Tuesday, May 29, 2018

Baseline Deviations and Security+

Are you planning to take the SY0-401 or SY0-501 Security+ exam?

If so, you should understand how baselines can be used to identify changes or deviations.

See f you can answer this sample practice test question.

Q. Network administrators have identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer.

You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of applications from the master image, you verify this application is very likely the problem.

What allowed you to make this determination?

A. Least functionality

B. Sandbox

C. Blacklist

D. Integrity measurements

See if you're correct (and view a full explanation here). 

Monday, May 21, 2018

Security+ Personnel Management Policies

Are you planning to take the Security+ exam? If so, you might like to review some common personnel management policies.

See if you can answer this sample question.

Q. After a major data breach, Lisa has been tasked with reviewing security policies related to data loss. Which of the following is MOST closely related to data loss?

A. Clean desk policy

B. Legal hold policy

C. Job rotation policy

D. Background check policy

Read the full explanation (and see if you're correct) here.


Tuesday, May 15, 2018

Common Malware Names and Security+

Are you planning to take the SY0-501 Security+ exam? If so, you might like to review some information on malware names.

Check out this sample Security+ practice test question that was recently added to the Extras quiz for the online SY0-501 practice test questions.

Q. You are troubleshooting a computer that is displaying erratic behavior. You suspect that malicious software was installed when the user downloaded and installed a free software application. You want to identify the name of the malware and you run the following netstat command from the command prompt:

C:\WINDOWS\system32>netstat -nab > netstat.txt

After opening the text file you see the following information.


Based on the output, what type of malware was most likely installed on the user’s computer?

A. Worm

B. Logic bomb

C. Ransomware

D. RAT

E. Crypto-malware

F. No malware is indicated

Check out the answer and full explanation here.


Monday, May 14, 2018

Understanding Network Separation

Are yo planning to take the Security+ SY0-401 or SY0-501 exam?

If so, see if you can answer this sample question.

Q. You are tasked with configuring a switch so that it separates VoIP and data traffic. Which of the following provides the BEST solution?
A. NAC
B. DMZ
C. SRTP
D. VLAN

Check out the answer and full explanation here.


Monday, May 7, 2018

Vulnerability Assessment Tools

Are you planning to take the SY0-401 or SY0-501 Security+ exam?

If so, see if you can answer this practice test question.

Q. You suspect that a user is running an unauthorized AP within the organization’s building. Which of the following tools is the BEST choice to see if an unauthorized AP is operating on the network?
A. Rogue system
B. Wireless scanner
C. Password cracker
D. Penetration test