Darril Gibson's Projects

I've been busy with several projects recently, including putting together the Darril Gibson website so I haven't been able to post as often as I would have liked. However, on this Memorial Day I thought I'd jot down a few notes letting people know what I've been up to.

• CISSP: Certified Information Systems Security Professional Study Guide is off to the printer. I worked with two outstanding authors (James M. Stewart and Mike Chapple) on this project and it covers the updated objectives for the CISSP exam.
• A+ Training Kit. I've been actively working on this book for the new 220-801 and 220-802 objectives. I like the way the new objectives are laid out and am pretty happy with the progress of the book. Bill Talbott is doing a great job as a technical editor and Jose Vargas has provided me with some great technical information on hardware topics and even provided input to a couple of chapters.
• Professional Development. I've been taking an online class for authors that has been giving me some great information. Over the years, I've taken many technical courses to learn new material so it made a lot of sense for me to take a class designed for authors. One of the trainers strongly suggested creating a site with your name so I took some time to do that. You can see it here: darrilgibson.com.
• Windows 8. I've been playing around with Windows 8 quite a bit in anticipation of its release. I've used both VMWare and Oracle's VirtualBox to install it on virtual systems because Microsoft doesn't have a 64-bit virtualization product. That will change with Windows 8 though. Windows 8 will include Hyper-V allowing you to install 64-bit virtual operating systems.
• Tweets by Darril Gibson. I'm still putting out daily tips on Network+ and Security+ topics via Twitter. Thankfully, I have the help of twuffer.com to schedule them.
• CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead). I've received feedback from several readers letting me know this has helped them take and pass the exam. Others have liked the mobile app with practice test questions. I have some notes for a quick cert guide and worked on chapters as a supplement for the practice test questions but so far other projects are consuming my time. My brother is working on a full book and when it comes I'll let you know.
• CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. I regularly receive emails from people that have successfully passed the exam after using this book and from instructors that are using it to help their students take and pass the exam. Last week I heard from an instructor in Okinawa Japan which brought back memories of my time there - it's a beautiful island. I also hear from people about how the Security+ SY0-301 Audio and the mobile app with practice test questions has helped them.
• Updated Bio. During one of the author classes I attended, Nancy Juetten gave a great presentation on updating bios. She mentioned that you should be able to have a two sentence bio, a 50 word bio, a 100 word bio, and a 300 word bio. These are worthwhile for anyone and if you have them, you can easily plug it into a resume or cover letter. Here's my two sentence bio:

"Years ago, Darril Gibson set a goal to become a full time author and write books that help others. Since then, he has authored or coauthored more than 25 books and regularly receives emails from readers sharing their successes with him after reading one of his books."

Give it a try. See if you can write your own two sentence bio that gives some insight into who you are.

Happy Memorial Day and good luck in all your adventures,

Darril Gibson

Network+ Connector Types

If you're preparing for the Network+ N10-005 exam, you may want to try a couple of practice test questions related to connector types. The Network Media and Topologies domain makes up 17% of the exam so you can expect 17 questions in this category. For example, you may see something similar to the following Network+ practice test question.

Network+ Practice Test Question

Q. Of the following choices, what is used for fiber and is connected using a push and twist action? A. Coaxial
B. F-connector
C. ST
D. SC Answer provided at end.

Realistic practice test questions for the Network+ N10-005 exam CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead) Use on any platform with free Kindle apps from Amazon

In order to answer the question correctly, you first need to know what is used for fiber. They are listed here with links to Google images if you want to see some pictures.

• ST (straight tip)
• SC (square or standard connector)
• LC (Lucent connector)
• MTRJ (mechanical transfer registered jack)

Coaxial is a type of cable and an F-connector is a twist-on type used with coaxial so you can throw the first two answers out right away.

Now the only thing you need to figure out is which fiber connection is a twist-on type - the straight tip (ST) or the square connector (SC). Well, if you know anything about squares, you probably know they don't twist very well so it must be the straight tip.

Practice Test Question

Here's another one you can try.

Q. You need to plug a fiber optic cable in to an RJ-45 jack. What, if anything, can you use?
A. Nothing. This is not possible.
B. Media converter
C. ST connector
D. SC connector

Answer at end.

If you know basics about cables and connectors, you can throw out answers C and D right away. An RJ-45 jack is used with twisted pair cable. The ST and SC connectors are used with fiber and you can't plug them directly into the RJ-45 jack.

However, media converters were created specifically for situations just like this. The objectives specifically mention gigabit interface converters (GBICs) which are used to convert copper and fiber connections.

Realistic practice test questions for the Network+ N10-005 exam Available through LearnZapp on your mobile phone

Basics

Here are some basic notes on connections that are worth remembering for the exam.

Fiber Connections

• ST - connects with a push and twist-on action
• SC - a snap-on connection
• LC - a snap-on connection
• MTRJ - a snap-on connection

Copper Connections

• RJ-45 - used with twisted pair cable on a network
• RJ-11 - used with twisted pair cable for telephones
• BNC - a push and twist connection used with coaxial
• F-connector - a twist-on connection used with RG-6 coaxial
• DB-9 - A 9-pin D shaped connection used for serial connections such as RS-232
• 110 block - A termination point for twisted pair cables (replacing the 66 block)

Realistic practice test questions for the Network+ N10-005 exam Available through LearnZapp on your mobile phone

Answer

Q. Of the following choices, what is used for fiber and is connected using a push and twist action? A. Coaxial
B. F-connector
C. ST
D. SC Answer:

C is correct. A straight tip (ST) connector connects with a push and twist-on action and is used with fiber cable.

A is incorrect. Coaxial is a type of cable. It uses a Bayonet Neill-Concelman (BNC) connection with a push and twist action but it is used for copper, not fiber.

B is incorrect. An F-connector is used with copper RG-6 cables.

D is incorrect. A square connector (SC) is used with fiber, but you can’t twist the square connection after pushing it on. It is often used with a gigabit interface converter (GBIC) converting a copper connection (such as RJ-45) to fiber.

Objective: 3.2 Categorize standard connector types based on network media.

---

These practice test questions are from the CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead) ebook. It includes over 275 realistic practice test questions and is available as a Kindle ebook for only $9.99. You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:

• Windows PC
• MAC
• iPhone
• iPad
• Android
• BlackBerry
• Windows Phone 7

Over 275 realistic practice test questions with in-depth explanations. The Kindle version also includes 175 flash cards to reinforce key testable topics. You may also like to check out these Network+ blogs:

• Free Network+ Practice Test Questions
• Hardware Tools
• Ports
• CompTIA testing changes
• N10-004 and N10-005 differences

---

Answer

Q. You need to plug in a fiber optic cable to an RJ-45 jack. What, if anything, can be used to allow this to work?
A. Nothing. This is not possible.
B. Media converter
C. ST connector
D. SC connector

Answer: B is correct. A media converter is used to connect dissimilar media and connectors. There are media converters that will connect fiber optic cable to an RJ-45 jack. Media converters are sometimes called transceivers because they can transmit and receive data.

A is incorrect. It is possible to achieve this with a media converter.

C is incorrect. A straight tip (ST) connector is used to connect a fiber cable to a fiber jack with a push and twist-on connection.

D is incorrect. A square connector (SC) is used to connect a fiber cable to a fiber jack. It is sometimes called subscriber or standard connector.

Objective: 3.1 Categorize standard media types and associated properties.

Summary

I hope this information helps you nail any connector-type questions you get on the Network+ exam.

Free Security+ Practice Test Questions

If you're preparing for the Security+ SY0-301 exam, you might like to check your readiness with a few free practice test questions. This page includes six free practice test questions, one from each of the six domains in the Security+ SY0-301 exam.

Practice Test Question 1

Q. What can you use to logically separate computers in two different departments within a company?



A. A hub

B. A VLAN

C. NAT

D. A flood guard



Answer at end of post.

---

Practice Test Question 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?



A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators



Answer at end of post.

---

Pass the Security+ SY0-301 exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

---

Practice Test Question 3

Q. Of the following choices, what best represents an attack against specific employees of a company?



A. Phishing

B. Vishing

C. Spim

D. Spear phishing



Answer at end of post.

---

Practice Test Question 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?



A. Input validation

B. Phishing

C. Whaling

D. Social engineering



Answer at end of post.

Realistic practice test questions for the Security+ SY0-301 exam
Available through LearnZapp on your mobile phone

Practice Test Question 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)



A. CAC

B. MAC

C. DAC

D. PIV



Answer at end of post.

---

Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the "Remember This" blocks
Over three hours and 20 minutes of questions and answers on audio

---

Practice Test Question 6

Q. What type of key is used to sign an email message?



A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key



Answer at end of post.

---

These practice test questions are from the CompTIA Security+: Get Certified Get Ahead- SY0-301 Practice Test Questions book. It includes 275 realistic practice test questions with in-depth explanations for the CompTIA Security+ SY0-301 exam. If you've been studying for this exam and want to test your readiness, this book is for you.

It is also available as Kindle ebook for only $9.99 and the Kindle version also includes dozens of flash cards to help you reinforce key testable topics. You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:

• Windows PC
• MAC
• iPhone
• iPad
• Android
• BlackBerry
• Windows Phone 7

---

You may also like to check out these Security+ blogs:

• Active Fingerprinting vs Passive Fingerprinting
• Ports
• Intrusion Detection Systems and Intrusion Prevention Systems
• DoS, Smurf, and Fraggle Attacks
• Three Factors of Authentication and Multifactor Authentication

---

SY0-301: Exam Answer 1

Q. What can you use to logically separate computers in two different departments within a company?



A. A hub

B. A VLAN

C. NAT

D. A flood guard



B is correct. A virtual local area network (VLAN) can group several different computers into a virtual network, or logically separate the computers in two different departments.

A is incorrect. A hub doesn’t have any intelligence and can’t separate the computers.

C is incorrect. NAT translates private IP addresses to public IP addresses, and public back to private.

D is incorrect. A flood guard protects against SYN flood attacks.



Objective: 1.2 Apply and implement secure network administration principles

---

All Security+ domain objectives are fully explained in the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

---

SY0-301 Exam: Answer 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?



A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators



Answer B is correct. Mandatory vacation policies require employees to take time away from their job and help to detect fraud or malicious activities.

A is incorrect. An account disablement policy (sometimes called an account expiration policy) specifies when to disable accounts.

C is incorrect. Job rotation policies require employees to change roles on a regular basis.

D is incorrect. Dual accounts for administrators help prevent privilege escalation attacks.



Objective: 2.1 Explain risk related concepts

---

SY0-301: Answer 3

Q. Of the following choices, what best represents an attack against specific employees of a company?



A. Phishing

B. Vishing

C. Spim

D. Spear phishing



Answer D is correct. A spear phishing attack targets a specific person or specific groups of people such as employees of a company.

A is incorrect. Phishing sends email to users with the purpose of tricking them into revealing personal information, such as bank account information, but it doesn’t target specific employees of a company.

B is incorrect. Vishing is a form of phishing that uses recorded voice over the telephone.

C is incorrect. Spim is a form of spam using instant messaging (IM).



Objective: 3.2 Analyze and differentiate among types of attacks

---

If you're looking for more information on the CompTIA Security+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.

---

SY0-301: Answer 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?



A. Input validation

B. Phishing

C. Whaling

D. Social engineering



Answer A is correct. Input validation checks input data, but because so many sites do not use it they are vulnerable to buffer overflow, SQL injection, and cross-site scripting attacks.

B is incorrect. Phishing is the practice of sending email to users with the purpose of tricking them into revealing personal information (such as bank account information).

C is incorrect. Whaling is a phishing attack that targets high-level executives.

D is incorrect. Social engineering is the practice of using social tactics to encourage a person to do something or reveal some piece of information.



Objective: 4.1 Explain the importance of application security

---

SY0-301 Exam: Answer 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)



A. CAC

B. MAC

C. DAC

D. PIV



Answers A and D are correct. A common access card (CAC) and a personal identity verification (PIV) card both include photo identification and function as smart cards.

B and C are incorrect. MAC and DAC are access control models, not photo IDs.



Objective: 5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control

---

Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the "Remember This" blocks
Over three hours and 20 minutes of questions and answers on audio

---

SY0-301 Exam: Answer 6

Q. What type of key is used to sign an email message?



A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key



Answer B is correct. A digital signature is an encrypted hash of a message, encrypted with the sender’s private key.

A is incorrect. The recipient decrypts the hash using the sender’s public key.

C and D are incorrect. Recipient keys are used with encryption, but not with a digital signature.



Objective: 6.1 Summarize general cryptography concepts, 6.2 Use and apply appropriate cryptographic tools and products

---

If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.

Success is within your reach.

Active Fingerprinting vs Passive Fingerprinting

If you take the Security+ exam, you may come across the terms active fingerprinting and passive fingerprinting. It's worthwhile knowing the differences between the two. It's also important to realize that fingerprinting in this context is not referring to the biometric method of authentication.

Pass the Security+ exam the first time you take it.
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Fingerprinting and Reconnaissance

In this context, fingerprinting refers to identifying specific information about a system. It is often part of a larger reconnaissance attack. Reconnaissance provides a big-picture view of a network or servers in a DMZ. It identifies the IP addresses used in the target network using a method such as an ICMP sweep or a host enumeration sweep. Ping scanners are sometimes used for this step.

Fingerprinting then homes in on individual systems to provide details of each of them. For example, a fingerprinting attack can identify the operating system of the target and in many cases, it can identify the service pack and patches that have been installed. It can also identify the protocols and services that are running on a system and the likely role of the server based on these services. For example, if a server is listening on port 80, it is running the HTTP protocol and is very likely a web server.

When fingerprinting any system, it's useful to know many of the commonly used well-known ports.

Passive Fingerprinting

Passive fingerprinting uses a sniffer (such as Wireshark) to capture traffic sent from a system. It analyzes this traffic to determine what the server is doing. A key point is that passive fingerprinting does not send any traffic to the target system but instead just collects the traffic. With this in mind, passive fingerprinting cannot be done from remote attackers. It can only be done with a sniffer installed in the network.

Realistic practice test questions for the Security+ SY0-301 exam
Available for the Kindle with flash cards to reinforce key testable material
Free Kindle apps from Amazon to run Kindle books on your PC, iPad, or other platforms

Active Fingerprinting

Active fingerprinting uses active techniques to identify the role of a server. Chapters 7 and 8 of the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide covered several methods used with active fingerprinting. They include:

• Xmas attack. This is a specific type of scan that sends specially crafted packets to a system. By analyzing the return packets, the scanner can determine the operating system of the target.
• Port scanning. A port scanner sends queries on specific ports. If the server answers a query on a port, it indicates it is listening on this port. For example, if a system answers a query on port 25, it indicates it is running SMTP and is likely an email server. Additional queries can be sent to the system to verify it is an email server.

These methods are useful for attackers trying to determine the role of remote servers.

Realistic practice test questions for the Security+ exam.
Available through Learnzapp on your mobile phone

Summary

Fingerprinting is used to get details on a specific target. It is often used as part of a larger reconnaissance attack.

The difference between active and passive fingerprinting is that active fingerprinting will send queries to the target and analyze the response. Passive fingerprinting only uses a sniffer to capture and analyze traffic, but never sends traffic to the target.

SSCP Practice Test Questions

If you've been studying for the SSCP exam, you may be looking for a good source of SSCP practice test questions. You'll find that the SSCP Systems Security Certified Practitioner All-in-One Exam Guide covers the content in the exam but I'm hearing that test questions from the studISCope test banks are the most helpful.

(ISC)2 changes the questions in their live test bank regularly and they also update their practice test questions in the studISCope banks. Here's a link: https://www.expresscertifications.com/ISC2/Catalog.aspx.

The SSCP is a good next step for many people that have taken and passed the Security+ exam. It will give you a good idea of what to expect from the premier security certification - CISSP - if you choose to take it. Also, many people have the experience to meet the requirements for SSCP, but not CISSP. As a reminder, the requirements are:

• For the SSCP, you need one year of experience in one the seven (ISC)2 domains.
• For the CISSP, you need five years of experience on one of the ten domains.

Good luck.

Free SQL Server 2012 eBook

Microsoft Press has released a free ebook on SQL Server 2012 titled Introducing SQL Server 2012, by Ross Mistry and Stacia Misner. If you're trying to learn some of the new features of SQL Server 2012, this is a great freebie. I haven't read it cover to cover but have noticed that it includes many of the concepts mentioned in the new SQL Server 2012 exams.

It's available in multiple formats:

• PDF format
• Kindle format via Amazon
• As a .mobi file that also works with Kindle
• Sony reader format using .epub

You don't need a Kindle to read and view Kindle books. You can download free apps for most platforms from Amazon here.

You can also buy a paperback copy for $14.99.

Installing Windows Server 8 as Virtual Server

I decided to play around with the beta version of Windows Server 8 and took these notes so you could download and install it on your own. Specifically, these steps will show you how to install a virtual instance of Windows Server 8 on a Windows 7 system.

While these steps will help you install and play around with Windows Server 8, they also let you play around with virtualization which is a topic of growing importance for any certifications.

Windows Server 8

Windows Server 8 is the next server operating system and it’s currently in beta stage. Microsoft has a history of pairing server operating systems with desktop operating systems to fully use the features of both. For comparison, Windows Server 2003 was paired with Windows XP, Windows Server 2008 was paired with Windows Vista, and Windows Server 2008 R2 was paired with Windows 7.

You can expect to see Windows 8 go live later this year, probably in October. Windows Server 8 will probably be released within three months of Windows 8.

Virtual Box

Windows Server 8 is a 64-bit operating system. Unfortunately, the Windows Virtual PC application that is available as a free update on Windows 7 will not run 64-bit operating systems. An alternative is VirtualBox.

You can get a free copy of VirtualBox here: https://www.virtualbox.org/wiki/Downloads.

After downloading it, browse to where you saved it, and double-click it to start the installation. You can just accept the defaults by clicking Next through each screen.

Download ISO or VHD

You can download the Windows Server 8 beta here: http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx. You’ll have the choice of downloading the 64-bit ISO which is a DVD image, or a virtual hard disk (VHD) image. The 64-bit VHD image will run as a virtual system on a Windows Server 2008 R2 system using Hyper-V but it won’t run on Windows Virtual PC.

However, if you download the ISO DVD image, you can use it to install the operating system on Virtual Box running within Windows 7. It’s a 3.3 GB file so it may take a while depending on the speed of your connection.

Windows 8 Consumer Preview

While this article is focused on Windows Server 8, you can also use the steps to download and install the Windows 8 Consumer Preview available here: http://windows.microsoft.com/en-us/windows-8/download

Install VirtualBox

Start VirtualBox by clicking Start, All Programs, Oracle VM VirtualBox, and selecting Oracle VM VirtualBox. During the install, you’ll be prompted several times to install device software. This software is needed for various virtual devices so should be installed. These are signed and the Publisher is identified as Oracle Corporation. When the install completes, click Finish. VirtualBox will then start.

Create a VM

You can use the following steps to create a virtual machine (VM) used for Windows Server 8.

1. Click the New button on the menu bar. Review the information on the Welcome page and click Next.
2. Give your VM a name such as Windows Server 8.
3. On the OS Type ensure that Microsoft Windows is select as the operating system. Select Windows 8 (64-bit) as the Version. Click Next.
4. The default memory size is 1536. Change this to 2048 and click Next.
5. Accept the defaults on the Virtual Hard Disk page. This creates a new 20 GB hard disk that can be used to boot (or start up) the VM. Click Next.
6. Accept the default of VDI (VirtualBox Disk Image) for the new virtual disk and click Next.
7. Accept the default of dynamically allocated for the virtual disk. Click Next.
8. On the Virtual Disk File Location and Size page, modify the size to 40 GB. If desired, you can change the location by clicking the folder and browsing to a new location. Click Next.
9. On the Summary page, click Create.

After the VM is created, Virtual Box will look similar to the following graphic. In the figure, I have both the Windows 8 Consumer Preview and Windows Server 8 installed.



It’s worthwhile stating the obvious here. At this point, this VM is empty. Even though it’s named Windows Server 8, it doesn’t have Windows Server 8 installed yet. This is similar to you creating a file in Word and naming it “My Plan for Success”. Just naming the file doesn’t add the contents.

Attach the ISO to the VM

If you were installing this on a new computer, you’d put the DVD into the drive and boot to the DVD. You simulate this by attaching the ISO image to the virtual CD/DVD drive. The following steps show this process.

1. Ensure the Windows Server 8 VM Is selected and click Settings.
2. Select Storage. Click on Empty under IDE Controller.
3. In the Attributes section, click on the CD icon to the right of CD/DVD Drive.
4. Select Choose a virtual CD/DVD disk file.
5. Browse to the location where you saved the Windows 8 DVD ISO file and select it. Click Open.
6. The IDE Controller will no longer be listed as Empty, but instead has the name of the ISO file. It should look similar to the following graphic.

Installing Windows Server 8

At this point, you should have the following:

• VirtualBox installed
• An empty VM created for Windows Server 8
• An ISO image file for Windows Server 8 attached to the VM

You can use the following steps to install Windows Server 8.

1. Select the Windows Server 8 VM in VirtualBox and click Start.
2. Review the message on Auto Capture Keyboard and the host key and click OK. You will likely see one or more additional messages. Review them and click OK.
3. When the Install screen appears, click Next. Click Install Now.
4. Select Server 8 Beta Datacenter (Server with a GUI) and click next. The Server Core installation includes a command prompt but not a graphical user interface (GUI).
5. Review the license terms, select the checkbox to accept the license terms, and click Next.
6. Select Custom: Install Windows only (advanced).
7. The 40 GB drive you created with the VM will be selected as Drive 0 Unallocated Space. Click Next.
8. The installation will begin and you won’t need to do anything else for a while. Now may be a good time to take a break.
9. When prompted, enter a password for the Administrator account in the Password and Retype password text boxes. As a test machine, you may want to use something you can easily remember such as P@ssw0rd. Click Finish.

To log in, press the host key plus the Delete key to simulate the CTRL + ALT + DELETE key combination. The host key is the right-CTRL key by default.

Navigation and Shutting Down

The Windows Key (normally located between CTRL and ALT on the left of the spacebar is an important key for navigation and you can use it to toggle between views.

Additionally, there are many different Windows key combinations. One that you’ll want to remember to shut down your system is Windows + i. This will bring up a display similar to the following graphic and you can select the power button to reboot or power down your system.