Friday, November 17, 2017

Holiday Scams and Malware Campaigns

I love the holiday season from Thanksgiving to New Years. For me, it's a time of relaxation, rejuvenation, and recreation with family and friends.

Unfortunately, the criminals love the holiday season too. You can fully expect them to continue to use a variety of creative methods to trick you out of your hard earned money.


Read the full post for tips on how to avoid the common scams.

Monday, November 13, 2017

Identifying Malware

Are you preparing to take the SY0-401 or SY0-501 Security+ exam? If so, make sure you can identify different malware types.

As an example, see if you can you answer this question?

Q. Dr. Terwilliger installed code designed to enable his account automatically if he ever lost his job as a sidekick on a television show. The code was designed to reenable his account three days after it is disabled. Which of the following does this describe?

A. Logic bomb

B. Rootkit

C. Spyware

D. Ransomware

See if you're correct (and see the full explanation) here.


Monday, November 6, 2017

SY0-401 or SY0-501 Security+ Exam?

If you're planning to take the Security+ exam, you might be wondering if you should take the SY0-401 or SY0-501 Security+ exam. I'm starting to get queries asking which one to take. As an example, here's a snippet of a recent query.

"...I plan to make a career change and move into cybersecurity. ... I want to complete security + certification... what exam would you recommend me to take SY0-401 or the new SY0-501"

Here's the short answer: SY0-401.

This blog post explains why.


Friday, November 3, 2017

Protecting Management Interfaces & Applications (Security+)

Are you planning to take the Security+ Exam? If so, make sure you understand basics on how to protect management interfaces and applications and

See if you can answer this sample practice test question?

Q. Attackers recently attacked a web server hosted by your organization. Management has tasked administrators with reducing the attack surface of this server to prevent future attacks. Which of the following will meet this goal?

A. Disabling unnecessary services

B. Installing and updating antivirus software

C. Identifying the baseline

D. Installing a NIDS

Check out the answer (and explanation) here.

If you're studying for the SY0-501 exam, check out the CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide.



Friday, October 20, 2017

Certificate Revocation Lists

Are you planning to take the Security+ exam? If so, make sure you understand PKI concepts. See if you can answer this practice test question.

Q. Your organization is planning to implement an internal PKI. What is required to ensure users can validate certificates?

A. An intermediate CA

B. CSR

C. Wildcard certificates

D. CRL


See if you're correct (and see the full explanation) here.

Monday, October 2, 2017

Security+ and Unauthorized System Access

Are you preparing to take the Security+ exam? If so make sure you understand some of the methods attackers use to gain unauthorized access to systems. See if you can answer this sample question.

Q. A recent antivirus scan on a server detected a Trojan. A technician removed the Trojan, but a security administrator expressed concern that unauthorized personnel might be able to access data on the server. The security administrator decided to check the server further. Of the following choices, what is the administrator MOST likely looking for on this server?

A. Backdoor

B. Logic bomb

C. Rootkit

D. Botnet

Check out the answer (and full explanation) here.


Friday, September 29, 2017

Security+ and Basic Forensic Procedures

Are you planning to take the Security+ exam? If so, make sure you understand basic forensic procedures.

See if can you answer this sample question?

Q. Security personnel confiscated a user’s workstation after a security incident. Administrators removed the hard drive for forensic analysis, but left it unattended for several hours before capturing an image. What could prevent the company from taking the employee to court over this incident?

A. Witnesses were not identified.

B. A chain of custody was not maintained.

C. An order of volatility was not maintained.

D. A hard drive analysis was not complete.

Check your answer (and see the full explanation) here.