Sy0 501 - Study guides, Class notes & Summaries

Explain SFTP CORRECT ANSWERS: SFTP or Secure FTP uses SSH to harden FTP. Uses SSH TCP Port 22. What is the difference between Recovery Time Objective and Recovery Point objective? CORRECT ANSWERS: Recovery Time Objective is the the target for how long it takes to get a system back online while Recovery Point Objective is how far back the recovery needs to go (Example: Server backups contain can go back 1 month). What are the two purposes of a proxy? CORRECT ANSWERS: Filtering and monito...

CompTIA Security+ Study Guide CompTIA Security+ SY0-501 This is a 'Open Source Study Guide' for Security+ SY0-501, gathering as many information as possible from many sources on internet to ensure to cover all topics presented on exam. The second objective is to help you pass the exam without paying any expensive training courses

Virus CORRECT ANSWERS: A piece of malicious code that replicates by attaching itself to another piece of executable code. Two types -- boot sector and program. Note that an Armored Virus employs encryption Crypto-malware CORRECT ANSWERS: An early name given to malware that encrypts files on a system and then leaves them unusable either permanently, acting as a denial of service, or temporarily until a ransom is paid. EX: WannaCry was an example of this Ransomware CORRECT ANSWERS: ...

3DES Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks. AAA Authentication, authorization, and accounting. A group of technologies used in remote access systems. Authentication verifies a user's identification. Authorization determines if a user should have access. Accounting tracks a user's access with logs. Sometimes called AAAs of security. ABAC Attribute-based...

A sticky note with a password kept on sight in user's cubicle would be a violation of which of the following policies? Answers: - Data labeling policy - Clean desk policy - Acceptable Use Policy (AUP) - User account policy - Answer- - Clean desk policy A legal contract between the holder of confidential information and another person to whom that information is disclosed, prohibiting that other person from disclosing the confidential information to any other party is known as...

Port number of HTTP - Answer- TCP 80 Port number of DNS Query - Answer- UDP 53 Port number of DNS Zone Transfer - Answer- TCP 53 Port number of HTTPS - Answer- TCP 443 Port number of Secure POP - Answer- 995 Port number of Secure IMAP - Answer- 993 Port number of SSL/TLS - Answer- 443 Port number of SFTP - Answer- 22 Port number of LDAPS - Answer- 636 Port number of SSH - Answer- 22 Port number of SNMP - Answer- 161 Key

encryption A reversible process of converting data such that to a third party the data is nothing more than a random binary string. decryption Makes encrypted data readable. cryptography The science of encrypting and decrypting data. encryption The process of converting plaintext information into ciphertext information. plaintext Any form of easily readable binary data. ciphertext Any form of encrypted binary data. code A representation of an enti...

acceptable use policy/rules of behavior CORRECT ANSWERS: agreed-upon principles set forth by a company to govern how the employees of that company may use resource such a computers and internet access. ALE CORRECT ANSWERS: annual loss expectancy - a calculation used to identify risks and calculate the expected loss each year ARO CORRECT ANSWERS: annualized rate of occurrence - a calculation of how often a threat will occur. For example, a threat that occurs once every five years has an ...

Security Policy Awareness Purpose - Answer- To enhance security by: - Improving awareness of the need to protect system resources - Developing skills/knowledge so computer uses can perform their jobs more securely End User Training - Answer- - Purpose, explanation, importance of adhering to security policy/procedures - Training should be initial, periodic, and ongoing Role Based Training - Answer- Specialized training that is customized to the specific role that an employee holds in the...

Threat, Attacks, & Vulnerabilities: Comitias Security+ SY0-501 FedVTE Course 142 Questions with Answers Rootkits - CORRECT ANSWER Programs that have the ability to hide themselves and cover traces of a hacker's activities from the user and potentially the operating system. Primary purpose of Rootkits - CORRECT ANSWER To provide repeated, undetected access to a system. Allows hackers to continually use a system without the adminstrator's knowledge. User Mode Rootkit - CORRECT ANSW...