Thursday, January 30, 2014

Security+ Performance-Based Questions Video

I recently posted a video on YouTube for Security+ performance-based questions titled Master Security+ Performance-Based Questions. In this video I compare some of these types of questions with traditional multiple choice questions.
Master Security+ Performance Based Questions

Security+ Performance-Based Questions

While I've written several articles about these types of questions, I still hear from people occasionally that are either surprised by them, or that are very nervous about them. One of my goals with this video is to reassure people that if you know the concepts related to the objectives, many of these questions aren't that difficult.

Most of the test takers I hear from confirm this. They mention that based on their understanding of the objectives and the underlying concepts, they were able to answer these correctly, even when they were surprised by them.

In the video, I discuss the following three types of performance-based questions:
  • Drag and drop
  • Matching items
  • Order items

Drag and Drop Security+ Performance-Based Questions

In a drag and drop type question, you use the Windows drag and drop feature to answer the question. For example, you might see a list of different security types where some security types are unique to mobile devices such as smartphones, and other security types are unique to servers. The question might ask you to drag each of the items on the left to the appropriate device in the table on the right, similar to the following figure.
Drag and Drop Security+ Performance Based Question
These concepts are covered in the following objectives:
  • 3.6 Analyze and differentiate among types of mitigation and deterrent techniques
    Physical Security
  • 4.2 Carry out appropriate procedures to establish host security
    Mobile Devices
Global Positioning System (GPS) tracking is only used on mobile devices. You can use it to locate a missing smartphone or iPad. In contrast, servers operate in a stationary data center or server room. You don’t need GPS on servers because they’re always at the same place. With this in mind, you would drag the GPS Tracking security type to the Mobile Devices list like this.

Drag and Drop Security+ Performance Based Question

Admittedly, if someone breaks into your server room, they could steal the servers, and GPS might help you locate them. However, money spent to protect servers is more appropriately spent on physical security to prevent access to the server room and the servers within it.

Matching Items Security+ Performance-Based Questions

Here’s an example of a matching question. You can see a list of protocols on the left, and a list of ports on the right. In this question, you might be asked to match each of the protocols with their well-known port.
Matching Items Security+ Performance-Based Questions

For example, port 80 is the well-known port for HTTP. You would match HTTP and port 80 so that it looks similar to the following figure.

Matching Items Security+ Performance Based Question

These concepts are addressed in the following objective:
  • 1.5 Identify commonly used default network ports
 The CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide covers all these ports and has a table with the ports and protocols listed . Also, there are some blogs on this site that cover these ports:

Order Items Security+ Performance-Based Questions

Order of volatility refers to the order in which you should collect evidence. “Volatile” doesn’t mean it’s explosive, but rather that it is not permanent. In general, you should collect evidence starting with the most volatile and moving to the least volatile. In this type of question, you might be asked to rearrange the data items based on what order you should collect the data for a forensic investigation. In other words, list the items from the most volatile to the least volatile.

Order Items Security+ Performance Based Questions
These concepts are addressed in the following objective:
  • 2.3 Execute appropriate incident response procedures
    Basic forensic procedures
    Order of volatility
With these items, memory is the most volatile and the memory contents will be lost when the system is powered down. More, the memory used with the processor, the CPU cache, is more volatile than the RAM. With this in mind, you would place the CPU cache first as shown in the following graphic.

Order Items Security+ Performance Based Question

Security+ Performance-Based Questions Summary

The Master Security+ Performance-Based Questions video and this article doesn't cover all the possible performance-based questions, but it does give you some insight into what they might look like. As long as you understand the objectives, and the underlying concepts, you'll find that these are not that difficult.
Good luck.


Security+ Practice Test Questions

Full bank of 468 realistic practice test questions with in-depth explanations. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. This way no matter how CompTIA words the questions, you'll be able to answer them correctly.

These questions are from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized.View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL). You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.