Tuesday, November 29, 2016

Data Encryption Versus Hidden Message

Are you plannig to take the the Security+ exam? Do you understand basic cryptography concepts such as data encryption.

See if you can this question?

Q. Lisa hid several plaintext documents within an image file. Which security goal is she pursuing?

A. Encryption

B. Integrity

C. Steganography

D. Confidentiality

You can see the answer and an explanation here.


Monday, November 28, 2016

Preventing Software Installation

Are you planning to take the Security+ exam?

Check out this sample question.

Q. Your organization wants to ensure that employees do not install or play operating system games, such as solitaire and FreeCell, on their computers. Which of the following is the BEST choice to prevent this?

A. Security policy

B. Application whitelisting

C. Anti-malware software

D. Antivirus software



Tuesday, November 22, 2016

Web Application Vulnerabilities

Are you planning to take the Security+ exam? Make sure that you have a good understanding of web application vulnerabilities so that you can answer questions such as this one.

Q. While creating a web application, a developer adds code to limit data provided by users. The code prevents users from entering special characters. Which of the following attacks will this code MOST likely prevent?

A. Sniffing

B. Spoofing

C. XSS

D. Pharming

Check out the answer and explanation here.


Monday, November 21, 2016

Malware Types Targeting User’s Activity

Are you prepping for the Security+ exam? If so, make sure you know about the different types of malware.

See if you can answer this sample question.

Q. Of the following malware types, which one is MOST likely to monitor a user’s computer?

A. Trojan

B. Spyware

C. Adware

D. Ransomware

Check your answer and see the explanation here.


Friday, November 18, 2016

Client and Server Ports

Is the Security+ exam in your future? If so, see if you can answer this sample Security+ question:

Q. You recently learned that a network router has TCP ports 22 and 80 open, but the organization’s security policy mandates that these should not be accessible. What should you do?

A. Disable the FTP and HTTP services on the router.

B. Disable the DNS and HTTPS services on the router.

C. Disable the SSH and HTTP services on the router.

D. Disable the Telnet and Kerberos services on the router.

Check out the answer and explanation here.


Thursday, November 17, 2016

Securing Mobile Devices

Are you studying for the Security+ exam? You can expect some questions on mobile devices. See if you can answer this sample Security+ question?

Q. Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices. Which of the following would BEST address these concerns?

A. Disabling the use of removable media

B. Installing an application that tracks the location of the device

C. Implementing a BYOD policy

D. Enabling geo-tagging

Check out the answer and explanation here.



Tuesday, November 15, 2016

Security+ and BYOD Containerization

Are you preparing to take the Security+ exam? If so, you're probably aware that a primary concern with Bring Your Own Device (BYOD) policies is protecting an organization's data.

One way of doing so is with BYOD containerization.

See if you can answer this sample practice question that we recently added to our online test banks.

Q. Your organization is planning to implement a BYOD policy. Which of the following security controls will help protect data using containerization?

A. Encrypt sensitive data
B. Storage segmentation
C. Full device encryption
D. Asset tracking

See if you're correct here.


Monday, November 14, 2016

Security+ and Business Continuity Planning

If you're planning to take the Security+ exam, you should have a basic understanding of business continuity planning (BCP) concepts.

A BCP helps an organization predict and plan for potential outages of critical services or functions. The goal is to ensure that critical business operations continue and the organization can survive the outage.

See if you can answer this sample Security+ question.

Q. A BCP includes a chart listing roles within the organization along with their matching responsibilities during a disaster. It also includes a chain of command. What is the purpose of this chart?

A. IT contingency planning

B. Succession planning

C. COOP

D. RTO

See how you did here. 




Friday, November 11, 2016

Binary and Decimal Number Systems

If you're planning on taking the Network+ exam, you need to have a basic knowledge of decimal and binary numbering systems . While this is basic knowledge, it is still important. If you haven't used these numbering system in a while, they might be a little foggy.

For example, see if you can convert the following decimal numbers to four binary bits:

1
3
5
9

The answer is available here along with a deeper dive into comparing decimal and binary.


Tuesday, November 8, 2016

Malware and Reverse Engineering

Can you answer this practice test question for Security+.

Q. Which of the following types of malware is the MOST difficult to reverse engineer?

A. Logic bomb

B. Trojan

C. Armored virus

D. Ransomware

Do you know the correct answer?

Do you know why the correct answer is correct and the incorrect answers are incorrect?
You can find the answer and explanation here.


Monday, November 7, 2016

Security+ Security Tools

Are you planing to take the Security+ exam? If so, you should have a basic understanding of security tools, including administrative security controls.

See if you can answer this sample question.

Q. Security administrators have recently implemented several security controls to enhance the network’s security posture. Management wants to ensure that these controls continue to function as intended. Which of the following tools is the BEST choice to meet this goal?

A. Routine audit
B. Change management
C. Design review
D. Black box test

Do you know the answer? Do you know why the correct answer is correct and the incorrect answers are incorrect? Check out the answer and explanation here.

Friday, November 4, 2016

Why You Should Disable User Accounts

Are you prepping for the Security+ exam? If so, do you know why you would disable user accounts?

See if you can answer this sample question.

Q. A company’s account management policy dictates that administrators should disable user accounts instead of deleting them when an employee leaves the company. What security benefit does this provide?

A. Ensures that user keys are retained

B. Ensures that user files are retained

C. Makes it easier to enable the account if the employee returns

D. Ensures that users cannot log on remotely

Check out the answer and explanation here.

Tuesday, November 1, 2016

Security+ and Wireless Credentials

Are you preparing for the Security+ exam? Do you know the best way to secure user credentials for a wireless network?

See if you can answer this sample question.

Q. You are planning a wireless network for a business. A core requirement is to ensure that the solution encrypts user credentials when users enter their usernames and passwords. Which of the following BEST meets this requirement?

A. WPA2-PSK

B. WEP over PEAP

C. WPS with LEAP

D. WPA2 over EAP-TTLS


Check your answer here.