10/9/2002 -- It seems that an event such as 9/11 tends to reverberate the idea of security and protection in a variety of professions and practices. With the recent anniversary of this tragic event, IT security is again on the minds of individuals and companies who have data, information and network architectures that they want safely secured. As a result, security-based certs such as Certified Information Systems Security Professional (CISSP), Cisco's Security Specialist designation and Certifed Internet Webmaster's (CIW) Security Professional series have received more press as IT professionals look for ways to qualify their security expertise. CompTIA has answered this interest with its own Security+ certification.

Why Security+ ?
According to CompTIA, recent surveys show that a wide variety of technology and Internet-related attacks on security occurred, despite a wide range of technologies and practices that were set up to thwart them. Because of the huge estimated loss of both information and financial assets due to hacks and break-ins, CompTIA recognized the need for the certification that will validate the skills of individuals working in the area of IT security.

CompTIA says that being able to verify a candidates security knowledge via the Security+ designation will lead to increased skills in the IT security workforce and lower financial losses for companies plagued by security issues, as well as add definition to different types of security-specific career paths.

What Does Security+ Cover?
Security+ is a certification that is designed for professionals with a minimum of two years networking experience. It's also recommended that candidates possess a complete knowledge of TCP/IP and skills equivalent to those tested in the A+ and Network+ exams. The test isn't specific to any one vendor. The Security+ exam consists of five domain arenas:

• General Security Concepts (30 percent)
• Communications Security (20 percent)
• Infrastructure Security (20 percent)
• Basics of Cryptography (15 percent)
• Operational/Organizational Security (15 percent)

For the complete objectives for this exam (currently in beta form), click here.

Security+ Sample Questions
Because security can be such a wide-ranging topic, exam takers should be familiar with security as it applies to various vendor platforms as well as open source. Here are some practice questions. (Answers appear at the end of the column.)

1. Of the following services, which one determines what a user can change or view?

A. Data integrity

B. Data confidentiality

C. Data authentication

D. Access control

2. Which of the following describes the concept of data integrity?

A. A means of determining what resources a user can use and view.

B. A method of security that ensures all data is sequenced, and numbered.

C. A means of minimalizing vulnerabilities of assets and resources.

D. A mechanism applied to indicate a data's level of security.

3. Which two of the following are symmetric-key algorithms used for encryption?

A. stream-cipher

B. block

C. public

D. secret

4. By definition, how many keys are needed to lock and unlock data using symmetric-key encryption?

A. 3+

B. 2

C. 1

D. 0

5. By definition, how many keys are needed to lock and unlock data using asymmetric-key encryption?

A. 3+

B. 2

C. 1

D. 0

6. How many bits are employed when using hash encryption?

A. 32

B. 64

C. 128

D. 256

7. Dave is increasing the security of his Web site by adding SSL (Secure Sockets Layer). Which type of encryption does SSL use?

A. Asymmetric

B. Symmetric

C. Public Key

D. Secret

8. John wants to encrypt a sensitive message before sending it to one of his managers. Which type of encryption is often used for e-mail?

A. S/MIME

B. BIND

C. DES

D. SSL

9. You are explaining SSL to a junior administrator and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process?

A. Five

B. Six

C. Seven

D. Eight

10. You have been alerted to the possibility of someone using an application to capture and manipulate packets as they are passing through your network. What type of threat does this represent?

A. DDoS

B. Back Door

C. Spoofing

D. Man in the Middle

Answers To Security+ Practice Questions
1. D. Access control is used to determine what a user can change, view or otherwise access.

2. B. Data integrity ensures that all data is sequenced, numbered and time stamped.

3. A, B. Stream-cipher mode and block mode are the two types of symmetric-key encryption algorithms.

4. C. Symmetric encryption uses a single key to lock and unlock the data.

5. B. Asymmetric encryption uses two keys: one to lock the data and one to unlock the data.

6. C. Hash encryption uses values of 128 bits.

7. B. Symmetric key encryption is used to sign data in SSL.

8. A. Secure MIME (S/MIME) is often used to encrypt e-mail.

9. B. SSL uses a six-step handshake to establish a connection between the server and the client.

10. D. A Man in the Middle threat is one where an application on your network is used to capture and manipulate packets sent across the network.