Learn About CompTIA Exam SY0-201: Security+ 2008 Edition

  BackBy Certification Magazine —

1 | 2 |

The following are questions from MeasureUp’s Practice Test to help you prepare for CompTIA Exam SY0-201: Security+ 2008 Edition.

The audience for this exam includes individuals who have at least two years of experience supporting and securing computers and networks. This exam covers the following topics that were not addressed in the original exam, Security+ 2007 Edition (SY0-101): implementing virtualization technologies, using security and monitoring tools appropriately, using logical and physical access control methods to secure computing resources and performing vulnerability assessments. Also, exam SY0-201 focuses more on performing tasks required to secure and defend computers, devices and networks than on merely identifying security-related issues and understanding basic security-related concepts.

Passing SY0-201 earns a candidate one of the certifications required by the U.S. Department of Defense (DOD) directive 8570.1. This directive mandates that both DOD employees and contractors who work with the DOD on any security-related initiative must receive proper training and earn one or more security-related certifications.

Note: You may also use these questions to prepare for CompTIA’s Security+ Bridge Exam, BR0-001.

Objective: Assessments and audits.
Sub-objective: Within the realm of vulnerability assessments, explain the proper use of penetration testing vs. vulnerability scanning.

Single answer, multiple-choice

You are configuring security for a network that is isolated from the Internet by a perimeter network. Three Web servers and a network intrusion detection system (NIDS) are deployed in the perimeter network. You need to test the network’s ability to detect and respond to a denial of service (DoS) attack against the applications running on the Web servers. What should you do?

A.    Use vulnerability scanning.
B.    Use penetration testing.
C.    Use network analysis.
D.    Use port scanning.

Answer:
B

Tutorial:

You should use penetration testing. During penetration testing, you simulate an actual attack. In this case, you would simulate a DoS attack to determine if your security configuration is sufficient to meet the requirements. If there are potential problems, the penetration test can be used to justify the time and expense of making additional changes to the security configuration.


You should not use vulnerability scanning. This is more general, looking for potential weaknesses rather than testing a specific security scenario. Vulnerability scanning is more useful in identifying risks such as configuration problems and missing security patches, as well as suggesting mitigating actions.

You should not use network analysis. Network analysis, also known as protocol analysis, lets you collect network communication statistics and identify changes in traffic patterns. It does not provide a way of testing for specific shortcomings.

You should not use port scanning. Port scanning searches the network entry points and servers for open ports that might be exploited. This does not test the effectiveness of the NIDS against a DoS attack.

References:
“Guide to penetration testing, Part 1: Reasons to perform a penetration test”
TechTarget.com

http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1083683,00.html

“Penetration test”
Wikipedia

http://en.wikipedia.org/wiki/Penetration_testing 

“Vulnerability scanner”
Wikipedia
http://en.wikipedia.org/wiki/Vulnerability_scanner
    

Objective: Cryptography.
Sub-objective: Explain basic hashing concepts and map various algorithms to appropriate applications.

Single answer, multiple-choice

MD5 and SHA are what type of algorithms?

A.    Symmetric encryption
B.    Asymmetric encryption
C.    Hashing
D.    Private key encryption

Answer:
C

Tutorial:
A hash value (or message digest) uses one-way encryption. A hash is a short value that is derived from the message itself. It is computed using a hash algorithm such as Message Digest Service (MD5) or Secure Hash Algorithm (SHA). When the message is received, the hash algorithm is applied again. If the hash values match, you can be reasonably certain that the message has not been altered.

MD5 uses a 128-bit hash value. SHA-1 uses a 160-bit hash value and is considered more secure than MD5, but it is slower. Digital signatures, which use asymmetric cryptography, also use hashing to ensure the integrity of the message. Hashing also is used for storing information that will not need to be decrypted, such as a PIN number on an ATM card or a password.

Symmetric encryption (private key encryption) uses a private key to both encrypt and decrypt the message. The problem is that both parties must share the private key, which can be difficult if it must be sent over an insecure network such as the Internet. Data encryption standard (DES), Triple DES (3DES), and advanced encryption standard (AES or Rijndael) are examples of symmetric encryption algorithms.

Asymmetric encryption (public key encryption) uses a combination of a private key and a public key. The message is encrypted by using the recipient's public key (often distributed with digital certificates) and is decrypted by using the recipient's private key. RSA, Diffie-Hellman and ElGamal are used in asymmetric encryption.

References:
“Cryptography Basics”
Techotopia

http://www.techotopia.com/index.php/Cryptography_Basics

“Advanced Encryption Standard”
Wikipedia

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

“Data Encryption Standard”
Wikipedia

http://en.wikipedia.org/wiki/Data_Encryption_Standard

“Triple DES”
Wikipedia

http://en.wikipedia.org/wiki/Triple_DES

“SHA hash functions”
Wikipedia

http://en.wikipedia.org/wiki/SHA

“MD5”
Wikipedia
http://en.wikipedia.org/wiki/MD5

“Cryptographic hash function”
Wikipedia
http://en.wikipedia.org/wiki/Cryptographic_hash_function  


Objective: Network infrastructure.
Sub-objective: Determine the appropriate use of network security tools to facilitate network security.

Single answer, multiple-choice

What type of IDS reports possible attacks when it detects conditions that match the conditions contained in a database of attacks?

A.    Signature-based
B.    Anomaly-based
C.    Network-based
D.    Host-based

Answer:
A

1 | 2 |
Viewed 9567 times.
SPONSORED LINKS
Certification Magazine is a trademark of Mediatec Publishing Inc. All certmag.com and Certification Magazine content © Copyright 2009 MediaTec Publishing Inc. All Rights Reserved. It is illegal to copy, reproduce or publish any information contained on certmag.com or in Certification Magazine without express written permission from MediaTec Publishing Inc.
PRIVACY POLICY