Quantcast

Security+ Study Guide Errata Page

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

We work hard to ensure that the books come out without any errors, but some always sneak in.

This page is dedicated to sharing errors identified in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. If you know of any errors in the book, please let me know.

Labs

Note: If you’re having trouble accessing the labs at the primary location, you can use the alternate location here.

Location Correction

Page 25

Update to Kindle has been submitted.

CompTIA changed their link to the Recertification Requirements page. Use this link instead of the link in the third paragraph of the Recertification Requirements section:

http://certification.comptia.org/stayCertified.aspx

Page 40

Update to Kindle has been submitted.

Question 67. Answer B should be $8,000

Page 51

Update to Kindle has been submitted.

Answer 41.The second to last sentence has some additional text that shouldn’t be there. Specifically “and uses User Datagram Protocol (UDP) port 1721” should be deleted. The sentence should be:

Internet Protocol security (IPsec) uses protocol ID 50.

UDP port 1721 is not relevant for the Security+ exam.

Page 54

Update to Kindle has been submitted.

Answer 67. The second to last sentence incorrectly states you calculate the ARO as SLE x ARO. The sentence should be:

You calculate the ALE as SLE x ARO.

Page 56

Update to Kindle has been submitted.

Answer for question 85.

The last sentence in the explanation states:
Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Message Digest 5 (MD5) are all block ciphers.

It should be:
Advanced Encryption Standard (AES) and Data Encryption Standard (DES) are block ciphers. Message Digest 5 (MD5) is a hashing algorithm.

Page 57

Update to Kindle has been submitted.

Answer for question 93.

Correct answer is A (CRL), not C (OCSP). The explanation is accurate.

Page 106

Update to Kindle has been submitted.

The second sentence is the Securing Door Access with Biometrics section. It mentions authorization, but it should be authentication. More specifically, the sentence should read as:

“One of the benefits is that some biometric methods provide both identification and authentication.”

Page 133

Update to Kindle has been submitted.

Answer for question 8.

Correct answer is A (bollards), not B (guards). The explanation is accurate.

Page 140

Update to Kindle has been submitted.

The Remember this block incorrectly states “ARP resolves MAC addresses to IPv4 addresses.”

It should read as “ARP resolves IPv4 addresses to MAC addresses.”

Page 168

The second bullet in the Reviewing Basic Networking Concepts section incorrectly states “ARP resolves MAC addresses to IPv4 addresses.”

It should read as “ARP resolves IPv4 addresses to MAC addresses.”

Page 182

Update to Kindle has been submitted.

The first paragraph in the “Reporting” section has the words alert and alarm swapped in one sentence. It should read as:

Some systems consider an alarm and an alert as the same thing. Other systems use an alarm for a potentially serious issue, and an alert as a relatively minor issue.

Page 183

Update to Kindle has been submitted.

In the fifth paragraph of the False Positives Versus False Negatives section, the words high and low are swapped in the last sentence. It should read as:

It’s important to set the IDS threshold high enough to reduce the number of false positives but low enough to alert on any actual attacks..

In the Remember This block, the words high and low are swapped in the last sentence. It should read as:

Administrators often set the IDS threshold high enough that it minimizes false positives but low enough that it does not allow false negatives.

Page 240

Update to Kindle has been submitted.

Second paragraph from bottom has “signal” instead of “single.” It should read as:

These methods don’t block or weaken authentication. Additionally, they don’t prevent single sign-on methods using transitive trusts.

Page 252

Update to Kindle has been submitted.

Question 1 is missing this phrase: “and protect against zero-day vulnerabilities.” It should read as:

1. Your organization wants to improve the security posture of internal database servers and protect against zero-day vulnerabilities. Of the following choices, what provides the BEST solution?

The explanation is accurate.

Page 317

Update to Kindle has been submitted.

Question 17. Which of the following is an attack against servers hosting a directory service?

A. XSS
B. LDAP
C. XSRF
D. Fuzzing

To be more accurate, these answers should have modifiers as follows:

A. XSS attack
B. LDAP injection attack
C. XSRF attack
D. Fuzzing attack

Page 332

Update to Kindle has been submitted.

The second sentence in the last paragraph on this page has a phrase (“as a management control”) that should be deleted.

It should read as:

Security administrators use vulnerability scanners to identify which systems are susceptible to attacks.

Note: A vulnerability scanner is a technical control. A vulnerability assessment is a management control.

Page 398

Update to Kindle has been submitted.

The second to the last  sentence in the Remember this block has a typo. It has swapped the word “encrypt” with “hash.”

It should read as:

For example, if a question asks what you would use to hash and it lists encryption algorithms, you can quickly eliminate them because they don’t hash data.

Page 402

Update to Kindle has been submitted.

The first  sentence in the last paragraph of the RSA section has a minor typo. It’s missing the words “bits in.”

It should read as:

Although the processing power of computers has advanced since 2010, so has the number of bits in keys used by RSA.

Page 426

Update to Kindle has been submitted.

Answer for question 4.

Explanation incorrectly states that AES and Twofish encrypt data in 12-bit blocks. However, as stated elsewhere in the chapter, they encrypt data in 128-bit blocks. It should read as:

Advanced Encryption Standard (AES) and Twofish encrypt data in 128-bit blocks.

Page 427

Update to Kindle has been submitted.

Answer for question 15.

The second to last sentence in the explanation incorrectly states that “PBKDF2 is based on Blowfish, but Blowfish itself isn’t commonly used to encrypt passwords.”

It should state “Bcrypt is based on Blowfish, but Blowfish itself isn’t commonly used to encrypt passwords.”

Page 484

Update to Kindle has been submitted.

Answer for question 9.

Correct answer is C (RADIUS), not B (SAML). The explanation is accurate.

Page 487

Update to Kindle has been submitted.

Answer for question 28.

The second to last sentence should read as “Address Resolution Protocol (ARP) operates on Layer 2.”

Online SY0-401 Security+ Practice Test Questions available Here

Pass the SY0-401  Security+ Exam the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.

  • Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
  • Learn mode – not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
  • Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode – not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode – 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Online practice test questions are just a few clicks away.

You’ll receive an email granting you access shortly after you make your payment.

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.