Posted filed under CompTIA Security+, MICROSOFT MTA SECURITY.

In this cram guide, we would like to give you some short tips on what to study for the Security+ exam to ensure a great score. It is organized by the same criteria that CompTIA organizes the actual exam and is therefore comprehensive, covering many of the specialized points that you will encounter while taking the exam.


Topic 1: General Security Concepts

  • Your ability to understand the CIA triangle (Confidentiality, Integrity, and Availability) will help you in many questions that are indirectly related to the triangle on the exam. Remember that confidentiality refers to the idea that information should remain only accessible to those who are meant to access it; integrity is the concept that information should remain in the same form as it was originally intended (i.e. not maliciously changed); availability refers to the idea that information should be accessible (think Denial of Service)


Topic 2: Communication Security

  • Remote Access Technologies include PPP (widely used for dial-up TCP/IP access), PPTP (tunneled PPP), RADIUS (UDP-based), TACACS+ (similar to radius, but TCP-based and Cisco proprietary)
  • L2TP operates on the Data-Link layer; IPSec operates over Network layer and has two protocols: AH and ESP


Topic 3: Infrastructure Security

  • Make sure you know some basic networking concepts and hardware:
    • Cladding is the glass insulator in fiber optic cabling
    • STP cabling is said to be shielded against EMI, or electric interference
  • Also, for the Security+ exam, an understanding of the types of firewalls is essential:
    • Packet filtering: Works by examining headers
    • Circuit-level gateway: Maintains state information (connection-based)
    • Application-level gateway: Examines each packet coming in for content
    • Proxy server: Special application-level gateway that ensures no direct connection between an un-trusted and trusted network
    • ACL is the list that defines the rules that a packet filtering firewall follows


Topic 4: Basics of Cryptography

  • The work factor of an algorithm refers to the amount of resources and time it takes for the algorithm to operate
  • A key is the value that can encrypt or decrypt text
  • Public-key or asymmetric algorithms are more scalable and easier to manage than symmetric or secret key algorithms, but they require more overhead and are slower
  • End-to-End encryption refers to the idea that packets are encrypted at the source and decrypted at the destination


Topic 5: Organizational Security

  • Business Continuity Planning refers to continuing normal day-to-day operations after a disaster
  • Disaster Recovery Planning refers to fixing the problems a disaster causes
  • Backup types that you should know for the exam:
    • Full: The information is backed up in entirety
    • Differential: Only the data changed since the last full backup is backed up
    • Incremental: Only the data changed since the last full or incremental backup is backed up
  • The greatest amount of time that a system can withstand being un-operational is called the MTD or maximum tolerable downtime
  • Risk analysis is the practice of assessing which threats are relevant and pressing


Topic 6: Tables & Charts


Cryptographic Algorithms and Protocols

NameTypeAlgorithmSizeStrengthReplaced By
DESSymmetricBlock cipher64 bit (56 + 8 parity)Very weak3DES
3DESSymmetricBlock cipher192 bit (168 bit + 24 parity)ModerateAES
AESSymmetricRijndael Block cipherVariable (128, 192, 256)StrongN/A
RC5SymmetricRSA Block mode cipherVariable (up to 2048)Very StrongN/A
RSAAsymmetricKey transport512StrongN/A
Diffie-HellmanAsymmetricKey exchangeN/AModerateEl Gamal
El GamalAsymmetricKey exchangeN/AVery StrongN/A
MD5Hash (Digest)Rivest MD5 Block Hash512 bit block processing/ 128 bit digestStrongMD6, et. Al.
SHA-1HashRivest SHA Hash512-bit processing/160 bit digestVery StrongN/A
HMACHashKeyed DigestVariableVery StrongN/A





Source by: <>

 To Become Certified For CompTIA Security+ Please Visit This Link ;



Comments are closed.