CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
We work hard to ensure that the books come out without any errors, but some always sneak in.
This page is dedicated to sharing errors identified in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. If you know of any errors in the book, please let me know.
Labs
Note: If you’re having trouble accessing the labs at the primary location, you can use the alternate location here.
Location | Correction |
---|---|
Page 25 Update to Kindle has been submitted. |
CompTIA changed their link to the Recertification Requirements page. Use this link instead of the link in the third paragraph of the Recertification Requirements section: http://certification.comptia.org/stayCertified.aspx |
Page 40 Update to Kindle has been submitted. |
Question 67. Answer B should be $8,000 |
Page 51 Update to Kindle has been submitted. |
Answer 41.The second to last sentence has some additional text that shouldn’t be there. Specifically “and uses User Datagram Protocol (UDP) port 1721” should be deleted. The sentence should be:
Internet Protocol security (IPsec) uses protocol ID 50. UDP port 1721 is not relevant for the Security+ exam. |
Page 54 Update to Kindle has been submitted. |
Answer 67. The second to last sentence incorrectly states you calculate the ARO as SLE x ARO. The sentence should be:
You calculate the ALE as SLE x ARO. |
Page 56 Update to Kindle has been submitted. |
Answer for question 85. The last sentence in the explanation states: It should be: |
Page 57 Update to Kindle has been submitted. |
Answer for question 93. Correct answer is A (CRL), not C (OCSP). The explanation is accurate. |
Page 106 Update to Kindle has been submitted. |
The second sentence is the Securing Door Access with Biometrics section. It mentions authorization, but it should be authentication. More specifically, the sentence should read as: “One of the benefits is that some biometric methods provide both identification and authentication.” |
Page 133 Update to Kindle has been submitted. |
Answer for question 8. Correct answer is A (bollards), not B (guards). The explanation is accurate. |
Page 140 Update to Kindle has been submitted. |
The Remember this block incorrectly states “ARP resolves MAC addresses to IPv4 addresses.” It should read as “ARP resolves IPv4 addresses to MAC addresses.” |
Page 168
|
The second bullet in the Reviewing Basic Networking Concepts section incorrectly states “ARP resolves MAC addresses to IPv4 addresses.” It should read as “ARP resolves IPv4 addresses to MAC addresses.” |
Page 182 Update to Kindle has been submitted. |
The first paragraph in the “Reporting” section has the words alert and alarm swapped in one sentence. It should read as: Some systems consider an alarm and an alert as the same thing. Other systems use an alarm for a potentially serious issue, and an alert as a relatively minor issue. |
Page 183 Update to Kindle has been submitted. |
In the fifth paragraph of the False Positives Versus False Negatives section, the words high and low are swapped in the last sentence. It should read as: It’s important to set the IDS threshold high enough to reduce the number of false positives but low enough to alert on any actual attacks.. In the Remember This block, the words high and low are swapped in the last sentence. It should read as: Administrators often set the IDS threshold high enough that it minimizes false positives but low enough that it does not allow false negatives. |
Page 240 Update to Kindle has been submitted. |
Second paragraph from bottom has “signal” instead of “single.” It should read as: These methods don’t block or weaken authentication. Additionally, they don’t prevent single sign-on methods using transitive trusts. |
Page 252 Update to Kindle has been submitted. |
Question 1 is missing this phrase: “and protect against zero-day vulnerabilities.” It should read as: 1. Your organization wants to improve the security posture of internal database servers and protect against zero-day vulnerabilities. Of the following choices, what provides the BEST solution? The explanation is accurate. |
Page 317 Update to Kindle has been submitted. |
Question 17. Which of the following is an attack against servers hosting a directory service? A. XSS To be more accurate, these answers should have modifiers as follows: A. XSS attack |
Page 332 Update to Kindle has been submitted. |
The second sentence in the last paragraph on this page has a phrase (“as a management control”) that should be deleted.
It should read as: Security administrators use vulnerability scanners to identify which systems are susceptible to attacks. Note: A vulnerability scanner is a technical control. A vulnerability assessment is a management control. |
Page 398 Update to Kindle has been submitted. |
The second to the last sentence in the Remember this block has a typo. It has swapped the word “encrypt” with “hash.”
It should read as: For example, if a question asks what you would use to hash and it lists encryption algorithms, you can quickly eliminate them because they don’t hash data. |
Page 402 Update to Kindle has been submitted. |
The first sentence in the last paragraph of the RSA section has a minor typo. It’s missing the words “bits in.”
It should read as: Although the processing power of computers has advanced since 2010, so has the number of bits in keys used by RSA. |
Page 426 Update to Kindle has been submitted. |
Answer for question 4.
Explanation incorrectly states that AES and Twofish encrypt data in 12-bit blocks. However, as stated elsewhere in the chapter, they encrypt data in 128-bit blocks. It should read as: Advanced Encryption Standard (AES) and Twofish encrypt data in 128-bit blocks. |
Page 427 Update to Kindle has been submitted. |
Answer for question 15.
The second to last sentence in the explanation incorrectly states that “PBKDF2 is based on Blowfish, but Blowfish itself isn’t commonly used to encrypt passwords.” It should state “Bcrypt is based on Blowfish, but Blowfish itself isn’t commonly used to encrypt passwords.” |
Page 484 Update to Kindle has been submitted. |
Answer for question 9. Correct answer is C (RADIUS), not B (SAML). The explanation is accurate. |
Page 487 Update to Kindle has been submitted. |
Answer for question 28. The second to last sentence should read as “Address Resolution Protocol (ARP) operates on Layer 2.” |