CompTIA Security+ SYO-401 Exam Cram

Fourth Edition

Copyright © 2015 Pearson Education, Inc.

ISBN-10: 0-7897-5334-0
ISBN-13: 978-0-7897-5334-2

Warning and Disclaimer

Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an "as is" basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.

When reviewing corrections, always check the print number of your book. Corrections are made to printed books with each subsequent printing.

First Printing: February 2015

Corrections for November 9, 2017

Pg / Error – Fifth Printing / Correction
499 / Practice Exam 1, Question 42
Reads:
42. Which authorization protocol is generally compatible with TACACS? / Should read:
42. Which of the following is a proprietary extension to TACACS introduced by Cisco that is only capable of handling authentication?
521 / Practice Exam 1, Answers with Explanations, Question 42
Reads:
42. Answer D is correct. The Extended Terminal Access Controller Access Control System (XTACACS) protocol is a proprietary form of the TACACS protocol developed by Cisco and is compatible in many cases. Neither LDAP nor RADIUS is affiliated with the TACACS protocol, making answers A and B incorrect. Answer C is incorrect because the newer TACACS+ is not backward compatible with its legacy equivalent. / Should read:
42. Answer D is correct. The Extended Terminal Access Controller Access Control System (XTACACS) protocol is an extension of the TACACS protocol developed by Cisco and allows a remote access server to communicate with an authentication server. Neither LDAP nor RADIUS is affiliated with the TACACS protocol, making Answers A and B incorrect. Answer C is incorrect because the newer TACACS+ is aprotocol developed by Cisco and released as an open standard. TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services.

Corrections for January 16, 2017

Pg / Error – Fourth Printing / Correction
512 / Answers at a Glance, Answer to Question 78
Reads:
78. C / Should read:
78. B
528 / Answers with Explanations, Explanation to Answer to Question 78
Reads:
Answer C is correct. A false negative result involves access refusal for an authorized user, which makes answer D incorrect. Answers A and B are incorrect because they represent granted resource access. / Should read:
Answer B is correct. A false negative result involves falsely allowing unauthorized access. Answer C is incorrect as it refuses authorized access, thus being a false positive. Answers A and D are incorrect because these function as intended and neither represent false events.

Corrections for September 9, 2015

Pg / Error – Second Printing / Correction
20 / Chapter 1, Rule-Based Management, Last Two Sentences
Read:
IN addition to firewalls and routers, ACLs are used in operating is based on ACLs. The basis of this type osysetms. / Should read:
In addition to firewalls and routers, ACLs are used in operating systems.
32 / Chapter 1, Before Subnetting, insert Table 1.1 / Table 1.1
TABLE 1.1 Commonly Used Ports on Severs in the DMZ
Port / Service
21 / FTP
22 / SSH
25 / SMTP
53 / DNS
80 / HTTP
110 / POP3
443 / HTTPS

This errata sheet is intended to provide updated technical information. Spelling and grammar misprints are updated during the reprint process, but are not listed on this errata sheet.

Updated 11/09/2017