Table of Contents

security+ study guide (exam syo-101)
Security+ Study Guide (Exam SYO-101)
byMichael Pastore ISBN:078214098X
Sybex 2003 (555 pages)

This guide provides all you need to prepare for CompTIA's Security+ Exam (SYO-101), including coverage of general security concepts, basics of cryptography, and more.

Table of Contents
Security+ Study Guide
Chapter 1 - General Security Concepts
Chapter 2 - Know Your Enemy
Chapter 3 - Infrastructure and Connectivity
Chapter 4 - Monitoring Communications Activity
Chapter 5 - Implementing and Maintaining a Secure Network
Chapter 6 - Working with a Secure Network
Chapter 7 - Cryptography Basics and Methods
Chapter 8 - Cryptography Standards
Chapter 9 - Security Policies and Procedures
Chapter 10 - Security Management
List of Figures
List of Tables
List of Sidebars

Back Cover

Here’s the book you need to prepare for CompTIA’s Security+ Exam, SYO-101. This study guide provides:

  • Full coverage of every exam objective
  • Practical information on network hardware
  • Hundreds of challenging practice questions

Authoritative coverage of all exam objectives, including:

  • General Security Concepts
  • Communication Security
  • Infrastructure Security
  • Basics of Cryptography
  • Operational and Organizational Security

About the Author and Technical Editor

Michael Pastore, Security+, has worked in IT for over 25 years, and currently does consulting in systems implementation for the Shepherd Group in Bellevue, Washington.

The technical editor, David Groth, is the author of best-selling A+ Complete Study Guide and Network+ Study Guide. He holds many technical certifications from CompTIA, including Security+, Microsoft, and Novell.

Security+ Study Guide

Michael Pastore

Associate Publisher: Neil Edde
Acquisitions Editor: Elizabeth Hurley
Developmental Editor: Jeff Kellum
Production Editor: Lori Newman
Technical Editors: Warren Wyrostek, David Groth
Copyeditor: Kathy Grider-Carlyle
Compositor: Rozi Harris, Interactive Composition Corporation
Graphic Illustrator: Tony Jonick
CD Coordinator: Dan Mummert
CD Technician: Kevin Ly
Proofreaders: Emily Hsuan, David Nash, Laurie O'Connell, Yariv Rabinovitch, Nancy Riddiough, Sarah Tannehill
Indexer: Rebecca Plunkett
Book Designer: Bill Gibson
Cover Designer: Archer Design
Cover Photographer: R.H. Smith, Natural Selection

Copyright © 2003 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher.

Library of Congress Card Number: 2002113843

ISBN: 0-7821-4098-X

SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries.

Screen reproductions produced with FullShot 99. FullShot 99 © 1991–1999 Inbit Incorporated. All rights reserved. FullShot is a trademark of Inbit Incorporated.

The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997–1999 Macromedia Inc. For more information on Macromedia and Macromedia Director, visit

The logo of the CompTIA Authorized Curriculum Program and the status of this or other training material as "Authorized" under the CompTIA Authorized Curriculum Program signifies that, in CompTIA's opinion, such training material covers the content of the CompTIA's related certification exam. CompTIA has not reviewed or approved the accuracy of the contents of this training material and specifically disclaims any warranties of merchantability or fitness for a particular purpose. CompTIA makes no guarantee concerning the success of persons using any such "Authorized" or other training material in order to prepare for any CompTIA certification exam.

The contents of this training material were created for the CompTIA Security+ exam covering CompTIA certification exam objectives that were current as of September 2002.

How to Become CompTIA Certified:

This training material can help you prepare for and pass a related CompTIA certification exam or exams. In order to achieve CompTIA certification, you must register for and pass a CompTIA certification exam or exams.

In order to become CompTIA certified, you must:

  1. Select a certification exam provider. For more information please visit

  2. Register for and schedule a time to take the CompTIA certification exam(s) at a convenient location.

  3. Read and sign the Candidate Agreement, which will be presented at the time of the exam(s). The text of the Candidate Agreement can be found at

  4. Take and pass the CompTIA certification exam(s).

For more information about CompTIA's certifications, such as their industry acceptance, benefits, or program news, please visit

CompTIA is a non-profit information technology (IT) trade association. CompTIA's certifications are designed by subject matter experts from across the IT industry. Each CompTIA certification is vendor-neutral, covers multiple technologies, and requires demonstration of skills and knowledge widely sought after by the IT industry.

To contact CompTIA with any questions or comments:
Please call + 1 630 268 1818

Sybex is an independent entity from CompTIA and is not affiliated with CompTIA in any manner. Neither CompTIA nor Sybex warrants that use of this publication will ensure passing the relevant exam. Security+ is either a registered trademark or trademark of CompTIA in the United States and/or other countries.

TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer.

The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book.

Manufactured in the United States of America

10 9 8 7 6 5 4 3 2 1

Software License Agreement: Terms and Conditions

The media and/or any online materials accompanying this book that are available now or in the future contain programs and/or text files (the "Software") to be used in connection with the book. SYBEX hereby grants to you a license to use the Software, subject to the terms that follow. Your purchase, acceptance, or use of the Software will constitute your acceptance of such terms.

The Software compilation is the property of SYBEX unless otherwise indicated and is protected by copyright to SYBEX or other copyright owner(s) as indicated in the media files (the "Owner(s)"). You are hereby granted a single-user license to use the Software for your personal, noncommercial use only. You may not reproduce, sell, distribute, publish, circulate, or commercially exploit the Software, or any portion thereof, without the written consent of SYBEX and the specific copyright owner(s) of any component software included on this media.

In the event that the Software or components include specific license requirements or end-user agreements, statements of condition, disclaimers, limitations or warranties ("End-User License"), those End-User Licenses supersede the terms and conditions herein as to that particular Software component. Your purchase, acceptance, or use of the Software will constitute your acceptance of such End-User Licenses.

By purchase, use or acceptance of the Software you further agree to comply with all export laws and regulations of the United States as such laws and regulations may exist from time to time.

Software Support

Components of the supplemental Software and any offers associated with them may be supported by the specific Owner(s) of that material, but they are not supported by SYBEX. Information regarding any available support may be obtained from the Owner(s) using the information provided in the appropriate files or listed elsewhere on the media.

Should the manufacturer(s) or other Owner(s) cease to offer support or decline to honor any offer, SYBEX bears no responsibility. This notice concerning support for the Software is provided for your information only. SYBEX is not the agent or principal of the Owner(s), and SYBEX is in no way responsible for providing any support for the Software, nor is it liable or responsible for any support provided, or not provided, by the Owner(s).


SYBEX warrants the enclosed media to be free of physical defects for a period of ninety (90) days after purchase. The Software is not available from SYBEX in any other form or media than that enclosed herein or posted to

If you discover a defect in the media during this warranty period, you may obtain a replacement of identical format at no charge by sending the defective media, postage prepaid, with proof of purchase to:

Product Support Department 1151 Marina Village Parkway
Alameda, CA 94501

After the 90-day period, you can obtain replacement media of identical format by sending us the defective disk, proof of purchase, and a check or money order for $10, payable to SYBEX.


SYBEX makes no warranty or representation, either expressed or implied, with respect to the Software or its contents, quality, performance, merchantability, or fitness for a particular purpose. In no event will SYBEX, its distributors, or dealers be liable to you or any other party for direct, indirect, special, incidental, consequential, or other damages arising out of the use of or inability to use the Software or its contents even if advised of the possibility of such damage. In the event that the Software includes an online update feature, SYBEX further disclaims any obligation to provide this feature for any specific duration other than the initial posting.

The exclusion of implied warranties is not permitted by some states. Therefore, the above exclusion may not apply to you. This warranty provides you with specific legal rights; there may be other rights that you may have that vary from state to state. The pricing of the book with the Software by SYBEX reflects the allocation of risk and limitations on liability contained in this agreement of Terms and Conditions.

Shareware Distribution

This Software may contain various programs that are distributed as shareware. Copyright laws apply to both share- ware and ordinary commercial software, and the copyright Owner(s) retains all rights. If you try a shareware program and continue using it, you are expected to register it. Individual programs differ on details of trial periods, registration, and payment. Please observe the requirements stated in appropriate files.

Copy Protection

The Software in whole or in part may or may not be copy- protected or encrypted. However, in all cases, reselling or redistributing these files without authorization is expressly forbidden except as specifically provided for by the Owner(s) therein.

To Our Valued Readers:

Sybex is proud to have served as a cornerstone member of CompTIA's Security+ Advisory Committee. Just as CompTIA is committed to establishing measurable standards for certifying IT security professionals, Sybex is committed to providing those individuals with the skills needed to meet those standards. By working alongside CompTIA, and in conjunction with other esteemed members of the Security+ committee, it is our desire to help bridge the knowledge and skills gap that currently confronts the IT industry.

Our authors, editors, and technical reviewers have worked hard to ensure that this Security+ Study Guide is comprehensive, in-depth, and pedagogically sound. We're confident that this book will meet and exceed the demanding standards of the certification marketplace and help you, the Security+ exam candidate, succeed in your endeavors.

Good luck in pursuit of your Security+ certification!

Neil Edde
Associate Publisher—Certification
Sybex, Inc.

For John Pastore and Peter Steinberg, two fine young men who left us too soon.They would want us to remember to enjoy life and care about each other. They are truly missed.


I want to thank…
…First, I would like to thank my wife, Sheryl, for her support and encouragement throughout the writing of this book. I also want to acknowledge my son Mark and my daughter Erin. Thank you for being there for me, as you always have been during this process.
…Second, special thanks are extended to Rod Jackson for his work on the Flash Cards and the Bonus Exams, and to Emmett Dulaney for his work on the Glossary.
…Third, to the talented Sybex staff who assisted me: their hard work and dedication in getting this book done was impressive.