Home > Store

CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition, 3rd Edition

Register your product to gain access to bonus material or receive a coupon.

CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition, 3rd Edition

Book

  • Sorry, this book is no longer in print.
Not for Sale

About

Features

  • Case studies and hands-on video exercises in each chapter
  • Three full practice tests based on the real Security + exam
  • New! Video explanations of all answers in practice tests
  • Memory tables, study strategies, tips, cautions, key terms, troubleshooting scenarios, last-minute review tearsheet, and more

Description

  • Copyright 2015
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 800
  • Edition: 3rd
  • Book
  • ISBN-10: 0-7897-5333-2
  • ISBN-13: 978-0-7897-5333-5

DVD Features Three Complete Practice Exams, 31 videos, and 31 Interactive Exercises

  • Master every topic on CompTIA’s new Security+ SY0-401 exam
  • Assess your knowledge and focus your learning
  • Review key concepts with chapter-ending activities

CompTIA Security+ SY0-401 Authorized Cert Guide,Deluxe Edition, Third Edition, is a best-of-breed exam study guide. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Chapter-ending review activities help you drill on key concepts you must know thoroughly. Practice exam questions help you assess your knowledge, and a final preparation chapter sets you on the path to passing the exam.

The companion DVD contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The DVD also includes video solutions and interactive exercises to the Case Studies in the book.

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this authorized study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The authorized study guide helps you master all the topics on the Security+ exam, including

  • Core computer system security
  • OS hardening and virtualization
  • Application security
  • Network design elements
  • Networking ports, protocols, and threats
  • Perimeter security
  • Network media and devices security
  • Physical security and authentication models
  • Access control
  • Vulnerability and risk assessment
  • Monitoring and auditing
  • Cryptography, including PKI
  • Redundancy and disaster recovery
  • Policies and procedures

Companion DVD

Your purchase includes three free, complete practice exams as well as video solutions and interactive exercises to the Case Studies in the book.

Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8; Microsoft .NET Framework 4.0 Client; Pentium class 1 GHz processor (or equivalent); 512MB RAM; 65

Extras

Author's Site

Link to author site

Premium Edition

Limited Time Offer: Buy CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition, Premium Edition eBook and Practice Test  and receive a 10% off discount code for the CompTIA Security+ SYO-401 exam.  To receive your 10% off discount code:

1.       Register your product at pearsonITcertification.com/register

2.       When prompted, enter ISBN: 9780133836509

3.       Go to your Account page and click on “Access Bonus Content”

The exciting new CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test with an added bonus of complete video solutions to the 31 hands-on labs and 31 interactive flash-based learning activities that include drag-n-drop and matching to reinforce the learning. The Premium Edition eBook and Practice Test contains the following items:
  • The Security+ SY0-401 Premium Edition Practice Test, including four full practice exams and enhanced practice test features
  • PDF and EPUB formats of the CompTIA Security+ SY0-401 Cert Guide from Pearson IT Certification, which are accessible via your PC, tablet, and Smartphone
  • Complete video solutions to the 31 hands-on labs
  • Plus 31 interactive learning activities on key exam topics

About the Premium Edition Practice Test

This Premium Edition contains an enhanced version of the Pearson IT Certification Practice Test (PCPT) software with four full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package:

  • Allows you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7 or Windows 8;

Microsoft .NET Framework 4.0 Client;

Pentium class 1GHz processor (or equivalent);

512 MB RAM;

650 MB disc space plus 50 MB for each downloaded practice exam

About the Premium Edition eBook and Video Solutions and Activities

CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition is a best-of-breed exam study guide. Best-selling author and expert instructor David Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The Deluxe Edition eBook also contains access to the complete video solutions to the 31 case studies in the book and 31 interactive learning activities on key exam topics to reinforce the learning by doing. Learning activities such as test password strength, match the type of Malware with its definition, find the security issues in the network map, and disallow a user access to the network on Saturday and Sunday. Go to the back pages of your eBook for instructions on how to access the video solutions.

Interactive Learning Activities:

  • 2.1 Identifying Malware Types
  • 2.2 Securing the BIOS
  • 2.4 Filtering E-mails
  • 3.3 Stopping Services in the Command Prompt
  • 4.1 Securing Web Browers
  • 5.1 Creating a DMZ
  • 5.3 Defending Against the Web Shell
  • 6.1a Understanding Port Numbers, Part A
  • 6.1b Understanding Port Numbers, Part B
  • 6.1c Understanding Port Numbers, Part C
  • 6.2a Identifying Network Attacks, Part A
  • 6.2b Identifying Network Attacks, Part B
  • 6.2c Identifying Network Attacks, Part C
  • 6.2d Identifying Network Attacks, Part D
  • 7.1 Configuring a Firewall's Ruleset
  • 8.4 Planning Network Security
  • 9.1 Choosing Physical Security Methods
  • 9.2  Selecting the Correct Authentication Technology
  • 9.3 Underdstanding 802.1X
  • 10.1 Password Strength
  • 10.2 Configuring Logon Hours
  • 10.3 Understanding Access Control Models
  • 11.1a Risk Assessment, Part A
  • 11.1b Risk Assessment, Part B
  • 11.1c Vulnerability Management Process
  • 12.1 Capturing and Analyzing Packets
  • 12.2 Deciphering Log Files
  • 13.1 Understanding Symmetric and Asymmetric Algorithms
  • 15.1 Configuring RAID
  • 16.1a Identifying Social Engineering Attacks Part A
  • 16.1b Identifying Social Engineering Attacks Part B

Case Studies Video Solutions:

  • 1-1 Introducing Computer Security
  • 2-1 Using Free Malware Scanning Programs
  • 2-2 Securing the BIOS
  • 2-3 Securing Mobile Devices
  • 3-1 Discerning & Updating Service Pack Level
  • 3-2  Securing a Virtual Machine
  • 3-3 Working with Services in Windiws and Linux
  • 4-1 SecuringWeb Browsers
  • 4-2 Whitelisting and Blacklisting Applications with a Windows Server Policy
  • 5-2 Subnetting a Network
  • 6.1 Scanning Ports
  • 7-2 Configuring Packet Filtering and NAT
  • 7-3 Configuring an Inbound Filter 
  • 8-1 Securing a Wireless Device
  • 8-2 Enabling MAC Filtering
  • 8-3 Wardriving and the Cure
  • 9-3 Understanding 802.1X 
  • 9-4 Setting Up a Secure VPN
  • 10-1 Configuring Complex Passwords
  • 10-2 Configuring Password Policies and User Accounts
  • 10-4 Configuring User and Group Permissions
  • 11-2 Mapping and Scanning the Network
  • 11-3 Defending Against Password Cracking 
  • 12-1 Capturiing and Analyzing Packets
  • 12-2 Deciphering Log Files
  • 12-3 Auditing Files
  • 13-1 Understanding Symmetric and Asymmetric Algorithms
  • 13-2 Disabling the LM Hash
  • 14-1 Understanding PKI
  • 14-2 Making an SSH Connection
  • 15-1 Configuring RAID 
  • 17-1 Analyzing Test Questions

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The CompTIA approved study guide helps you master all the topics on the Security+ exam, including:

  • Core computer system security concepts
  • OS hardening and virtualization
  • Application security
  • Network design elements and threats
  • Perimeter security
  • Network media and devices security
  • Physical security and authentication models
  • Access control methods and models
  • Vulnerability and risk assessment
  • Monitoring and auditing
  • Cryptography, including PKI
  • Redundancy and disaster recovery
  • Policies and procedures

Sample Content

Online Sample Chapter

CompTIA Security+ SY0-401 Authorized Cert Guide: OS Hardening and Virtualization

Table of Contents

    Introduction xxii

Chapter 1 Introduction to Security 3

    Foundation Topics 3

    Security 101 3

        The CIA of Computer Security 3

        The Basics of Information Security 5

    Think Like a Hacker 8

    Chapter Review Activities 10

        Review Key Topics 10

        Define Key Terms 11

        Review Questions 11

    Answers and Explanations 13

Chapter 2 Computer Systems Security 17

    Foundation Topics 17

    Computer Systems Security Threats 17

        Malicious Software 18

        Viruses 18

        Worms 19

        Trojan Horses 20

        Ransomware 20

        Spyware 21

        Rootkits 22

        Spam 22

        Summary of Malware Threats 23

        Ways to Deliver Malicious Software 24

        Via Software, Messaging, and Media 24

        Botnets and Zombies 25

        Active Interception 26

        Privilege Escalation 26

        Backdoors 26

        Logic Bombs 27

        Preventing and Troubleshooting Malware 28

        Preventing and Troubleshooting Viruses 28

        Preventing and Troubleshooting Worms and Trojans 32

        Preventing and Troubleshooting Spyware 33

        Preventing and Troubleshooting Rootkits 35

        Preventing and Troubleshooting Spam 36

        You Can’t Save Every Computer from Malware! 38

        Summary of Malware Prevention Techniques 38

    Implementing Security Applications 39

        Personal Software Firewalls 39

        Host-Based Intrusion Detection Systems 41

        Pop-Up Blockers 43

        Data Loss Prevention Systems 45

    Securing Computer Hardware, Peripherals, and Mobile Devices 45

        Securing the BIOS 46

        Securing Storage Devices 47

    Removable Storage 47

        Network Attached Storage 48

        Whole Disk Encryption 48

        Hardware Security Modules 50

        Securing Mobile Devices 50

        Malware 51

        Botnet Activity 52

        SIM Cloning 52

        Wireless Attacks 53

        Theft 53

        Application Security 54

        BYOD Concerns 57

    Chapter Summary 60

    Chapter Review Activities 62

        Review Key Topics 62

        Define Key Terms 62

        Review Questions 63

    Answers and Explanations 71

        Case Studies for Chapter 2 77

        Case Study Solutions 79

Chapter 3 OS Hardening and Virtualization 83

    Foundation Topics 83

    Hardening Operating Systems 83

        Removing Unnecessary Applications and Services 84

        Service Packs 92

        Windows Update, Patches, and Hotfixes 95

        Patches and Hotfixes 96

        Patch Management 99

        Group Policies, Security Templates, and Configuration Baselines 100

        Hardening File Systems and Hard Drives 103

    Virtualization Technology 107

        Types of Virtualization and Their Purposes 107

        Hypervisor 109

        Securing Virtual Machines 110

    Chapter Summary 112

    Chapter Review Activities 113

        Review Key Topics 113

        Define Key Terms 114

        Review Questions 114

    Answers and Explanations 118

        Case Studies for Chapter 3 121

        Case Study Solutions 123

Chapter 4 Application Security 127

    Foundation Topics 127

    Securing the Browser 127

        General Browser Security Procedures 129

        Implement Policies 129

        Train Your Users 132

        Use a Proxy and Content Filter 133

        Secure Against Malicious Code 135

        Securing Internet Explorer 135

        Securing Firefox 141

        Securing Other Browsers 145

    Securing Other Applications 147

    Secure Programming 151

        Systems Development Life Cycle 151

        Programming Testing Methods 154

        Programming Vulnerabilities and Attacks 156

        Backdoors 157

        Buffer Overflows 157

        Arbitrary Code Execution/Remote Code Execution 158

        XSS and XSRF 159

        More Code Injection Examples 159

        Directory Traversal 161

        Zero Day Attack 161

    Chapter Summary 163

    Chapter Review Activities 164

        Review Key Topics 164

        Define Key Terms 165

        Review Questions 165

    Answers and Explanations 170

        Case Studies for Chapter 4 174

        Case Study Solutions 175

Chapter 5 Network Design Elements 179

    Foundation Topics 179

    Network Design 179

        The OSI Model 180

        Network Devices 182

        Hub 182

        Switch 182

        Router 184

        Network Address Translation, and Private Versus Public IP 185

        Network Zones and Interconnections 188

        LAN Versus WAN 188

        Internet 189

        Demilitarized Zone (DMZ) 189

        Intranets and Extranets 190

        Network Access Control (NAC) 192

        Subnetting 192

        Virtual Local Area Network (VLAN) 194

        Telephony Devices 196

        Modems 196

        PBX Equipment 197

        VoIP 197

    Cloud Security and Server Defense 198

        Cloud Computing 198

        Cloud Security 200

        Server Defense 203

        File Servers 203

        Network Controllers 204

        E-mail Servers 204

        Web Servers 205

        FTP Server 207

    Chapter Summary 208

    Chapter Review Activities 210

        Review Key Topics 210

        Define Key Terms 210

        Review Questions 210

    Answers and Explanations 215

        Case Studies for Chapter 5 219

        Case Study Solutions 220

Chapter 6 Networking Protocols and Threats 225

    Foundation Topics 225

    Ports and Protocols 225

        Ports Ranges, Inbound Versus Outbound, and Common Ports 225

        Protocols That Can Cause Anxiety on the Exam 235

    Malicious Attacks 236

        DoS 236

        DDoS 239

        Sinkholes and Blackholes 239

        Spoofing 240

        Session Hijacking 241

        Replay 243

        Null Sessions 244

        Transitive Access and Client-Side Attacks 244

        DNS Poisoning and Other DNS Attacks 245

        ARP Poisoning 247

        Summary of Network Attacks 247

    Chapter Summary 251

    Chapter Review Activities 252

        Review Key Topics 252

        Define Key Terms 252

        Review Questions 252

    Answers and Explanations 258

        Case Studies for Chapter 6 262

        Case Study Solutions 263

Chapter 7 Network Perimeter Security 267

    Foundation Topics 268

    Firewalls and Network Security 268

        Firewalls 268

        Proxy Servers 274

        Honeypots and Honeynets 277

        Data Loss Prevention (DLP) 278

    NIDS Versus NIPS 279

        NIDS 279

        NIPS 280

        Summary of NIDS Versus NIPS 282

        The Protocol Analyzer’s Role in NIDS and NIPS 282

        Unified Threat Management 283

    Chapter Summary 283

    Chapter Review Activities 284

        Review Key Topics 284

        Define Key Terms 285

        Review Questions 285

    Answers and Explanations 290

        Case Studies for Chapter 7 294

        Case Study Solutions 295

Chapter 8 Securing Network Media and Devices 299

    Foundation Topics 299

    Securing Wired Networks and Devices 299

        Network Device Vulnerabilities 300

        Default Accounts 300

        Weak Passwords 300

        Privilege Escalation 302

        Back Doors 303

        Network Attacks 303

        Other Network Device Considerations 303

        Cable Media Vulnerabilities 304

        Interference 305

        Crosstalk 305

        Data Emanation 306

        Tapping into Data and Conversations 307

        Securing Wireless Networks 309

        Wireless Access Point Vulnerabilities 309

        The Administration Interface 310

        SSID Broadcast 310

        Rogue Access Points 311

        Evil Twin 311

        Weak Encryption 311

        Wi-Fi Protected Setup 313

        VPN over Open Wireless 314

        Wireless Access Point Security Strategies 314

        Wireless Transmission Vulnerabilities 317

        Bluetooth Vulnerabilities 318

        Bluejacking 319

        Bluesnarfing 319

    Chapter Summary 321

    Chapter Review Activities 323

        Review Key Topics 323

        Define Key Terms 323

        Review Questions 324

    Answers and Explanations 328

        Case Studies for Chapter 8 330

        Case Study Solutions 333

Chapter 9 Physical Security and Authentication Models 339

    Foundation Topics 340

    Physical Security 340

        General Building and Server Room Security 340

        Door Access 342

        Biometric Readers 344

    Authentication Models and Components 345

        Authentication Models 345

        Localized Authentication Technologies 348

        802.1X and EAP 348

        LDAP 351

        Kerberos and Mutual Authentication 352

        Remote Desktop Services 354

        Remote Authentication Technologies 356

        Remote Access Service 356

        Virtual Private Networks 358

        RADIUS Versus TACACS 360

    Chapter Summary 362

    Chapter Review Activities 363

        Review Key Topics 363

        Define Key Terms 364

        Review Questions 365

        Answers and Explanations 372

        Case Studies for Chapter 9 376

        Case Study Solutions 379

Chapter 10 Access Control Methods and Models 383

    Foundation Topics 383

    Access Control Models Defined 383

        Discretionary Access Control 384

        Mandatory Access Control 386

        Role-Based Access Control (RBAC) 387

        Access Control Wise Practices 388

    Rights, Permissions, and Policies 391

        Users, Groups, and Permissions 391

        Permission Inheritance and Propagation 396

        Moving and Copying Folders and Files 397

        Usernames and Passwords 397

        Policies 400

        User Account Control (UAC) 403

    Chapter Summary 404

    Chapter Review Activities 405

        Review Key Topics 405

        Define Key Terms 406

        Review Questions 406

        Answers and Explanations 412

        Case Studies for Chapter 10 416

        Case Study Solutions 417

Chapter 11 Vulnerability and Risk Assessment 423

    Foundation Topics 423

    Conducting Risk Assessments 423

        Qualitative Risk Assessment 425

        Quantitative Risk Assessment 426

        Security Analysis Methodologies 429

        Security Controls 430

        Vulnerability Management 431

        Penetration Testing 433

        OVAL 434

    Assessing Vulnerability with Security Tools 435

        Network Mapping 435

        Vulnerability Scanning 438

        Network Sniffing 441

        Password Analysis 443

    Chapter Summary 446

    Chapter Review Activities 447

        Review Key Topics 447

        Define Key Terms 448

        Review Questions 448

        Answers and Explanations 454

        Case Studies for Chapter 11 459

        Case Study Solutions 460

Chapter 12 Monitoring and Auditing 465

    Foundation Topics 465

    Monitoring Methodologies 465

        Signature-Based Monitoring 466

        Anomaly-Based Monitoring 466

        Behavior-Based Monitoring 467

    Using Tools to Monitor Systems and Networks 467

        Performance Baselining 468

        Protocol Analyzers 470

        Wireshark 471

        Network Monitor 472

        SNMP 474

        Analytical Tools 475

    Conducting Audits 478

        Auditing Files 478

        Logging 481

        Log File Maintenance and Security 485

        Auditing System Security Settings 486

    Chapter Summary 490

    Chapter Review Activities 491

        Review Key Topics 491

        Define Key Terms 492

        Review Questions 492

        Answers and Explanations 498

        Case Studies for Chapter 12 503

        Case Study Solutions 504

Chapter 13 Encryption and Hashing Concepts 507

    Foundation Topics 507

    Cryptography Concepts 507

        Symmetric Versus Asymmetric Key Algorithms 512

        Symmetric Key Algorithms 512

        Asymmetric Key Algorithms 513

        Public Key Cryptography 513

        Key Management 515

        Steganography 515

    Encryption Algorithms 516

        DES and 3DES 516

        AES 517

        RC 518

        Blowfish and Twofish 518

        Summary of Symmetric Algorithms 519

        RSA 519

        Diffie-Hellman 521

        Elliptic Curve 521

        More Encryption Types 523

        One-Time Pad 523

        PGP 524

    Hashing Basics 526

        Cryptographic Hash Functions 527

        MD5 527

        SHA 527

        RIPEMD and HMAC 528

        Happy Birthday! 528

        LANMAN, NTLM, and NTLMv2 529

        LANMAN 529

        NTLM and NTLMv2 531

        Additional Password Hashing Concepts 531

    Chapter Summary 533

    Chapter Review Activities 534

        Review Key Topics 534

        Define Key Terms 535

        Review Questions 535

        Answers and Explanations 542

        Case Studies for Chapter 13 546

        Case Study Solutions 547

Chapter 14 PKI and Encryption Protocols 551

    Foundation Topics 551

    Public Key Infrastructure 551

        Certificates 552

        Certificate Authorities 552

        Single-Sided and Dual-Sided Certificates 556

    Web of Trust 556

    Security Protocols 557

        S/MIME 557

        SSL/TLS 558

        SSH 559

        PPTP, L2TP, and IPsec 560

        PPTP 560

        L2TP 560

        IPsec 561

    Chapter Summary 561

    Chapter Review Activities 562

        Review Key Topics 562

        Define Key Terms 563

        Review Questions 563

        Answers and Explanations 568

        Case Studies for Chapter 14 571

        Case Study Solutions 571

Chapter 15 Redundancy and Disaster Recovery 575

    Foundation Topics 575

    Redundancy Planning 575

        Redundant Power 577

        Redundant Power Supplies 579

        Uninterruptible Power Supplies 579

        Backup Generators 581

        Redundant Data 582

        Redundant Networking 586

        Redundant Servers 587

        Redundant Sites 588

        Redundant People 589

    Disaster Recovery Planning and Procedures 590

        Data Backup 590

        DR Planning 594

    Chapter Summary 598

    Chapter Review Activities 598

        Review Key Topics 598

        Define Key Terms 599

        Review Questions 599

        Answers and Explanations 604

        Case Study for Chapter 15 607

        Case Study Solution 607

Chapter 16 Policies, Procedures, and People 611

    Foundation Topics 611

    Environmental Controls 611

        Fire Suppression 611

        Fire Extinguishers 612

        Sprinkler Systems 613

        Special Hazard Protection Systems 614

        HVAC 615

        Shielding 616

    Social Engineering 617

        Pretexting 618

        Malicious Insider 618

        Diversion Theft 619

        Phishing 619

        Hoaxes 621

        Shoulder Surfing 621

        Eavesdropping 622

        Dumpster Diving 622

        Baiting 622

        Piggybacking/Tailgating 622

        Summary of Social Engineering Types 623

        User Education and Awareness 624

    Legislative and Organizational Policies 625

        Data Sensitivity and Classification of Information 626

        Personnel Security Policies 628

        Privacy Policies 628

        Acceptable Use 629

        Change Management 629

        Separation of Duties/Job Rotation 630

        Mandatory Vacations 630

        Onboarding and Offboarding 631

        Due Diligence 631

        Due Care 631

        Due Process 632

        User Education and Awareness Training 632

    Summary of Personnel Security Policies 633

        How to Deal with Vendors 633

        How to Dispose of Computers and Other IT Equipment Securely 634

        Incident Response Procedures 636

        Chapter Summary 642

    Chapter Review Activities 643

    Review Key Topics 643

        Review Questions 644

        Answers and Explanations 653

        Case Studies for Chapter 16 658

        Case Study Solutions 659

Chapter 17 Taking the Real Exam 663

    Getting Ready and the Exam Preparation Checklist 663

    Tips for Taking the Real Exam 667

    Beyond the CompTIA Security+ Certification 670

    Case Study for Chapter 17 671

        Case Study 17-1: Analyzing Test Questions 671

Practice Exam 1: SY0-401 673

Glossary 725

On the DVD:

    APPENDIX A View Recommended Resources

    APPENDIX B Master List of Key Topics

    Acronyms

    Case Studies

    Case Study Solutions (Video and Simulations)

    Table 6-2

TOC, 978078975335, 6/19/2014

Updates

Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020