• Security+

    Exam Info

    Exam codes: SY0-401
    Format: Conventional multiple choice and Performance-based questions
    Number of questions: 90
    Passing Score: 750 (scale 100 - 900)
    Exam objectives
    Official Sample Questions

    Sponsored Links

    Security+ Exam Prep Special Edition

    Practice Exams

    CompTIA Security+ - 25 questions new
    CompTIA Security+ - 50 questions
    CompTIA Security+ Identifying Well-known ports - 20 questions


    Access Control
    Covers access control, access control models, DAC, MAC, and RBAC.

    Covers username/password, CHAP, certificates, Kerberos, mutual authentication, biometrics, tokens, and smartcard authentication.

    Covers the different type of attackers, their level of skills and resources, and their motivation.

    DoS Attacks
    Covers the concept of Denial of Service attacks and Distributed Denial of Service attacks, including a technical overview of the most common type of DoS attacks such as TCP SYN, UDP flooding and Smurfing.

    Covers spoofing attacks such as IP spoofing, ARP spoofing, and spoofing websites.

    Covers password, replay, back doors, Man-in-the-Middle, TCP Hijacking, mathematical, birthday, weak keys, and software exploitation attacks.

    Social Engineering Attacks
    Covers the human aspect of security.

    Email Security
    Covers S/MIME, message encryption and digital signatures, PGP, SPAM, relaying and reverse lookups.

    Remote Access Technologies
    Covers remote access services, PPP, VPNs, tunneling, IPSec, SSH, L2TP, PPTP, 802.1x, RADIUS, and TACACS.

    Internet Security
    Covers Internet security, Intranet, Extranet, SSL, HTTPS, S-HTTP, TLS, SFTP, Blind/anonymous FTP, ActiveX, CGI, Java script, Java, signed applets, cookies, buffer overflows, and instant messaging.

    Malicious Code
    Covers viruses, Trojan Horses, back door attacks, worms and logic bombs.

    Network Devices
    Covers security concerns of using switches, routers, PBXs, firewalls, NAT, and mobile devices, as well as security zones such as DMZ and VLANs.

    Network and Storage Media*
    Covers security concerns of coaxial, UTP, STP, and fiber optic cabling, and removable media such as diskettes, CDs, hard drives, flashcards, tapes, and smartcards.

    Wireless Network Security
    Covers 802.11x, WEP, WAP, WTLS, vulnerabilities and various related wireless security technologies.

    Intrusion Detection Systems (IDS)
    Covers intrusion detection systems concepts and characteristics. Passive vs Active response, host vs network-based, signature vs behavior-based, limitations and drawbacks, and honey pots.

    Physical Security
    Covers physical security aspects such as physical barriers, access controls, environmental security, shielding, and fire suppression.

    Risk Identification
    Covers asset identification, vulnerability assessment, threat identification, and risk identication.

    Covers computer forensics, identification and collection of evidence, preservation of evidence, and chain of custody.

    Recommended Books


  • ISI