Security+ Study Guide Second Edition 4350.book Page i Thursday, July 8, 2004 11:49 PM 4350.book Page ii Thursday, July 8, 2004 11:49 PM San Francisco • London Security+ ™ Study Guide Second Edition Mike Pastore and Emmett Dulaney 4350.book Page iii Thursday, July 8, 2004 11:49 PM Associate Publisher: Neil Edde Acquisitions and Developmental Editor: Jeff Kellum Production Editor: Susan Berge Technical Editors: J. Kevin Lundy, Jay Stephen Leeds Copyeditor: Tiffany Taylor Compositor: Craig Woods, Happenstance Type-O-Rama Graphic Illustrator: Happenstance Type-O-Rama CD Coordinator: Dan Mummert CD Technician: Kevin Ly Proofreaders: Laurie O’Connell, Nancy Riddiough Indexer: Ted Laux Book Designers: Bill Gibson, Judy Fung Cover Designer: Archer Design Cover Photograph: Photodisc and Victor Arre Copyright © 2004 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written per- mission of the publisher. First edition copyright © 2003 SYBEX Inc. Library of Congress Card Number: 2004104231 ISBN: 0-7821-4350-4 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights reserved. FullShot is a trademark of Inbit Incorporated. The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997-1999 Macromedia Inc. For more information on Macromedia and Macromedia Director, visit http://www.macromedia.com. Sybex is an independent entity from CompTIA and is not affiliated with CompTIA in any manner. Neither Comp- TIA nor Sybex warrants that use of this publication will ensure passing the relevant exam. Security+ is either a registered trademark or trademark of CompTIA in the United States and/or other countries. 4350.book Page iv Thursday, July 8, 2004 11:49 PM How to Become CompTIA Certified : This training material can help you prepare for and pass a related CompTIA certification exam or exams. In order to achieve CompTIA certification, you must register for and pass a CompTIA certification exam or exams. In order to become CompTIA certified, you must: (1) Select a certification exam provider. For more information please visit http://www.comptia.org/certification/ general_information/test_locations.asp. (2) Register for and schedule a time to take the CompTIA certification exam(s) at a convenient location. (3) Read and sign the Candidate Agreement, which will be presented at the time of the exam(s). The text of the Candidate Agreement can be found at http://www.comptia.org/certification/general_information/candidate_ agreement.asp. (4) Take and pass the CompTIA certification exam(s). For more information about CompTIA’s certifications, such as their industry acceptance, benefits, or program news, please visit http://www.comptia.org/certification/default.asp. CompTIA is a non-profit information technology (IT) trade association. CompTIA’s certifications are designed by subject matter experts from across the IT industry. Each CompTIA certification is vendor-neutral, covers mul- tiple technologies, and requires demonstration of skills and knowledge widely sought after by the IT industry. To contact CompTIA with any questions or comments: Please call + 1 630 268 1818 questions@comptia.org Sybex is an independent entity from CompTIA and is not affiliated with CompTIA in any manner. Neither Comp- TIA nor Sybex warrants that use of this publication will ensure passing the relevant exam. Security+ is either a registered trademark or trademark of CompTIA in the United States and/or other countries. TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer. The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 4350.book Page v Thursday, July 8, 2004 11:49 PM Software License Agreement: Terms and Conditions The media and/or any online materials accompanying this book that are available now or in the future contain programs and/or text files (the "Software") to be used in connection with the book. SYBEX hereby grants to you a license to use the Software, subject to the terms that follow. Your purchase, acceptance, or use of the Soft- ware will constitute your acceptance of such terms. The Software compilation is the property of SYBEX unless otherwise indicated and is protected by copyright to SYBEX or other copyright owner(s) as indicated in the media files (the "Owner(s)"). You are hereby granted a single-user license to use the Software for your personal, noncommercial use only. You may not repro- duce, sell, distribute, publish, circulate, or commercially exploit the Software, or any portion thereof, without the written consent of SYBEX and the specific copyright owner(s) of any component software included on this media. In the event that the Software or components include specific license requirements or end-user agreements, statements of condition, disclaimers, limitations or war- ranties ("End-User License"), those End-User Licenses supersede the terms and conditions herein as to that par- ticular Software component. Your purchase, accep- tance, or use of the Software will constitute your acceptance of such End-User Licenses. By purchase, use or acceptance of the Software you fur- ther agree to comply with all export laws and regula- tions of the United States as such laws and regulations may exist from time to time. Software Support Components of the supplemental Software and any offers associated with them may be supported by the specific Owner(s) of that material, but they are not sup- ported by SYBEX. Information regarding any available support may be obtained from the Owner(s) using the information provided in the appropriate read.me files or listed elsewhere on the media. Should the manufacturer(s) or other Owner(s) cease to offer support or decline to honor any offer, SYBEX bears no responsibility. This notice concerning support for the Software is provided for your information only. SYBEX is not the agent or principal of the Owner(s), and SYBEX is in no way responsible for providing any support for the Software, nor is it liable or responsible for any support provided, or not provided, by the Owner(s). Warranty SYBEX warrants the enclosed media to be free of phys- ical defects for a period of ninety (90) days after pur- chase. The Software is not available from SYBEX in any other form or media than that enclosed herein or posted to www.sybex.com. If you discover a defect in the media during this warranty period, you may obtain a replacement of identical format at no charge by sending the defective media, postage prepaid, with proof of pur- chase to: SYBEX Inc. Product Support Department 1151 Marina Village Parkway Alameda, CA 94501 Web: http://www.sybex.com After the 90-day period, you can obtain replacement media of identical format by sending us the defective disk, proof of purchase, and a check or money order for $10, payable to SYBEX. Disclaimer SYBEX makes no warranty or representation, either expressed or implied, with respect to the Software or its contents, quality, performance, merchantability, or fit- ness for a particular purpose. In no event will SYBEX, its distributors, or dealers be liable to you or any other party for direct, indirect, special, incidental, consequen- tial, or other damages arising out of the use of or inabil- ity to use the Software or its contents even if advised of the possibility of such damage. In the event that the Soft- ware includes an online update feature, SYBEX further disclaims any obligation to provide this feature for any specific duration other than the initial posting. The exclusion of implied warranties is not permitted by some states. Therefore, the above exclusion may not apply to you. This warranty provides you with specific legal rights; there may be other rights that you may have that vary from state to state. The pricing of the book with the Software by SYBEX reflects the allocation of risk and limitations on liability contained in this agree- ment of Terms and Conditions. Shareware Distribution This Software may contain various programs that are distributed as shareware. Copyright laws apply to both shareware and ordinary commercial software, and the copyright Owner(s) retains all rights. If you try a share- ware program and continue using it, you are expected to register it. Individual programs differ on details of trial periods, registration, and payment. Please observe the requirements stated in appropriate files. Copy Protection The Software in whole or in part may or may not be copy-protected or encrypted. However, in all cases, reselling or redistributing these files without authoriza- tion is expressly forbidden except as specifically pro- vided for by the Owner(s) therein. 4350.book Page vi Thursday, July 8, 2004 11:49 PM To Our Valued Readers: Thank you for looking to Sybex for your Security+ exam prep needs. We at Sybex are proud of our reputation for providing certification candidates with the practical knowledge and skills needed to succeed in the highly competitive IT marketplace. Certification candidates have come to rely on Sybex for accurate and accessible instruction on today’s crucial technologies and busi- ness skills. For the second year in a row, readers such as yourself voted Sybex as winner of the “Best Study Guides” category in the most recent CertCities Readers Choice Awards. Just as CompTIA is committed to establishing measurable standards for certifying IT security professionals by means of the Security+ certification, Sybex is committed to providing those individuals with the knowledge needed to meet those standards. The authors and editors have worked hard to ensure that the new edition of the Security+ Study Guide you hold in your hands is comprehensive, in-depth, and pedagogically sound. We’re con- fident that this book will exceed the demanding standards of the certification marketplace and help you, the Security+ certification candidate, succeed in your endeavors. As always, your feedback is important to us. If you believe you’ve identified an error in the book, please send a detailed e-mail to support@sybex.com. And if you have general com- ments or suggestions, feel free to drop me a line directly at nedde@sybex.com. At Sybex we’re continually striving to meet the needs of individuals preparing for certification exams. Good luck in pursuit of your Security+ certification! Neil Edde Associate Publisher—Certification Sybex, Inc. 4350.book Page vii Thursday, July 8, 2004 11:49 PM For John Pastore and Peter Steinberg, two fine young men who left us too soon. They would want us to remember to enjoy life and care about each other. They are truly missed. —Michael Pastore For Kristin, Evan, and Spencer —Emmett Dulaney 4350.book Page viii Thursday, July 8, 2004 11:49 PM Acknowledgments I would like to thank Michael Pastore for creating this text in the first place and for providing such good material to work with. Thanks also to Jeff Kellum, Susan Berge, Kevin Lundy, Tiffany Taylor, Steve Leeds, Kevin Ly, Dan Mummert, Laurie O’Connell, Nancy Riddiough, Happenstance Type-O-Rama, and Ted Laux for having a vision and making certain that it was met. 4350.book Page ix Thursday, July 8, 2004 11:49 PM Contents at a Glance Introduction xix Assessment Test xxxiii Chapter 1 General Security Concepts 1 Chapter 2 Identifying Potential Risks 47 Chapter 3 Infrastructure and Connectivity 95 Chapter 4 Monitoring Communications Activity 153 Chapter 5 Implementing and Maintaining a Secure Network 195 Chapter 6 Securing the Network and Environment 235 Chapter 7 Cryptography Basics and Methods 281 Chapter 8 Cryptography Standards 321 Chapter 9 Security Policies and Procedures 355 Chapter 10 Security Management 403 Glossary 437 Index 477 4350.book Page x Thursday, July 8, 2004 11:49 PM [...]... question Before You Begin Before you begin studying for the exam, it’s imperative that you understand a few things about the Security+ certification Security+ is a certification-for-life from CompTIA granted to those who obtain a passing score on a single entry-level exam In addition to being a stand-alone certification that can be added to the bottom of your resume, Security+ can also be used as an elective... objectives The following table lists the five Security+ objective domains and the extent to which they are represented on the exam For example, expect to spend more time answering questions that pertain to authentication from the first domain, General Security Concepts, than questions on algorithms from the fourth domain, Basics of Cryptography As you use this study guide, you’ll find that we have administered... 33 99 Introduction If you’re preparing to take the Security+ exam, you’ll undoubtedly want to find as much information as you can concerning computer and physical security The more information you have at your disposal and the more hands-on experience you gain, the better off you’ll be when attempting the exam This study guide was written with that in mind We have attempted to dispense... Microsoft’s MCSA and MCSE tracks, and it counts as credit toward the security specializations Microsoft offers When you’re studying for any exam, the first step in preparation should always be to find out as much as possible about the test; the more you know up front, the better you can plan your study The current exam number, and the one this book is written to, is SY0-101; it consists of 100 questions You... question on the exam about what reverse DNS is, not how to implement it Spend your study time learning the different security solutions and identifying potential security vulnerabilities and where they would be applicable Don’t get bogged down in step-by-step details; those are saved for certification exams beyond the scope of Security+ You should also know that CompTIA is notorious for including vague questions... that existed in 2002 when this exam was created Updates to the exam are a difficult process and result in an increment in the exam number when they’re finished Why Become Security+ Certified? There are a number of reasons for obtaining a Security+ certification: Provides Proof of Professional Achievement Specialized certifications are the best way to stand out from the crowd In this age of technology certifications,... their work to consulting firms with experience working with security Firms that have certified staff have a definite advantage over firms that don’t How to Become a Security+ Certified Professional As this book goes to press, there are two Security+ exam providers: Thompson Prometric and Pearson VUE The following table contains all the necessary contact information and exam-specific details for registering... registration procedures, please refer to CompTIA’s website, www.comptia.com After you’ve successfully passed your Security+ exam, CompTIA will award you a certification that is good for life Within four to six weeks of passing the exam, you’ll receive your official xxii Introduction CompTIA Security+ certificate and ID card (If you don’t receive these within eight weeks of taking the test, contact CompTIA... high level of professional competency you need in order to succeed in your chosen field If you want to become certified as a Security+ holder, this book is definitely what you need However, if you just want to attempt to pass the exam without really understanding security, this study guide isn’t for you It’s written for people who want to acquire hands-on skills and in-depth knowledge of computer security... question and answers, just like the flashcards you probably used to study in school You can answer them on your PC or download them onto a Palm device for quick and convenient reviewing Test Engine The CD also contains the Sybex Test Engine Using this custom test engine, you can identify weak areas up front and then develop a solid studying strategy using each of these robust testing features Our thorough . Incorporated. The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997-1999 Macromedia Inc. For more information on Macromedia and Macromedia Director, visit http://www.macromedia.com. Sybex. by means of the Security+ certification, Sybex is committed to providing those individuals with the knowledge needed to meet those standards. The authors and editors have worked hard to ensure. Communications 132 Coax 132 Unshielded Twisted Pair and Shielded Twisted Pair 135 Fiber Optic 137 Infrared 138 Radio Frequencies 138 Microwave Systems 139 Employing Removable Media 140 Tape 141 CD-R 142 Hard