Thursday, January 30, 2014

Security+ Performance-Based Questions Video

I recently posted a video on YouTube for Security+ performance-based questions titled Master Security+ Performance-Based Questions. In this video I compare some of these types of questions with traditional multiple choice questions.
Master Security+ Performance Based Questions

Security+ Performance-Based Questions

While I've written several articles about these types of questions, I still hear from people occasionally that are either surprised by them, or that are very nervous about them. One of my goals with this video is to reassure people that if you know the concepts related to the objectives, many of these questions aren't that difficult.

Most of the test takers I hear from confirm this. They mention that based on their understanding of the objectives and the underlying concepts, they were able to answer these correctly, even when they were surprised by them.

In the video, I discuss the following three types of performance-based questions:
  • Drag and drop
  • Matching items
  • Order items

Drag and Drop Security+ Performance-Based Questions

In a drag and drop type question, you use the Windows drag and drop feature to answer the question. For example, you might see a list of different security types where some security types are unique to mobile devices such as smartphones, and other security types are unique to servers. The question might ask you to drag each of the items on the left to the appropriate device in the table on the right, similar to the following figure.
Drag and Drop Security+ Performance Based Question
These concepts are covered in the following objectives:
  • 3.6 Analyze and differentiate among types of mitigation and deterrent techniques
    Physical Security
  • 4.2 Carry out appropriate procedures to establish host security
    Mobile Devices
Global Positioning System (GPS) tracking is only used on mobile devices. You can use it to locate a missing smartphone or iPad. In contrast, servers operate in a stationary data center or server room. You don’t need GPS on servers because they’re always at the same place. With this in mind, you would drag the GPS Tracking security type to the Mobile Devices list like this.

Drag and Drop Security+ Performance Based Question

Admittedly, if someone breaks into your server room, they could steal the servers, and GPS might help you locate them. However, money spent to protect servers is more appropriately spent on physical security to prevent access to the server room and the servers within it.

Matching Items Security+ Performance-Based Questions

Here’s an example of a matching question. You can see a list of protocols on the left, and a list of ports on the right. In this question, you might be asked to match each of the protocols with their well-known port.
Matching Items Security+ Performance-Based Questions

For example, port 80 is the well-known port for HTTP. You would match HTTP and port 80 so that it looks similar to the following figure.

Matching Items Security+ Performance Based Question

These concepts are addressed in the following objective:
  • 1.5 Identify commonly used default network ports
 The CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide covers all these ports and has a table with the ports and protocols listed . Also, there are some blogs on this site that cover these ports:

Order Items Security+ Performance-Based Questions

Order of volatility refers to the order in which you should collect evidence. “Volatile” doesn’t mean it’s explosive, but rather that it is not permanent. In general, you should collect evidence starting with the most volatile and moving to the least volatile. In this type of question, you might be asked to rearrange the data items based on what order you should collect the data for a forensic investigation. In other words, list the items from the most volatile to the least volatile.

Order Items Security+ Performance Based Questions
These concepts are addressed in the following objective:
  • 2.3 Execute appropriate incident response procedures
    Basic forensic procedures
    Order of volatility
With these items, memory is the most volatile and the memory contents will be lost when the system is powered down. More, the memory used with the processor, the CPU cache, is more volatile than the RAM. With this in mind, you would place the CPU cache first as shown in the following graphic.

Order Items Security+ Performance Based Question

Security+ Performance-Based Questions Summary

The Master Security+ Performance-Based Questions video and this article doesn't cover all the possible performance-based questions, but it does give you some insight into what they might look like. As long as you understand the objectives, and the underlying concepts, you'll find that these are not that difficult.
Good luck.


Security+ Practice Test Questions

Full bank of 468 realistic practice test questions with in-depth explanations. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. This way no matter how CompTIA words the questions, you'll be able to answer them correctly.

These questions are from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized.View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL). You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

Tuesday, January 28, 2014

How To Pass A Certification Exam

I am frequently asked how I have passed so many certification exams. The short answer is "one at a time." I don't mean to be flip with that answer, but it's the truth. If I could rephrase the question it would be "How do you pass a certification exam?" I can give you a much better answer to that one.
How To Pass a Certification Exam

Find a Good Study Guide to Pass a Certification Exam

I have earned almost all of my certifications through self-study. When possible, I get one or more study guides that cover the exam objectives. Ideally, a single book is enough but in general, it's always a good idea to get more than one. If you don't  understand the concepts described by one author, you can get a different perspective from another author and you end up with a deeper understanding.

I've been grateful and humbled that so many people have said tthe CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide was their single source of study. However, that isn't typical. Two or more study guides is common.

I Don't Have Time To Read The Book

I recently received an email from a reader indicating he didn't have time to read a book and asking what he could do.

The first option that came to mind isn't a good one. He could hire someone else to take the exam for him. It's expensive and unethical, but if he doesn't have the time to learn the material, it is one option.

Perhaps he meant that he doesn't learn easily by reading a book. Are their other options?  Yes.

One option is to attend a course. It's more expensive than buying one or two study guides though. For example, Security+ courses range between $1,000 and $3,000 per person depending on the location, the training materials used, what's included, and the trainer. Compare this to two study guides averaging $30 for a total of $60, and you can see the difference. Similarly, there are many video courses out there that teach the material. Some of these  video courses are expensive but there are also some videos available for free.

Another option is to look for audio on the topics. For example some books are available on the Amazon Kindle, and the Kindle has an audio feature that reads the book to you.  Additionally, you can sometimes purchase  audio files for some topics. For example, supplementary audio files for the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide are available here.

Look at the Objectives to Pass a Certification Exam

The objectives identify what you can expect to be tested on. For example, if you are studying the Security+ certification, you can check out the objectives for it on CompTIAs web site. Many study guides, including the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide include the objectives in the book along with an objective map telling you exactly where that objective is covered in the book.

When reviewing the objectives, your goal is to identify what is familiar and what is not familiar. A study guide can help you clarify these objectives and how you might be tested on them.

Research Unclear Topics to Pass a Certification Exam

It's entirely possible that all of the topics aren't clear to you. Some quick Internet searches should help you identify the answers. Additionally, there are many forums where people provide helpful answers to each other. If you post a well thought-out question to one of these forums, you can get some great responses.

Many times when I'm studying for an exam today, it's before any study guides have been published. The Internet is a great resource for me.

Use Practice Exams to Pass a Certification Exam

After you've studied the concepts related to the objectives, use practice exams to test your readiness. Many study guides including the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide include practice test questions at the end of each chapter. Use these to test your comprehension of the chapter topics. Some books also have a pre-test before the first chapter and a post-test after the last chapter. Additionally, there are many other sources for practice test questions such as the Get Certified Get Ahead Premium site.

When using practice test questions, you goal is not to get them all correct. Instead, your goal is to test your comprehension.

Ideally, you should be able to look at any question and know why the correct answer is correct and the incorrect answers are incorrect. This way no matter how the questions are worded on the actual exam, you will be able to answer it correctly.

Some questions seem incomprehensible if you only look for the correct answer. However, if you eliminate the incorrect answers, the correct answer becomes obvious. As an example, I described this process in this video. While the video is focused on Security+ performance-based questions, I also included an explanation of eliminating incorrect answers with a typical multiple choice question in the video.

Along these lines, make sure the practice test questions you use have explanations.  After writing  thousands of practice test questions for several different certifications, I know how valuable these are to the user, and to the author.
  • As a user, you can use explanations to understand why the correct answers are correct and why the incorrect answers are incorrect. Many times, the questions have a subtle twist of words making one answer obviously incorrect. You might not see  this subtle twist when you read the question, but the explanation helps make it clear.
  • As an author, the explanation forces me to think about why each answer is incorrect. During this process, I often find that one of my answers is not not necessarily incorrect, and I change the question. In contrast, some authors do not provide explanations and do not see some of these issues.  As a reader/user, you might struggle with the question way too long trying to figure out why one answer is incorrect when it is actually correct.

Beware of Brain Dumps

Brain dumps are supposedly actual questions with supposedly actual answers. Some criminals use illegal and/or unethical methods to capture the questions, they guess at the correct answers, and then sell them. They do not include explanations. Instead, the buyers are encouraged to memorize the questions and answers.

If it's discovered that you used brain dump sources to pass an exam, you can have your certification revoked.  That's bad enough, but there's a worse consequence of using them.

Many have incorrect answers. People that memorize these questions and answers memorize incorrect information without understanding the reasoning behind it. Subtle changes to the questions elude them. They fail once, twice, and more and don't understand why. I've had students in classes that had memorized incorrect brain dump answers and had a significant amount of trouble trying to relearn the correct information.

Practice Test Questions Should Not be the First or Only Option

Some people turn to practice test questions as their only source of study. This isn't recommended, especially if your goal is to learn the concepts. Especially when they don't take the time to understand why the correct answers are correct and why the incorrect answers are incorrect, they fail and don't understand why.

Also, many people seek certifications to get ahead. The certification helps them land interviews and get new jobs with more responsibility and more pay.  However, many people that only study questions do not learn the concepts. They falter during the interviews, or worse, move into a new job and falter there and end up unemployed.

Instead, seek to learn the material, and then use practice test questions to test your comprehension.

Summary How To Pass a Certification Exam

While I've focused a lot of this on Security+, these same steps can be used on just about any certification you want to earn through self-study. As a summary, the steps are:
  • Get one or more good study guides
  • Review the objectives
  • Research further to clarify any unclear topics
  • Use practice test questions to test your comprehension
    • Ensure the practice test questions have explanations
    • Read the explanations to understand why the correct answers are correct and why the incorrect answers are incorrect

Security+ Practice Test Questions

Full bank of 468 realistic practice test questions with in-depth explanations. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. This way no matter how CompTIA words the questions, you'll be able to answer them correctly.

These questions are from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide. Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized.View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
Special Introductory Pricing
30 Day Access 60 Day Access
Normally $29.99 Normally $39.99

Now Only $14.99

Now Only $19.99

Buy Now Button with Credit Cards Buy Now Button with Credit Cards
Full Security+ Study Packages also available.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL). You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

Full Security+ Study Packages also available.