Friday, May 26, 2017

Security+ and Wireless Security

Are you planning to take the Security+ exam? See if you can answer this sample practice test questio

Q. Your organization is planning to implement a wireless network using WPA2 Enterprise. Of the following choices, what is required?

A. An authentication server with a digital certificate installed on the authentication server

B. An authentication server with DHCP installed on the authentication server

C. An authentication server with DNS installed on the authentication server

D. An authentication server with WEP running on the access point



Monday, May 22, 2017

Security+ Device Security Concepts

Are you preparing to take the Security+ exam? See if you can answer this sample practice test question.

Q. Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices if a thief steals one?

A. Asset tracking

B. Screen lock

C. Mobile device management

D. GPS tracking

Check out the answer and the full explanation here. 



Friday, May 19, 2017

Defense In Depth

Are you preparing to take the Security+ exam? See if you can answer this Security+ practice test question.

Q. An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. Which of the following BEST identifies this principle?

A. Implicit deny

B. Layered security

C. Least privilege

D. Flood guard

Check out the answer and a full explanation here.


Monday, May 15, 2017

WannaCry Ransomware

Are you one of the more than 200,000 users in over 150 countries that WannaCry today?

On May 12, the WannaCry ransomware began infecting computers around the world. This malware infects systems, encrypts user files, and demands a payment of about $300 within three days.

See if you can answer this sample Security+ question. It includes information on the standard security practice that would have prevented this infection, if people followed it.

Q. A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating systems do not have current security fixes. Administrators have had to rebuild some servers from scratch due to mysterious problems. Which of the following solutions will mitigate these problems?

A. Virtualization

B. Sandboxing

C. IDS

D. Patch management



Friday, May 12, 2017

Security+ and Data Leakage

Are you planning to take the Security+ exam? See if you can answer this sample test question.

Q. Your organization blocks access to social media web sites. The primary purpose is to prevent data leakage, such as the accidental disclosure of proprietary information. What is an additional security benefit of this policy?

A. Improves employee productivity

B. Enables cognitive password attacks

C. Prevents P2P file sharing

D. Protects against banner ad malware

See if you're correct (and the full explanation) here.

Monday, May 8, 2017

Security+ and Command Line Questions

Are you preparing for the Security+ exam?

If so, you might like to know about the command line questions that are appearing on the exam. The good news is that they are very likely beta questions. Read more here....



Friday, May 5, 2017

Security+ and Management Controls

Are you preparing for the Security+ exam? See if you can you answer this practice test question?

Q. Which of the following is a management control?

A. Encryption

B. Security policy

C. Least privilege

D. Change management

Check out the answer here. The explanation will help you understand why the incorrect answers are incorrect and why correct answer is correct.



Monday, May 1, 2017

Security+ and Server Management Using VMs

Are you preparing for the Security+ exam? See if you can you answer this sample question.

Q. A company is implementing a feature that allows multiple servers to operate on a single physical server. What is this?

A. Virtualization

B. IaaS

C. Cloud computing

D. DLP

Check out the answer and full explanation here. 



Monday, April 24, 2017

Security+ and Monitoring System Account Access

Can you answer this sample Security+ question?

Q. You need to create an account for a contractor who will be working at your company for 90 days. Which of the following is the BEST security step to take when creating this account?

A. Configure history on the account.

B. Configure a password expiration date on the account.

C. Configure an expiration date on the account.

D. Configure complexity.

See if you're correct, along with a full explanation here.


Friday, April 21, 2017

Security+ and Authentication Factors

Are you planning to take the Security+ exam? If so, make sure you understand authentication factors.

See if you can answer this Security+ practice test question.

Q. Your network infrastructure requires users to authenticate with something they are and something they know. Which of the following choices BEST describes this authentication method?

A. Passwords

B. Dual-factor

C. Biometrics

D. Diameter

Check the answer here.



Monday, April 17, 2017

Authentication and Security+

Are you preparing to take the Security+ exam? If so, make sure you understand some authentication concepts. See if you can answer this sample question.

Q. When you log on to your online bank account, you are also able to access a partner’s credit card site, check-ordering services, and a mortgage site without entering your credentials again. What does this describe?

A. SSO

B. Same sign-on

C. SAML

D. Kerberos

Check out the answer here. 


Friday, April 14, 2017

Threats Security+

Are you preparing for the Security+ exam?

See if you can answer this practice test question.

Security experts at your organization have determined that your network has been repeatedly attacked from multiple entities in a foreign country. Research indicates these are coordinated and sophisticated attacks. What BEST describes this activity?

A. Fuzzing

B. Sniffing

C. Spear phishing

D. Advanced persistent threat

See if you're correct here. 


Monday, April 10, 2017

Security+ and Monitoring Tools

Are you planning to take the Security+ exam? If so, make sure you have a good understanding of tools available that both security professionals and attackers use.

See if you can answer this sample practice test question.

Q. Your organization security policy requires that personnel notify security administrators if an incident occurs. However, this is not occurring consistently. Which of the following could the organization implement to ensure security administrators are notified in a timely manner?

A. Routine auditing

B. User rights and permissions reviews

C. Design review

D. Incident response team

Check your answer here.


Friday, April 7, 2017

Security+ and Wireless Footprints

Are you preparing to take the Security+ exam? Do you have a good understanding of wireless topics?

See if you can answer this sample Security+ question.

Q. Your organization maintains a separate wireless network for visitors in a conference room. However, you have recently noticed that people are connecting to this network even when there aren’t any visitors in the conference room. You want to prevent these connections, while maintaining easy access for visitors in the conference room. Which of the following is the BEST solution?

A. Disable SSID broadcasting.

B. Enable MAC filtering.

C. Use wireless jamming.

D. Reduce antenna power.

Check your answer and view the full explanation here.


Monday, April 3, 2017

Physical Security Measures and Security+

Are you preparing to take the Security+ exam? If so, make sure you understand various security controls including physical security controls.

See if you can answer this sample question.

Q. Thieves recently rammed a truck through the entrance of your company’s main building. During the chaos, their partners proceeded to steal a significant amount of IT equipment. Which of the following choices can you use to prevent this from happening again?

A. Bollards

B. Guards

C. CCTV

D. Mantrap

See if you're correct and view the full explanation here.


Friday, March 31, 2017

Security+ and Patch Management

Are you planning to take the Security+ exam? If so, make sure you understand basics about patch management.

See if you can you answer this sample question.

Q. A software vendor recently developed a patch for one of its applications. Before releasing the patch to customers, the vendor needs to test it in different environments. Which of the following solutions provides the BEST method to test the patch in different environments?

A. Baseline image

B. BYOD

C. Virtualized sandbox

D. Change management

Check out the answer and a full explanation here.


Monday, March 27, 2017

Using One-Time Passwords

Are you preparing to take the Security+ exam? If so, make sure you know about one-time passwords. For example, can you answer this sample question?

Q. Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement?

A. HOTP

B. TOTP

C. CAC

D. Kerberos

Check out the answer and see a full explanation here.



Friday, March 24, 2017

Forensic Analysis Tools and Security+

Are you planning to take the Security+ exam?

Do you know some basics about forensic analysis?

Computer forensics analyzes evidence from computers to determine details on computer incidents, similar to how CSI personnel analyze evidence from crime scenes. See if you can you answer this practice test question.

Q. A forensic expert is preparing to analyze a hard drive. Which of the following should the expert do FIRST?

A. Capture an image.

B. Identify the order of volatility.

C. Create a chain-of-custody document.

D. Take a screenshot.

See if you're correct here.


Monday, March 20, 2017

Passwords and Security+

Are you preparing to take the Security+ exam? See if you can answer this sample question about passwords.

Q. An outside security auditor recently completed an in-depth security audit on your network. One of the issues he reported was related to passwords. Specifically, he found the following passwords used on the network: Pa$$, 1@W2, and G7bT3. What should be changed to avoid the problem shown with these passwords?

A. Password complexity

B. Password length

C. Password history

D. Password reuse

See if you're correct and view the full explanation here.


Friday, March 17, 2017

Security+ and Ciphers

Are you planning to take the Security+ exam?

Do you know the differences between block ciphers and stream ciphers?

See if you can you answer this sample question.

Q. An application developer needs to use an encryption protocol to encrypt credit card data within a database used by the application. Which of the following would be the FASTEST, while also providing strong confidentiality?

A. AES-256

B. DES

C. Blowfish

D. SHA-2

Check out this post for the answer and a full explanation.


Monday, March 13, 2017

New Security+ Exam

Did you hear about the new Security+ (SY0-501) exam?

Someone's talking about it because I've recently received several queries asking me about it.

Yes, it's true that CompTIA updates their exams every three years. And yes it's reasonable to expect that they'll update the Security+ exam this year.

When CompTIA updates their exams, it often causes anxiety with many people. They wonder how they should respond. And many of them send their queries to me.

I've outlined many of the frequently asked questions I've received and expect in this blog post.



Friday, March 10, 2017

Physical Security Controls and Security+

Are you planning to take the Security+ exam? If so, make sure you understand what physical security controls are.

In general, a physical security control is something you can physically touch, such as a hardware lock, a fence, an identification badge, and a security camera.

See if you can you answer this sample question.

Q. Employees access a secure area by entering a cipher code, but this code does not identify individuals. After a recent security incident, management has decided to implement a key card system that will identify individuals who enter and exit this secure area. However, the installation might take six months or longer. Which of the following choices can the organization install immediately to identify individuals who enter or exit the secure area?

A. Mantrap

B. Access list

C. CCTV

D. Bollards

See if you are correct and read the full explanation here.


Friday, March 3, 2017

Using Risk Assessment Metrics

Are you preparing for the Security+ exam? Can you identify various risk assessment metrics?

See if you can answer this sample practice test question.

Q. A security expert is attempting to identify the number of failures a web server has in a year. Which of the following is the expert MOST likely identifying?

A. SLE

B. MTTR

C. ALE

D. MTTF

See if you're correct and read the full explanation here.

Monday, February 27, 2017

Protecting PII


Are you planning to take the Security+ exam? If so, make sure you know how to protect data such as Personally Identifiable Information (PII) data.

See if you can answer this sample test question.

Q. You need to transmit PII via email and you want to maintain its confidentiality. Of the following choices, what is the BEST solution?

A. Use hashes.

B. Encrypt it before sending.

C. Protect it with a digital signature.

D. Use RAID.

See if you're correct along with a full explanation here. 



Friday, February 24, 2017

Security+ and ARP Poisoning Attacks

Are you preparing to take the Security+ exam? If so, you should have a basic understanding of various types of attacks such as ARP poisoning attacks.

See if you can answer this question.

Q. You are troubleshooting an intermittent connectivity issue with a web server. After examining the logs, you identify repeated connection attempts from various IP addresses. You realize these connection attempts are overloading the server, preventing it from responding to other connections. Which of the following is MOST likely occurring?

A. DDoS attack

B. DoS attack

C. Smurf attack

D. Salting attack

Check your answer here and see a full explanation of why the correct answer is correct and why the incorrect answers are incorrect.


Monday, February 20, 2017

Virtualization and Security+

Are you planning to take the Security+ exam. If so, you should have a basic understanding of virtualization concepts including network design elements.

See if you can you answer this sample practice test question.

Q. Your company is planning on implementing a policy for users so that they can connect their mobile devices to the network. However, management wants to restrict network access for these devices. They should have Internet access and be able to access some internal servers, but management wants to ensure that they do not have access to the primary network where company-owned devices operate. Which of the following will BEST meet this goal?

A. WPA2 Enterprise

B. VPN

C. GPS

D. VLAN

Check the answer and explanation here.

Friday, February 17, 2017

Handling Exceptions and Errors

Are you preparing to take the Security+ exam? If so, you need to know about some basic software development principles such as error and exception handling routines.

See if you can answer this sample question.

Q. Web developers are implementing error and exception handling in a web site application. Which of the following represents a best practice for this?

A. Displaying a detailed error message but logging generic information on the error

B. Displaying a generic error message but logging detailed information on the error

C. Displaying a generic error message and logging generic information on the error

D. Displaying a detailed error message and logging detailed information on the error

Check out the answer along with a full explanation here.


Monday, February 13, 2017

Recognizing Malicious Links

Are you planning to take the Security+ exam? If so, you'll need to understand many different types of malware. See if you can answer this question.

Q. Marge reports that she keeps receiving unwanted emails about personal loans. What does this describe?

A. Phishing

B. Spear phishing

C. Spam

D. Vishing

See the answer and a full explanation here.



Friday, February 10, 2017

Setting Up Wireless Hot Spots

Are you planning to take the Security+ exam? You'll find that it tests your knowledge of wireless networks and wireless security. See if you can answer this practice test question?

Q. You are assisting a small business owner in setting up a public wireless hot spot for her customers. Which of the following actions are MOST appropriate for this hot spot?

A. Enabling Open System Authentication

B. Enabling MAC filtering

C. Disabling SSID broadcast

D. Installing Yagi antennas

See if you're correct here. It includes the correct answer and a full explanation.


Monday, February 6, 2017

Implementing Backup Policies

Are you preparing to take the Security+ exam?  Do you know about backup policies?

See if you can you answer this practice test question?

Q. A continuity of operations plan for an organization includes the use of a warm site. The BCP coordinator wants to verify that the organization’s backup data center is prepared to implement the warm site if necessary. Which of the following is the BEST choice to meet this need?

A. Perform a review of the disaster recovery plan.

B. Ask the managers of the backup data center.

C. Perform a disaster recovery exercise.

D. Perform a test restore.

Check out the answer and full explanation here.


Friday, February 3, 2017

Public Key & Private Key Match Pairing

Are you planning to take the Security+ exam? If so, you may want to spend some extra time on cryptography.

See if you can answer this sample Security+ question.

Q. An organization is implementing a PKI and plans on using public and private keys. Which of the following can be used to create strong key pairs?

A. MD5

B. RSA

C. AES

D. HMAC

Check out the answer and full explanation here.


Monday, January 30, 2017

Discovering Wireless Networks.

Are you planning to take the Security+ exam? If so, make sure you understand basic wireless network security.

See if you can you answer this sample Security+ practice test question?

Q. Management asks you if you can modify the wireless network to prevent users from easily discovering it. Which of the following would you modify to meet this goal?

A. CCMP

B. WPA2 Enterprise

C. SSID broadcast

D. MAC address filter

See the answer and full explanation here.


Thursday, January 26, 2017

Methods Used to Sanitize Drives

Are you planning to take the Security+ exam? Do you know about different methods used to remove data from devices? See if you can answer this question.

Q. A user recently worked with classified data on an unclassified system. You need to sanitize all the reclaimed space on this system’s hard drives while keeping the system operational. Which of the following methods will BEST meet this goal?

A. Use a cluster tip wiping tool.

B. Use a file shredding tool.

C. Degauss the disk.

D. Physically destroy the disk.

Check your answer and see the full explanation here.


Monday, January 23, 2017

Using XML-Based Standard

Are you planning to take the Security+ exam? See if you can you answer this sample question?

Q. Your organization recently made an agreement with third parties for the exchange of authentication and authorization information. The solution uses an XML-based open standard. Which of the following is the MOST likely solution being implemented?

A. RADIUS

B. Diameter

C. TACACS+

D. SAML

Check out the answer and full explanation here.


Friday, January 20, 2017

Attack Using HTML Links

Are you planning to take the Security+ exam? Make sure you're familiar with common HTML attacks so that you answer questions like this one:

Q. Homer recently received an email thanking him for a purchase that he did not make. He asked an administrator about it and the administrator noticed a pop-up window, which included the following code:










What is the MOST likely explanation?

A. XSRF

B. Buffer overflow

C. SQL injection

D. Fuzzing

Check out the answer and explanation here.



Tuesday, January 17, 2017

Security+ and Account Management

Are you planning to take the Security+ exam?  See if you can answer this sample Security+ practice test question?

Q. Members of a project team came in on the weekend to complete some work on a key project. However, they found that they were unable to access any of the project data. Which of the following choices is the MOST likely reason why they can’t access this data?

A. Discretionary access control

B. Time-of-day access control

C. Rule-based access control

D. Role-based access control

See if you're correct here. 

Thursday, January 12, 2017

Translating Public & Private IP Addresses

Are you preparing for the Security+ exam?  If so you need to understand some basic networking concepts.

As an example, see if you can answer this practice test question.

Q. Your organization has implemented a network design that allows internal computers to share one public IP address. Of the following choices, what did they MOST likely implement?

A. PAT

B. STP

C. DNAT

D. TLS

See if you're correct along with a full explanation here.


Tuesday, January 10, 2017

Hosting Virtual Systems

Are you planning to take the Security+ exam? If so you should have a basic understanding of virtualization.

See if you answer this sample question.

Q. You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application?

A. Take a snapshot of the VM before deploying the new application.

B. Take a snapshot of the VM after deploying the new application.

C. Apply blacklisting techniques on the server for the new applications.

D. Back up the server after installing the new application.

See if you're correct here.




Monday, January 9, 2017

New Year's Resolution

Did you create a New Year's resolution?

Not this year, but last year.

If so, do you remember what it was? Most people don't.

People create a New Year's resolution with the best of intentions, but after a short time they forget it. Studies (such as the one done by Richard Wiseman) indicate that 88% of New Year's resolutions fail.



Do You Want Success Instead?

One of the reasons why resolutions fail is because they are generic. For example, someone might set a resolution of improving their career by earning more certifications.

If you want to really implement a change in your life, you can do so by setting a goal instead of creating a resolution. At a minimum, an effective goal states two things:


  • What you want
  • When you want it

As an example, if you want to get a security certification, you can set this goal:

I will earn the Security+ certification by midnight March 1, 2017. 

or

“I will earn the SSCP certification by midnight April 15th.”

or

“I will earn the CISSP certification by midnight May 15th.”

Creating Effective Goals the SMART way

During my time in the Navy, trainers taught me that effective goals are SMART:
  • Specific. State exactly what you want. For example, instead of setting the goal: “I want a certification,” set a goal of “I want to earn the Security+ certification.”
  • Measurable. Goals are specific enough so that anyone, including you, can tell when you’ve achieved it. For example, after taking and passing the Security+ exam, you’ll have the certificate that you can show to anyone.
  • Achievable. If you’re working in an IT job or pursuing one and have relevant Networking knowledge, it is achievable to earn the Security+ certification, often in 30 days or less.
  • Realistic. The Security+ exam is difficult, but I hear from people almost every day telling me that they've passed the exam using the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide and/or study packages on this site. With the relevant networking knowledge and the right study materials, this exam is within reach of anyone willing to take the time to study.
  • Time-limited. A date identifies when you expect to achieve the goal. This helps spur you to action and enables you to evaluate your progress.
For example, this is a SMART goal:

I will earn the Security+ certification by midnight March 1, 2017.

You can modify your goal substituting any other certification such as CASP, CCNA, or anything else you like. Similarly, you can change the date to something that is achievable based on your current knowledge and the certification.

Do You Want the Security+ Certification?

If you want to get the Security+ certification, I want to help. For a limited time, you can get the Security+ Full Study Package for only $39.99, almost 30% off the normal price of $55.98.

This package includes:
  • 525 practice test questions
    • 468 multiple-choice practice test questions.
    • Ten sets of performance-based questions (total of 57 questions)
  • Almost six hours of audio
  • 553 online flashcards and Remember This slides
  • End of chapter reviews from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide to remind you of key testable material
Sale ends Jan 14th.

If you don't have the study guide, you might like the Full Security+ Course instead. It's only $63.87 (a full 30%) until Jan 14th. It includes everything in the Security Full Study Package and also includes the full text of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide in an online study package.

No matter what you're pursuing though, I hope you achieve it.

If you're one of the people that set a New Year's resolution, you might find that it is already fading into the noise of the New Year. If you want to give it new life, change it into an effective goal. This will give you much better chance of ending the year as part of the 12% that achieves their New Year's resolution.

Friday, January 6, 2017

Comparing Full Duplex & Half Duplex Connections

Are you planning to take the Network+ exam? See if you can you answer this question.

Q. What is created by separate switch ports?

A. Collisison domains

B. Broadcast domains

C. VLAN

D. ACL

Check out the answer along with a full explanation here.


Tuesday, January 3, 2017

Hardware-Based Encryption Devices

Are you planning to take the Security+ exam? Do you know the differences between various hardware-based encrypt devices?

See if you can answer this sample question.

Q. You are comparing different encryption methods. Which method includes a storage root key?

A. HSM

B. NTFS

C. VSAN

D. TPM

Even if you know the correct answer, do you know why the other answers are incorrect?

Check out the answer and get a full explanation here.