Tuesday, April 17, 2012

Free Security+ Practice Test Questions

If you're preparing for the Security+ SY0-301 exam, you might like to check your readiness with a few free practice test questions. This page includes six free practice test questions, one from each of the six domains in the Security+ SY0-301 exam.

Practice Test Question 1

Q. What can you use to logically separate computers in two different departments within a company?



A. A hub

B. A VLAN

C. NAT

D. A flood guard



Answer at end of post.



Practice Test Question 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?



A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators



Answer at end of post.


Pass the Security+ SY0-301 exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide




Practice Test Question 3

Q. Of the following choices, what best represents an attack against specific employees of a company?



A. Phishing

B. Vishing

C. Spim

D. Spear phishing



Answer at end of post.



Practice Test Question 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?



A. Input validation

B. Phishing

C. Whaling

D. Social engineering



Answer at end of post.
Realistic practice test questions for the Security+ SY0-301 exam
Available through LearnZapp on your mobile phone

Practice Test Question 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)



A. CAC

B. MAC

C. DAC

D. PIV



Answer at end of post.


Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the "Remember This" blocks
Over three hours and 20 minutes of questions and answers on audio




Practice Test Question 6

Q. What type of key is used to sign an email message?



A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key



Answer at end of post.



These practice test questions are from the CompTIA Security+: Get Certified Get Ahead- SY0-301 Practice Test Questions book. It includes 275 realistic practice test questions with in-depth explanations for the CompTIA Security+ SY0-301 exam. If you've been studying for this exam and want to test your readiness, this book is for you.
It is also available as Kindle ebook for only $9.99 and the Kindle version also includes dozens of flash cards to help you reinforce key testable topics. You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:
  • Windows PC
  • MAC
  • iPhone
  • iPad
  • Android
  • BlackBerry
  • Windows Phone 7



You may also like to check out these Security+ blogs:



SY0-301: Exam Answer 1

Q. What can you use to logically separate computers in two different departments within a company?



A. A hub

B. A VLAN

C. NAT

D. A flood guard



B is correct. A virtual local area network (VLAN) can group several different computers into a virtual network, or logically separate the computers in two different departments.

A is incorrect. A hub doesn’t have any intelligence and can’t separate the computers.

C is incorrect. NAT translates private IP addresses to public IP addresses, and public back to private.

D is incorrect. A flood guard protects against SYN flood attacks.



Objective: 1.2 Apply and implement secure network administration principles


All Security+ domain objectives are fully explained in the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide




SY0-301 Exam: Answer 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?



A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators



Answer B is correct. Mandatory vacation policies require employees to take time away from their job and help to detect fraud or malicious activities.

A is incorrect. An account disablement policy (sometimes called an account expiration policy) specifies when to disable accounts.

C is incorrect. Job rotation policies require employees to change roles on a regular basis.

D is incorrect. Dual accounts for administrators help prevent privilege escalation attacks.



Objective: 2.1 Explain risk related concepts



SY0-301: Answer 3

Q. Of the following choices, what best represents an attack against specific employees of a company?



A. Phishing

B. Vishing

C. Spim

D. Spear phishing



Answer D is correct. A spear phishing attack targets a specific person or specific groups of people such as employees of a company.

A is incorrect. Phishing sends email to users with the purpose of tricking them into revealing personal information, such as bank account information, but it doesn’t target specific employees of a company.

B is incorrect. Vishing is a form of phishing that uses recorded voice over the telephone.

C is incorrect. Spim is a form of spam using instant messaging (IM).



Objective: 3.2 Analyze and differentiate among types of attacks


If you're looking for more information on the CompTIA Security+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.




SY0-301: Answer 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?



A. Input validation

B. Phishing

C. Whaling

D. Social engineering



Answer A is correct. Input validation checks input data, but because so many sites do not use it they are vulnerable to buffer overflow, SQL injection, and cross-site scripting attacks.

B is incorrect. Phishing is the practice of sending email to users with the purpose of tricking them into revealing personal information (such as bank account information).

C is incorrect. Whaling is a phishing attack that targets high-level executives.

D is incorrect. Social engineering is the practice of using social tactics to encourage a person to do something or reveal some piece of information.



Objective: 4.1 Explain the importance of application security



SY0-301 Exam: Answer 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)



A. CAC

B. MAC

C. DAC

D. PIV



Answers A and D are correct. A common access card (CAC) and a personal identity verification (PIV) card both include photo identification and function as smart cards.

B and C are incorrect. MAC and DAC are access control models, not photo IDs.



Objective: 5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control


Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the "Remember This" blocks
Over three hours and 20 minutes of questions and answers on audio




SY0-301 Exam: Answer 6

Q. What type of key is used to sign an email message?



A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key



Answer B is correct. A digital signature is an encrypted hash of a message, encrypted with the sender’s private key.

A is incorrect. The recipient decrypts the hash using the sender’s public key.

C and D are incorrect. Recipient keys are used with encryption, but not with a digital signature.



Objective: 6.1 Summarize general cryptography concepts, 6.2 Use and apply appropriate cryptographic tools and products


If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.

Success is within your reach.

Thursday, April 12, 2012

Active Fingerprinting vs Passive Fingerprinting

If you take the Security+ exam, you may come across the terms active fingerprinting and passive fingerprinting. It's worthwhile knowing the differences between the two. It's also important to realize that fingerprinting in this context is not referring to the biometric method of authentication.
Pass the Security+ exam the first time you take it.
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Fingerprinting and Reconnaissance

In this context, fingerprinting refers to identifying specific information about a system. It is often part of a larger reconnaissance attack. Reconnaissance provides a big-picture view of a network or servers in a DMZ. It identifies the IP addresses used in the target network using a method such as an ICMP sweep or a host enumeration sweep. Ping scanners are sometimes used for this step.

Fingerprinting then homes in on individual systems to provide details of each of them. For example, a fingerprinting attack can identify the operating system of the target and in many cases, it can identify the service pack and patches that have been installed. It can also identify the protocols and services that are running on a system and the likely role of the server based on these services. For example, if a server is listening on port 80, it is running the HTTP protocol and is very likely a web server.

When fingerprinting any system, it's useful to know many of the commonly used well-known ports.

Passive Fingerprinting

Passive fingerprinting uses a sniffer (such as Wireshark) to capture traffic sent from a system. It analyzes this traffic to determine what the server is doing. A key point is that passive fingerprinting does not send any traffic to the target system but instead just collects the traffic. With this in mind, passive fingerprinting cannot be done from remote attackers. It can only be done with a sniffer installed in the network.
Realistic practice test questions for the Security+ SY0-301 exam
Available for the Kindle with flash cards to reinforce key testable material
Free Kindle apps from Amazon to run Kindle books on your PC, iPad, or other platforms

Active Fingerprinting

Active fingerprinting uses active techniques to identify the role of a server. Chapters 7 and 8 of the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide covered several methods used with active fingerprinting. They include:
  • Xmas attack. This is a specific type of scan that sends specially crafted packets to a system. By analyzing the return packets, the scanner can determine the operating system of the target.
  • Port scanning. A port scanner sends queries on specific ports. If the server answers a query on a port, it indicates it is listening on this port. For example, if a system answers a query on port 25, it indicates it is running SMTP and is likely an email server. Additional queries can be sent to the system to verify it is an email server.
These methods are useful for attackers trying to determine the role of remote servers.
Realistic practice test questions for the Security+ exam.
Available through Learnzapp on your mobile phone

Summary

Fingerprinting is used to get details on a specific target. It is often used as part of a larger reconnaissance attack.

The difference between active and passive fingerprinting is that active fingerprinting will send queries to the target and analyze the response. Passive fingerprinting only uses a sniffer to capture and analyze traffic, but never sends traffic to the target.

Monday, April 9, 2012

SSCP Practice Test Questions

If you've been studying for the SSCP exam, you may be looking for a good source of SSCP practice test questions. You'll find that the SSCP Systems Security Certified Practitioner All-in-One Exam Guide covers the content in the exam but I'm hearing that test questions from the studISCope test banks are the most helpful.

(ISC)2 changes the questions in their live test bank regularly and they also update their practice test questions in the studISCope banks. Here's a link: https://www.expresscertifications.com/ISC2/Catalog.aspx.

The SSCP is a good next step for many people that have taken and passed the Security+ exam. It will give you a good idea of what to expect from the premier security certification - CISSP - if you choose to take it. Also, many people have the experience to meet the requirements for SSCP, but not CISSP. As a reminder, the requirements are:
  • For the SSCP, you need one year of experience in one the seven (ISC)2 domains.
  • For the CISSP, you need five years of experience on one of the ten domains.
Good luck.

Sunday, April 8, 2012

Free SQL Server 2012 eBook

Microsoft Press has released a free ebook on SQL Server 2012 titled Introducing SQL Server 2012, by Ross Mistry and Stacia Misner. If you're trying to learn some of the new features of SQL Server 2012, this is a great freebie. I haven't read it cover to cover but have noticed that it includes many of the concepts mentioned in the new SQL Server 2012 exams.

It's available in multiple formats:
You don't need a Kindle to read and view Kindle books. You can download free apps for most platforms from Amazon here.

You can also buy a paperback copy for $14.99.

Tuesday, April 3, 2012

Installing Windows Server 8 as Virtual Server

I decided to play around with the beta version of Windows Server 8 and took these notes so you could download and install it on your own. Specifically, these steps will show you how to install a virtual instance of Windows Server 8 on a Windows 7 system.

While these steps will help you install and play around with Windows Server 8, they also let you play around with virtualization which is a topic of growing importance for any certifications.

Windows Server 8

Windows Server 8 is the next server operating system and it’s currently in beta stage. Microsoft has a history of pairing server operating systems with desktop operating systems to fully use the features of both. For comparison, Windows Server 2003 was paired with Windows XP, Windows Server 2008 was paired with Windows Vista, and Windows Server 2008 R2 was paired with Windows 7.

You can expect to see Windows 8 go live later this year, probably in October. Windows Server 8 will probably be released within three months of Windows 8.

Virtual Box

Windows Server 8 is a 64-bit operating system. Unfortunately, the Windows Virtual PC application that is available as a free update on Windows 7 will not run 64-bit operating systems. An alternative is VirtualBox.

You can get a free copy of VirtualBox here: https://www.virtualbox.org/wiki/Downloads.

After downloading it, browse to where you saved it, and double-click it to start the installation. You can just accept the defaults by clicking Next through each screen.

Download ISO or VHD

You can download the Windows Server 8 beta here: http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx. You’ll have the choice of downloading the 64-bit ISO which is a DVD image, or a virtual hard disk (VHD) image. The 64-bit VHD image will run as a virtual system on a Windows Server 2008 R2 system using Hyper-V but it won’t run on Windows Virtual PC.

However, if you download the ISO DVD image, you can use it to install the operating system on Virtual Box running within Windows 7. It’s a 3.3 GB file so it may take a while depending on the speed of your connection.

Windows 8 Consumer Preview

While this article is focused on Windows Server 8, you can also use the steps to download and install the Windows 8 Consumer Preview available here: http://windows.microsoft.com/en-us/windows-8/download

Install VirtualBox

Start VirtualBox by clicking Start, All Programs, Oracle VM VirtualBox, and selecting Oracle VM VirtualBox. During the install, you’ll be prompted several times to install device software. This software is needed for various virtual devices so should be installed. These are signed and the Publisher is identified as Oracle Corporation. When the install completes, click Finish. VirtualBox will then start.

Create a VM

You can use the following steps to create a virtual machine (VM) used for Windows Server 8.
  1. Click the New button on the menu bar. Review the information on the Welcome page and click Next.
  2. Give your VM a name such as Windows Server 8.
  3. On the OS Type ensure that Microsoft Windows is select as the operating system. Select Windows 8 (64-bit) as the Version. Click Next.
  4. The default memory size is 1536. Change this to 2048 and click Next.
  5. Accept the defaults on the Virtual Hard Disk page. This creates a new 20 GB hard disk that can be used to boot (or start up) the VM. Click Next.
  6. Accept the default of VDI (VirtualBox Disk Image) for the new virtual disk and click Next.
  7. Accept the default of dynamically allocated for the virtual disk. Click Next.
  8. On the Virtual Disk File Location and Size page, modify the size to 40 GB. If desired, you can change the location by clicking the folder and browsing to a new location. Click Next.
  9. On the Summary page, click Create.
After the VM is created, Virtual Box will look similar to the following graphic. In the figure, I have both the Windows 8 Consumer Preview and Windows Server 8 installed.

Windows Server 8 VM

It’s worthwhile stating the obvious here. At this point, this VM is empty. Even though it’s named Windows Server 8, it doesn’t have Windows Server 8 installed yet. This is similar to you creating a file in Word and naming it “My Plan for Success”. Just naming the file doesn’t add the contents.

Attach the ISO to the VM

If you were installing this on a new computer, you’d put the DVD into the drive and boot to the DVD. You simulate this by attaching the ISO image to the virtual CD/DVD drive. The following steps show this process.
  1. Ensure the Windows Server 8 VM Is selected and click Settings.
  2. Select Storage. Click on Empty under IDE Controller.
  3. In the Attributes section, click on the CD icon to the right of CD/DVD Drive.
  4. Select Choose a virtual CD/DVD disk file.
  5. Browse to the location where you saved the Windows 8 DVD ISO file and select it. Click Open.
  6. The IDE Controller will no longer be listed as Empty, but instead has the name of the ISO file. It should look similar to the following graphic.
Adding DVD ISO file

Installing Windows Server 8

At this point, you should have the following:
  • VirtualBox installed
  • An empty VM created for Windows Server 8
  • An ISO image file for Windows Server 8 attached to the VM
You can use the following steps to install Windows Server 8.
  1. Select the Windows Server 8 VM in VirtualBox and click Start.
  2. Review the message on Auto Capture Keyboard and the host key and click OK. You will likely see one or more additional messages. Review them and click OK.
  3. When the Install screen appears, click Next. Click Install Now.
  4. Select Server 8 Beta Datacenter (Server with a GUI) and click next. The Server Core installation includes a command prompt but not a graphical user interface (GUI).
  5. Review the license terms, select the checkbox to accept the license terms, and click Next.
  6. Select Custom: Install Windows only (advanced).
  7. The 40 GB drive you created with the VM will be selected as Drive 0 Unallocated Space. Click Next.
  8. The installation will begin and you won’t need to do anything else for a while. Now may be a good time to take a break.
  9. When prompted, enter a password for the Administrator account in the Password and Retype password text boxes. As a test machine, you may want to use something you can easily remember such as P@ssw0rd. Click Finish.
To log in, press the host key plus the Delete key to simulate the CTRL + ALT + DELETE key combination. The host key is the right-CTRL key by default.

Navigation and Shutting Down

The Windows Key (normally located between CTRL and ALT on the left of the spacebar is an important key for navigation and you can use it to toggle between views.

Additionally, there are many different Windows key combinations. One that you’ll want to remember to shut down your system is Windows + i. This will bring up a display similar to the following graphic and you can select the power button to reboot or power down your system.