Kirk Hausman - CompTIA Security+ SY0-301 Authorized Exam Cram

Diane Barrett, Kalani K. Hausman, and Martin Weiss

CompTIA Security+ SY0-301 Authorized Exam Cram, Third Edition

Copyright 2012 by Pearson Education, Inc.

All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein.

ISBN-13: 978-0-7897-4829-4
ISBN-10: 0-7897-4829-0

Library of Congress Cataloging-in-Publication data is on file.

Printed in the United States of America

First Printing: December 2011

14 13 12 11 4 3 2 1

Trademarks

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Que Publishing All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.

Warning and Disclaimer

Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an as is basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.

Bulk Sales

Pearson IT Certification offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact

U.S. Corporate and Government Sales
1-800-382-3419

For sales outside of the U.S., please contact

International Sales

Associate Publisher
David Dusthimer

Acquisitions Editor
Betsy Brown

Development Editor
Andrew Cupp

Managing Editor
Sandra Schroeder

Project Editor
Mandie Frank

Copy Editor
Charlotte Kughen, The Wordsmithery LLC

Indexer
Tim Wright

Proofreader
Megan Wade

Technical Editor
Chris Crayton

Publishing Coordinator
Vanessa Evans

Multimedia Developer
Tim Warner

Book Designer
Gary Adair

Composition
TnT Design, Inc.

Diane Barrett is the director of training for Paraben Corporation and an adjunct professor for American Military University. She has done contract forensic and security assessment work for several years and has authored other security and forensic books. She is a regular committee member for ADFSLs Conference on Digital Forensics, Security, and Law as well as an academy director for Edvancement Solutions. She holds many industry certifications, including CISSP, ISSMP, DFCP, PCME, and Security+. Dianes education includes an MS in information technology with a specialization in information security. She expects to complete a PhD in business administration with a specialization in information security.

Kalani Kirk Hausman is an author, enterprise and security architect, ISO, and consultant with experience including medium- to large-scale globally deployed networks in governmental, higher-education, health-care, and corporate settings. Kalanis professional certifications include the CISSP, CGEIT, CRISC, CISA, CISM, GIAC-GHSC, PMP, and CCP. He is active within the FBI InfraGard, Information Systems Audit and Control Association (ISACA), and ISSA. Kalani is currently employed as the assistant commandant for Strategic Communications, Information Technology, and Public Relations at TAMU and as an adjunct professor of InfoSec at UMUC. Kalani can be reached at or followed on Twitter at @kkhausman.

Martin Weiss lives within a triangle of sales, engineering, and marketing, providing information security solutions for organizations of all sizes. He is currently most interested in governance, risk, compliance, and how to secure elastic cloud environments. He is also an adjunct professor with the University of Maryland University College focusing on security classes. Marty is the author of several other books. His work has been compared to literary greats. His mother, upon reviewing a recent book, described it as riveting as anything by Dostoevsky. Marty holds several certifications, including Security+, CISSP, CISA, and CCSK. He received his M.B.A. from the Isenberg School of Management at the University of Massachusetts and currently lives in Connecticut with his wife, three sons, and iPhone. Marty can be reached at or stalked on Twitter @martyweiss.

To my husband, Bill, for his patience and understanding.

Diane Barrett

To Susan and our wonderful children, Jonathan and Cassandra, who inspire me every moment to greater deeds.

Kalani K. Hausman

vp,[yos drvitoyu [;id rcs, vts, drvpmf rfoyopm eo;; ntrsl yjr vpfr 2521202 0861704 3330307 3251403

Martin Weiss

Publishing a book takes the collaboration and teamwork of many individuals. Thanks to everyone involved in this process from Waterside Productions and Pearson Education (and thanks to those who purchase this book in their quest for certification). Betsy, thanks for keeping us all on track. To our editorial and technical reviewers, thank you for making sure that our work was sound and on target. Special thanks to my coauthors, Marty and Kirk: You made this project interesting and enjoyable.

Diane Barrett

Thanks go to my extraordinary agent Carole McClendon, to Betsy Brown, and the Pearson editorial staff. Special thanks go to my coauthors Martin Weiss and Diane Barrett, whose strengths and knowledge produced a remarkable product in this text. As always, the unflagging support of Susan and our wonderful children (Jonathan and Cassandra) was instrumental in completing this book.

Kalani K. Hausman

Thank you to the entire team that helped bring this book together, including all the folks at Waterside Productions and Pearson. Special thanks to Carole Jelen, Betsy Brown, Andrew Cupp, and, of course, Diane and Kirk. Most importantly I thank you, the reader of this book. Finally, Id like to acknowledge my family. Thank you to my boysOllie, Max, and Kobe; you inspire me. Im especially thankful to my wife Kelly, who provided a lot of understanding and support during a particularly busy time for me.

Martin Weiss

As the reader of this book, you are our most important critic and commentator. We value your opinion and want to know what were doing right, what we could do better, what areas youd like to see us publish in, and any other words of wisdom youre willing to pass our way.

As an Associate Publisher for Pearson IT Certification, I welcome your comments. You can email or write me directly to let me know what you did or didnt like about this bookas well as what we can do to make our books better.