Security+ (SY0-501) Study Guide Errata Page
CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide
We work hard to ensure that the books come out without any errors, but some always sneak in.
This page is dedicated to sharing errors identified in the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide. If you know of any errors in the book, please let me know.
Unfortunately, I repeated one error several times in the book.
I wrote incorrectly in the Certificate Formats section (Chapter 10) that Canonical Encoding Rules (CER) is a binary format and Distinguished Encoding Rules (DER) is an ASCII format. However, the following is accurate.
- Canonical Encoding Rules (CER) is ASCII.
- Distinguished Encoding Rules (DER) is binary.
- Check out the DER and CER Certificates blog post for clarification.
The following errors have been corrected in the Kindle edition.
|Pg 82||In the Understanding Switches and Getting Help section. The following paragraph in this section isn’t technically accurate, but the difference is subtle.
Although Linux terminal commands use switches too, they don’t use the question mark for help. Instead, if you want basic help on a command, you can often just type the command without any switch, or use the pipe symbol (|) and the word help:
Entering ping or ping | help results in an error with ping and ping outputs an error message. While the error message can be helpful, it doesn’t give you the same amount of help as the man ping command. A Linux expert let me know that you can almost always get help from a command with one of the following two options:
Check out the online Linux lab for different ways to query help on Linux systems.
Some details from a Linux Expert
ping | help
For getting help with ping on Linux.
Drop the pipe to help. It doesn’t help.
On most Linuxes/shells (including bash, the default shell on Kali, the distro you recommend), “help” is a shell built-in command that offers help on the shell itself, *not* executables that can be called from the shell (such as ping). And it ignores its stdin, so piping anything into it has absolutely no effect on its output.
Furthermore, when you invoke ping without any arguments, that’s an error, so the usage message that ping spits out goes to stderr, not stdout. When you make a pipeline, only stdout gets redirected to the next command in the pipeline, not stderr (unless you add extra syntax, which you did not). So, despite the pipe, “help” was not even seeing the output of “ping”.
So if, as a result of entering the above command, you saw info on how to use ping, “help” had nothing to do with it. What happened is that *both* the output of help came out (which is of absolutely no use in trying to figure out how ping works) *and* the (stderr) output of ping came out (which you would have got anyway, even if you hadn’t piped to help).
And I very much take issue with the last paragraph of that section, in which you complain about the inconsistency of help availability. On nearly every distribution of Unix/Linux I’ve used over the past thirty-something years (probably a dozen or more), nearly every command (not to mention library calls, system calls, config files) had a very well written man page. Indeed, especially in my early years, the vast majority of what I knew about Unix (later Linux), I learned from reading man pages. I have always considered the built-in documentation on Unix/Linux vastly superior to that of DOS/Windows. (Exception: PowerShell’s documentation is stellar. But that’s such a late addition, relatively speaking, that you’d hope MS would have started getting things right by then.)
As for getting help with command line switches, your complaint of lack of consistency has a bit more legitimancy. Still, it’s relatively few commands that don’t support at least one of -h, -?, –help. And even for those that don’t, I haven’t run into a command yet that doesn’t give usage if you give it an option it doesn’t support, so –help and/or -? should nearly always get you what you need, even if only accidentally. (I supposed -h might be a bit more risky, since there’s a better chance that it’s supported but means something other than “help”.)
|P103||In Chapter 2, Exploring Authentication Concepts, under section title “Something You Have”. The second sentence in the Remember This block is:
HOTP creates a one-time use password that does not expire.
It should read as:
HOTP creates a one-time use password that does not expire until it is used.
|P136|| In Chapter 2, question 12.
Delete the word “former” in the question. It should read as:
A company recently hired you as a security administrator. You notice that some accounts used by temporary employees are currently enabled. Which of the following choices is the BEST next step?
|Pg 140||In the Kindle version, Chapter 3, page 139, under section title “CompTIA Security+ objectives covered in this chapter”. The last objective is listed as:
1.3 Given a scenario, implement secure systems design.
It should be:
|Pg 169|| In Chapter 3, Transparent Proxy Versus Nontransparent Proxy Remember This section. The definition for transparent proxy servers and nontransparent proxy servers is reversed.
It should read:
A proxy server forwards requests for services from a client. It provides caching to improve performance and reduce Internet bandwidth usage. Transparent proxy servers accept and forward requests without modifying them. Nontransparent proxy servers use URL filters to restrict access to certain sites. Both types can log user activity.
|Pg 433|| XOR bullet. The explanation is swapped. It should read as: If the two inputs are the same, it outputs False (or a binary 0).
If the two inputs are different, it outputs True (or a binary 1).
|Pg 537||3DES definition in glossary. Change Digital to Data.
It should read as “Triple Data Encryption Standard”
|Pg 540||CBC definition in glossary. The first sentence should be “A mode of operation used by some symmetric encryption ciphers.”
The full glossary definition should be:
CBC—Cipher Block Chaining. A mode of operation used by some symmetric encryption ciphers. It uses an IV for the first block and each subsequent block is combined with the previous block.
|Pg 547||Firewall definition in glossary. The definitions for stateful and stateless firewalls were swapped. They are correct in the chapter. The definition should be:
firewall—A software or a network device used to filter traffic. Firewalls can be application-based (running on a host), or network-based. Stateless firewalls filter traffic using rules within an ACL. Stateful firewalls filter traffic based on its state within a session.
|Pg 567||XOR definition in glossary. The explanation is swapped. It should read as:
If the two inputs are the same, it outputs False (or a binary 0).