Monday, January 8, 2018

Security+ and Database Concepts

Are you planning to take the SY0-501 Security+ exam? If so, you should understand some database concepts that weren't tested in the SY0-401 exam.

See if you can you answer this question?

Q. Database administrators have created a database used by a web application. However, testing shows that the application is taking a significant amount of time accessing data within the database. Which of the following actions is MOST likely to improve the overall performance of a database?

A. Normalization

B. Client-side input validation

C. Server-side input validation

D. Obfuscation

Check out the answer and full explanation here.

Tuesday, January 2, 2018

IDSs and IPSs on the Security+ Exam

Are you planning to take the Security+ exam? If so, make sure you know about IDSs and IPSs.
For example, can you answer this question?

Q. A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?

A. Network-based

B. Signature-based

C. Heuristic-based

D. Anomaly-based

Check out the answer and explanation here.

Tuesday, December 26, 2017

Stackable Certifications from CompTIA

Have you heard about CompTIAs new stackable certifications? If you've earned more than a couple of CompTIA certifications, you may already have one of them.

As an example, if you an A+ and Network+ certification, you now also have the CompTIA IT Operations Specialist stackable certification.

Check out this blog post for more information. 

Thursday, December 14, 2017

Switch Security

Are you planning to take the SY0-401 version or the SY0-501 version of the Security+ exam, you should have a basic understanding of secure network administration principles. This includes deploying switches securely.

See if you can answer this question.

Q. Your organization has several switches within the network. You need to implement a security control to prevent unauthorized access to these switches. Which of the following choices BEST meets this need?

A. Disable unused ports.

B. Implement an implicit deny rule.

C. Disable STP.

D. Enable SSH.

See if you're correct and view the full explanation here.

Friday, December 8, 2017

CompTIA Recertification Exam (RC0-501)

Have you heard about CompTIAs recertification exams (such as the RC0-501 for the Security+ certification).

It's only $175 (compared to $320 USD for SY0-501 exam), includes 35 questions (compared to 90 questions on the SY0-501 exam), and you can take it from home.

Check out this blog post for more information.

Wednesday, November 22, 2017

Friday, November 17, 2017

Holiday Scams and Malware Campaigns

I love the holiday season from Thanksgiving to New Years. For me, it's a time of relaxation, rejuvenation, and recreation with family and friends.

Unfortunately, the criminals love the holiday season too. You can fully expect them to continue to use a variety of creative methods to trick you out of your hard earned money.

Read the full post for tips on how to avoid the common scams.