

If the organization extends the contract, it’s a simple matter to recertify the account. Administrators verify that the contract has been extended, change the expiration date, and enable the account.

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Account Maintenance

Administrators routinely perform account maintenance. This is often done with scripts to automate the processes.

As an example, it’s relatively simple to create and run a script listing all enabled accounts that haven’t been used in the last 30 days in a Microsoft AD DS domain. This provides a list of inactive accounts. Often, these are accounts of ex-employees or temporary employees who are no longer at the organization. Ideally, an account disablement policy would ensure that the accounts are disabled as soon as the employee leaves. The scripts provide an additional check to ensure inactive accounts are disabled.

Additionally, account maintenance includes deleting accounts that are no longer needed. For example, if an organization has a policy of disabling accounts when employees leave, but deleting them 60 days later, account maintenance procedures ensure the accounts are deleted.


Security+ Practice Test Questions

SY0-501 Practice Test Questions 

Over 300 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of SY0-501 Practice Test Questions Here

 SY0-501 Practice Test Questions


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Three sets of performance-based questions including over 30 questions. These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions. See a demo here.

Bonus - Extra Practice Test Questions

New multiple-choice questions in the extra test bank. Questions are added occasionally. You can see what has been added recently here.

Get the full bank of Security+ (SYO-501) Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Click here if you're looking for SY0-501 Full Study Package

Q. Members of a project team chose to meet at a local library to complete some work on a key project. All of them are authorized to work from home using a VPN connection and have connected from home successfully. However, they found that they were unable to connect to the network using the VPN from the library and they could not access any of the project data. Which of the following choices is the MOST likely reason why they can’t access this data?

A. Role-based access control

B. Time-of-day access control

C. Location-based policy

D. Discretionary access control

Answer is C. A location-based policy restricts access based on location, such as with an IP address, and this is the best possible answer of those given. The scenario indicates they could use the virtual private network (VPN) connection from home, but it was blocked when they tried to access it from the library.

A time-of-day access control restricts access based on the time of day, but the scenario doesn’t indicate the time.

Neither a discretionary access control model nor a role-based access control model restricts access based on location.

See Chapter 2 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on managing accounts.

Read More

Russian Hacking Exposed

Russian hacking was exposed in a detailed indictment of 12 Russians by the US Department of Justice (DoJ). While reading through it I was intrigued at how the indictment laid out methods that the Russians used in clear and simple English.

Reading through the indictment, it gave all the classic indications of an advanced persistent threat (APT), the indictment never said so. Instead it indicated the attacks came from Units 26165 and 74455, which are part of a Russian military agency called the Main Intelligence Directorate of the General Staff. This is commonly abbreviated as GRU (which is not the same Gru of Despicable Me fame).

Two departments within Unit 26165 have been previously identified as Fancy Bear or APT 28. Apparently these hackers took April 15, 2016 off as a holiday. It is a Russia holiday in honor of the Russian military’s electronic ware services.

Russian Spear Phishing for Credentials

In one of the attacks outlined in the indictment, they sent spear phishing emails (targeting staffers of an election campaign). The email mimicked a security notification from Google and looked something like this according to The Smoking Gun.

Spoofing (or impersonation) is a common method used to trick users. In this example, attackers impersonated The Gmail Team.

Admittedly, this does look rather legitimate and would alarm anyone working on a campaign that someone from the Ukraine was logging onto their account. Looking at the links in the email wouldn’t have helped. Attackers used a URL-shortening service to mask the actual URL

Apparently, some staffers (including volunteers all the way up the chairman of the campaign) clicked the link. They were prompted to enter their current credentials and then they were able to change their passwords. At least that’s what they thought they were doing.

If you know about phishing and spear phishing attacks, you probably guessed that the link was bogus. It allowed the attackers to gather the users’ credentials and access their Google gmail accounts. Immediately after the users “changed” their passwords on the bogus site, the attackers changed their actual passwords to what the users through they were changing it to. Users typically didn’t give this another thought.

Russian Spear Phishing to Install Malware

Attackers also sent spear phishing emails to users with a malicious document. It looked like it was an Excel spreadsheet with a name that made users think it was valid. However, when users clicked on it, it redirected them to a malicious website that attempted to download malware. This is also known as a drive-by download and is a common method used by APTs and other attackers.

The attackers used multiple versions of malware used by GRU known as X-Agent. This gave them remote access to infected computers, allowing them to monitor users’ computer activity, capture keystrokes and screenshots to steal passwords, and maintain extended access to targeted networks.

Data Exfiltration

The indictment outlines how the attackers used the stolen credentials to steal the contents of email accounts, including over 50,000 emails from the chairman’s email account. It also outlines how the attackers used the stolen credentials along with open-source information to learn about networks used by the targeted campaign.

They used other known GRU malware, called X-Tunnel to send the data to servers controlled by the attackers. X-Tunnel compressed gigabytes of stolen data and then sent it with X-Tunnel via encrypted channels to the attackers servers.

They hacked into the computers of people involved in the 2016 U.S. presidential election and installed malware on dozens of these systems. This allowed them to remotely access the systems, monitor key strokes, take screenshots, and access internal network. Ultimately, they stole tens of thousands of emails and other documents from these computers and networks.

Hacked into State Board of Elections

Defendants are also accused of hacking into “the computers U.S. persons and entities responsible for the administration of 2016 U.S. elections, such as state boards of elections, secretaries of state, and U.S. companies that supplied software and other technology related to the administration of U.S. elections.”

In at least one of these attempts, they accessed the website of a state board of elections, and exfiltrated privacy information of approximately 500,000 voters. This included names, addresses, partial social security numbers, driver’s license numbers, and birth dates.

Guccifer 2.0 and DCLeaks

In an attempt to hide their identity, the attackers created online personas such as Guccifer 2.0 and DCLeaks, which they used to release these stolen emails and documents. They hid these identities by spreading falsehoods about them. As an example, Guccifer 2.0 said he was Romanian in interviews that occurred during the attacks and repeatedly said he was not Russian.

They created a variety of sites and social media accounts for DCLeaks and Guccifer 2.0. The DCLeaks and Guccifer 2.0 Twitter accounts were suspended on July 14. They also had Facebook accounts for both DCLeaks and Guccifer 2.0, which they regularly used to spread disinformation. Their website, dcleaks.com, was also used to publish many of these stolen emails and other documents. It has since been taken down.

Russian Hacking Summary

In very clear English, the US DoJ outlined how Russian hackers used sophisticated APT tactics to attack US entities involved in the US election. Attackers started with sophisticated spear phishing attacks to steal credentials and infect dozens of computers. They later stole hundreds of thousands of emails and several gigabytes of data.

This provides another clear example of the importance of educating all users about common cyber security practices. All it takes is one user to click on the wrong link to cause devastation for an organization.

In 2016, it was an attack on a US election campaign.

What will 2019 bring?

Some people predict an attack on our power infrastructure crippling major portions of our country. Indeed, The US-CERT has already published a joint Technical Alert outlining Russian government actions against US “energy, nuclear, commercial facilities, water, aviation,” and other critical manufacturing sectors.

Read More

Using Defense-In-Depth Strategy

It’s common to implement several controls using a defense-in-depth strategy. If you’re planning to take the SY0-501 version of the Security+ exam, you should have a good understanding of frameworks, best practices, and secure configuration guides. This includes implementing defense-in-depth/layered security to protect assets.

For example, can you answer this question?

Q. After a recent attack on your organization’s network, the CTO is insisting that the DMZ uses two firewalls and they are purchased from different companies. Which of the following BEST describes this practice?

A. Single-layer security

B. Vendor diversity

C. Control diversity

D. Redundancy

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Get Certified Get Ahead

Implementing Defense in Depth

Defense in depth (also known as layered security) refers to the security practice of implementing several layers of protection. You can’t simply take a single action, such as implementing a firewall or installing antivirus software, and consider yourself protected. You must implement security at several different layers. This way, if one layer fails, you still have additional layers to protect you.

If you drive your car to a local Walmart, put a five-dollar bill on the dash, and leave the keys in the car and the car running, there is a very good chance the car won’t be there when you come out of the store. On the other hand, if you ensure nothing of value is visible from the windows, the car is locked, it has an alarm system, and it has stickers on the windows advertising the alarm system, it’s less likely that someone will steal it. Not impossible, but less likely.

 

Using Defense-In-Depth Strategy

You’ve probably heard this as “there is no silver bullet.” If you want to kill a werewolf, you can load your gun with a single silver bullet and it will find its mark. The truth is that there is no such thing as a silver bullet. (Of course, there is no such thing as a werewolf either.)

Applied to computers, it’s important to implement security at every step, every phase, and every layer. Information technology (IT) professionals can never rest on their laurels with the thought they have done enough and no longer need to worry about security.

Full Security+ Course

SY0-501 Full Security+ Course

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide

  • Introduction
  • About the exam (including information on the number of questions, test duration, passing score, types of questions and more. Also includes a listing of the exam objectives)
  • 75 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Identity and Access Management (full content from Chapter 2 of the study guide including the exam topic review and 15 practice test questions)
  • Exploring Network Technologies and Tools (full content from Chapter 3 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 15 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 15 practice test questions)
  • Comparing Threats, Vulnerabilities, and Common Attacks (full content from Chapter 6 of the study guide including the exam topic review and 15 practice test questions)
  • Protecting Against Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 15 practice test questions)
  • Using Risk Management Tools (full content from Chapter 8 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Controls to Protect Assets (full content from Chapter 9 of the study guide including the exam topic review and 15 practice test questions)
  • Understanding Cryptography and PKI (full content from Chapter 10 of the study guide including the exam topic review and 15 practice test questions)
  • Implementing Policies to Mitigate Risks (full content from Chapter 11 of the study guide including the exam topic review and 15 practice test questions)
  • 75 question post-assessment exam
  • Glossary

Get the SY0-501 Full Security+ Course Here


Test your readiness with these quality materials

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

3 sets Performance-based Questions

Three new sets of performance-based questions with a total of 30 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 494 Online Security+ Glossary Flashcards
  • 222 Online Security+ Acronyms Flashcards
  • 223 Online Security+ Remember This Slide from the popular CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Audio - SY0-501 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 20 minutes of audio (MP3 downloads.)

Audio - SY0-501 Security+ Question and Answer Audio Files

Learn by Listening. Over two hours hour and 53 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. Over one hour and 40 minutes of additional audio.

Bonus #2

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. This includes labs, extra practice test questions, and supplementary materials

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the SY0-501 Full Security+ Course Here

Control diversity is the use of different security control types, such as technical controls, administrative controls, and physical controls. For example, technical security controls such as firewalls, intrusion detection systems (IDSs), and proxy servers help protect a network. Physical security controls can provide extra protection for the server room or other areas where these devices are located. Administrative controls such as vulnerability assessments and penetration tests can help verify that these controls are working as expected.

Vendor diversity is the practice of implementing security controls from different vendors to increase security. Many DMZs use two firewalls and vendor diversity dictates the use of firewalls from different vendors. For example, one firewall could be a Cisco firewall and the other one could be a Check Point firewall. If a vulnerability is discovered in one of these firewalls, an attacker might be able to exploit it. However, it’s unlikely that both firewalls would develop a vulnerability at the same time.


CompTIA Security+ Study Guide

The 501 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide is an update to the top-selling SY0-201, SY0-301, and SY0-401 study guides, which have helped thousands of readers pass the exam the first time they took it.  It includes the same elements readers raved about in the previous three versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.



Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 75 question pre-test
  • A 75 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-501 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Q. After a recent attack on your organization’s network, the CTO is insisting that the DMZ uses two firewalls and they are purchased from different companies. Which of the following BEST describes this practice?

A. Single-layer security

B. Vendor diversity

C. Control diversity

D. Redundancy

Answers is B. The chief technology officer (CTO) is recommending vendor diversity for the demilitarized zone (DMZ). Firewalls from different companies (vendors) provide vendor diversity. This also provides defense in depth or layered security, but not single-layer security.

Control diversity is the use of different controls such as technical, administrative, and physical.

Redundancy is the use of duplicate components for fault tolerance, but the two firewalls work together in the DMZ.

See Chapter 9 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on implementing controls to protect assets.

Read More
CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.