Name:
Email:

Category Archives: Articles

Articles CompTIA Security+ SY0-201 Exam

CompTIA security+ Exam SYO-201

June 23, 2010 – 4:08 pm

CompTIA's Security+ certification is aimed at IT professionals who have two years on-the-job networking experience, with an emphasis on security. It is an entry-level, vendor-neutral certification which makes a great stepping stone to more advanced certifications, such as the ISC2 SSCP and CISSP, and the SANS
GIAC. It also may be used in some Microsoft certification tracks.

This certification is well suited to network and security administrators independent of what industry they workin. The Security+ designation is achieved by passing one conventional format exam that covers topics such as communication security, infrastructure security, cryptography, access control,

authentication, external attack and operational and organization security. The Security+ certification thus demonstrates the candidate's knowledge of information security and will help equip the candidate with the skills necessary to withstand hackers and decrease costs associated with security breaches.

Like other CompTIA offerings, once a person achieves the Security+, the certification will not expire.

The CompTIA Security+ certification designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT
specialty, according to a 2008 CompTIA study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security.

CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Major organizations that employ CompTIA Security+ certified staff include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola,
Symantec, Telstra, Hitachi, Ricoh, Lockheed Martin, Unisys, Hilton Hotels Corp., General Mills, the U.S. Navy, Army, Air Force and Marines.

Although not a prerequisite, it is recommended that CompTIA Security+ candidates have at least two years of technical networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended.

Tags , , | Permalink | Comment (0)
Articles CompTIA Security+ SY0-201 Exam

How to Receive This CompTIA Certification With Ease

June 21, 2010 – 5:57 am

With preparation, Security+ test takers can sit for this exam feeling relaxed, self-assured, and confident that they will receive their certification on the first try.

All CompTIA certifications are internationally recognized and vendor-neutral, which makes them a fantastic way for ITprofessionals all over the world to document their competence in many fields. The Security+ certification is designed for experienced security professionals who, according to the CompTIA web site, would like to prove their "competency in system security, network infrastructure, access control and organizational security."

Sitting for the Security+ exam may seem like a daunting task, but it doesn't have to be. If test takers take the time beforehand to study all of the material that they might encounter, then they will find that they are able to pass without a problem. With that in mind, test takers should use several training methods when preparing to take the Security+ certification exam.

Boot-up and Getting Learning With Computer-based Security+ Exam Training
Industry experts review the training materials on the market and award a select few with the CompTIA Authorized Quality Curriculum seal. When it comes to computer-based training, the offerings from ExamForce, QuickCert, and SANS Institute were found to be the best.

Features vary between these three training programs. ExamForce's CompTIA Security+ SYO-201 offers pretest skills assessment, adaptive drill mode, and simulated exams while Complete CompTIA Security+, from QuickCert, offers instructor-led training, learning labs, a practice exam simulator and an e-book learning supplement. SANS Institute's Management 512: SANS Security Leadership Essentials For Managers with Knowledge Compression™ differs in that it it is a five-day course designed to get students up to speed quickly on information security issues and terminology.

Books on the Security+ Certification Exam are Invaluable
Books are an important part of the learning process for those hoping to do well on their CompTIA certification exam. Once again, test takers would be well-advised to consider texts that received the Authorized Quality Curriculum seal. CompTIA Security+ 2008 In Depth, Security+ Guide to Network Security Fundamentals, CompTIA Security+ Deluxe Study Guide, and CompTIA Security+ Study Guide, 4th Edition are all highlighted by CompTIA as being among the best resources for test takers.

Tags , , , | Permalink | Comment (0)
Articles

CompTIA Security+ SYO-201

June 10, 2010 – 5:14 pm

SYO-201 is coming to town. And with it comes a few surprises. Mostly I think for me (Tcat Houser), and less for GetCertify4Less.com.

The big surprise for me is I am going to work with my co-author from the highest rated training manual for SYO-101 (Helen O'Boyle) along with a third person, I have never worked with before, Dawn-Marie. She is a buddy of Helen's. Originally I had no interest in the new Security+ exam, mostly because while the work Helen and I did was considered the "Gold Standard" for taking on SYO-101, it never got any marketing effort. For the effort we put in, we would've been better off picking up aluminum cans from the side of the road for recycle.

There is also the other smaller matter that my efforts on the topic of computer security are not really in alignment with what CompTIA's testing for on SYO-201.

So why the change?

It comes down to a number of smaller factors. Helen had some time availability, she wasn't predicting. Dawn-Marie comes in with not only excellent acumen in the field of computer security. She also brings (at the risk of slightly revealing her age), more than a couple years of experience in documentation layout.

And surprise, surprise. The largest factor that motivated us to update our Herculean effort comes down to the fact that SY0-201 is not that much different from SYO-101. At first, one would think after seven years, how can there be not that many changes in computer security?

Upon further study, the answer becomes self-evident. We're still dealing with a world where TCP/IP is still version 4, and not very much version 6 (IPNG). And for a moment, let's pretend we do live in a world where IPNG is a regular feature of our daily lives. Our original work, pretty clearly lays out the differences between IP V4 and IP V6.

CompTIA's offering a "bridge exam" for people like Helen and I were already blessed with SYO-101. My understanding is it's 40 questions, versus 100. At a savings of about $25.

Personally, I'm going to pass on the bridge exam. Unless my buddies at GetCertify4Less.com can pull a rabbit out of a hat, a discount voucher from them, will put the full exam in the same price range as the bridge exam.

Opps. I just realized I didn't explain the bridge exam. CompTIA states is testing only the differences between SY0-101 and SY0-201. Again, at first blush , one would think a lot of changes have happened in seven years. The answer is both yes and no. A man in the middle attack is still a MITM. Social engineering may have seen an increase in sophistication with spearfishing. And it still social engineering. Oh yeah. Certain aspects of PKI have been updated. That just means we have to go to that section, highlight and hit delete on the parts that haven't quite caught up (since they did in seven years).

With our change in publisher, Dawn-Marie is giving the book a whole new look and feel. Helen and I are 'hell-bent' on bringing the refreshed work at a dramatically lower price point. Gosh, I don't want to sound like a sales pitch for the new book. And to prove that point, I want to make it clear. One of the many people @ Amazon.com, who gave us such high ratings was a little miffed that we didn't make more of a big deal about the fact that we had a free 200 page PDF put out in three human languages, hours before the beta for sYO-101 went live.

Well, its still out there. I downloaded and did the MD5 sum check on the (English) version. Still the same baby. Not hard to find. Now please don't bust my chops that MD5 sums is now condiered obsolete. We that that work 7 years ago, when it wasn't. And we still talked about SHA-1 as the replacement. Maybe you want to look and see what SHA-2 has to offer.

As for the comment that are 200 page free PDF is almost the same as the InsideScoop version, I must disagree. Besides, 500 pages, there was a lot of graphics work and a lot of test questions , developed from our shot in the dark. We are committed to exceeding the previous standards at a much lower price point. We're doing this because we care. Not because we're trying to make a buck. SYO-101 has already proven that futility.

Tags , , | Permalink | Comment (0)
Articles CompTIA Security+

Troubleshooting Lab

May 6, 2010 – 7:15 am

You are a network administrator for Contoso Pharmaceuticals. A new assistant named Amy Rusko joins your network administration team. You assign Amy to the domain Server Operators group so she can help with server management tasks. Three days later, Amy tells you that she no longer has the right to shut down the server. Your man¬ager, Andy Ruth, thinks that he told another administrator to set up Amy's account as the new VP of Finance. Andy asks you to e-mail him a list of his group memberships as well as Amy's group memberships.

1. Log on using the Administrator name and password.

2. Insert the Supplemental CD-ROM and run the \70-294\Labs\Chapter08\Lab8.bat

batch file. This batch file creates several groups and makes Amy a member of those

groups. When the batch file runs, it will leave the commands it runs on-screen for

you to review. Press the spacebar when you are finished reviewing what happened.

3. Open a command prompt.

4. In the command prompt window, type net user amy > userstat.txt and press

Enter. This command creates the file userstat.txt and sends information, including

a list of group memberships of which Amy is a member to that file.

5. In the command prompt window, type net user andy » userstat.txt and press

Enter. This command appends Andy's user information to the userstat.txt file.

6. Type notepad c:\userstat.txt. Notepad displays Amy's user information. From

here you could attach the file to an e-mail and send it to Andy.

Tags , , , , , | Permalink | Comments (5)
Articles CompTIA Security+

CompTIA Security+ (Exam SY0-201) Certification Guide

May 5, 2010 – 6:48 am

In my previous article on IT Security, we explored the key concepts of IT Security and looked at some of the more prominent IT Security Certifications available today.

In continuation of my series focusing on IT Security, today’s article addresses the key objectives for passing the CompTIA Security+ (SY0-201) exam.

The SY0-201 exam is an entry-level security exam and candidates seeking to acquire this certification are expected to understand a variety of security topics from an overview perspective, rather than implementation. With that said, practical experience in IT Security or networking concepts is a huge plus, but not required.

The latest version of the exam was launched in 2008, consists of 100 multiple choice questions, and the time limit of the exam is 90 minutes.

Note: For the Security+ certificate holders of the previous exam, CompTIA offers a bridge exam, BR0-001, which contains 50 questions and requires 60 minutes to complete.

Once you pass the exam, a Security+ certificate and a CompTIA ID card will be sent to you in the mail. The certificate is stated to be good for life, but that is subject to change in 2011 once the new Certification Renewal Policy goes into effect.

My suggestion: get your Security+ cert before the end of 2010.

CompTIA Security+ Key Objectives

The SY0-201 Exam requires the exam candidate to understand several topics or key objectives related to IT Security. These key objectives are viewed to be the core components in the development of an IT Security professional and they consist of the following:

* Systems Security
* Network Infrastructure
* Access Control
* Assessment and Audits
* Cryptography
* Organizational Security

Tags , | Permalink | Comment (0)
Articles CompTIA Security+

Administering Groups

May 4, 2010 – 6:25 am

Exam Objectives in this Chapter:

Plan a security group hierarchy based upon delegation requirements

Plan a security group strategy

Why This Chapter Matters

As an administrator, you'll have to work with groups. Groups reduce administrative effort by allowing you to assign permissions and rights to a group of users rather than having to assign permissions to each individual user account. As a Microsoft Windows Server 2003 domain administrator, you must understand the different types of groups and which ones you can use with each domain functional level. You must certainly understand how to create and delete groups, add members to groups, and change the group scope, as these tasks are commonly performed by network administrators. You should also understand why logging on to Windows Server 2003 using an administrator account makes your system more vulnerable to Trojan horse attacks and other security risks. To address this problem, you will learn about the Run As program, which allows you to run specific tools and programs with permissions other than those provided by the account with which you are currently logged on to perform routine tasks without exposing your computer to unnecessary risk.

Lessons in this Chapter:

Lesson 1: Understanding Groups

Lesson 2: Creating and Administering Groups

Lesson 3: Administration Strategies

Before You Begin

To complete the lessons in this chapter, you must

Prepare your test environment according to the descriptions given in the "Getting

Started" section of "About This Book"

Complete the practices for installing and configuring Active Directory as discussed

in Chapter 2, "Installing and Configuring Active Directory"

Learn to use Active Directory administration tools as discussed in Chapter 3,

"Administering Active Directory"

Complete the practices for configuring sites and replication as discussed in Chapter 5, "Configuring Sites and Managing Replication"

Complete the practices for implementing an organizational unit (OU) structure as discussed in Chapter 6, "Implementing an OU Structure"

Complete the practices for creating and maintaining user accounts as discussed in Chapter 7, "Administering User Accounts"

Before you can create groups, you must understand the purpose of groups and how they are used to simplify administration tasks. This lesson introduces you to the group types and scopes you can create in Windows Server 2003 and the rules for group membership. You also learn about the various categories of default groups. At the end of the lesson, you learn how to plan a group strategy.

After this lesson, you will be able to

Explain the purpose of groups

Explain the purpose of security and distribution group types

Explain the characteristics of domain local, global, and universal group scopes

Explain the purpose of local groups

Describe the types of default groups

Plan a group strategy

Tags , , , , , | Permalink | Comments (8)
Articles CompTIA Security+

Exambible SY0-201 CompTIA Security+ Exam

April 30, 2010 – 6:42 am

ExamBible SY0-201 Test Questions are the perfect combination of the original question, the answer from many professionals senior lecturer at the original crack conclude that the correct rate of 100%, as long as you use the site of the item bank to participate in CompTIA Security+ Exam (CompTIA) , we guarantee once you pass the exam easily.IT professionals into the CompTIA industry, CompTIA certification is a "stepping-stone". By the internationally renowned IT companies issued professional certificates to prove that you have some professional IT skills, for the international recognition and universal. Certification exam will need to find a good item bank helper, so you want to test carefree through CompTIA Security+ Certification.

We know better what you need to pass your SY0-201 exam. Our commitment is to provide you quality braindumps, exam science, practice test, questions and answers, study guide, tutorials and other course related material. Get everything you need to pass your SY0-201 exam.Let us help you climb that ladder of success and pass your SY0-201 exam now!More CompTIA exam study materils in ExamBible.We thank you for your valued support in the past, and hope for its continuance.

Exambible's SY0-201 exam was updated fastest and the most accurate one I bought.They not only provide CompTIA aspects of exam questions and answers,they also have Cisco,IBM,Oracl and so on and each was fast and accurate.Question Dumps exam is always updated to provide you the most actual information available

The SY0-201 of CompTIA is a valuable, industry-recognized standard that can prove the holder’s knowledge and ability level.You can attain higher positions and salaries after you pass the SY0-201 exam.Get the pdf demo before you decide to buy it.Exambible have solid, verified and certified background, have strong, friendly and united work team, have careful, technical, exceperienced exam analysts, come to Exambible you see our warm heard with useful Practice Materials, so why not use exambible CompTIA SY0-201.

Tags , , , , | Permalink | Comment (0)
Articles CompTIA Security+

Local User Accounts

April 29, 2010 – 5:50 am

Local user accounts allow users to log on to, and gain access to resources on, only the computer where the local user account is created. When you create a local user account, as shown in Figure 7-1, Windows Server 2003 creates the account only in that computer's security database, which is called the local security database. Windows Server 2003 does not replicate local user account information to domain controllers. After a local user account is created, the computer uses its local security database to authenticate the local user account, which allows the user to log on to that computer.

Do not create local user accounts on computers that require access to domain resources, because the domain does not recognize local user accounts. Therefore, the user is unable to gain access to resources in the domain.

Domain User Accounts

Domain user accounts allow users to log on to a domain and gain access to resources anywhere on the network. The user provides his or her user name and password during the logon process. By using this information, Windows Server 2003 authenticates the user and then builds an access token that contains information about the user and security settings. The access token identifies the user to computers running Windows Server 2003 and computers running pre—Windows Server 2003 operating systems on which the user tries to gain access to resources. Windows Server 2003 provides the access token for the duration of the logon session.

You create a domain user account in a container or an OU in the copy of the Active Directory database (called the directory) on a domain controller, as shown in Figure 7-2. The domain controller replicates the new user account information to all domain controllers in the domain.

Tags , , , , | Permalink | Comment (0)
Articles CompTIA Security+

Key Points

April 28, 2010 – 3:45 am

The primary reason for defining an OU is to delegate administration. Delegating

administration is the assignment of IT management responsibility for a portion of

the namespace, such as an OU, to an administrator, a user, or a group of administrators or users.

You should design OUs for simplicity. It is likely that your domains will require a

number of OUs to meet administrative requirements. The best practice is to begin

with one OU and then add only those OUs that you can justify. Define OUs with

administration, not users, in mind.

By linking GPOs to OUs, GPOs can be applied to either users or computers in the

OU. Because there is only one way to delegate administration and there are multiple ways to aclininister Group Policy, you must define OU structures to delegate

administration first. After an OU structure is defined to handle delegation of

administration, you can define additional OUs to administer Group Policy.

You cannot assign access permissions based on a user's membership in an OU.

OUs are not security principals. Access control is the responsibility of global,

domain local, or universal groups.

You move objects within an OU hierarchy by using drag and drop, the Move

option on the Active Directory Users And Computers console, or the Dsmove command.

Tags , , , , , | Permalink | Comment (0)
Articles CompTIA Security+

Exercise 2: Designing an IPSec Policy for Wingtip Toys

April 27, 2010 – 5:55 am

Read the scenario and then answer the question that follows.

Scenario You are a security designer at Wingtip Toys. The company wants to protect sensitive files that must be made available by using shares. You have gathered the following information and made the following decisions:

Users who are authorized to read or read and modify documents of specific types

are given appropriate permissions on the share, folder, and files by using discretionary access control lists (DACLs).

The servers are segmented behind an internal firewall. However, Wingtip Toys

realizes that this security can be breached by current users whose computers are

on that network segment, and potentially by other employees, contractors, and

intruders who might gain entry to the area and the ability to connect to the net¬

work. To provide an extra layer of protection, you decide to use IPSec. This can

provide data encryption to protect the data in case it is captured during transmission, and it can restrict communications to specific computers. This is not ideal

because it 'will prevent authorized users from accessing data if they are not using

one of the authorized computers—but this inconvenience is small.

Your users understand the need for confidentiality, and most of them are required to

work from the regular systems at all times. This restriction has advantages, as assigned

computers can be more closely audited and secured. You have decided to design a policy to block access from computers that are not under the control of authorized users.

The 192.168.5.0/24 subnet has been reserved for IT administrators, and no other

computers are assigned addresses within that range.

Review Questions Answer the following question. 1. What steps should you take to design the policy?

Tags , , , , | Permalink | Comments (11)

« Previous PageNext Page »

« Previous PageNext Page »