General Security Concepts

  • Kerberos is an industry standard authentication protocol used to verify user or host identity.
  • Role-based access control (RBAC) is an access control model. In this model, a user can access resources according to his role in the organization.
  • Mandatory Access Control (MAC) is a model that uses a predefined set of access privileges for an object of the system.
  • Authentication is a process of verifying the identity of a person, network host, or system process. The authentication process compares the provided credentials with the credentials stored in the database of an authentication server.
  • Certificate-based authentication is the most secure method of authentication. It provides stronger key for encryption as compared to Digest authentication and sends encrypted passwords across the network. This prevents unauthorized users from intercepting the passwords.
  • Anonymous authentication is generally used for public Internet Web sites. Using this method, a user can establish a connection with a Web server without providing username and password.
  • Authentication is a process of verifying the identity of a person, network host, or system process. The authentication process compares the provided credentials with the credentials stored in the database of an authentication server.
  • Password Authentication Protocol (PAP) transmits user credentials as plaintext.
  • A certificate is a digital representation of information that identifies authorized users on the Internet and intranets.
  • Continue reading

Q. What is the prerequisite for taking the test SY0-101?

A. There is no prerequisite for taking the test SY0-101. However, it is recommended that CompTIA Security+ candidates should have at least two years on-the-job networking experience, with an emphasis on security. The CompTIA Network+ certification is also recommended for taking the test.

Q. What certificate does test SY0-101 provide?

A. Passing the test SY0-101 provides Security+ certification.

Q. How many questions are asked in the test SY0-101?

A. This test consists of multiple-choice questions. There are no case study type questions and the test is not adaptive. You will be required to attempt approximately 100 questions.

Q. What is the duration of the test?

Continue reading

Q. What are the prerequisites for the CIW Security Professional (1D0-470) exam?

A. There is no prerequisite for the CIW Security Professional (1D0-470) exam. However, it is recommended that candidates take the CIW Foundations (1D0-510) exam prior to taking the CIW Security Professional exam.

Q. What are the objectives of the 1D0-470 exam?

A. Visit the CIW (Certified Internet Web)  link to view the objectives of the 1D0-470 exam.

Q. What is the exam fee?
Continue reading