Home > Store

CompTIA Security+ SY0-501 Cert Guide, 4th Edition

Register your product to gain access to bonus material or receive a coupon.

CompTIA Security+ SY0-501 Cert Guide, 4th Edition

Best Value Purchase

Book + eBook Bundle

  • Your Price: $57.49
  • List Price: $99.98
  • About Premium Edition eBooks
  • The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice tests.

    Your purchase will deliver:

    • Link to download the Pearson Test Prep exam engine
    • Access code for question database
    • eBook in the following formats, accessible from your Account page after purchase:

    EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    PDF The popular standard, which reproduces the look and layout of the printed page.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    eBook FAQ

    eBook Download Instructions

More Purchase Options

Book

  • Your Price: $39.99
  • List Price: $49.99
  • Usually ships in 24 hours.

Premium Edition eBook

  • Your Price: $39.99
  • List Price: $49.99
  • About Premium Edition eBooks
  • The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice tests.

    Your purchase will deliver:

    • Link to download the Pearson Test Prep exam engine
    • Access code for question database
    • eBook in the following formats, accessible from your Account page after purchase:

    EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    PDF The popular standard, which reproduces the look and layout of the printed page.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    eBook FAQ

    eBook Download Instructions

About

Features

  • Case studies and hands-on video exercises in each chapter
  • Three full practice tests based on the real Security + exam
  • New! Video explanations of all answers in practice tests
  • Memory tables, study strategies, tips, cautions, key terms, troubleshooting scenarios, last-minute review tearsheet, and more

Description

  • Copyright 2018
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 848
  • Edition: 4th
  • Book
  • ISBN-10: 0-7897-5899-7
  • ISBN-13: 978-0-7897-5899-6

Learn, prepare, and practice for CompTIA Security+ SY0-501 exam success with this CompTIA approved Cert Guide from Pearson IT Certification, a leader in IT certification learning and a CompTIA Authorized Platinum Partner.

· Master CompTIA Security+ SY0-501 exam topics

· Assess your knowledge with chapter-ending quizzes

· Review key concepts with exam preparation tasks

· Practice with realistic exam questions

CompTIA Security+ SY0-501 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment software offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The CompTIA approved study guide helps you master all the topics on the Security+ exam, including

· Core computer system security

· OS hardening and virtualization

· Application security

· Network design elements

· Networking ports, protocols, and threats

· Network perimeter security

· Physical security and authentication models

· Access control

· Vulnerability and risk assessment

· Monitoring and auditing

· Cryptography, including PKI

· Redundancy and disaster recovery

· Social Engineering

· Policies and procedures

Premium Edition

The exciting new CompTIA Security+ SY0-501 Cert Guide, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice test software. The Premium Edition eBook and Practice Test contains the following items:

·         The Security+ SY0-501 Premium Edition Practice Test, including five full practice exams and enhanced practice test features

·         PDF and EPUB formats of the CompTIA Security+ SY0-501 Cert Guide from Pearson IT Certification, which are accessible via your PC, tablet, and smartphone


About the Premium Edition Practice Test

This Premium Edition contains an enhanced version of the Pearson Test Prep practice test software (PTP) software with five full practice exams. In addition, it contains all the chapter-ending assessment questions from the book. This integrated learning package

·         Allows you to focus on individual topic areas or take complete, timed exams

·         Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions

·         Provides unique sets of exam-realistic practice questions

·         Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most


Pearson Test Prep online system requirements:

Browsers: Chrome version 40 and above; Firefox version 35 and above; Safari version 7; Internet Explorer 10, 11; Microsoft Edge; Opera. Devices: Desktop and laptop computers, tablets running on Android and iOS, smartphones with a minimum screen size of 4.7". Internet access required.


Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1, or Windows 7; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases


About the Premium Edition eBook

Learn, prepare, and practice for CompTIA Security+ SY0-501 exam success with this CompTIA approved Cert Guide from Pearson IT Certification, a leader in IT certification learning and a CompTIA Authorized Platinum Partner.

·         Master CompTIA Security+ SY0-501 exam topics

·         Assess your knowledge with chapter-ending quizzes

·         Review key concepts with exam preparation tasks

·         Practice with realistic exam questions


CompTIA Security+ SY0-501 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor David L. Prowse shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.


The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending chapter review activities help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.


The Premium Edition eBook contains access to the companion files. Go to the back pages of your eBook for instructions on how to access the personal video mentoring content. 


Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.


The CompTIA approved study guide helps you master all the topics on the Security+ exam, including

·         Core computer system security

·         OS hardening and virtualization

·         Application security

·         Network design elements

·         Networking ports, protocols, and threats

·         Network perimeter security

·         Physical security and authentication models

·         Access control

·         Vulnerability and risk assessment

·         Monitoring and auditing

·         Cryptography, including PKI

·         Redundancy and disaster recovery

·         Social Engineering

·         Policies and procedures

Sample Content

Sample Pages

Download the sample pages (includes Chapter 8 and the Index)

Table of Contents

Introduction xxiv

Chapter 1 Introduction to Security 3

Foundation Topics 4

Security 101 4

The CIA of Computer Security 4

The Basics of Information Security 6

Think Like a Hacker 9

Threat Actor Types and Attributes 10

Chapter Review Activities 12

Review Key Topics 12

Define Key Terms 12

Review Questions 13

Answers and Explanations 15

Chapter 2 Computer Systems Security Part I 19

Foundation Topics 19

Malicious Software Types 19

Viruses 20

Worms 21

Trojan Horses 22

Ransomware 22

Spyware 23

Rootkits 24

Spam 25

Summary of Malware Threats 25

Delivery of Malware 26

Via Software, Messaging, and Media 26

Botnets and Zombies 28

Active Interception 28

Privilege Escalation 29

Backdoors 29

Logic Bombs 29

Preventing and Troubleshooting Malware 30

Preventing and Troubleshooting Viruses 31

Preventing and Troubleshooting Worms and Trojans 35

Preventing and Troubleshooting Spyware 35

Preventing and Troubleshooting Rootkits 38

Preventing and Troubleshooting Spam 38

You Can't Save Every Computer from Malware! 40

Summary of Malware Prevention Techniques 40

Chapter Summary 41

Chapter Review Activities 42

Review Key Topics 42

Define Key Terms 42

Complete the Real-World Scenarios 43

Review Questions 43

Answers and Explanations 48

Chapter 3 Computer Systems Security Part II 53

Foundation Topics 53

Implementing Security Applications 53

Personal Software Firewalls 53

Host-Based Intrusion Detection Systems 55

Pop-Up Blockers 57

Data Loss Prevention Systems 59

Securing Computer Hardware and Peripherals 59

Securing the BIOS 60

Securing Storage Devices 62

Removable Storage 62

Network Attached Storage 63

Whole Disk Encryption 64

Hardware Security Modules 65

Securing Wireless Peripherals 66

Securing Mobile Devices 66

Malware 67

Botnet Activity 68

SIM Cloning and Carrier Unlocking 68

Wireless Attacks 69

Theft 70

Application Security 71

BYOD Concerns 74

Chapter Summary 78

Chapter Review Activities 79

Review Key Topics 79

Define Key Terms 79

Complete the Real-World Scenarios 80

Review Questions 80

Answers and Explanations 83

Chapter 4 OS Hardening and Virtualization 89

Foundation Topics 89

Hardening Operating Systems 89

Removing Unnecessary Applications and Services 90

Windows Update, Patches, and Hotfixes 97

Patches and Hotfixes 99

Patch Management 101

Group Policies, Security Templates, and Configuration Baselines 102

Hardening File Systems and Hard Drives 105

Virtualization Technology 109

Types of Virtualization and Their Purposes 110

Hypervisor 111

Securing Virtual Machines 113

Chapter Summary 115

Chapter Review Activities 117

Review Key Topics 117

Define Key Terms 118

Complete the Real-World Scenarios 118

Review Questions 118

Answers and Explanations 122

Chapter 5 Application Security 127

Foundation Topics 127

Securing the Browser 127

General Browser Security Procedures 129

Implement Policies 129

Train Your Users 133

Use a Proxy and Content Filter 133

Secure Against Malicious Code 135

Web Browser Concerns and Security Methods 135

Basic Browser Security 135

Cookies 136

LSOs 137

Add-ons 137

Advanced Browser Security 138

Securing Other Applications 140

Secure Programming 144

Software Development Life Cycle 145

Core SDLC and DevOps Principles 146

Programming Testing Methods 149

White-box and Black-box Testing 149

Compile-Time Errors Versus Runtime Errors 150

Input Validation 150

Static and Dynamic Code Analysis 151

Fuzz Testing 152

Programming Vulnerabilities and Attacks 152

Backdoors 153

Memory/Buffer Vulnerabilities 153

Arbitrary Code Execution/Remote Code Execution 155

XSS and XSRF 155

More Code Injection Examples 156

Directory Traversal 158

Zero Day Attack 158

Chapter Summary 160

Chapter Review Activities 161

Review Key Topics 161

Define Key Terms 162

Complete the Real-World Scenarios 162

Review Questions 162

Answers and Explanations 167

Chapter 6 Network Design Elements 173

Foundation Topics 173

Network Design 173

The OSI Model 173

Network Devices 175

Switch 175

Bridge 178

Router 178

Network Address Translation, and Private Versus Public IP 180

Network Zones and Interconnections 182

LAN Versus WAN 182

Internet 183

Demilitarized Zone (DMZ) 183

Intranets and Extranets 184

Network Access Control (NAC) 185

Subnetting 186

Virtual Local Area Network (VLAN) 188

Telephony 190

Modems 190

PBX Equipment 191

VoIP 191

Cloud Security and Server Defense 192

Cloud Computing 192

Cloud Security 195

Server Defense 198

File Servers 198

Network Controllers 199

E-mail Servers 199

Web Servers 200

FTP Server 202

Chapter Summary 203

Chapter Review Activities 205

Review Key Topics 205

Define Key Terms 205

Complete the Real-World Scenarios 205

Review Questions 206

Answers and Explanations 210

Chapter 7 Networking Protocols and Threats 217

Foundation Topics 217

Ports and Protocols 217

Port Ranges, Inbound Versus Outbound, and Common Ports 217

Protocols That Can Cause Anxiety on the Exam 225

Malicious Attacks 226

DoS 226

DDoS 229

Sinkholes and Blackholes 230

Spoofing 231

Session Hijacking 232

Replay 234

Null Sessions 235

Transitive Access and Client-Side Attacks 236

DNS Poisoning and Other DNS Attacks 236

ARP Poisoning 238

Summary of Network Attacks 238

Chapter Summary 242

Chapter Review Activities 243

Review Key Topics 243

Define Key Terms 243

Complete the Real-World Scenarios 243

Review Questions 244

Answers and Explanations 250

Chapter 8 Network Perimeter Security 255

Foundation Topics 256

Firewalls and Network Security 256

Firewalls 256

Proxy Servers 263

Honeypots and Honeynets 266

Data Loss Prevention (DLP) 267

NIDS Versus NIPS 268

NIDS 268

NIPS 269

Summary of NIDS Versus NIPS 271

The Protocol Analyzer's Role in NIDS and NIPS 271

Unified Threat Management 272

Chapter Summary 273

Chapter Review Activities 274

Review Key Topics 274

Define Key Terms 274

Complete the Real-World Scenarios 274

Review Questions 275

Answers and Explanations 280

Chapter 9 Securing Network Media and Devices 285

Foundation Topics 285

Securing Wired Networks and Devices 285

Network Device Vulnerabilities 285

Default Accounts 286

Weak Passwords 286

Privilege Escalation 287

Back Doors 288

Network Attacks 289

Other Network Device Considerations 289

Cable Media Vulnerabilities 289

Interference 290

Crosstalk 291

Data Emanation 292

Tapping into Data and Conversations 293

Securing Wireless Networks 295

Wireless Access Point Vulnerabilities 295

The Administration Interface 295

SSID Broadcast 296

Rogue Access Points 296

Evil Twin 297

Weak Encryption 297

Wi-Fi Protected Setup 299

Ad Hoc Networks 299

VPN over Open Wireless 300

Wireless Access Point Security Strategies 300

Wireless Transmission Vulnerabilities 304

Bluetooth and Other Wireless Technology Vulnerabilities 305

Bluejacking 306

Bluesnarfing 306

RFID and NFC 307

More Wireless Technologies 308

Chapter Summary 310

Chapter Review Activities 312

Review Key Topics 312

Define Key Terms 312

Complete the Real-World Scenarios 312

Review Questions 313

Answers and Explanations 317

Chapter 10 Physical Security and Authentication Models 321

Foundation Topics 322

Physical Security 322

General Building and Server Room Security 323

Door Access 324

Biometric Readers 326

Authentication Models and Components 327

Authentication Models 327

Localized Authentication Technologies 329

802.1X and EAP 330

LDAP 333

Kerberos and Mutual Authentication 334

Remote Desktop Services 336

Remote Authentication Technologies 337

Remote Access Service 337

Virtual Private Networks 340

RADIUS Versus TACACS 343

Chapter Summary 345

Chapter Review Activities 346

Review Key Topics 346

Define Key Terms 347

Complete the Real-World Scenarios 347

Review Questions 347

Answers and Explanations 355

Chapter 11 Access Control Methods and Models 361

Foundation Topic 361

Access Control Models Defined 361

Discretionary Access Control 361

Mandatory Access Control 363

Role-Based Access Control (RBAC) 364

Attribute-based Access Control (ABAC) 365

Access Control Wise Practices 366

Rights, Permissions, and Policies 369

Users, Groups, and Permissions 369

Permission Inheritance and Propagation 374

Moving and Copying Folders and Files 376

Usernames and Passwords 376

Policies 379

User Account Control (UAC) 383

Chapter Summary 384

Chapter Review Activities 385

Review Key Topics 385

Define Key Terms 386

Complete the Real-World Scenarios 386

Review Questions 386

Answers and Explanations 392

Chapter 12 Vulnerability and Risk Assessment 397

Foundation Topics 397

Conducting Risk Assessments 397

Qualitative Risk Assessment 399

Quantitative Risk Assessment 400

Security Analysis Methodologies 402

Security Controls 404

Vulnerability Management 405

Penetration Testing 407

OVAL 408

Additional Vulnerabilities 409

Assessing Vulnerability with Security Tools 410

Network Mapping 411

Vulnerability Scanning 412

Network Sniffing 415

Password Analysis 417

Chapter Summary 420

Chapter Review Activities 421

Review Key Topics 421

Define Key Terms 422

Complete the Real-World Scenarios 422

Review Questions 422

Answers and Explanations 428

Chapter 13 Monitoring and Auditing 435

Foundation Topics 435

Monitoring Methodologies 435

Signature-Based Monitoring 435

Anomaly-Based Monitoring 436

Behavior-Based Monitoring 436

Using Tools to Monitor Systems and Networks 437

Performance Baselining 438

Protocol Analyzers 440

Wireshark 441

SNMP 443

Analytical Tools 445

Use Static and Dynamic Tools 447

Conducting Audits 448

Auditing Files 448

Logging 451

Log File Maintenance and Security 455

Auditing System Security Settings 457

SIEM 460

Chapter Summary 461

Chapter Review Activities 462

Review Key Topics 462

Define Key Terms 463

Complete the Real-World Scenarios 463

Review Questions 463

Answers and Explanations 470

Chapter 14 Encryption and Hashing Concepts 477

Foundation Topics 477

Cryptography Concepts 477

Symmetric Versus Asymmetric Key Algorithms 481

Symmetric Key Algorithms 481

Asymmetric Key Algorithms 483

Public Key Cryptography 483

Key Management 484

Steganography 485

Encryption Algorithms 486

DES and 3DES 486

AES 487

RC 488

Blowfish and Twofish 489

Summary of Symmetric Algorithms 489

RSA 490

Diffie-Hellman 491

Elliptic Curve 492

More Encryption Types 493

One-Time Pad 493

PGP 494

Pseudorandom Number Generators 495

Hashing Basics 496

Cryptographic Hash Functions 498

MD5 498

SHA 498

RIPEMD and HMAC 499

LANMAN, NTLM, and NTLMv2 500

LANMAN 500

NTLM and NTLMv2 501

Hashing Attacks 502

Pass the Hash 502

Happy Birthday! 503

Additional Password Hashing Concepts 503

Chapter Summary 505

Chapter Review Activities 507

Review Key Topics 507

Define Key Terms 507

Complete the Real-World Scenarios 508

Review Questions 508

Answers and Explanations 515

Chapter 15 PKI and Encryption Protocols 521

Foundation Topics 521

Public Key Infrastructure 521

Certificates 522

SSL Certificate Types 522

Single-Sided and Dual-Sided Certificates 523

Certificate Chain of Trust 523

Certificate Formats 523

Certificate Authorities 525

Web of Trust 529

Security Protocols 529

S/MIME 530

SSL/TLS 531

SSH 532

PPTP, L2TP, and IPsec 533

PPTP 533

L2TP 534

IPsec 534

Chapter Summary 535

Chapter Review Activities 536

Review Key Topics 536

Define Key Terms 536

Complete the Real-World Scenarios 537

Review Questions 537

Answers and Explanations 542

Chapter 16 Redundancy and Disaster Recovery 547

Foundation Topics 547

Redundancy Planning 547

Redundant Power 549

Redundant Power Supplies 551

Uninterruptible Power Supplies 551

Backup Generators 553

Redundant Data 555

Redundant Networking 558

Redundant Servers 560

Redundant Sites 561

Redundant People 562

Disaster Recovery Planning and Procedures 562

Data Backup 562

DR Planning 567

Chapter Summary 571

Chapter Review Activities 572

Review Key Topics 572

Define Key Terms 572

Complete the Real-World Scenarios 573

Review Questions 573

Answers and Explanations 577

Chapter 17 Social Engineering, User Education, and Facilities Security 583

Foundation Topics 583

Social Engineering 583

Pretexting 584

Malicious Insider 585

Diversion Theft 586

Phishing 586

Hoaxes 587

Updates

Submit Errata

More Information

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020