Friday, September 30, 2016

Security+ and Imaging

Imaging is a common methods of deploying systems and if you're planning on taking the Security+ exam, you should have a basic understanding imaging.

See if you can answer this sample Security+ question?

Q. Network administrators identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of services from the standard image, you verify this application is very likely the problem. What process allowed you to make this determination?

A. Banner grabbing

B. Hardening

C. Whitelisting

D. Baselining

More, do you know why the correct answer is correct and the incorrect answers are incorrect? See the full explanation and the correct answer here.

Thursday, September 29, 2016

Security+ and Hashing

Can you answer this sample Security+ question?

Q. A security technician runs an automated script every night designed to detect changes in files. Of the following choices, what are the most likely protocols used in this script?

A. PGP and MD5

B. ECC and HMAC

C. AES and Twofish

D. MD5 and HMAC

Check out the answer and explanation along with a more complete discussion of hashing here.



For more information on hashing, check out these blog posts.

Monday, September 26, 2016

Block XSS Attacks

Do you know how to block XSS attacks?

Can you answer this sample Security+ test question that we recently added to the online test banks?

Q. An attacker has launched several successful XSS attacks on a web application within your DMZ. The following graphic shows part of your network.


You determine that the attacker is launching the attacks via an anonymizer. Which of the following are the BEST choices to implement on the web server to prevent this attack? (Select TWO.)

A. Baseline reporting
B. Input validation
C. Code review
D. WAF
E. URL filtering
F. Column level access control

See if you answered it correctly by checking your answer and the explanation here. 

Sunday, September 25, 2016

Are You Ready to Become Security+ Certified?

You can get your Security+ certification by Thanksgiving if you start today. Maybe even sooner.

Start by getting the Security+ Full Access Package for only $39.99. That is almost 30% off the full price of $55.98. Hurry though. The sale ends soon.

I hear from people almost every day telling me that they've passed the exam using the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study  Guide and/or study materials on the premium site. They can help you too.

Here's what's included in this sales package.

Here's what you'll get:

  • All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. See a demo here. (This Amazon best-seller has helped many people just like you pass the Security+ exam the first time they took it.)


  • All of the extra multiple-choice questions we've added after publishing the study guide.
  • All of the performance-based questions we've published after publishing the study guide. See a demo here.
  • All of the flashcards from the study guide. View them in any Web browser.
  • All of the audio from the study guide. Listen to a sample here.
  • Access to a free discount code for 10% off your Security+ voucher. Save $31.10 off the US retail cost for this voucher.
So are you ready to become Security+ certified? This page also includes step-by-step instructions you can use to get your certification by Thanksgiving. 

Friday, September 23, 2016

CryptoLocker Vs Police Virus

If you're planning on taking the Security+ exam, you should understand malware such as CryptoLocker and the Police Virus.

For example, can you answer this sample Security+ practice test question?

Q. After Maggie turned on her computer, she saw a message indicating that unless she made a payment, her hard drive would be formatted. What does this indicate?

A. Armored virus

B. Ransomware

C. Backdoor

D. Trojan

Check out this post to see the answer and explanation.


Thursday, September 22, 2016

Downgrade Attack and Security+

Can you answer the sample Security+ practice test question that we recently added to the online test banks?

Q. A web server has the newest TLS cryptographic protocol suite installed. However, you recently discovered it is susceptible to downgrade attacks. What should be done to ensure that systems use the MOST secure connections by default?

A. Replace the existing certificate with a new one.

B. Implement OCSP.

C. Reconfigure the cipher suite order.

D. Rekey the existing certificate.

Do you know the correct answer? More, do you know why the correct answer is correct and the incorrect answers are incorrect? Check out the answer and explanation here.

This post also includes a link you can use to check out servers in your organization. What do they get?

Wednesday, September 21, 2016

Connecting Network Devices

If you're planning on taking the Network+ exam, you should have a basic understanding of how to connect network devices.


For example can you answer this sample Network+ question?

Q. You need to network six PCs together for a basic network. The business owner does not want these devices to access the Internet. Which of the following items do you need? (Select TWO.)

A. Switch
B. Router
C. Firewall
D. CAT6 cables

Do you know why the correct answer is correct and the incorrect answers are incorrect? See if you're correct here.

Monday, September 19, 2016

Client-Side and Transitive Access Attacks

Do you understand client side and transitive access attacks? Can you answer this sample Security+ question?

 Q. Your organization hosts a web site within a DMZ and the web site accesses a database server in the internal network. ACLs on firewalls prevent any connections to the database server except from the web server. Database fields holding customer data are encrypted and all data in transit between the web site server and the database server are encrypted. Which of the following represents the GREATEST risk to the data on the server?

    A. Theft of the database server
    B. XML injection
    C. SQL injection
    D. Sniffing



More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.



Thursday, September 15, 2016

Security+ and Cookie Attacks

Are you familiar with cookie attacks? It doesn't refer to cookies actually attacking, but it does refer to how attackers can exploit vulnerabilities and access cookies.

As an example, can you answer this sample Security+ practice test question recently added to the gcgapremium.com online test banks?

Q. A penetration tester has successfully exploited a vulnerability against your organization giving him access to the following data:

User, password, login-date, cookie-id
Homer, canipass, 2016-09-01 11:12, 286755fad04869ca523320acce0dc6a4
Bart, passican, 2016-09-01 11:15, 8edd7261c353c87a113269cd37635c68
Marge, icanpass, 2016-09-01 11:19, 26887fbd90ac0340e29ad62470270401

What type of attack does this represent?

A. SQL injection
B. XML injection
C. XSS
D. Session hijacking

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available here.

Wednesday, September 14, 2016

Security+ and Port Security

If you're planning on taking the Security+ exam, you should have a basic understanding of port security and how it can be implemented.

For example, can you answer this sample Security+ practice test question?

Q. Your organization frequently has guests visiting in various conference rooms throughout the building. These guests need access to the Internet via wall jacks, but should not be able to access internal network resources. Employees need access to both the internal network and the Internet. What would BEST meet this need?

A. PAT and NAT
B. DMZ and VPN
C. VLANs and 802.1x
D. Routers and Layer 3 switches

More, do you know why the correct answer is correct and the incorrect answers are incorrect? You can check your answer here. 




Friday, September 9, 2016

Symmetric Block Ciphers

Are you planning on taking the Security+ exam? Do you have a good understanding of symmetric algorithms and block ciphers.

As an example, can you answer this sample Security+ question?

Q. Which of the following algorithms encrypts data in 64-bit blocks?
 A. AES
 B. DES
 C. Twofish
 D. RC4

Check your answer here.


Thursday, September 8, 2016

Security+ and Linux

Are you prepping for the Security+ exam? Do you know how to interpret basic Linux commands? 

See if you can answer this sample question.

Q. After entering the following command on a Linux system, what are you likely to see?

    cat /etc/shadow | grep root

A. The contents of the Linux password file
B. The password for the root account
C. The encrypted password of the root account
D. The encrypted password of the grep account

Check your answer here. 



Wednesday, September 7, 2016

Are you prepping for (or considering) the Security+ exam? See if you can you answer this Security+ practice test question?

Q. Administrators ensure server operating systems are updated at least once a month with relevant patches, but they do not track other software updates. Of the following choices, what is the BEST choice to mitigate risks on these servers?

A. Application change management

B. Application patch management

C. Whole disk encryption

D. Application hardening

See if you're correct by checking your answer here.

Sunday, September 4, 2016

Security+ and PGP

Can you answer this sample Security+ question related to PGP?

Q. Consider the text in the graphic.



Which of the following most closely identifies the purpose of the text in the graphic.

A. Insert a public key within a document

B. Authenticate a document

C. Encrypt a document

D. Hash a document

You can check the answer (along with a full explanation) here.