CompTIA updated their renewal policy reversing their earlier statements. You can read about it here.
http://www.comptia.org/certifications/listed/renewal.aspx
If you're certified now or certify sometime in 2010, your certification will be good for life just as it's been in the past. However, if you get certified in A+, Network+, or Security+ on January 1, 2011 or later the certification will be good for three years from the date you get certified.
Certifications that expire can be updated by earning continuing education credits. Expect CompTIA to announce details of the continuing education program sometime before January 1, 2011.
Darril
Sunday, January 31, 2010
Friday, January 29, 2010
CompTIA Backs Down
ARS Technica posted a good article titled CompTIA Backs Down.
Even though CompTIA hasn't officially posted a change to the new recertification policy apparently they are changing it.
Darril Gibson
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Even though CompTIA hasn't officially posted a change to the new recertification policy apparently they are changing it.
- If you certify in A+, Network+, or Security+ in 2010 (or previously), your certification is good for life.
- If you certify in 2011, you'll need to recertify every three years.
Darril Gibson
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Sunday, January 24, 2010
Hashing
When preparing for the CompTIA Security+ SY0-201 exam, you'll come across the following objective related to hashing:
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
As an example, imagine that a message of "Hello" needs to be sent. Assume that the hashing algorithm calculates the hash as 1234. Both the message and the hash is sent.
When the message is received, the hash is calculated on the received message. This results in a hash of 1234 which is then compared to the original hash of 1234. Since both hashes are the same, the message has not lost data integrity.
What if the message is changed?
Imagine that the message of "Hello" is sent with the hash of 1234. However, the message is modified in transit and the received message is "Goodbye".
The hash of "Goodbye" is 5678. The hash of the received message (5678) is compared to the original hash (1234) and it's apparent the hashes are not the same. The message has lost data integrity.
Applications can be used to calculate hashes and perform the comparisons automatically. When the hashes don't match a message appears informing the user of loss of data integrity.
MD5 is a hashing algorithm that produces a 128 bit hash. SHA-1 is a hashing algorithm that produces a 160 bit hash.
Here's a practice question on hashing.
Good luck with your studies.
Darril Gibson
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
- SHA
- MD5
As an example, imagine that a message of "Hello" needs to be sent. Assume that the hashing algorithm calculates the hash as 1234. Both the message and the hash is sent.
When the message is received, the hash is calculated on the received message. This results in a hash of 1234 which is then compared to the original hash of 1234. Since both hashes are the same, the message has not lost data integrity.
What if the message is changed?
Imagine that the message of "Hello" is sent with the hash of 1234. However, the message is modified in transit and the received message is "Goodbye".
The hash of "Goodbye" is 5678. The hash of the received message (5678) is compared to the original hash (1234) and it's apparent the hashes are not the same. The message has lost data integrity.
Applications can be used to calculate hashes and perform the comparisons automatically. When the hashes don't match a message appears informing the user of loss of data integrity.
MD5 is a hashing algorithm that produces a 128 bit hash. SHA-1 is a hashing algorithm that produces a 160 bit hash.
Here's a practice question on hashing.
Good luck with your studies.
Darril Gibson
Friday, January 22, 2010
The Security Triad
When studying for the CompTIA SY0-201 exam, you'll come across three core concepts that are commonly referred to as the security triad. They are:
Good luck with your studies.
Darril
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
- Confidentiality. The goal of confidentiality is to prevent the unauthorized disclosure of information.
This is accomplished by controlling access to resources and using encryption to protect the data when it's stored or when it's transferred over the network.
- Integrity. The goal of Integrity is to verify that data has not been modified. Integrity is commonly enforced by controlling data to prevent it from being modified, and by using hashes. Enforced by controlling data and using hashes.
- Availability. The goal of Availability is to ensure that data and services are available when needed. This includes using backups and using different types of redundancies. This blog talks about disk redundancies, but you can also have server redundancies (with failover clusters) and site reduandicies (hot site, warm site, cold site).
Good luck with your studies.
Darril
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Monday, January 18, 2010
List of Security+ Blogs
I've posted close to 50 posts on Security+ topics so though it'd be worthwhile to list many of them to help you in your studies.
This blog lists some of the topics. If you want to see a few practice test questions, check out this blog.
Least Privilege
Mandatory Vacations
Separation of Duties
VOIP Risks
Vulnerability Assessments
CompTIA Makes it Official - No Recertification until 2011
Hashing
The Security Triad
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Promiscuous or non-promiscuous
Protocol Analyzers
Faraday cage
Symmetric vs Asymmetric
What's in a CRL
Identity proofing
RADIUS
Redundancy
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Phishing
Dumpster diving
Piggybacking or tailgating
Impersonation
Social engineering
Disk redundnacy using RAID
DoS and DDoS attacks
Well-known ports
Understanding ports
Biometrics used in authentication
Digital signatures
Use of virtualization in security
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Encryption basics
Qualitative risk assessment
Bluetooth concenrs
SSL, OCSP, vs CRL
Three factors of authentication
Quantitative risk assessments
Intrusion detection systems (HIDS and NIDS)
Good luck in your studies
Darril Gibson
This blog lists some of the topics. If you want to see a few practice test questions, check out this blog.
Least Privilege
Mandatory Vacations
Separation of Duties
VOIP Risks
Vulnerability Assessments
CompTIA Makes it Official - No Recertification until 2011
Hashing
The Security Triad
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Promiscuous or non-promiscuous
Protocol Analyzers
Faraday cage
Symmetric vs Asymmetric
What's in a CRL
Identity proofing
RADIUS
Redundancy
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Phishing
Dumpster diving
Piggybacking or tailgating
Impersonation
Social engineering
Disk redundnacy using RAID
DoS and DDoS attacks
Well-known ports
Understanding ports
Biometrics used in authentication
Digital signatures
Use of virtualization in security
CompTIA Security+: Get Certified Get Ahead: SY0-201 Study Guide
Encryption basics
Qualitative risk assessment
Bluetooth concenrs
SSL, OCSP, vs CRL
Three factors of authentication
Quantitative risk assessments
Intrusion detection systems (HIDS and NIDS)
Good luck in your studies
Darril Gibson
List of practice questions
I've posted close to 50 posts on Security+ topics so thought it'd be worthwhile to list many of them to help you in your studies.
This blog lists the practice test questions I've written and posted. If you want to view a list of Security+ topics I've posted, check out this blog.
Incident Response
Good luck in your studies.
Darril Gibson
This blog lists the practice test questions I've written and posted. If you want to view a list of Security+ topics I've posted, check out this blog.
Incident Response
- Environmental Controls
- Cryptography practice
- Email Sender
- Implicit Deny
- Network
- Hashing
- Cryptography
- Bluetooth
Good luck in your studies.
Darril Gibson
Just passed 70-647
OK, I realize it's not related to Security+, but I was happy to finally complete this exam. I took it about an hour ago and just double-checked that this was my last exam needed for the MCITP Enterprise Administrator certification on Windows Server 2008. Wooo Hooo!
Next up... Windows 7.
Darril
Next up... Windows 7.
Darril
Friday, January 15, 2010
Will Your Security+ Certification Expire?
I posted a blog about CompTIA's new certification renewal policy and you may be wondering how it affects your Security+ certification.
Here are the basics:
If you certified with the older exam (SY0-101) available before July 31 2009, you will need to retake an exam by December 2011 to stay certified.
Here are the basics:
If you certified with the older exam (SY0-101) available before July 31 2009, you will need to retake an exam by December 2011 to stay certified.
- You can take the SY0-201 exam (100 questions, passing score 750, $258 US)
- Or you can take the BR-001 bridge exam (50 questions, passing score 560, $190 US)
- The cost to submit the credits is $49.
- Details aren't finalized, but you can continuing education credits by attending training, blogging, teaching, writing, and more. More details here.
- If you passed the SY0-201 exam in 2009 (say in December 2009), you have until December 2011 to submit the credits.
- If you passed the SY0-201 exam in 2010 or later, you have three years from the date of your exam.
Thursday, January 14, 2010
CompTIA Certification Renewal Policy
Update.
CompTIA has apparently changed their mind. Read about it in this CompTIA Backs Down article. In short, if you certify in 2010 or before, it's good for life, but requires recertification if you certify in 2011 or later.
* * *
CompTIA has modified their certification renewal policy and now setting expiration dates for some certifications. This change affects the A+, Network+, and Security+ certifications but my focus in this blog entry is only on the Security+ certification.
In the past, CompTIA certifications have been granted for life. In other words, once you became Security+ certified, you remained Security+ certified. Based on this policy, certifications will only last for three years.
As background, the Security+ certification has had two versions:
If you earned the updated Security+ certification by taking the SY0-201 exam in 2008 or 2009, your certification will expire December 31, 2011. You can retain the Security+ certification through enrollment and participation in a continuing education program which hasn't been defined yet.
If you earned the updated Security+ certification by taking the SY0-201 in 2010 or later, your certification will expire three years from the date it was awarded. You can retain the Security+ certification through enrollment and participation in a continuing education program which hasn't been defined yet.
You can read the details from CompTIA's site here:
http://www.comptia.org/certifications/listed/renewal.aspx
Darril Gibson
CompTIA has apparently changed their mind. Read about it in this CompTIA Backs Down article. In short, if you certify in 2010 or before, it's good for life, but requires recertification if you certify in 2011 or later.
* * *
CompTIA has modified their certification renewal policy and now setting expiration dates for some certifications. This change affects the A+, Network+, and Security+ certifications but my focus in this blog entry is only on the Security+ certification.
In the past, CompTIA certifications have been granted for life. In other words, once you became Security+ certified, you remained Security+ certified. Based on this policy, certifications will only last for three years.
As background, the Security+ certification has had two versions:
- SY0-101 was the original version and it could be taken up until July 2009
- SY0-201 was released in late 2008 and the current version.
If you earned the updated Security+ certification by taking the SY0-201 exam in 2008 or 2009, your certification will expire December 31, 2011. You can retain the Security+ certification through enrollment and participation in a continuing education program which hasn't been defined yet.
If you earned the updated Security+ certification by taking the SY0-201 in 2010 or later, your certification will expire three years from the date it was awarded. You can retain the Security+ certification through enrollment and participation in a continuing education program which hasn't been defined yet.
You can read the details from CompTIA's site here:
http://www.comptia.org/certifications/listed/renewal.aspx
Darril Gibson
Friday, January 1, 2010
Promiscuous or non-promiscuous
A previous blog entry talked about protocol analyzers. When using protocol analyzers you should be aware of the two modes of a protocol analyzer. They are promiscuous and non-promiscuous.
As a side note, you should know that when a protocol analyzer is operating in promiscuous mode, it gives telltale signs on the network. Don't just start running it on a live network without permissions.
I remember teaching a Security+ class at a college once. One of the students was in the Army and had admnistrative privileges on his system. The next day he downloaded Wireshark, installed it, and began sniffing the network. Within about 15 minutes security administrators were at his desk looking over his shoulder asking what he was doing. Thankfully, you can't get fired from the Army very easily but the same may not be true at your job.
Good luck in your studies.
Darril Gibson
- Non-promiscuous. In non-promiscuous mode, the protocol analyzer can only capture traffic addressed to the system (including broadcasts), or coming from the system. In other words, it can't capture unicast traffic between two other hosts.
- Promiscuous. In pomiscuous mode, the protocol analyzer can capture any and all traffic that reaches it's NIC. Attackers would use a protocol analyzer in promiscuous mode.
As a side note, you should know that when a protocol analyzer is operating in promiscuous mode, it gives telltale signs on the network. Don't just start running it on a live network without permissions.
I remember teaching a Security+ class at a college once. One of the students was in the Army and had admnistrative privileges on his system. The next day he downloaded Wireshark, installed it, and began sniffing the network. Within about 15 minutes security administrators were at his desk looking over his shoulder asking what he was doing. Thankfully, you can't get fired from the Army very easily but the same may not be true at your job.
Good luck in your studies.
Darril Gibson
Subscribe to:
Posts (Atom)