http://rapidshare.com/files/284391168/PassGuide_comptia_sy0-201_770q.rar.html

http://www.2shared.com/file/8015334/3cbf8141/PassGuide_comptia_sy0-201_770q.html

http://uploading.com/files/f5d26886/PassGuide%2Bcomptia%2Bsy0-201%2B770q.rar/

http://www.passguide.com/sy0-201.html

A. The system administrator.
B. The owner of the resource.
C. The system administrator and the owner of the resource.
D. The user requiring access to the resource.

Answer: B

The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and
procedures needed to create, manage, store, distribute, and revoke digital certificates. The public
key infrastructure is based on which encryption schemes?

A. Symmetric
B. Quantum
C. Asymmetric
D. Elliptical curve

Answer: C
Which definition best defines what a challenge-response session is?

A. A challenge-response session is a workstation or system that produces a random challenge
string that the user provides, when prompted, in conjunction with the proper PIN (Personal
Identification Number).
B. A challenge-response session is a workstation or system that produces a random login ID that
the user provides, when prompted, in conjunction with the proper PIN (Personal Identification
Number).
C. A challenge-response session is a special hardware device used to produce random text in a
cryptography system.
D. A challenge-response session is the authentication mechanism in the workstation or system
that does not determine whether the owner should be authenticated.

Answer: A
For which reason are clocks used in Kerberos authentication?

A. Clocks are used to ensure proper connections.
B. Clocks are used to ensure that tickets expire correctly.
C. Clocks are used to generate the seed value for the encryptions keys.
D. Clocks are used to both benchmark and specify the optimal encryption algorithm.

Answer: B

To reduce vulnerabilities on a web server, an administrator should adopt which of the following
preventative measures?

A. Use packet sniffing software on all inbound communications
B. Apply the most recent manufacturer updates and patches to the server.
C. Enable auditing on the web server and periodically review the audit logs
D. Block all Domain Name Service (DNS) requests coming into the server.

Answer: B
A travel reservation organization conducts the majority of its transactions via a public facing
website. Any downtime to this website will lead to serious financial damage for this organization.
One web server is connected to several distributed database servers. Which statement is correct
about this scenario?

A. RAID
B. Warm site
C. Proxy server
D. Single point of failure

Answer: D
Which of the following types of firewalls provides inspection at layer 7 of the OSI model?

A. Application-proxy
B. Network address translation (NAT)
C. Packet filters
D. Stateful inspection

Answer: A
A newly hired security specialist is asked to evaluate a company’s network security. The security
specialist discovers that users have installed personal software; the network OS has default
settings and no patches have been installed and passwords are not required to be changed
regularly. Which of the following would be the FIRST step to take?

A. Install software patches.
B. Disable non-essential services.
C. Enforce the security policy.
D. Password management

Answer: C

Giving each user or group of users only the access they need to do their job is an example of
which of the following security principals?

A. Least privilege
B. Defense in depth
C. Separation of duties
D. Access control

Answer: A
In computing, the Basic Input/Output System (BIOS , also known as the System BIOS, is a de
facto standard defining a firmware interface for IBM PC Compatible computers. A user is
concerned with the security of their laptops BIOS. The user would not like anyone to be able to
access control functions except themselves. Which of the following could make the BIOS more
secure?

A. Password
B. Flash the BIOS
C. Encrypt the hard drive
D. Create an access-list

Answer: A
In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI)
that specifies where an identified resource is available and the mechanism for retrieving it. When
a user attempts to go to a website, he notices the URL has changed, which attack will MOST
likely cause the problem?

A. ARP poisoning
B. DLL injection
C. DNS poisoning
D. DDoS attack

Answer: C
What does the DAC access control model use to identify the users who have permissions to a
resource?

A. Predefined access privileges.
B. The role or responsibilities users have in the organization
C. Access Control Lists
D. None of the above.

Answer: C

n10-004 exam
PassGuide sy0-201

Since most of us don’t have a lot of time to study for exams, we created PrepLogic Printables. Printables gives you a big selection of exam questions in a PDF format that’s easy to print and easy to use, so you can study anywhere.

When you can’t be in front of a computer you have to find creative ways to study. Many of our customers suggest printing multiples so you can have a copy in the car, at your desk or in your gym bag. Printables gives you many more chances to study, and that gives you a much better chance to pass the first time.
The CompTIA Security+ exam has long stood as the forefront entry-level exam to the field of security. Through its difficulty, complexity of scope, and broad spectrum covering numerous aspects of the IT field, it has become one of the most sought after and respected certification offered by CompTIA, so much so that other companies, such as Microsoft, have long since used the CompTIA Security+ as an alternative choice for their elective exams for the MCSE.

The CompTIA Security+ exam is approximately 100 questions long and is available through both Pearson Vue and Thomson Prometric training facilities. The test is approximately 90 minutes long and contains the following official objectives:

Systems Security
Network Infrastructure
Access Control
Assessments & Audits
Cryptography
Organizational Security

http://rapidshare.com/files/225989605/preplogic__comptia_SY0-201.rar.html

http://rapidshare.de/files/46911119/preplogic__comptia_SY0-201.rar.html

http://uploading.com/files/E1RFQ0TK/preplogic__comptia_SY0-201.rar.html

1. Download ActualTests.CompTIA.SY0-101.Exam.Q.and.A.08.01.06.pdf [1,188 KB]
2. Download Sybex[1][1].CompTIA.A.plus.Complete.Fast.Pass.Sep.2006.pdf [12,608 KB]
3. Download Sybex CompTIA Security+ Studyguide 3rd Ed.pdf [10,876 KB]
4. Download CompTIA Security+ Certification.chm [1231 KB]
5. Download SY0-101 Comptia Security+.pdf [2,444 KB]
6. Download CompTIA Security +.rar [7,486 KB]
7. Download ComptiaA_Plus_220-601.pdf [1,453 KB]
8. Download CompTIA A+ Complete Study Guide (2007).rar [12,472 KB]
9. Download CompTIA A+ Guide to Managing and Troubleshooting PCs Lab Manual.rar [17,332 KB]
10. Download P4S_Comptia_Linux_Plus.zip [487 KB]
11. Download Comptia_networkplus_15min_guide.pdf [380 KB]
12. Download CompTIA A+220-603.pdf [249 KB]
13. Download Sybex.CompTIA.RFID.plus_Exam.RF0-101._Dec.2006.chm [2402 KB]
14. Download TestKing CompTia sy0-101 V15.pdf
15. Download KNOWLEDGENET COMPTIA SECURITY PLUS STUDENT GUIDE V1.pdf

Note: The above mentioned links are external links only and no file is being uploaded on blogger’s server. If any of these links violates copyright, please inform us, we will remove that link immediately.

We will send you the registration code immediately. Use it to unlock and start learning.

Click here to download 15 free practice questions.

Our PrepKit are backed by money back guarantee. So, if you don’t get certified in the first attempt, we will return your money.
What is Security (SY0-201) exam?

CompTIA’s SY0-201 test is designed to measure your ability to implement and troubleshoot Security issues. Upon passing this test you will become Security Certified Professional. This is a vendor neutral entry-level test, which prepares you for advanced security related certifications such as CISSP, ISC2, SSCP, MCSE, MCSE: Security and MCSA: Security.
Is Security (SY0-201) exam right for you?

Are you interested in network security related technologies and want to work as a Network Administrator, Security Specialist or Network Technician? Then this test is right for you. You can also take this test if you are an entry-level network professional and want to be an expert in network security. If you would like to know more about the Security test SY0-201, please visit the CompTIA Website.
Although there are no prerequisites for this test, CompTIA recommends that you should have at least two years of experience in network support or administration.
What to expect in Security (SY0-201) exam?

This test consists of multiple-choice questions. There are no case study type questions and the test is not adaptive. You will be required to attempt approximately 100 questions in 90 minutes. To pass, you need a score of 764 on a 100-900 scale.
How to prepare for SY0-201 exam?

We designed SY0-201 preparation kit to help you get certified effortlessly. Now you don’t need to spend your time and money searching for study materials, books, etc., this CompTIA Security+ (2008 Edition) exam preparation kit contains everything you need to get certified. Just follow the instructions, focus on the study material and getting certified will be easy.
Don’t take our word for it, decide the quality of our PrepKit yourself. Download the trial version of the PrepKit now to get over 15 questions and 44 study notes, absolutely free. Once you are convinced, you can buy this PrepKit to get all questions and study notes. And of course, we trust our PrepKits so much that all our PrepKits are backed with a full money back guarantee in case you do not pass the CompTIA Security+ (2008 Edition) exam.
What is covered in PrepKit SY0-201?

The PrepKit covers 100% objectives for CompTIA’s SY0-201: CompTIA Security+ (2008 Edition) exam, in accordance with actual exam pattern and question types

| English | Chinese | Japan | Korean | – 3 – Test Information Co., Ltd. All rights reserved.
ANSWER: C
7. An administrator has implemented a new SMTP service on a server. A public IP address translates to
the internal SMTP server. The administrator notices many sessions to the server, and gets notification that
the servers public IP address is now reported in a spam real-time block list. Which of the following is
wrong with the server?
A.SMTP open relaying is enabled.
B.It does not have a spam filter.
C.The amount of sessions needs to be limited.
D.The public IP address is incorrect.WBerlin Sans FBArialZX
ANSWER: A
8. Which of the following is MOST efficient for encrypting large amounts of data?
A.Hashing algorithms
B.Symmetric key algorithms
C.Asymmetric key algorithms
D.ECC algorithmsWBerlin Sans FBArialZX
ANSWER: B
9. Which of the following is a reason why a company should disable the SSID broadcast of the wireless
access points?
A.Rogue access points
B.War driving
C.Weak encryption
D.Session hijackingWBerlin Sans FBArialZX
ANSWER: B
10. Which of the following BEST describes ARP?
A.Discovering the IP address of a device from the MAC address
B.Discovering the IP address of a device from the DNS name
C.Discovering the MAC address of a device from the IP address
D.Discovering the DNS name of a device from the IP addressWBerlin Sans FBArialZX
ANSWER: C
11. Which of the following would be BEST to use to apply corporate security settings to a device?
A.A security patch
B.A security hotfix
C.An OS service pack
D.A security templateWBerlin Sans FBArialZX
ANSWER: D
12. A small call center business decided to install an email system to facilitate communications in the
office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per

| English | Chinese | Japan | Korean | – 4 – Test Information Co., Ltd. All rights reserved.
year. The IT manager read there was a 90% chance each year that workstations would be compromised if
not adequately protected. If workstations are compromised it will take three hours to restore services for
the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is
purchased, which of the following is the expected net savings?
A.$900
B.$2,290
C.$2,700
D.$5,000b
ANSWER: B
13. Which of the following is the main objective of steganography?
A.Message digest
B.Encrypt information
C.Hide information
D.Data integrityWBerlin Sans FBArialZX
ANSWER: C
14. Which of the following would allow for secure key exchange over an unsecured network without a
pre-shared key?
A.3DES
B.AES
C.DH-ECC
D.MD5WBerlin Sans FBArialZX
ANSWER: C
15. Which of the following improves security in a wireless system?
A.IP spoofing
B.MAC filtering
C.SSID spoofing
D.Closed networkWBerlin Sans FBArialZX
ANSWER: B
16. A user wants to implement secure LDAP on the network. Which of the following port numbers secure
LDAP use by default?
A.53
B.389
C.443
D.636WBerlin Sans FBArialZX
ANSWER: D
17. On which of the following is a security technician MOST likely to find usernames?
A.DNS logs
B.Application logs

| English | Chinese | Japan | Korean | – 5 – Test Information Co., Ltd. All rights reserved.
C.Firewall logs
D.DHCP logsWBerlin Sans FBArialZX
ANSWER: B
18. How many keys are utilized with asymmetric cryptography?
A.One
B.Two
C.Five
D.SevenWBerlin Sans FBArialZX
ANSWER: B
19. During a risk assessment it is discovered that only one system administrator is assigned several tasks
critical to continuity of operations. It is recommended to cross train other system administrators to perform
these tasks and mitigate which of the following risks?
A.DDoS
B.Privilege escalation
C.Disclosure of PII
D.Single point of failureWBerlin Sans FBArialZX
ANSWER: D
20. Which of the following network filtering devices will rely on signature updates to be effective?
A.Proxy server
B.Firewall
C.NIDS
D.HoneynetWBerlin Sans FBArialZX
ANSWER: C
21. Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract
attackers?
A.Honeynet
B.DMZ
C.Honeypot
D.VLANWBerlin Sans FBArialZX
ANSWER: C
22. Which of the following encryption algorithms is decrypted in the LEAST amount of time?
A.RSA
B.AES
C.3DES
D.L2TPWBerlin Sans FBArialZX
ANSWER: B
23. An administrator is trying to secure a network from threats originating outside the network. Which of

| English | Chinese | Japan | Korean | – 6 – Test Information Co., Ltd. All rights reserved.
the following
devices provides protection for the DMZ from attacks launched from the Internet?
A.Antivirus
B.Content filter
C.Firewall
D.Proxy serverWBerlin Sans FBArialZX
ANSWER: C
24. Which of the following is a way to manage operating system updates?
A.Service pack management
B.Patch application
C.Hotfix management
D.Change managementWBerlin Sans FBArialZX
ANSWER: D
25. Which of the following is a list of discrete entries that are known to be benign?
A.Whitelist
B.Signature
C.Blacklist
D.ACLWBerlin Sans FBArialZX
ANSWER: A
26. Which of the following increases the collision resistance of a hash?
A.Salt
B.Increase the input length
C.Rainbow Table
D.Larger key spaceWBerlin Sans FBArialZX
ANSWER: A
27. A programmer has decided to alter the server variable in the coding of an authentication function for a
proprietary sales application. Before implementing the new routine on the production application server,
which of the following processes should be followed?
A.Change management
B.Secure disposal
C.Password complexity
D.Chain of custodyWBerlin Sans FBArialZX
ANSWER: A
28. When deploying 50 new workstations on the network, which of following should be completed FIRST?
A.Install a word processor.
B.Run the latest spyware.
C.Apply the baseline configuration.
D.Run OS updates.WBerlin Sans FBArialZX

| English | Chinese | Japan | Korean | – 7 – Test Information Co., Ltd. All rights reserved.
ANSWER: C
29. Which of the following should be implemented to have all workstations and servers isolated in their
own broadcast domains?
A.VLANs
B.NAT
C.Access lists
D.IntranetWBerlin Sans FBArialZX
ANSWER: A
30. End users are complaining about receiving a lot of email from online vendors and pharmacies. Which
of the following is this an example of?
A.Trojan
B.Spam
C.Phishing
D.DNS poisoningWBerlin Sans FBArialZX
ANSWER: B

7. Which design concept limits access to systems from outside users while protecting users and
systems inside the LAN?
A. DMZ
B. VLAN
C. I&A
D. Router
8. In the key recovery process, which key must be recoverable?
A. Rollover key
B. Secret key
C. Previous key
D. Escrow key
9. Which kind of attack is designed to overload a particular protocol or service?
A. Spoofing
B. Back door
C. Man in the middle
D. Flood
10. Which component of an IDS collects data?
A. Data source
B. Sensor
C. Event
D. Analyzer
11. What is the process of making an operating system secure from attack called?
A. Hardening
B. Tuning
C. Sealing
D. Locking down
12. The integrity objective addresses which characteristic of information security?
A. Verification that information is accurate
B. Verification that ethics are properly maintained
C. Establishment of clear access control of data
D. Verification that data is kept private and secure
13. Which mechanism is used by PKI to allow immediate verification of a certificate’s validity?
A. CRL
B. MD5
C. SSHA
D. OCSP
14. Which of the following is the equivalent of a VLAN from a physical security perspective?
A. Perimeter security
B. Partitioning
C. Security zones
D. Physical barrier
15. A user has just reported that he downloaded a file from a prospective client using IM. The
user indicates that the file was called account.doc. The system has been behaving unusu-
ally since he downloaded the file. What is the most likely event that occurred?
A. Your user inadvertently downloaded a virus using IM.
B. Your user may have a defective hard drive.
C. Your user is hallucinating and should increase his medication.
D. The system is suffering from power surges.
16. Which mechanism or process is used to enable or disable access to a network resource
based on an IP address?
A. NDS
B. ACL
C. Hardening
D. Port blocking
17. Which of the following would provide additional security to an Internet web server?
A. Changing the port address to 80.
B. Changing the port address to 1019.
C. Adding a firewall to block port 80.
D. Web servers can’t be secured.
18. What type of program exists primarily to propagate and spread itself to other systems?
A. Virus
B. Trojan horse
C. Logic bomb
D. Worm
19. An individual presents herself at your office claiming to be a service technician. She wants to
discuss your current server configuration. This may be an example of what type of attack?
A. Social engineering
B. Access control
C. Perimeter screening
D. Behavioral engineering
20. Which of the following is a major security problem with FTP servers?
A. Password files are stored in an unsecure area on disk.
B. Memory traces can corrupt file access.
C. User IDs and passwords are unencrypted.
D. FTP sites are unregistered.
21. Which system would you install to provide active protection and notification of security
problems in a network connected to the Internet?
A. IDS
B. Network monitoring
C. Router
D. VPN
22. The process of verifying the steps taken to maintain the integrity of evidence is called what?
A. Security investigation
B. Chain of custody
C. Three A’s of investigation
D. Security policy
23. What encryption process uses one message to hide another?
A. Steganography
B. Hashing
C. MDA
D. Cryptointelligence
24. Which policy dictates how computers are used in an organization?
A. Security policy
B. User policy
C. Use policy
D. Enforcement policy
25. Which algorithm is used to create a temporary secure session for the exchange of key
information?
A. KDC
B. KEA
C. SSL
D. RSA
26. You’ve been hired as a security consultant for a company that’s beginning to implement
handheld devices, such as PDAs. You’re told that the company must use an asymmetric
system. Which security standard would you recommend it implement?
A. ECC
B. PKI
C. SHA
D. MD
27. Which of the following backup methods will generally provide the fastest backup times?
A. Full backup
B. Incremental backup
C. Differential backup
D. Archival backup
28. You want to grant access to network resources based on authenticating an individual’s
retina during a scan. Which security method uses a physical characteristic as a method of
determining identity?
A. Smart card
B. I&A
C. Biometrics
D. CHAP
29. Which access control method is primarily concerned with the role that individuals have in
the organization?
A. MAC
B. DAC
C. RBAC
D. STAC
30. The process of investigating a computer system for clues into an event is called what?
A. Computer forensics
B. Virus scanning
C. Security policy
D. Evidence gathering
Answers to Assessment Test
1. A. A privilege audit is used to determine that all groups, users, and other accounts have
the appropriate privileges assigned according to the policies of an organization. For more
information, see Chapter 8.
2. D. A mantrap limits access to a small number of individuals. It could be, for example, a
small room. Mantraps typically use electronic locks and other methods to control access.
For more information, see Chapter 6.
3. B. Public-Key Cryptography Standards is a set of voluntary standards for public-key cryp-
tography. This set of standards is coordinated by RSA. For more information, see Chapter 7.
4. B. Wired Equivalent Privacy (WEP) is designed to provide security equivalent to that of a
wired network. WEP has vulnerabilities and isn’t considered highly secure. For additional
information, see Chapter 7.
5. C. The Process layer interfaces with applications and encapsulates trafic through the
Host-to-Host or Transport layer, the Internet layer, and the Network Access layer. For
more information, see Chapter 2.
6. B. L2TP (Layer 2 Tunneling Protocol) is a tunneling protocol that can be used between
LANs. L2TP isn’t secure, and you should use IPSec with it to provide data security. For
more information, see Chapter 3.
7. A. A DMZ (demilitarized zone) is an area in a network that allows restrictive access to
untrusted users and isolates the internal network from access by external users and systems.
It does so by using routers and irewalls to limit access to sensitive network resources. For
more information, see Chapter 1.
8. C. A key recovery process must be able to recover a previous key. If the previous key can’t
be recovered, then all the information for which the key was used will be irrecoverably lost.
For more information, see Chapter 7.
9. D. A lood attack is designed to overload a protocol or service by repeatedly initiating a
request for service. This type of attack usually results in a DoS (denial of service) situation
occurring because the protocol freezes or excessive bandwidth is used in the network as a
result of the requests. For more information, see Chapter 2.
10. B. A sensor collects data from the data source and passes it on to the analyzer. If the analyzer
determines that unusual activity has occurred, an alert may be generated. For additional infor-
mation, see Chapter 4.
11. A. Hardening is the term used to describe the process of securing a system. This is accom-
plished in many ways, including disabling unneeded protocols. For additional information on
hardening, see Chapter 5.
12. A. To meet the goal of integrity, you must verify that information being used is accurate
and hasn’t been tampered with. Integrity is coupled with accountability to ensure that data
is accurate and that a inal authority exists to verify this, if needed. For more information,
see Chapter 1.
13. D. Online Certiicate Status Protocol (OCSP) is the mechanism used to immediately verify
whether a certiicate is valid. The Certiicate Revocation List (CRL) is published on a regular
basis, but it isn’t current once it’s published. For additional information, see Chapter 7.
14. B. Partitioning is the process of breaking a network into smaller components that can each
be individually protected. The concept is the same as building walls in an ofice building. For
additional information, see Chapter 6.
15. A. IM and other systems allow unsuspecting users to download iles that may contain
viruses. Due to a weakness in the ile extension naming conventions, a ile that appears to
have one extension may actually have another extension. For example, the ile account.
doc.vbs would appear in many applications as account.doc, but it’s actually a Visual
Basic script and could contain malicious code. For additional information, see Chapter 4.
16. B. Access control lists (ACLs) are used to allow or deny an IP address access to a network.
ACL mechanisms are implemented in many routers, irewalls, and other network devices.
For additional information, see Chapter 5.
17. B. The default port for a web server is port 80. By changing the port to 1019, you force
users to specify this port when they are using a browser. This action provides a little addi-
tional security for your website. Adding a irewall to block port 80 would secure your web-
site so much that no one would be able to access it. For more information, see Chapter 3.
18. D. A worm is designed to multiply and propagate. Worms may carry viruses that cause sys-
tem destruction, but that isn’t their primary mission. For more information, see Chapter 2.
19. A. Social engineering is using human intelligence methods to gain access or information
about your organization. For additional information, see Chapter 6.
20. C. In most environments, FTP sends account and password information unencrypted.
This makes these accounts vulnerable to network snifing. For additional information, see
Chapter 5.
21. A. An intrusion detection system (IDS) provides active monitoring and rule-based responses
to unusual activities on a network. A irewall provides passive security by preventing access
from unauthorized trafic. If the irewall were compromised, the IDS would notify you based
on rules it’s designed to implement. For more information, see Chapter 3.
22. B. The chain of custody ensures that each step taken with evidence is documented and
accounted for from the point of collection. Chain of custody is the Who, What, When,
Where, and Why of evidence storage. For additional information, see Chapter 8.
23. A. Steganography is the process of hiding one message in another. Steganography may
also be referred to as electronic watermarking. For additional information, see Chapter 7.
24. C. The use policy is also referred to as the usage policy. It should state acceptable uses
of computer and organizational resources by employees. This policy should outline con-
sequences of noncompliance. For additional information, see Chapter 8.
25. B. The Key Exchange Algorithm (KEA) is used to create a temporary session to exchange
key information. This session creates a secret key. When the key has been exchanged, the
regular session begins. For more information, see Chapter 7.
26. A. Elliptic Curve Cryptography (ECC) would probably be your best choice for a PDA.
ECC is designed to work with smaller processors. The other systems may be options, but
they require more computing power than ECC. For additional information, see Chapter 7.
27. B. An incremental backup will generally be the fastest of the backup methods because
it backs up only the iles that have changed since the last incremental or full backup. See
Chapter 8 for more information.
28. C. Biometrics is the authentication process that uses physical characteristics, such as a palm
print or retinal pattern, to establish identiication. For more information, see Chapter 1.
29. C. Role-Based Access Control (RBAC) is primarily concerned with providing access to
systems that a user needs based on the user’s role in the organization. For more informa-
tion, see Chapter 8.
30. A. Computer forensics is the process of investigating a computer system to determine the
cause of an incident. Part of this process would be gathering evidence. For additional infor-
mation, see Chapter 8.

sy0-201 books