Home > Store

CompTIA Security+ SYO-201 Cert Guide

Register your product to gain access to bonus material or receive a coupon.

CompTIA Security+ SYO-201 Cert Guide


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2011
  • Edition: 1st
  • Book
  • ISBN-10: 0-7897-4713-8
  • ISBN-13: 978-0-7897-4713-6

CompTIA® Security+ SY0-201 Cert Guide

David L. Prowse

DVD Features Complete Practice Exam

  • Master every topic on CompTIA’s new Security+ SY0-201 exam.
  • Assess your knowledge and focus your learning.
  • Get the practical workplace knowledge you need!

Start-to-finish Security+ SY0-201 preparation from computer security consultant, Security+ trainer, and author David L. Prowse.

Master every Security+ SY0-201 topic!

  • Core computer system security concepts
  • OS hardening and virtualization
  • Application security
  • Network design elements and threats
  • Perimeter security
  • Network media and devices security
  • Physical security and authentication models
  • Access control methods and models
  • Vulnerability and risk assessment
  • Monitoring and auditing
  • Cryptography, including PKI
  • Redundancy and disaster recovery
  • Policies, procedures, and people

Test your knowledge, build your confidence, and succeed!

  • Two practice exams in the book, and an additional exam on the DVD, help you prepare and assess your readiness
  • Packed with visuals to help you learn quickly
  • Key topics are highlighted to focus your study
  • Exam preparation tasks include a review of key topics, memory table exercises, key terms, hands-on labs, and review questions

DVD Features Complete Practice Exam

  • Detailed explanations of both correct and incorrect answers
  • Multiple test modes
  • Random questions and order of answers
  • DVD also features complete video solutions to the Hands-On Labs in the book

Shelving Category: Certification
Covers: CompTIA Security+

Sample Content

Online Sample Chapter

CompTIA Security+ Cert Guide: OS Hardening and Virtualization

Sample Pages

Download the sample pages (includes Chapter 3 and Index)

Table of Contents

Introduction xvii

Part I Systems and Application Security

Chapter 1 Introduction to Security 3

Security 101 4

    The CIA of Computer Security 4

    The Basics of Data Security 6

Think Like a Hacker 7

Review Key Topics 9

Define Key Terms 10

Answer Review Questions 10

Answers and Explanations 11

Chapter 2 Computer Systems Security 15

Computer Systems Security Threats 16

    Malicious Software 16

        Viruses 16

        Worms 17

        Trojan Horses 17

        Spyware 18

        Rootkits 19

        Spam 19

        Summary of Malware Threats 20

    Ways to Deliver Malicious Software 20

        Via Software, Messaging, and Media 21

        Active Interception 21

        Privilege Escalation 21

        Backdoors 21

        Logic Bombs 22

        Botnets and Zombies 23

    Preventing and Troubleshooting Malware 23

        Preventing and Troubleshooting Viruses 23

        Preventing and Troubleshooting Worms and Trojans 27

        Preventing and Troubleshooting Spyware 27

        Preventing and Troubleshooting Rootkits 29

        Preventing and Troubleshooting Spam 30

        You Can’t Save Every Computer from Malware! 31

        Summary of Malware Prevention Techniques 32

Implementing Security Applications 33

    Personal Software Firewalls 33

    Host-Based Intrusion Detection Systems 34

    Pop-Up Blockers 36

Securing Computer Hardware and Peripherals 37

    Securing the BIOS 38

    Securing Storage Devices 39

        Removable Storage 39

        Network Attached Storage 40

        Whole Disk Encryption 40

    Securing Cell Phones and PDAs 41

Review Key Topics 43

Complete Tables and Lists from Memory 43

Define Key Terms 43

Hands-On Labs 43

Equipment Needed 44

Lab 2-1: Using Free Malware Scanning Programs 44

Lab 2-2: How to Secure the BIOS 44

View Recommended Resources 46

Answer Review Questions 47

Answers and Explanations 51

Chapter 3 OS Hardening and Virtualization 57

Hardening Operating Systems 58

    Removing Unnecessary Applications and Services 58

    Service Packs 62

    Windows Update, Patches, and Hotfixes 65

        Patches and Hotfixes 67

        Patch Management 68

    Group Policies, Security Templates, and Configuration Baselines 69

    Hardening File Systems and Hard Drives 71

Virtualization Technology 74

    Types of Virtualization and Their Purposes 74

    Working with Virtual Machines 76

        Microsoft Virtual PC 76

        Microsoft Windows XP Mode 78

        Microsoft Virtual Server 78

        VMware 78

Review Key Topics 79

Complete Tables and Lists from Memory 79

Define Key Terms 80

Hands-On Labs 80

Equipment Needed 80

Lab 3-1: Discerning and Updating the Service Pack Level 80

Lab 3-2: Creating a Virtual Machine in Virtual PC 2007 81

View Recommended Resources 82

Answer Review Questions 83

Answers and Explanations 86

Chapter 4 Application Security 89

Securing the Browser 90

    General Browser Security Procedures 91

        Implement Policies 91

        Train Your Users 93

        Use a Proxy and Content Filter 94

        Secure Against Malicious Code 95

    Securing Internet Explorer 96

    Securing Firefox 100

Securing Other Applications 103

Review Key Topics 108

Complete Tables and Lists from Memory 108

Define Key Terms 108

Hands-On Labs 109

Equipment Needed 109

Lab 4-1: Securing the Browser 109

Lab 4-2: Disabling Applications with a Windows Server 2003 Policy 110

View Recommended Resources 112

Answer Review Questions 112

Answers and Explanations 114

Part II Network Infrastructure

Chapter 5 Network Design Elements and Network Threats 117

Network Design 118

    Network Devices 118

        Hub 118

        Switch 119

        Router 120

    Network Address Translation, and Private Versus Public IP 121

    Network Zones and Interconnections 123

        LAN Versus WAN 123

        Internet 123

        Demilitarized Zone (DMZ) 124

        Intranets and Extranets 124

    Network Access Control (NAC) 125

    Subnetting 126

    Virtual Local Area Network (VLAN) 128

    Telephony Devices 129

        Modems 130

        PBX Equipment 130

        VoIP 131

Ports, Protocols, and Malicious Attacks 131

    Ports and Protocols 131

    Malicious Network Attacks 137

        DoS 137

        DDoS 140

        Spoofing 140

        Session Hijacking 141

        Replay 142

        Null Sessions 143

        DNS Poisoning and Other DNS Attacks 143

        ARP Poisoning 144

        Summary of Network Attacks 145

Review Key Topics 149

Complete Tables and Lists from Memory 149

Define Key Terms 149

Hands-On Labs 150

Equipment Needed 150

Lab 5-1: Port Scanning Basics 150

View Recommended Resources 151

Answer Review Questions 152

Answers and Explanations 157

Chapter 6 Network Perimeter Security 161

Firewalls and Network Security 162

    Firewalls 162

    Proxy Servers 167

    Honeypots and Honeynets 169

NIDS Versus NIPS 170

    NIDS 170

    NIPS 171

    Summary of NIDS Versus NIPS 173

    The Protocol Analyzer’s Role in NIDS and NIPS 173

Review Key Topics 174

Complete Tables and Lists from Memory 174

Define Key Terms 174

Hands-On Labs 174

Equipment Needed 175

Lab 6-1: Packet Filtering and NAT Firewalls 175

Lab 6-2: Configuring an Inbound Filter on a SOHO Router/Firewall 176

Lab 6-3: Enabling MAC Filtering 177

View Recommended Resources 178

Answer Review Questions 178

Answers and Explanations 181

Chapter 7 Securing Network Media and Devices 185

Securing Wired Networks and Devices 186

    Network Device Vulnerabilities 186

        Default Accounts 186

        Weak Passwords 187

        Privilege Escalation 188

        Back Doors 188

        Network Attacks 189

        Other Network Device Considerations 189

    Cable Media Vulnerabilities 189

        Interference 190

        Crosstalk 191

        Data Emanation 192

        Tapping into Data and Conversations 192

Securing Wireless Networks 195

    Wireless Access Point Vulnerabilities 195

        Secure the Administration Interface 195

        SSID Broadcast 196

        Rogue Access Points 196

        Weak Encryption 196

        Other Wireless Access Point Security Strategies 198

    Wireless Transmission Vulnerabilities 199

    Bluetooth Vulnerabilities 199

        Bluejacking 200

        Bluesnarfing 200

Review Key Topics 202

Complete Tables and Lists from Memory 202

Define Key Terms 202

Hands-On Labs 203

Equipment Needed 203

Lab 7-1: Securing a Wireless Device: 8 Steps to a Secure Network 203

Lab 7-2: Wardriving...and The Cure 205

View Recommended Resources 206

Answer Review Questions 206

Answers and Explanations 209

Part III Access Control

Chapter 8 Physical Security and Authentication Models 213

Physical Security 215

    General Building and Server Room Security 215

    Door Access 216

    Biometric Readers 217

Authentication Models and Components 219

    Authentication Models 219

    Localized Authentication Technologies 220

        802.1X and EAP 221

        LDAP 224

        Kerberos and Mutual Authentication 225

        Terminal Services 226

    Remote Authentication Technologies 226

        Remote Access Service 227

        Virtual Private Networks 228

        RADIUS Versus TACACS 230

Review Key Topics 233

Complete Tables and Lists from Memory 233

Define Key Terms 233

Hands-On Labs 234

Equipment Needed 234

Lab 8-1: Enabling 802.1X on a Network Adapter 234

Lab 8-2: Setting Up a VPN 235

Lab 8-3: Setting Up a RADIUS Server 236

View Recommended Resources 238

Answer Review Questions 240

Answers and Explanations 244

Chapter 9 Access Control Methods and Models 249

Access Control Models Defined 250

    Discretionary Access Control 250

    Mandatory Access Control 252

    Role-Based Access Control (RBAC) 253

    Access Control Wise Practices 254

Rights, Permissions, and Policies 256

    Users, Groups, and Permissions 256

        Permission Inheritance and Propagation 260

        Moving and Copying Folders and Files 260

    Usernames and Passwords 261

    Policies 264

    User Account Control (UAC) 267

Review Key Topics 269

Complete Tables and Lists from Memory 269

Define Key Terms 269

Hands-On Labs 270

Equipment Needed 270

Lab 9-1: Configuring Password Policies and

User Account Restrictions 270

Lab 9-2: Configuring User and Group Permissions 272

View Recommended Resources 273

Answer Review Questions 273

Answers and Explanations 278

Part IV Assessments and Audits

Chapter 10 Vulnerability and Risk Assessment 283

Conducting Risk Assessments 284

    Qualitative Risk Assessment 285

    Quantitative Risk Assessment 286

    Security Analysis Methodologies 287

    Vulnerability Management 288

        Penetration Testing 290

        OVAL 290

Assessing Vulnerability with Security Tools 291

    Network Mapping 292

    Vulnerability Scanning 295

    Network Sniffing 297

    Password Analysis 298

Review Key Topics 302

Complete Tables and Lists from Memory 302

Define Key Terms 302

Hands-On Labs 303

Equipment Needed 303

Lab 10-1: Mapping and Scanning the Network 303

Lab 10-2: Password Cracking and Defense 304

View Recommended Resources 305

Answer Review Questions 306

Answers and Explanations 310

Chapter 11 Monitoring and Auditing 313

Monitoring Methodologies 314

    Signature-Based Monitoring 314

    Anomaly-Based Monitoring 315

    Behavior-Based Monitoring 315

Using Tools to Monitor Systems and Networks 316

    Performance Baselining 316

    Protocol Analyzers 318

        Wireshark 319

        Network Monitor 320

        SNMP 321

Conducting Audits 322

    Auditing Files 322

    Logging 324

    Log File Maintenance and Security 327

    Auditing System Security Settings 328

Review Key Topics 332

Complete Tables and Lists from Memory 332

Define Key Terms 332

Hands-On Labs 333

Equipment Needed 333

Lab 11-1: Using Protocol Analyzers 333

Lab 11-2: Auditing Files on a Windows Server 335

View Recommended Resources 337

Answer Review Questions 338

Answers and Explanations 343

Part V Cryptography

Chapter 12 Encryption and Hashing Concepts 349

Cryptography Concepts 350

    Symmetric Versus Asymmetric Key Algorithms 353

        Symmetric Key Algorithms 353

        Asymmetric Key Algorithms 354

        Public Key Cryptography 354

    Key Management 355

    Steganography 356

Encryption Algorithms 357

    DES and 3DES 357

    AES 357

    RC 358

    Summary of Symmetric Algorithms 359

    RSA 359

    Diffie-Hellman 360

    Elliptic Curve 360

    More Encryption Types 361

        One-Time Pad 361

        PGP 362

Hashing Basics 362

    Cryptographic Hash Functions 364

        MD5 364

        SHA 364

        Happy Birthday! 365

    LANMAN, NTLM, and NTLM2 365

        LANMAN 365

        NTLM and NTLM2 367

Review Key Topics 368

Complete Tables and Lists from Memory 368

Define Key Terms 368

Hands-On Lab 369

Equipment Needed 369

Lab 12-1: Disabling the LM Hash in Windows Server 2003 369

View Recommended Resources 370

Answer Review Questions 370

Answers and Explanations 375

Chapter 13 PKI and Encryption Protocols 379

Public Key Infrastructure 380

    Certificates 380

    Certificate Authorities 381

    Single-Sided and Dual-Sided Certificates 384

    Web of Trust 384

Security Protocols 384

    S/MIME 385

    SSL/TLS 386

    SSH 386

    PPTP, L2TP, and IPsec 387

        PPTP 387

        L2TP 387

        IPsec 388

Review Key Topics 389

Define Key Terms 389

Hands-On Labs 389

Equipment Needed 389

Lab 13-1: A Basic Example of PKI 390

Lab 13-2: Configuring an L2TP-Based VPN with Windows Server 2003 390

Lab 13-3: Making an SSH Connection 394

View Recommended Resources 395

Answer Review Questions 396

Answers and Explanations 399

Part VI Organizational Security

Chapter 14 Redundancy and Disaster Recovery 403

Redundancy Planning 404

    Redundant Power 405

        Redundant Power Supplies 406

        Uninterruptible Power Supplies 407

        Backup Generators 408

    Redundant Data 410

    Redundant Networking 413

    Redundant Servers 415

    Redundant Sites 415

Disaster Recovery Planning and Procedures 416

    Data Backup 416

    DR Planning 420

Review Key Topics 423

Complete Tables and Lists from Memory 423

Define Key Terms 423

Hands-On Labs 424

Equipment Needed 424

Lab 14-1: Backing Up Data on a Windows Server 424

Lab 14-2: Configuring RAID 1 and 5 425

View Recommended Resources 427

Answer Review Questions 427

Answers and Explanations 430

Chapter 15 Policies, Procedures, and People 435

Environmental Controls 436

    Fire Suppression 436

        Fire Extinguishers 436

        Sprinkler Systems 438

        Special Hazard Protection Systems 438

    HVAC 439

    Shielding 440

Social Engineering 441

    Pretexting 441

    Diversion Theft 441

    Phishing 442

    Hoaxes 442

    Shoulder Surfing 443

    Eavesdropping 443

    Dumpster Diving 443

    Baiting 444

    Piggybacking 444

    Summary of Social Engineering Types 444

    User Education and Awareness 445

Legislative and Organizational Policies 445

    Data Sensitivity and Classification of Information 447

    Personnel Security Policies 448

        Acceptable Use 449

        Change Management 449

        Separation of Duties/Job Rotation 450

        Mandatory Vacations 450

        Due Diligence 450

        Due Care 450

        Due Process 450

        User Education and Awareness Training 451

        Summary of Personnel Security Policies 451

    How to Deal with Vendors 452

    How to Dispose of Computers and Other IT Equipment Securely 452

    Incident Response Procedures 454

Review Key Topics 458

Complete Tables and Lists from Memory 458

Define Key Terms 458

View Recommended Resources 458

Answer Review Questions 459

Answers and Explanations 464

Part VII Preparing for the CompTIA Security+ Exam

Chapter 16 Taking the Real Exam 469

Getting Ready and the Exam Preparation Checklist 469

Tips for Taking the Real Exam 472

Beyond the CompTIA Security+ Certification 475

Hands-On Lab 476

Practice Exam 1: CompTIA Security+ SY0-201 479

Practice Exam 2: CompTIA Security+ SY0-201 515

Glossary 553

Elements Available on the DVD

Practice Exam 3: CompTIA Security+ SY0-201

Appendix A Memory Tables

Appendix B Memory Tables Answer Key

Video Solutions to Hands-On Scenarios

9780789747136   TOC   10/21/2010


Submit Errata

More Information

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020