A+, NETWORK+, SECURITY+ EXAMS IN A NUTSHELL Pawan K. Bhardwaj Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo A+, Network+, Security+ Exams in a Nutshell by Pawan K. Bhardwaj Copyright © 2007 Pawan K. Bhardwaj. All rights reserved. Printed in the United States of America. PublishedbyO’ReillyMedia,Inc.,1005GravensteinHighwayNorth,Sebastopol,CA95472. O’Reillybooksmaybepurchasedforeducational,business,orsalespromotionaluse.Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 [email protected]. Editors: Jeff Pepper and Colleen Gorman Indexer: Tolman Creek Design Production Editor: Mary Brady Cover Designer: Karen Montgomery Copyeditor: Mary Brady Interior Designer: David Futato Proofreader: Tolman Creek Design Illustrators: Robert Romano and Jessamyn Read Printing History: March 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. TheIn a Nutshell series designations,A+, Network+, Security+ Exams in a Nutshell, the image of a Goliath beetle, and related trade dress are trademarks of O’Reilly Media, Inc. Manyofthedesignationsusedbymanufacturersandsellerstodistinguishtheirproductsare claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and authorassumenoresponsibilityforerrorsoromissions,orfordamagesresultingfromtheuse of the information contained herein. This book uses RepKover™, a durable and flexible lay-flat binding. ISBN-10: 0-596-52824-8 ISBN-13: 978-0-596-52824-9 [M] Chapter1 Table of Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .ix PartI. A+ Essentials 1. Overview of A+ Essentials Exam. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Areas of Study for the A+ Essentials Exam 5 2. A+ Essentials Study Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Personal Computer Components 18 Laptops and Portable Devices 50 Operating Systems 65 Printers and Scanners 111 Networks 129 Security 149 Safety and Environmental Issues 165 Communications and Professionalism 172 3. Prep and Practice for the A+ Essentials Exam . . . . . . . . . . . . . . . . . 181 Preparing for the A+ Essentials Exam 182 Suggested Exercises for the A+ Essentials Exam 182 Highlighters Index 191 Practice Questions for the A+ Essentials Exam 231 v PartII. A+ Exams 220-602, 220-603, and 220-604 4. Overview of the A+ Exams 220-602, 220-603, and 220-604 . . . . . 245 Areas of Study for A+ Exams 220-602, 220-603, and 220-604 247 5. Study Guide for A+ Exams 220-602, 220-603, and 220-604 . . . . . 251 Personal Computer Components 252 Laptops and Portable Devices 268 Operating Systems 276 Printers and Scanners 307 Networks 328 Security 358 6. Prep and Practice for the A+ Exams 220-602, 220-603, and 220-604 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 Preparing for the A+ Exams 374 Suggested Exercises for the Exams 374 Highlighters Index 383 Practice Questions for the A+ Exams 404 PartIII. Network+ 7. Overview of the Network+ Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Areas of Study for the Network+ Exam 419 8. Network+ Exam Study Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 Media and Topologies 425 Protocols and Standards 457 Network Implementation 489 Network Support 514 9. Network+ Exam Prep and Practice . . . . . . . . . . . . . . . . . . . . . . . . . . 540 Preparing for the Network+ Exam 541 Network+ Exam Suggested Exercises 541 Network+ Exam Highlighters Index 546 Network+ Exam Practice Questions 573 vi | Table of Contents PartIV. Security+ 10. Overview of Security+ Exam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585 Areas of Study for Security+ Exam 587 11. Security+ Exam Study Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593 General Security Concepts 594 Communication Security 617 Infrastructure Security 648 Basics of Cryptography 672 Operational and Organizational Security 685 12. Security+ Exam Prep and Practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 Preparing for the Security+ Exam 703 Security+ Exam Suggested Exercises 703 Security+ Exam Highlighters Index 707 Security+ Exam Practice Questions 734 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745 Table of Contents | vii Chapter2 Preface Welcome to CompTIA: A+, Network+ and Security+ Exams in a Nutshell. I designed this book for the IT professional who wants to complete his Computer Technology Industry Association (CompTIA) certifications. CompTIA offers multipleentry-levelcertificationexamsforvariousfieldsoftheITindustry.These certificationsareplatform-independentandareendorsedbyseveralleadersinthe IT industry such as Microsoft, IBM, Hewlett Packard, etc. If you are looking to entertheexcitingfieldofITsupport,thecertificationsyouwillbemostinterested in are as follows: A+ The A+ certification is entry-level and is meant for those individuals who want to get into the exciting field of computer hardware and software support. You will need to pass two exams to complete the A+ certification track. The first is A+ Essentials, and it is required. The second exam can be chosen from one of the three exams leading to three different certifications. Exam 220-602 is intended for those individuals who work in a mobile or corporateenvironment,whichcallsforahighlevelofface-to-faceclientinter- action. Candidates who pass the A+ Essentials and the 220-602 exams receive the IT Technician certification. The second exam, 220-603, is for those individuals who work remotely to interact with clients. The combina- tion of A+ Essentials and the 220-603 exam leads to the Remote Support Technician certification. The third exam, 220-604, is for those individuals whoworkinrepairhousesthatcallforhighlevelofhardware-relatedtrouble- shooting,andwhoseldominteractdirectlywiththeclient.Thecombination of A+ Essentials and the 220-604 exam leads to the Depot Technician certification. Network+ The Network+ certification is entry-level and is for those individuals who wish to pursue a career in computer network support. Although it is not a requirement, CompTIA does recommend that a candidate has at least nine months of hands-on experience before she attempts to take this exam. ix CompTIAalsorecommendsthatthecandidategettheA+certificationbefore getting the Network+ certification. This certification can be achieved by passing only one exam: N10-003. Security+ TheSecurity+certificationisentry-levelandisforthoseindividualswhowish to pursue a career in computer security. Although it is not a requirement, CompTIA does recommend that the candidate has at least two years of hands-on experience in computer networking with emphasis on security. It also recommends that the candidate get the Network+ certification before gettingtheSecurity+certification.LiketheNetwork+certification,theSecu- rity+ certification can also be attained by passing only one exam: SYO-101. EachoftheseCompTIAcertificationsiscoveredinthisbook,andiftakenappro- priately, each track can get you an entry-level job in the IT field of your choice. TheseexamsjustgiveaheadstarttoyourITcareer.Youcanfurtherenhanceyour careerinanyoftheITfieldsbypursuingmoreadvancedcertificationsfromother vendors.SeveralITindustryleaders,suchasMicrosoft,IBM,orHewlettPackard, recognize the CompTIA certifications. For example, Microsoft recognizes the combinationofA+andNetwork+certificationsasoneoftheelectiveexamsinits MCSA and MCSE tracks. Thefocusofthisbookisonprovidingthecoreknowledgetoprepareyouforthe twoA+exams—theNetwork+examandtheSecurity+exam.Thisbookismeant to be used as part of your final preparation, and not as your only preparation. Think of this as the notes you’d have written down if you were to highlight and then record every essential nugget of information related to the skills being measured in the A+, the Network+, and the Security+ exams. Basically, what I did was to boil the required knowledge down to its finest core. Thus, rather than having 500 to 700 pages covering each exam, there’s just approximately 150 pages for each. With this in mind, the best way to use this book is as part of your final review. So after you’ve built sufficient hands-on expertise and studied all the relevant texts, grab this book and study it cover to cover as part of your final exam cram. Most of the individuals start their IT support career with the A+ certification, and then move on to the Network+ certification to provetheirskillsincomputernetworksupport.TheSecurity+certi- ficationisbasicallymeantforthoseindividualswhoeitherworkin a secure computing environment or wish to attain more advanced security-relatedcertifications.Itishighlyrecommendedthatifyou arejuststartingyourITcareer,youshouldstartwiththeA+certifi- cation, choosing an appropriate A+ track. OneofthegoodthingsabouttheCompTIAexamsisthatonceyoupasstheexam foranyoftheavailabletracks,thecertificationneverexpiressoyoudon’thaveto worry about the retirement of exams. But this certainly does not mean that you shouldquitstudying.Studiesareasessentialashands-onexperienceinanytech- nical field. So, upgrading yourself with newer exam objectives in order to keep you updated with changes in technology is not a bad idea. x | Preface Conventions Used in This Book EachpartwithinthisbookcorrespondstoasingleMicrosoftexamandconsistsof the following sections: Exam Overview Provides a brief introduction to the exam’s topic, a list of objectives, and a cross reference to where the objectives are covered. Study Guide Provides a comprehensive study guide for the skills being measured on the exam.Youshouldreadthroughandandstudythissectionextensively.Ifyou encountertopicsyouhaven’tpracticedwithandstudiedextensivelypriorto readingthistext,youshoulddomorehands-onworkwiththerelatedareaof study and refer to an expanded discussion in a relevant text. Once you’ve built the real-world know-how and developed the essential background needed to succeed, you can resume your studies and move forward. Prep and Practice Provides exercises that we suggest to supplement your studies, highlights from all the topics covered for the exam, and practice questions to help test your knowledge. Sample questions are followed by answers with explana- tions where necessary. The following font conventions are used in this book: Constant width Used for code terms, command-line text, command-line options, and values that should be typed literally. Italics Used for URLs, variables, and to introduce new terms. Additionally, we will also use the following elements: Notes are used to provide additional information or highlight a specific point. Warnings are used to provide details on potential problems. Other Study Resources There is no single magic bullet for passing the CompTIA Certification exams. YourcurrentknowledgewilllargelydetermineyoursuccesswiththisStudyGuide andontheexams.Ifyouencountertopicsyouhaven’tpracticedwithandstudied extensivelypriortoreadingthistext,youneedfurtherpreparation.Gettheprac- tical hands-on know-how and the practical knowledge before continuing. Preface | xi Throughoutyourpreparationsforcertification,werecommendthatyouregularly visit the CompTIA web site at http://certification.comptia.org. The related pages willhelpyoukeepuptodatewiththecertificationprocessandanychangesthat may occur from time to time. A wide variety of CompTIA certification study guides, training classes, and learning resources are available. Also, a large number of practice tests and exam simulations are available for purchase and for free on the Web. These tests, like this book, are useful as part of your exam preparation. How to Contact Us IhaveworkedwiththegoodfolksatO’Reillytotestandverifytheinformationin this book to the best of my ability, but you may find that features have changed (or even that I have made mistakes!). To make this book better, please let me knowaboutanyerrorsyoufind,aswellasyoursuggestionsforfutureeditions,by writing to: O’Reilly Media, Inc. 1005 Gravenstein Highway North Sebastopol, CA 95472 800-998-9938 (in the United States or Canada) 707-829-0515 (international/local) 707-829-0104 (fax) You can also send us messages electronically. To be put on the mailing list or request a catalog, send email to: [email protected] O’Reillyhasawebpageforthisbook,whichlistserrata,examples,andanyaddi- tional information. You can access this page at: http:///www.oreilly.com/catalog/9780596528249 Toasktechnicalquestions,tocommentonthebook,ormoreinformationabout the authors, please send email to: [email protected] For more information about O’Reilly, please visit: http://www.oreilly.com Acknowledgments Special thanks go to Jeff Pepper for pioneering the entire project from start to finish. I would like to thank John Vacca for his fine work in editing this entire text.ChrisCraytonandErikEckeldidasuperbjoboffindingtechnicalissuesand makingsurethatalltopicswerecoveredappropriately.IalsowishtothankMary Brady at O’Reilly for ensuring a smooth production process. xii | Preface I A+ Essentials This is the Title of the Book, eMatter Edition Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.