Copyright © 2017 by McGraw-Hill Education All rights reserved Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication ISBN: 978-1-26-002689-4 MHID: 1-26-002689-2 The material in this eBook also appears in the print version of this title: ISBN: 978-1-26-002690-0, MHID: 1-26-002690-6 eBook conversion by codeMantra Version 1.0 All trademarks are trademarks of their respective owners Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark Where such designations appear in this book, they have been printed with initial caps McGraw-Hill Education eBooks are available at special quantity discounts to use as premiums and sales promotions or for use in corporate training programs To contact a representative, please visit the Contact Us page at www.mhprofessional.com Information has been obtained by McGraw-Hill Education from sources believed to be reliable However, because of the possibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information TERMS OF USE This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work Use of this work is subject to these terms Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill Education’s prior consent You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited Your right to use the work may be terminated if you fail to comply with these terms THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE McGraw-Hill Education and its licensors not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free Neither McGraw-Hill Education nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom McGraw-Hill Education has no responsibility for the content of any information accessed through the work Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise For my beautiful and wonderful mother, Louisette Lachance – thank you for being you! –Daniel Lachance ABOUT THE AUTHORS Daniel Lachance, CompTIA Cloud Essentials, CompTIA Server+, CompTIA A+, CompTIA Network+, CompTIA Security+, MCT, MCSA, MCITP, MCTS, is the owner of Lachance IT Consulting Inc., based in Halifax, Nova Scotia Dan has delivered technical IT training for a wide variety of products for more than 20 years He has recorded IT support videos related to security and various cloud-computing platforms Dan has developed custom applications and planned, implemented, troubleshot, and documented various network configurations and conducted network security audit Dan has worked as a technical editor on a number of certification titles and has authored titles including CompTIA Server+ Certification All-in-One Exam Guide (Exam SK0-004) and CompTIA Security+ Certification Practice Exams, Second Edition (Exam SY0-401) When not performing with the Halifax-based cover band Clusterfunk, Dan loves being around family and spending time outdoors Glen E Clarke, CCNA, MCITP, MCSE, MCSD, MCDBA, MCT, CEH, CHFI, SCNP, CISSO, CompTIA Security+, CompTIA Network+, CompTIA A+, is owner of DC Advanced Technology Training, an IT services company in Halifax, NS, focusing on providing IT certification training and consulting on technologies in the fields of networking, security, and programming Glen spends most of his time delivering certified courses on Windows Server, SQL Server, Exchange Server, SharePoint, Visual Basic NET, and ASP.NET Glen also teaches a number of security-related courses covering topics such as ethical hacking and countermeasures, computer forensics and investigation, information systems security officers, vulnerability testing, firewall design, and packet analysis Glen is an experienced author and technical editor whose published work was nominated for a Referenceware Excellence Award in 2003 and 2004 Glen has worked on a number of certification titles, including topics on A+ certification, Windows Server certification, Cisco’s CCENT and CCNA certification, and Network+ and Security+ certification When he’s not working, Glen loves to spend quality time with his wife, Tanya, and their four children, Sara, Brendon, Ashlyn, and Rebecca You can visit Glen online at www.gleneclarke.com or contact him at glenclarke@dcatt.ca About the Technical Editor S Russell Christy is a trainer for New Horizons Computer Learning Center of Memphis, TN, where he delivers traditional and online classroom learning for adults, covering a wide variety of products He specializes in web and print design; Microsoft Office applications; and computer maintenance, network, and security For nearly 20 years he has deployed new desktops and operating systems, servers, network hardware, and software, while simultaneously troubleshooting various hardware and software issues Russ holds a bachelor’s degree in business administration from the University of Memphis He has additionally gained industry certifications in CompTIA A+, CompTIA Network+, CompTIA Security+, CompTIA Server+, MTA Windows Server Administration Fundamentals, Network Fundamentals, Security Fundamentals, and Windows OS Fundamentals, and he is a Microsoft Office Specialist 2007 Master, Microsoft Office Specialist 2013 Master, Adobe Certified Expert Dreamweaver CS6, and Adobe Education Trainer 27 28 29 30 31 32 33 34 35 36 37 38 39 40 B B A C C A C D D A B C A B A IN-DEPTH ANSWERS C and D In the event of a malware infection, systems can be quickly returned to an operational state by applying a system image Frequent data backups enable the restoration of data prior to the malware outbreak A and B are incorrect Internet Control Message Protocol (ICMP) blocking rules stop traffic generated by tools such as Ping and Trace Route (tracert) E-mail notifications help technicians respond to incidents quickly, but they, like ICMP, not protect against malware attacks D Phishing scams attempt to convince victims to divulge sensitive information such as online banking credentials A, B, and C are incorrect Impersonation occurs when an attacker pretends to be somebody else on the phone or through communication software in an attempt to gain access to a system The act of following somebody closely through secured doors is called tailgating Hoaxes are fictional incidents that are designed to trick people into believing they are true A In a cross-site scripting (XSS) attack, after malicious scripts are injected into a seemingly trusted web site, victims inadvertently execute that code when visiting the site This can result from ineffective web form field validation B, C, and D are incorrect A cross-site request forgery results from an attacker compromising a user system in which the user is authenticated to a web application The attacker then uses those session credentials to execute actions without the user’s consent Buffer overflows result from data being written beyond a preset memory boundary that can result in crashing a system or an attacker gaining elevated privileges Denial of service (DoS) attacks render an IT system unusable for legitimate purposes, such as by intentionally crashing a server C An evil twin is an additional Wi-Fi network configured to appear as an existing legitimate Wi-Fi network for unsuspecting users to connect to A, B, and D are incorrect MAC spoofing forges the 48-bit hardware addresses in a packet, and IP spoofing forges the IP addresses in the IP header Demilitarized zones (DMZs) are network segments containing publicly reachable hosts; they are normally placed between the Internet and an internal network A An intrusion prevention system (IPS) actively monitors network or system activity for abnormal activity and also takes steps to stop it Abnormal activity can be detected by checking for known attack patterns (signature-based) or variations beyond normal activity (anomaly-based) B, C, and D are incorrect Like an IPS, an intrusion detection system (IDS) monitors network or system activity for irregular activity but does not attempt to stop this activity IP Security (IPSec) provides data confidentially and integrity to network transmissions and does not detect or prevent intrusions A DMZ does not detect or prevent attacks; it is a network segment hosting services (and ideally an IPS) that are accessible to an untrusted network C Web security gateways can perform deep packet inspection (content) to filter network traffic They also include the ability to detect and deal with malware A, B, and D are incorrect NAT does not support content filtering or virus protection; it merely analyzes and modifies packet headers A host intrusion prevention system (HIPS) detects and stops attacks on a host computer and does not monitor the content of LAN network traffic Packet-filtering firewalls look only at packet headers to allow or deny traffic; they not analyze packet payloads A Access control lists (ACLs) are router settings that allow or deny various types of network traffic from or to specific hosts B, C, and D are incorrect A subnet cannot restrict network traffic Routers can be used to divide larger networks into smaller subnets The question specifically states configuring a router, and proxy hosts should have routing disabled Proxy servers do, however, have the ability to limit network access from certain hosts NAT routers not restrict network traffic from certain hosts; instead, they use a single external IP address to allow many internal computers access to an external network A Confidentiality ensures that data is accessible only to those parties who should be authorized to access the data Encrypting data stored on smart phones protects that data if the phone is lost or stolen B, C, and D are incorrect Integrity ensures that data comes from the user or device it appears to have come from and that the data has not been altered Making sure data is available when needed is referred to as availability Accountability ensures that people are held accountable for their actions, such as modifying a file This is accomplished most often with auditing B The least privilege principle states users should be given only the rights needed to perform their duties and nothing more Adding a contractor to the Administrators group grants too much privilege to the contractor A, C, and D are incorrect Separation of duties involves assigning multiple people to perform a specific job Job rotation is a strategy that exposes employees to various facets of a business and has nothing to with security Account lockout relates to security but is not violated by giving a user too much network access 10 B Technical security controls are put in place to protect computing resources such as files, web sites, databases, and so on Passwords prevent unauthorized users from accessing network resources A, C, and D are incorrect Management controls are written policies that determine acceptable activities and how they should be conducted Physical controls such as door locks and fences protect organizational assets from threats Operational controls such as data backups ensure business continuity 11 A Asset identification involves identifying assets (including data) and associating a value with them This can then be used to justify expenditures to protect these assets B, C, and D are incorrect Risk assessment is the identification of threats, but the next step in this case is asset identification Risk mitigation minimizes the impact of perceived risks Threat analysis does not involve identifying IT hardware with a value 12 A The annual loss expectancy (ALE) value is used with quantitative risk analysis approaches to prioritize and justify expenditures that protect from potential risks For example, an ALE value of $1000 might justify a $200 annual expense to protect against that risk B, C, and D are incorrect The return on investment (ROI) calculates how efficient an investment is (does the benefit of a product or service outweigh the cost?) Total cost of ownership exposes all direct and indirect dollar figures associated with a product or service Using the total monthly premium value to determine whether to accept the additional insurance coverage would be meaningless; it must be compared against the probability of natural disasters in your area 13 A and B Mantraps are designed to trap trespassers in a restricted area Some mantrap variations use two sets of doors, one of which must close before the second one opens Traditional mantraps not require access cards Hardware locks simply require possession of a key Neither reveals the person’s identity C and D are incorrect Fingerprint scans identify the user via biometric authentication Smartcard authentication identifies the user through a unique code or PKI certificate in a smartcard 14 A Clustering software between two servers will enable the customer reservation system to function even if one server fails, because the data is not stored within a single server; it exists on shared storage that both cluster nodes can access B, C, and D are incorrect Scheduling nightly data replication does not ensure that the airline software is always online RAID (mirroring) and RAID (striping with distributed parity) are useless if the server fails, because, in this case, RAID and RAID would use multiple hard drives within a single server 15 D Adware attempts to expose users to advertisements in various ways, including through pop-ups or changing the web browser home page Spyware often analyzes user habits so that adware displays relevant advertisements Some antivirus software also scans for spyware, but not in this case A, B, and C are incorrect Firefox on Linux does not change the home page every two days Denial of service attacks prevent legitimate access to a network resource; Juanita is not being denied access The presence of spyware or adware does not imply that the user account has been compromised Often these types of malware are silently installed when a user visits web sites or installs freeware 16 B Polymorphic malware dynamically adjusts itself to avoid detection while maintaining its original functionality A, C, and D are incorrect There are no such things as chameleon malware and changeling malware Armored viruses prevent software engineers from decompiling the program to reveal the programming code that makes it run 17 A Phishing is when the hacker e-mails a victim and hopes she clicks the link that leads her to a fake site (typically a bank) At this point, the hacker hopes the user types information into the fake site (such as bank account information) that he can use to gain access to her real account B, C, and D are incorrect Spam is an unsolicited e-mail the user receives that tries to encourage her to buy a product or a service Dictionary attacks read a text file and use all words in the text file as password attempts The file read in during a dictionary attack can contain words and phrases beyond what would normally be found in a dictionary Spim is spam-type messages sent through instant messaging instead of e-mail 18 B Bluesnarfing is the act of connecting to and accessing data from a device over a Bluetooth wireless connection It is considered much more invasive than packet sniffing or port scanning A, C, and D are incorrect Bluejacking does not access data from a Bluetooth device; instead, bluejacking sends an unsolicited message to another Bluetooth device The question specifies accessing data Packet sniffing captures network traffic; it does not access data from a wireless device Port scanning enumerates running services on a host, but it does not access data stored on the host 19 A Cross-site scripting (XSS) is an attack that involves the hacker inserting script code into a web page so that it is then processed and executed by a client system B, C, and D are incorrect A watering hole attack occurs when a hacker plants malicious code on a site you may visit so that when you navigate to the site, the code attacks your system from a site you trust ARP poisoning occurs when the hacker inserts incorrect MAC addresses into the ARP cache, thus leading systems to the hacker’s system SQL injection involves inserting SQL code into an application in order to manipulate the underlying database or system 20 C Hardening includes actions such as disabling unneeded services to make a system more secure A, B, and D are incorrect Patches fix problems with software Fuzzing refers to testing your own software for vulnerabilities Debugging is the methodical testing of software to identify the cause of a flaw 21 A The IEEE 802.1x standard requires that devices be authenticated before being given network access For example, this might be configured for VPN appliances, network switches, and wireless access points that adhere to the IEEE 802.1x standard B, C, and D are incorrect Strong passwords might prevent the compromising of user accounts, but they will not prevent rogue machines from connecting to the network IPv6 does not prevent rogue machine network connections IEEE 802.11 defines the Wi-Fi standard; this does not prevent rogue machine network connections 22 B A honeypot is an intentionally vulnerable host used to attract and track malicious activity A, C, and D are incorrect The question stated activity tracking on a single host, not a network of hosts, which would require a honeynet There is no such thing as a DMZ tracker Web servers are not tools used to track malicious activity; web servers host and deliver content for web sites 23 A Network mapping utilities such as the open source Cheops tool can map a network’s layout and identify operating systems running on hosts B, C, and D are incorrect Protocol analyzers capture only transmitted network traffic; they not scan for network hosts or network configuration Port scanners identify listening ports Virus scanners check for malicious software on a host; they not scan entire networks 24 A A white-box test provides testers with detailed configuration information regarding the software or network they are testing B, C, and D are incorrect Black-box testing provides no information at all to system testers Gray-box testing provides some, but not detailed, information to testers, which enables a more informed testing environment Blue-box testing does not exist in this context 25 B Fuzzing is a means of injecting unexpected data into an application to test for weaknesses A, C, and D are incorrect Cross-site scripts are not tests to ensure that applications are secure; they are a type of attack Patching involves installing fixes to application errors and would occur after flaws were discovered Debugging implies that software flaws are already known 26 B RADIUS federation required a trusted identify provider in one organization Edge devices forward authentication requests only to a RADIUS server located on a protected network A, C, and D are incorrect RADIUS itself does not involve multiple organizations using federated identities Extensible Authentication Protocol – Flexible Authentication via Secure Tunneling (EAP-FAST) is a Cisco protocol that can use certificates for authentication EAPTTLS doesn’t require the client to be authenticated with a signed PKI certificate 27 B Remotely wiping a device if it is lost or stolen clears apps, data, and settings from the device A, C, and D are incorrect Enabling encryption before a device is lost or stolen can protect data, depending on how the encryption solution is implemented Screen locking would have to be enabled prior to the device being lost or stolen Disabling Bluetooth makes no difference if the device is physically acquired by a malicious user 28 B A trusted OS is a secured operating system that meets or exceeds stringent security standards A, C, and D are incorrect These terms not apply in the context of the question A hardened OS is secured by disabling or removing unnecessary services and software A security OS provides security tools There are many Linux distributions built for this purpose A patched OS has had OS and application patches applied 29 A Trusted Platform Module (TPM) chips can store cryptographic keys or certificates used to encrypt and decrypt drive contents If the drive was moved to another computer (even one with TPM), the drive would remain encrypted and inaccessible B, C, and D are incorrect Data loss prevention (DLP) refers to fault tolerance and related mechanisms for ensuring that data is safe, such as preventing sensitive data from being copied while it is being viewed (data-in-use) Encrypting File System (EFS) is purely software, not a firmware chip NTFS uses ACLs to control access to data, but the data is not encrypted 30 C Hardening a smart phone includes configuring automatic screen locking, encrypting data on the device, patching the OS and required apps, installing and updating anti-malware, and disabling unnecessary features and software A, B, and D are incorrect Supervisory Control and Data Acquisition (SCADA) is a special system used in industrial environments to monitor operations and to provide alarms if any system is tampered with The question asks about securing data on the phone, not through the network with a VPN HTTPS will not protect data on the phone; it protects only data in transit between a web browser and a secured web site 31 C Data-at-rest is data stored on media A, B, and D are incorrect Data-in-process refers to data currently in use Data-in-transit refers to network transmitted data and data-atsecurity is an invalid term 32 A Protected health information (PHI) refers to sensitive medical information stored and accessed in a secured manner B, C, and D are incorrect Transport Layer Security (TLS) is a method of securing network traffic Personally identifiable information (PII) is more general than PHI, which focuses on medical information Advanced Encryption Standard (AES) is a symmetric encryption algorithm 33 C Usernames and passwords constitute “something you know,” while a smartcard is “something you have.” A, B, and D are incorrect Having multiple access cards constitutes only “something you have,” unless a code is required in addition, but this is not stated Access codes and username/password combinations constitute only single-factor authentication (“something you know”) 34 D Security Assertion Markup Language (SAML) is an XML standard that defines how authentication and authorization data can be transmitted in a federated identity environment A, B, and C are incorrect The Lightweight Directory Access Protocol (LDAP) defines how to access a replicated network database Secure Sockets Layer (SSL) provides a method to secure applicationspecific network transmissions A Public Key Infrastructure (PKI) is a hierarchy of digital security certificates that can be used with computing devices to provide data confidentiality, authentication, and integrity services 35 D The chain of custody ensures that the whereabouts of evidence can be accounted for at all time, including who accessed the evidence A, B, and C are incorrect Legal hold is a formal requirement to keep potential evidence available Volatility refers to electronic systems that rely on power, such as memory contents as opposed to disk storage Encryption itself is not directly related to forensic data acquisition 36 A Hiring practices are administrative controls B, C, and D are incorrect The concept of least privilege grants only those permissions required to complete a task Technical controls include safeguards such as firewall rule sets Physical controls include safeguards such as locked doors and perimeter fencing 37 B Common access cards (CAC) grant access to multiple items A, C, and D are incorrect Terms such as smart card, proximity card, and hardware token are not as specific as CAC 38 C Elliptic curve cryptography (ECC) is public key cryptography based on points on an elliptic curve A, B, and D are incorrect RSA is an asymmetric cryptographic standard DES is incorrect because it is a symmetric standard PKI does involve public and private key pairs but has nothing specifically to with elliptic curve points 39 A The CRL is not published immediately; it is published either manually or on a schedule, so there may be a small timeframe in which revoked certificates can still be used B, C, and D are incorrect The CRL is not published immediately when a certificate is revoked; it is published on a periodic interval Once the CRL is published, it is referenced by clients Network bandwidth does not affect when the CRL is published 40 B Tunnel mode encrypts the entire packet and adds new headers This is often used for IPSec VPNs A, C, and D are incorrect The authentication header (AH) provides assurances that data has not been corrupted or tampered with Encapsulating security payload encrypts OSI layers 4–7 (which includes the payload), but not lower headers such as the IP header Transport mode relates to ESP where the entire packet is not encrypted Create Your Study Plan Congratulations on completing the CompTIA Security+ pre-assessment! You should now take the time to analyze your results with two objectives in mind: Identifying the resources you should use to prepare for the CompTIA Security+ exam Identifying the specific topics you should focus on in your preparation Review Your Score Use the following table to help you gauge your overall readiness for the CompTIA Security+ exam Total your score from the pre-assessment questions for an overall score out of 40 CompTIA Security+ Exam SY0-501 Appendix B About the CD-ROM The CD-ROM included with this book comes complete with Total Tester customizable practice exam software with more than 300 practice exam questions, a sample quiz of performance-based questions, and a secured PDF copy of the book for studying on the go System Requirements The software requires Windows Vista or higher and 30MB of hard disk space for full installation, in addition to a current or prior major release of Chrome, Firefox, Internet Explorer, or Safari To run, the screen resolution must be set to 1024 × 768 or higher The secured PDF requires Adobe Acrobat, Adobe Reader, or Adobe Digital Editions to view Installing and Running Total Tester Premium Practice Exam Software From the main screen you may install the Total Tester by clicking the Total Tester Practice Exams button This will begin the installation process and place an icon on your desktop and in your Start menu To run Total Tester, navigate to Start | (All) Programs | Total Seminars, or double-click the icon on your desktop To uninstall the Total Tester software, go to Start | Control Panel | Programs And Features, and then select the Total Tester program Select Remove, and Windows will completely uninstall the software Total Tester Premium Practice Exam Software Total Tester provides you with a simulation of the CompTIA Security+ exam Exams can be taken in Practice Mode, Exam Mode, or Custom Mode Practice Mode provides an assistance window with hints, references to the book, explanations of the correct and incorrect answers, and the option to check your answer as you take the test Exam Mode provides a simulation of the actual exam The number of questions, the types of questions, and the time allowed are intended to be an accurate representation of the exam environment Custom Mode allows you to create custom exams from selected domains or chapters, and you can further customize the number of questions and time allowed To take a test, launch the program and select Sec+ PE3 from the Installed Question Packs list You can then select Practice Mode, Exam Mode, or Custom Mode All exams provide an overall grade and a grade broken down by domain Performance-Based Questions In addition to the multiple-choice practice exam questions featured in the Total Tester Premium Practice Exam Software, simulated performance-based questions are also included on the CD-ROM to allow you to practice with these question types You can access the performance-based questions by clicking the Performance-Based Questions button on the CD-ROM’s main launch page Performance-based questions are mostly graphical in nature and require the test taker to understand the concepts of the question from a practical and graphical aspect You may need to point to the correct component within a graphic, arrange a sequence of steps into the correct order, match a set of terms with the correct definitions, or type a response It is not as easy to memorize answers for these types of questions, and they in turn make passing the exam more difficult Secured Book PDF The entire contents of the book are provided in secured PDF format on the CD-ROM This file is viewable on your computer and many portable devices To view the PDF on a computer, Adobe Acrobat, Adobe Reader, or Adobe Digital Editions is required A link to Adobe’s web site, where you can download and install Adobe Reader, has been included on the CD-ROM Note: For more information on Adobe Reader and to check for the most recent version of the software, visit Adobe’s web site at www.adobe.com and search for the free Adobe Reader or look for Adobe Reader on the product page Adobe Digital Editions can also be downloaded from the Adobe web site To view the book PDF on a portable device, copy the PDF file to your computer from the CD-ROM and then copy the file to your portable device using a USB or other connection Adobe offers a mobile version of Adobe Reader, the Adobe Reader mobile app, which currently supports iOS and Android For customers using Adobe Digital Editions and an iPad, you may have to download and install a separate reader program on your device The Adobe web site has a list of recommended applications, and McGraw-Hill Education recommends the Bluefire Reader Technical Support For questions regarding the Total Tester software or operation of the CDROM, visit www.totalsem.com or e-mail support@totalsem.com For questions regarding the secured book PDF, visit http://mhp.softwareassist.com or e-mail techsolutions@mhedu.com For questions regarding book content, e-mail hep_customerservice@mheducation.com For customers outside the United States, e-mail international_cs@mheducation.com ... INTRODUCTION W elcome to CompTIA Security+ Certification Practice Exams, Third Edition! This book serves as a preparation tool for the CompTIA Security+ certification exam (SY0- 501) as well as for... of certification titles and has authored titles including CompTIA Server+ Certification All-in-One Exam Guide (Exam SK0-004) and CompTIA Security+ Certification Practice Exams, Second Edition (Exam. .. professional resource after your exam as well CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0- 501), provides a battery of practice test questions organized by the official