Tuesday, May 15, 2018

Common Malware Names and Security+

Are you planning to take the SY0-501 Security+ exam? If so, you might like to review some information on malware names.

Check out this sample Security+ practice test question that was recently added to the Extras quiz for the online SY0-501 practice test questions.

Q. You are troubleshooting a computer that is displaying erratic behavior. You suspect that malicious software was installed when the user downloaded and installed a free software application. You want to identify the name of the malware and you run the following netstat command from the command prompt:

C:\WINDOWS\system32>netstat -nab > netstat.txt

After opening the text file you see the following information.


Based on the output, what type of malware was most likely installed on the user’s computer?

A. Worm

B. Logic bomb

C. Ransomware

D. RAT

E. Crypto-malware

F. No malware is indicated

Check out the answer and full explanation here.


Monday, May 14, 2018

Understanding Network Separation

Are yo planning to take the Security+ SY0-401 or SY0-501 exam?

If so, see if you can answer this sample question.

Q. You are tasked with configuring a switch so that it separates VoIP and data traffic. Which of the following provides the BEST solution?
A. NAC
B. DMZ
C. SRTP
D. VLAN

Check out the answer and full explanation here.


Monday, May 7, 2018

Vulnerability Assessment Tools

Are you planning to take the SY0-401 or SY0-501 Security+ exam?

If so, see if you can answer this practice test question.

Q. You suspect that a user is running an unauthorized AP within the organization’s building. Which of the following tools is the BEST choice to see if an unauthorized AP is operating on the network?
A. Rogue system
B. Wireless scanner
C. Password cracker
D. Penetration test


Monday, April 30, 2018

Security+ and Physical Security Controls

Are you planning to take the SY0-501 or SY0-401 Security+ exam? If so, make sure you have a basic understanding of security controls including physical security controls.

 See if can answer this sample Security+ question

Q. Management within your organization wants to create a small network used by executives only. They want to ensure that this network is completely isolated from the main network. Which of the following choices BEST meets this need?

A. Airgap

B. Mantrap

C. Control diversity

D. Infrared motion detectors

Check out the answer and full explanation here.


Monday, April 23, 2018

Security+ and Log Entries

Are you preparing for the SY0-401 and SY0-501 Security+ exam? If so, you might like to review some information on log entries.

As an example, consider the following Security+ practice test question that I recently added to the test banks on the gcgapremium.com site.

Q. Your IPS recently raised an alert from the following log entry on of your organization’s web servers:
04/23/18 23:13:50 httpd: GET /wp/forms/process.php?input=cd%20../../../etc;cat%20shadow
Based on this log entry, which of the following is MOST likely occurring

A. False negative
B. XSS attack
C. Command injection attack
D. Password attack
E. Buffer overflow attack

Can you answer it? Check out the answer and full explanation here.

Monday, April 16, 2018

NAC Systems and Security+

Are you preparing for the SY0-501 or SY0-401 Security+ exam? If so, you should have a basic understanding of network components that support organizational security. This includes using NAC systems to verify computers meet preset security conditions.

See if you  can answer this sample Security+ question.

Q. Your organization recently implemented a BYOD policy. However, management wants to ensure that mobile devices meet minimum standards for security before they can access any network resources. Which of the following agents would the NAC MOST likely have?

A. Permanent

B. Health

C. RADIUS

D. Dissolvable

Check out the answer and full explanation here.


Monday, March 26, 2018

Security+ and Proxy Servers

Are you planning to take the SY0-401 Security+ or SY0-501 Security+ exam?  If so, make sure you understand basic network components.

As an example, see if you can answer this sample Security+ question.

Q.  Management at your organization wants to prevent employees from accessing social media sites using company-owned computers. Which of the following devices would you implement?

A. Transparent proxy

B. Reverse proxy

C. Nontransparent proxy

D. Caching proxy

Check out the answer and explanation here.