Monday, May 29, 2017

My Experience with the Security+ Exam

I took the Security+ exam (SYO-401 version) last week. While I've held the certification since 2005, I wanted to see how it looked and compare this to what readers have shared with me.

This blog post outlines what I saw including the number of questions, the types of questions, and some key strategies I used to pass.


Friday, May 26, 2017

Security+ and Wireless Security

Are you planning to take the Security+ exam? See if you can answer this sample practice test questio

Q. Your organization is planning to implement a wireless network using WPA2 Enterprise. Of the following choices, what is required?

A. An authentication server with a digital certificate installed on the authentication server

B. An authentication server with DHCP installed on the authentication server

C. An authentication server with DNS installed on the authentication server

D. An authentication server with WEP running on the access point



Monday, May 22, 2017

Security+ Device Security Concepts

Are you preparing to take the Security+ exam? See if you can answer this sample practice test question.

Q. Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices if a thief steals one?

A. Asset tracking

B. Screen lock

C. Mobile device management

D. GPS tracking

Check out the answer and the full explanation here. 



Friday, May 19, 2017

Defense In Depth

Are you preparing to take the Security+ exam? See if you can answer this Security+ practice test question.

Q. An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. Which of the following BEST identifies this principle?

A. Implicit deny

B. Layered security

C. Least privilege

D. Flood guard

Check out the answer and a full explanation here.


Monday, May 15, 2017

WannaCry Ransomware

Are you one of the more than 200,000 users in over 150 countries that WannaCry today?

On May 12, the WannaCry ransomware began infecting computers around the world. This malware infects systems, encrypts user files, and demands a payment of about $300 within three days.

See if you can answer this sample Security+ question. It includes information on the standard security practice that would have prevented this infection, if people followed it.

Q. A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating systems do not have current security fixes. Administrators have had to rebuild some servers from scratch due to mysterious problems. Which of the following solutions will mitigate these problems?

A. Virtualization

B. Sandboxing

C. IDS

D. Patch management



Friday, May 12, 2017

Security+ and Data Leakage

Are you planning to take the Security+ exam? See if you can answer this sample test question.

Q. Your organization blocks access to social media web sites. The primary purpose is to prevent data leakage, such as the accidental disclosure of proprietary information. What is an additional security benefit of this policy?

A. Improves employee productivity

B. Enables cognitive password attacks

C. Prevents P2P file sharing

D. Protects against banner ad malware

See if you're correct (and the full explanation) here.

Monday, May 8, 2017

Security+ and Command Line Questions

Are you preparing for the Security+ exam?

If so, you might like to know about the command line questions that are appearing on the exam. The good news is that they are very likely beta questions. Read more here....



Friday, May 5, 2017

Security+ and Management Controls

Are you preparing for the Security+ exam? See if you can you answer this practice test question?

Q. Which of the following is a management control?

A. Encryption

B. Security policy

C. Least privilege

D. Change management

Check out the answer here. The explanation will help you understand why the incorrect answers are incorrect and why correct answer is correct.



Monday, May 1, 2017

Security+ and Server Management Using VMs

Are you preparing for the Security+ exam? See if you can you answer this sample question.

Q. A company is implementing a feature that allows multiple servers to operate on a single physical server. What is this?

A. Virtualization

B. IaaS

C. Cloud computing

D. DLP

Check out the answer and full explanation here.