Wednesday, June 29, 2016

Data Transmission Methods

Can you answer this sample Network+ question?

Q. Which of the following transmission methods allows a single computer to address data transmissions to multiple computers on a network without addressing all the computers on the network?

A. Unicast
B. Multicast
C. Broadcast
D. Switch

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.

Monday, June 27, 2016

Wireless Networks & Security Protocols

If you're planning on taking the Security+ exam, you should have a basic understanding of  security protocols used on wireless networks. 


For example, can you answer this sample question?

Q. You are assisting a user implement a wireless network in his home. The wireless hardware he has requires the RC4 protocol. What type of security is BEST for this network?
A. WEP
B. WPA-TKIP
C. WPA-AES
D. WPA2 Enterprise

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.




Friday, June 24, 2016

Analyzing Network Traffic

Are you planning on taking the Security+ exam? If so, you should have a good understanding of network traffic and and how to capture and analyze packets on a network.

For example, can you answer this sample Security+ question?

Q. A network administrator needs to identify the type of traffic and packet flags used in traffic sent from a specific IP address. Which of the following is the BEST tool to meet this need?
A. UTM security appliance
B. Router logs
C. Protocol analyzer
D. Vulnerability scan

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.

Wednesday, June 22, 2016

How to Interpret Live Security+ Questions

Check out this video for some basic steps to interpret live Security+ questions.



The questions in this video are from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.


These questions are also available online here

Tuesday, June 21, 2016

Encrypting Email

If you're planning on taking the Security+ exam, you should have a good understanding of encrypting email. Encryption provides confidentiality and encrypting an email message ensures that it is only readable by authorized users. 
For example, can you answer this sample Security+ question?
Q. Bart wants to send a secure email to Lisa so he decides to encrypt it. Bart wants to ensure that Lisa can verify that he sent it. Which of the following does Lisa need to meet this requirement?
A. Bart’s public key
B. Bart’s private key
C. Lisa’s public key
D. Lisa’s private key
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.

Friday, June 17, 2016

Threats and Threat Vectors

If you're planning on taking the Security+ exam, you should have a good understanding of threats and threat vectors. As an example, can you answer this sample Security+ question?

Q. Your organization’s security policy states that administrators should follow the principle of least privilege. Which of the following tools can ensure that administrators are following the policy?

A. User rights and permissions review
B. Risk assessment
C. Vulnerability assessment
D. Threat assessment

Wednesday, June 15, 2016

Communication Plan Methods

When planning for any disaster or major disruption, it’s important to plan for communications. With that in mind, can you answer this sample Security+ question?

Q. Your organization is updating its disaster recovery documents. You’re asked to review the communication plans for possible updates. Which of the following should you ensure is included in the communication plan?

A. A list of test plans and procedures

B. The succession plan

C. Methods used to communicate with response team members, employees, suppliers, and customers

D. List of scenarios with potential loss statements

More, do you know why the correct answer is correct and the incorrect answers are incorrect?

The answer and explanation is available here.

Tuesday, June 14, 2016

Group Policy Object and Security+

If you're planning on taking the Security+ exam, you should a broad understanding of security topics. For example, can you answer this sample Security+ question related to Group Policy?

Q. You need to monitor the security posture of several servers in your organization and keep a security administrator aware of their status. Which of the following tasks will BEST help you meet this goal?

A. Establishing baseline reporting
B. Determining attack surface
C. Implementing patch management
D. Enabling sandboxing

More, do you know why the correct answer is correct and the incorrect answers are incorrect? 




Tuesday, June 7, 2016

Security Awareness and Training

 If you're planning on taking the Security+ exam, you should have a basic understanding of security awareness and training plans.

For example, can you answer this sample Security+ question?

Q. Your organization has spent a significant amount of money on training employees on security awareness. Your organization wants to validate the success of this training. Which of the following is the BEST choice?

A. Implement role-based training.
B. Use metrics.
C. Use security policies.
D. Verify PII.

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.

Monday, June 6, 2016

Data Access Security+ Question

Can you answer this sample Security+ question?

Q. Your organization hosts several classified systems in the data center. Management wants to increase security with these systems by implementing two-factor authentication. Management also wants to restrict access to these systems to employees who have a need to know. Which of the following choices should management implement for authorization?

A. USB token and PIN
B. Username and password
C. Mandatory access control
D. Rule-based access control

More, do you know why the correct answer is correct and why the incorrect answers are incorrect? The answer and explanation is available here.

Friday, June 3, 2016

Transport Encryption Methods

Can you answer this sample Security+ question on transport encryption methods?

Q. A heavily used application accesses a financial database on a server within your network. Due to recent data breaches, management wants to ensure transport encryption protects this data. Which of the following algorithms is the BEST choice to meet this goal? A. SSL B. SHA C. TLS D. CRL You can find the answer and explanation here.