1.6. Getting an A+
This chapter introduces you to a number of security-related terms that you need to understand before taking your first A+ exam. Here some key points to remember when preparing for the exam:
Authentication is the process of proving an identity to the network, but authorization is the process of determining whether accessing a resource is allowed after authentication takes place.
Hackers take many different approaches to compromise a system. Protect your environment from both network-based and software-based attacks, and make sure that physical security is in place.
A denial of service (DoS) is an attack on a system or network that prevents the system or network from performing its regular function.
Social engineering is a popular type of attack that involves the hacker compromising security by tricking an employee through social contact. The social engineer might entice the user to divulge confidential information or might trick the user into running a program that does harm to the system.
You secure network traffic by encrypting traffic between two systems by using technologies such as SSL and IPSec. Administrators typically use SSL to encrypt Web traffic and IPSec to encrypt internal or VPN traffic.
Securing your data involves not only protecting resources with permissions but also protecting your data by following proper data destruction procedures and backup strategies as well as creating redundant disk solutions.
Get CompTIA A+® Certification All-In-One For Dummies®, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
