Monday, February 27, 2017

Protecting PII


Are you planning to take the Security+ exam? If so, make sure you know how to protect data such as Personally Identifiable Information (PII) data.

See if you can answer this sample test question.

Q. You need to transmit PII via email and you want to maintain its confidentiality. Of the following choices, what is the BEST solution?

A. Use hashes.

B. Encrypt it before sending.

C. Protect it with a digital signature.

D. Use RAID.

See if you're correct along with a full explanation here. 



Friday, February 24, 2017

Security+ and ARP Poisoning Attacks

Are you preparing to take the Security+ exam? If so, you should have a basic understanding of various types of attacks such as ARP poisoning attacks.

See if you can answer this question.

Q. You are troubleshooting an intermittent connectivity issue with a web server. After examining the logs, you identify repeated connection attempts from various IP addresses. You realize these connection attempts are overloading the server, preventing it from responding to other connections. Which of the following is MOST likely occurring?

A. DDoS attack

B. DoS attack

C. Smurf attack

D. Salting attack

Check your answer here and see a full explanation of why the correct answer is correct and why the incorrect answers are incorrect.


Monday, February 20, 2017

Virtualization and Security+

Are you planning to take the Security+ exam. If so, you should have a basic understanding of virtualization concepts including network design elements.

See if you can you answer this sample practice test question.

Q. Your company is planning on implementing a policy for users so that they can connect their mobile devices to the network. However, management wants to restrict network access for these devices. They should have Internet access and be able to access some internal servers, but management wants to ensure that they do not have access to the primary network where company-owned devices operate. Which of the following will BEST meet this goal?

A. WPA2 Enterprise

B. VPN

C. GPS

D. VLAN

Check the answer and explanation here.

Friday, February 17, 2017

Handling Exceptions and Errors

Are you preparing to take the Security+ exam? If so, you need to know about some basic software development principles such as error and exception handling routines.

See if you can answer this sample question.

Q. Web developers are implementing error and exception handling in a web site application. Which of the following represents a best practice for this?

A. Displaying a detailed error message but logging generic information on the error

B. Displaying a generic error message but logging detailed information on the error

C. Displaying a generic error message and logging generic information on the error

D. Displaying a detailed error message and logging detailed information on the error

Check out the answer along with a full explanation here.


Monday, February 13, 2017

Recognizing Malicious Links

Are you planning to take the Security+ exam? If so, you'll need to understand many different types of malware. See if you can answer this question.

Q. Marge reports that she keeps receiving unwanted emails about personal loans. What does this describe?

A. Phishing

B. Spear phishing

C. Spam

D. Vishing

See the answer and a full explanation here.



Friday, February 10, 2017

Setting Up Wireless Hot Spots

Are you planning to take the Security+ exam? You'll find that it tests your knowledge of wireless networks and wireless security. See if you can answer this practice test question?

Q. You are assisting a small business owner in setting up a public wireless hot spot for her customers. Which of the following actions are MOST appropriate for this hot spot?

A. Enabling Open System Authentication

B. Enabling MAC filtering

C. Disabling SSID broadcast

D. Installing Yagi antennas

See if you're correct here. It includes the correct answer and a full explanation.


Monday, February 6, 2017

Implementing Backup Policies

Are you preparing to take the Security+ exam?  Do you know about backup policies?

See if you can you answer this practice test question?

Q. A continuity of operations plan for an organization includes the use of a warm site. The BCP coordinator wants to verify that the organization’s backup data center is prepared to implement the warm site if necessary. Which of the following is the BEST choice to meet this need?

A. Perform a review of the disaster recovery plan.

B. Ask the managers of the backup data center.

C. Perform a disaster recovery exercise.

D. Perform a test restore.

Check out the answer and full explanation here.


Friday, February 3, 2017

Public Key & Private Key Match Pairing

Are you planning to take the Security+ exam? If so, you may want to spend some extra time on cryptography.

See if you can answer this sample Security+ question.

Q. An organization is implementing a PKI and plans on using public and private keys. Which of the following can be used to create strong key pairs?

A. MD5

B. RSA

C. AES

D. HMAC

Check out the answer and full explanation here.