Home > Store

CompTIA Security+ SY0-401 Pearson uCertify Course and Labs and Textbook Bundle

Register your product to gain access to bonus material or receive a coupon.

CompTIA Security+ SY0-401 Pearson uCertify Course and Labs and Textbook Bundle


  • Your Price: $136.00
  • List Price: $160.00
  • We're temporarily out of stock, but order now and we'll send it to you later.



  • The course navigation is driven by a user friendly dashboard that can be adapted to the specific course content
  • Allows students to toggle between the various learning tools and resources and then return back to topic at hand
  • Students can plan their studies using Study Planner and use one of the three available study modes – Test, Learn, or Review to suit their learning style

  • Manage sections and students by powerful tools available in Educator Area
  • Use LABS as a stand-alone tool, pair it with a uCertify course, or map it to a text book
  • Easy to integrate into curriculum
  • Perfect for instructor-led or blended training
  • Students can plan their studies using Study Planner and use one of the three available study modes - Test, Learn or Review to suit their learning style
  • Case studies and hands-on video exercises in each chapter, to help students practice what they've learned
  • Three full practice tests based on the real Security + exam - with new video explanations of all answers
  • Exclusive "Do I Know This Already?" quizzes, memory tables, study strategies, tips, cautions, key terms, troubleshooting scenarios, last-minute review tearsheet, and more


  • Copyright 2015
  • Edition: 1st
  • Book
  • ISBN-10: 0-7897-5557-2
  • ISBN-13: 978-0-7897-5557-5

Welcome to CompTIA Security+ SY0-401 Pearson uCertify Course and Labs and Textbook Bundle

CompTIA Security+ SY0-401 uCertify Course and Labs is an easy-to-use online course that allows you to assess your readiness and teaches you what you need to know to pass the CompTIA Security+ SY0-401 exam.

Master all of the CompTIA Security+ exam objectives in the framework of CompTIA Security+ SY0-401 Cert Guide interactive eBook. The interactive eBook includes informative text, tables, step-by-step lists, images, 4+ hours of video, interactive exercises, glossary flash cards, and review activities. The course comes complete with extensive pre- and post-assessment tests. In total there are over 350 practice questions.

The award-winning uCertify Labs help bridge the gap between conceptual knowledge and real-world application by providing competency-based, interactive, online, 24x7 training. uCertify Labs simulate real-world networking hardware, software applications and operating systems, and command-line interfaces. The 130+ labs are supplemented with more than 50 videos demonstrating lab solutions. Students can feel safe working in this virtual environment resolving real-world operating system and hardware problems.

All of the content—the complete textbook, the 4+ hours of video instruction, the practice questions, the exercises, and the labs—is focused around the official CompTIA Security+ exam objectives.

Learn, prepare, and practice for CompTIA Security+ SY0-401 exam success with this CompTIA Authorized Cert Guide, Academic Edition from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner. The DVD features three complete practice exams, complete video solutions to 31 hands-on labs, plus 31 interactive flash-based simulations that include drag-and-drop and matching to reinforce the learning.

  • Master CompTIA’s Security+ SY0-401 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Reinforce your knowledge of key concepts with chapter review activities
  • Practice with realistic exam questions on the DVD
  • Includes complete video solutions to 31 hands-on labs
  • Plus 31 interactive simulations on key exam topics
  • Work through 270 Flash Cards in Q&A and glossary term format
  • Includes free access to the Premium Edition eBook

CompTIA Security+ SY0-401 Authorized Cert Guide, Academic Edition includes video solutions to the hands-on labs, practice tests, and interactive simulations that let the reader learn by doing. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your approach to passing the exam.

The companion Academic Edition DVD contains the powerful Pearson IT Certification Practice Test engine, with three complete practice exams and hundreds of exam-realistic questions and free access to the Premium Edition eBook. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Work through 270 Flash Cards in Q&A and glossary term format to help reinforce your knowledge of key concepts and facts. The Academic Edition DVD also includes complete video solutions to 31 hands-on labs in the book and 31 interactive simulations on key exam topics to reinforce the learning by doing. Learning activities such as test password strength, match the type of Malware with its definition, find the security issues in the network map, and disallow a user access to the network on Saturday and Sunday.

Interactive Simulations:

  • 2-1: Identifying Malware Types
  • 2-2: Securing the BIOS
  • 2-4: Filtering E-mails
  • 3-3: Stopping Services in the Command Prompt
  • 4-1: Securing Web Browsers
  • 5-1: Creating a DMZ
  • 5-3: Defending against the Web Shell
  • 6-1a: Understanding Port Numbers, Part A
  • 6-1b: Understanding Port Numbers, Part B
  • 6-1c: Understanding Port Numbers, Part C
  • 6-2a: Identifying Network Attacks, Part A
  • 6-2b: Identifying Network Attacks, Part B
  • 6-2c: Identifying Network Attacks, Part C
  • 6-2d: Identifying Network Attacks, Part D
  • 7-1: Configuring a Firewall's Ruleset
  • 8-4: Planning Network Security
  • 9-1: Choosing Physical Security Methods
  • 9-2: Selecting the Correct Authentication Technology
  • 9-3: Understanding 802.1X
  • 10-1: Password Strength
  • 10-2: Configuring Logon Hours
  • 10-3: Understanding Access Control Models
  • 11-1a: Risk Assessment, Part A
  • 11-1b: Risk Assessment, Part B
  • 11-1c: Vulnerability Management Process
  • 12-1: Capturing and Analyzing Packets
  • 12-2: Deciphering Log Files
  • 13-1: Understanding Symmetric and Asymmetric Algorithms
  • 15-1: Configuring RAID
  • 16-1a: Identifying Social Engineering Attacks, Part A
  • 16-1b: Identifying Social Engineering Attacks, Part B

Hands-On Labs Video Solutions:

  • 2-1: Using Free Malware Scanning Programs
  • 2-2: Securing the BIOS
  • 2-3: Securing Mobile Devices
  • 3-1: Discerning and Updating Service Pack Level
  • 3-2: Securing a Virtual Machine
  • 3-3: Working with Services in Windows and Linux
  • 4-1: Securing Web Browsers
  • 4-2: Whitelisting and Blacklisting Applications with a Windows Server Policy
  • 5-2: Subnetting a Network
  • 6-1: Scanning Ports
  • 7-2: Configuring Packet Filtering and NAT
  • 7-3: Configuring an Inbound Filter
  • 8-1: Securing a Wireless Device
  • 8-2: Enabling MAC Filtering
  • 8-3: Wardriving and the Cure
  • 9-3: Understanding 802.1X
  • 9-4: Setting Up a Secure VPN
  • 10-1: Configuring Complex Passwords
  • 10-2: Configuring Password Policies and User Accounts Restrictions
  • 10-4: Configuring User and Group Permissions
  • 11-2: Mapping and Scanning the Network
  • 11-3: Defending Against Password Cracking
  • 12-1: Capturing and Analyzing Packets
  • 12-2: Deciphering Log Files
  • 12-3: Auditing Files
  • 13-1: Understanding Symmetric and Asymmetric Algorithms
  • 13-2: Disabling the LM Hash
  • 14-1: Understanding PKI
  • 14-2: Making an SSH Connection
  • 15-1: Configuring RAID
  • 17-1: Analyzing Test Questions

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA authorized study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.

The CompTIA authorized study guide helps you master all the topics on the Security+ exam, including

  • Core computer system security
  • OS hardening and virtualization
  • Application security
  • Network design elements and threats
  • Perimeter security
  • Network media and devices security
  • Physical security and authentication models
  • Access control
  • Vulnerability and risk assessment
  • Monitoring and auditing
  • Cryptography, including PKI
  • Redundancy and disaster recovery
  • Policies and procedures

Sample Content

Table of Contents

    Introduction xxi

Chapter 1 Introduction to Security 2

    Foundation Topics 3

    Security 101 3

        The CIA of Computer Security 3

        The Basics of Information Security 5

    Think Like a Hacker 6

    Chapter Review Activities 8

        Review Key Topics 8

        Define Key Terms 8

        Review Questions 8

Chapter 2 Computer Systems Security 12

    Foundation Topics 13

    Computer Systems Security Threats 13

        Malicious Software 13

            Viruses 13

            Worms 14

            Trojan Horses 14

            Ransomware 15

            Spyware 15

            Rootkits 16

            Spam 16

            Summary of Malware Threats 17

        Ways to Deliver Malicious Software 17

            Via Software, Messaging, and Media 18

            Botnets and Zombies 18

            Active Interception 19

            Privilege Escalation 19

            Backdoors 19

            Logic Bombs 19

        Preventing and Troubleshooting Malware 20

            Preventing and Troubleshooting Viruses 20

            Preventing and Troubleshooting Worms and Trojans 23

            Preventing and Troubleshooting Spyware 24

            Preventing and Troubleshooting Rootkits 25

            Preventing and Troubleshooting Spam 26

            You Can’t Save Every Computer from Malware! 28

            Summary of Malware Prevention Techniques 28

    Implementing Security Applications 28

        Personal Software Firewalls 29

        Host-Based Intrusion Detection Systems 30

        Pop-Up Blockers 32

        Data Loss Prevention Systems 33

    Securing Computer Hardware, Peripherals, and Mobile Devices 33

        Securing the BIOS 34

        Securing Storage Devices 35

            Removable Storage 35

            Network Attached Storage 35

            Whole Disk Encryption 35

            Hardware Security Modules 37

        Securing Mobile Devices 37

            Malware 38

            Botnet Activity 38

            SIM Cloning 38

            Wireless Attacks 38

            Theft 39

            Application Security 40

            BYOD Concerns 41

    Chapter Review Activities 45

        Chapter Summary 45

        Review Key Topics 45

        Define Key Terms 46

        Review Questions 46

        Case Studies for Chapter 2 53

            Case Study 2-1: Using Free Malware Scanning Programs 53

            Case Study 2-2: Securing the BIOS 54

            Case Study 2-3: Securing Mobile Devices 54

            Case Study 2-4: Filtering and Screening E-mail 54

    Chapter 3 OS Hardening and Virtualization 56

    Foundation Topics 57

    Hardening Operating Systems 57

        Removing Unnecessary Applications and Services 57

        Service Packs 63

        Windows Update, Patches, and Hotfixes 65

            Patches and Hotfixes 66

            Patch Management 67

        Group Policies, Security Templates, and Configuration Baselines 68

        Hardening File Systems and Hard Drives 71

    Virtualization Technology 74

        Types of Virtualization and Their Purposes 74

        Hypervisor 75

        Securing Virtual Machines 76

    Chapter Review Activities 78

        Chapter Summary 78

        Review Key Topics 79

        Define Key Terms 79

        Review Questions 79

        Case Studies for Chapter 3 83

            Case Study 3-1: Discerning and Updating the Service Pack Level 83

            Case Study 3-2: Securing a Virtual Machine 83

            Case Study 3-3: Stopping Services in the Command-Line 84

Chapter 4 Application Security 86

    Foundation Topics 87

    Securing the Browser 87

        General Browser Security Procedures 88

            Implement Policies 88

            Train Your Users 90

            Use a Proxy and Content Filter 91

            Secure Against Malicious Code 92

        Securing Internet Explorer 92

        Securing Firefox 97

        Securing Other Browsers 100

    Securing Other Applications 102

    Secure Programming 105

        Systems Development Life Cycle 105

        Programming Testing Methods 107

        Programming Vulnerabilities and Attacks 108

            Backdoors 109

            Buffer Overflows 109

            Arbitrary Code Execution/Remote Code Execution 110

            XSS and XSRF 110

            More Code Injection Examples 111

            Directory Traversal 112

            Zero Day Attack 112

    Chapter Review Activities 114

        Chapter Summary 114

        Review Key Topics 115

        Define Key Terms 115

        Review Questions 115

        Case Studies for Chapter 4 120

        Case Study 4-1: Securing Web Browsers 120

        Case Study 4-2: Whitelisting and Blacklisting Applications in a Windows Server Policy 120

Chapter 5 Network Design Elements 122

    Foundation Topics 123

    Network Design 123

        The OSI Model 123

        Network Devices 124

            Hub 124

            Switch 125

            Router 126

        Network Address Translation, and Private Versus Public IP 127

        Network Zones and Interconnections 129

            LAN Versus WAN 129

            Internet 129

            Demilitarized Zone (DMZ) 129

            Intranets and Extranets 130

        Network Access Control (NAC) 131

        Subnetting 132

        Virtual Local Area Network (VLAN) 133

        Telephony Devices 134

            Modems 134

            PBX Equipment 135

            VoIP 135

    Cloud Security and Server Defense 136

        Cloud Computing 136

        Cloud Security 137

        Server Defense 139

            File Servers 140

            Network Controllers 140

            E-mail Servers 140

            Web Servers 141

            FTP Server 142

    Chapter Review Activities 144

        Chapter Summary 144

        Review Key Topics 145

        Define Key Terms 145

        Review Questions 145

        Case Studies for Chapter 5 149

            Case Study 5-1: Creating a DMZ 149

            Case Study 5-2: Subnetting a Network 149

            Case Study 5-3: Defending against the Web Shell 150

Chapter 6 Networking Protocols and Threats 152

    Foundation Topics 153

    Ports and Protocols 153

        Ports Ranges, Inbound Versus Outbound, and Common Ports 153

        Protocols That Can Cause Anxiety on the Exam 160

    Malicious Attacks 160

        DoS 160

        DDoS 162

        Sinkholes and Blackholes 163

        Spoofing 163

        Session Hijacking 164

        Replay 165

        Null Sessions 165

        Transitive Access and Client-Side Attacks 166

        DNS Poisoning and Other DNS Attacks 167

        ARP Poisoning 168

        Summary of Network Attacks 168

    Chapter Review Activities 172

        Chapter Summary 172

        Review Key Topics 173

        Define Key Terms 173

        Review Questions 173

        Case Studies for Chapter 6 178

            Case Study 6-1: Scanning Ports 178

            Case Study 6-2: Identifying Network Attacks 178

Chapter 7 Network Perimeter Security 180

    Foundation Topics 181

    Firewalls and Network Security 181

        Firewalls 181

        Proxy Servers 186

        Honeypots and Honeynets 188

        Data Loss Prevention (DLP) 189

    NIDS Versus NIPS 189

        NIDS 189

        NIPS 190

        Summary of NIDS Versus NIPS 192

        The Protocol Analyzer’s Role in NIDS and NIPS 192

        Unified Threat Management 192

    Chapter Review Activities 194

        Chapter Summary 194

        Review Key Topics 194

        Define Key Terms 195

        Review Questions 195

        Case Studies for Chapter 7 199

            Case Study 7-1: Configuring a Firewall’s Rule Set 199

            Case Study 7-2: Configuring Packet Filtering and NAT 200

            Case Study 7-3: Configuring an Inbound Filter 200

Chapter 8 Securing Network Media and Devices 202

    Foundation Topics 203

    Securing Wired Networks and Devices 203

        Network Device Vulnerabilities 203

            Default Accounts 203

            Weak Passwords 204

            Privilege Escalation 204

            Back Doors 205

            Network Attacks 205

            Other Network Device Considerations 206

        Cable Media Vulnerabilities 206

            Interference 206

            Crosstalk 207

            Data Emanation 208

            Tapping into Data and Conversations 208

        Securing Wireless Networks 209

        Wireless Access Point Vulnerabilities 210

            The Administration Interface 210

            SSID Broadcast 210

            Rogue Access Points 210

            Evil Twin 211

            Weak Encryption 211

            Wi-Fi Protected Setup 212

            VPN over Open Wireless 213

            Wireless Access Point Security Strategies 213

        Wireless Transmission Vulnerabilities 215

        Bluetooth Vulnerabilities 216

            Bluejacking 217

            Bluesnarfing 217

    Chapter Review Activities 219

        Chapter Summary 219

        Review Key Topics 220

        Define Key Terms 221

        Review Questions 221

        Case Studies for Chapter 8 224

            Case Study 8-1: Securing a Wireless Device 224

            Case Study 8-2: Enabling MAC Filtering 225

            Case Study 8-3: War-driving...and the Cure 225

            Case Study 8-4: Planning Network Security 225

Chapter 9 Physical Security and Authentication Models 228

    Foundation Topics 229

    Physical Security 229

        General Building and Server Room Security 229

        Door Access 230

        Biometric Readers 232

    Authentication Models and Components 233

        Authentication Models 233

        Localized Authentication Technologies 234

            802.1X and EAP 235

            LDAP 237

            Kerberos and Mutual Authentication 238

            Remote Desktop Services 239

        Remote Authentication Technologies 240

            Remote Access Service 240

            Virtual Private Networks 241

            RADIUS Versus TACACS 244

    Chapter Review Activities 246

        Chapter Summary 246

        Review Key Topics 246

        Define Key Terms 247

        Review Questions 247

        Case Studies for Chapter 9 253

            Case Study 9-1: Choosing Physical Security Methods 253

            Case Study 9-2: Selecting the Correct Authentication Technology 254

            Case Study 9-3: Understanding 802.1X 255

            Case Study 9-4: Setting Up a Secure VPN 255

Chapter 10 Access Control Methods and Models 256

    Foundation Topics 257

    Access Control Models Defined 257

        Discretionary Access Control 257

        Mandatory Access Control 258

        Role-Based Access Control (RBAC) 259

        Access Control Wise Practices 260

    Rights, Permissions, and Policies 262

        Users, Groups, and Permissions 262

        Permission Inheritance and Propagation 266

        Moving and Copying Folders and Files 266

        Usernames and Passwords 267

        Policies 269

        User Account Control (UAC) 272

    Chapter Review Activities 273

        Chapter Summary 273

        Review Key Topics 273

        Define Key Terms 274

        Review Questions 274

        Case Studies for Chapter 10 279

            Case Study 10-1: Configuring Complex Passwords 279

            Case Study 10-2: Configuring Password Policies and User Account Restrictions 280

            Case Study 10-3: Understanding Access Control Models 280

            Case Study 10-4: Configuring User and Group Permissions 280

Chapter 11 Vulnerability and Risk Assessment 282

    Foundation Topics 283

    Conducting Risk Assessments 283

        Qualitative Risk Assessment 284

        Quantitative Risk Assessment 284

        Security Analysis Methodologies 286

        Security Controls 287

        Vulnerability Management 288

            Penetration Testing 289

            OVAL 290

    Assessing Vulnerability with Security Tools 291

        Network Mapping 291

        Vulnerability Scanning 293

        Network Sniffing 296

        Password Analysis 297

    Chapter Review Activities 300

        Chapter Summary 300

        Review Key Topics 301

        Define Key Terms 301

        Review Questions 301

        Case Studies for Chapter 11 307

            Case Study 11-1: Understanding Risk and Vulnerability 307

            Case Study 11-2: Mapping and Scanning the Network 307

            Case Study 11-3: Defending Against Password Cracking 307

Chapter 12 Monitoring and Auditing 308

    Foundation Topics 309

    Monitoring Methodologies 309

        Signature-Based Monitoring 309

        Anomaly-Based Monitoring 309

        Behavior-Based Monitoring 310

    Using Tools to Monitor Systems and Networks 310

        Performance Baselining 310

        Protocol Analyzers 312

            Wireshark 313

            Network Monitor 314

            SNMP 315

        Analytical Tools 316

    Conducting Audits 318

        Auditing Files 319

        Logging 320

        Log File Maintenance and Security 323

        Auditing System Security Settings 325

    Chapter Review Activities 328

        Chapter Summary 328

        Review Key Topics 329

        Define Key Terms 329

        Review Questions 329

        Case Studies for Chapter 12 334

            Case Study 12-1: Capturing and Analyzing Packets 334

            Case Study 12-2: Deciphering Log Files 335

            Case Study 12-3: Auditing Files 335

Chapter 13 Encryption and Hashing Concepts 336

    Foundation Topics 337

    Cryptography Concepts 337

        Symmetric Versus Asymmetric Key Algorithms 340

            Symmetric Key Algorithms 340

            Asymmetric Key Algorithms 341

            Public Key Cryptography 341

        Key Management 342

        Steganography 342

    Encryption Algorithms 343

        DES and 3DES 343

        AES 343

        RC 344

        Blowfish and Twofish 344

        Summary of Symmetric Algorithms 345

        RSA 345

        Diffie-Hellman 346

        Elliptic Curve 347

        More Encryption Types 348

            One-Time Pad 348

            PGP 348

    Hashing Basics 350

        Cryptographic Hash Functions 351

        MD5 351

        SHA 351

        RIPEMD and HMAC 351

        Happy Birthday! 352

        LANMAN, NTLM, and NTLMv2 352

        LANMAN 352

            NTLM and NTLMv2 353

        Additional Password Hashing Concepts 354

    Chapter Review Activities 356

        Chapter Summary 356

        Review Key Topics 357

        Define Key Terms 357

        Review Questions 357

        Case Studies for Chapter 13 363

            Case Study 13-1: Understanding Symmetric and Asymmetric Algorithms 363

            Case Study 13-2: Disabling the LM Hash 364

Chapter 14 PKI and Encryption Protocols 366

    Foundation Topics 367

    Public Key Infrastructure 367

            Certificates 367

        Certificate Authorities 368

        Single-Sided and Dual-Sided Certificates 370

    Web of Trust 371

    Security Protocols 371

        S/MIME 371

        SSL/TLS 372

        SSH 373

        PPTP, L2TP, and IPsec 373

            PPTP 373

            L2TP 373

            IPsec 374

    Chapter Review Activities 375

        Chapter Summary 375

        Review Key Topics 375

        Define Key Terms 376

        Review Questions 376

        Case Studies for Chapter 14 380

            Case Study 14-1: Understanding PKI 380

            Case Study 14-2: Making an SSH Connection 380

Chapter 15 Redundancy and Disaster Recovery 382

    Foundation Topics 383

    Redundancy Planning 383

        Redundant Power 384

            Redundant Power Supplies 385

            Uninterruptible Power Supplies 385

            Backup Generators 386

        Redundant Data 388

        Redundant Networking 390

        Redundant Servers 391

        Redundant Sites 392

        Redundant People 393

    Disaster Recovery Planning and Procedures 393

        Data Backup 393

        DR Planning 396

    Chapter Review Activities 399

        Chapter Summary 399

        Review Key Topics 399

        Define Key Terms 400

        Review Questions 400

        Case Study for Chapter 15 403

            Case Study 15-1: Configuring RAID 403

Chapter 16 Policies, Procedures, and People 404

    Foundation Topics 405

    Environmental Controls 405

        Fire Suppression 405

            Fire Extinguishers 405

            Sprinkler Systems 406

            Special Hazard Protection Systems 406

        HVAC 407

        Shielding 408

    Social Engineering 409

        Pretexting 409

        Malicious Insider 409

        Diversion Theft 410

        Phishing 410

        Hoaxes 411

        Shoulder Surfing 412

        Eavesdropping 412

        Dumpster Diving 412

        Baiting 412

        Piggybacking/Tailgating 412

        Summary of Social Engineering Types 413

        User Education and Awareness 413

    Legislative and Organizational Policies 414

        Data Sensitivity and Classification of Information 415

        Personnel Security Policies 417

        Privacy Policies 417

        Acceptable Use 418

        Change Management 418

        Separation of Duties/Job Rotation 419

            Mandatory Vacations 419

            Onboarding and Offboarding 419

            Due Diligence 419

            Due Care 419

            Due Process 420

            User Education and Awareness Training 420

            Summary of Personnel Security Policies 420

        How to Deal with Vendors 421

        How to Dispose of Computers and Other IT Equipment Securely 422

        Incident Response Procedures 423

    Chapter Review Activities 428

        Chapter Summary 428

        Review Key Topics 429

        Define Key Terms 429

        Review Questions 429

        Case Studies for Chapter 16 436

            Case Study 16-1: Identifying Social Engineering Attacks 436

            Case Study 16-2: Imaging a Hard Drive and Live Data for Forensic Purposes 436

Chapter 17 Taking the Real Exam 438

    Getting Ready and the Exam Preparation Checklist 439

    Tips for Taking the Real Exam 442

    Beyond the CompTIA Security+ Certification 444

    Case Study for Chapter 17 445

            Case Study 17-1: Analyzing Test Questions 445

Practice Exam 1: SY0-401 446

Glossary 462

On the DVD:

APPENDIX A View Recommended Resources

APPENDIX B Master List of Key Topics


Answers to Review Questions

Answers to Case Studies

Answers to Practice Exam 1

Case Studies

Case Study Solutions (Video and Simulations)

Flash Cards

Table 6-2

TOC: 9780789753632, 8/8/2014


Submit Errata

More Information

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020