I took the Security+ exam (SYO-401 version) last week. While I've held the certification since 2005, I wanted to see how it looked and compare this to what readers have shared with me.
This blog post outlines what I saw including the number of questions, the types of questions, and some key strategies I used to pass.
Monday, May 29, 2017
Friday, May 26, 2017
Security+ and Wireless Security
Are you planning to take the Security+ exam? See if you can answer this sample practice test questio
Q. Your organization is planning to implement a wireless network using WPA2 Enterprise. Of the following choices, what is required?
A. An authentication server with a digital certificate installed on the authentication server
B. An authentication server with DHCP installed on the authentication server
C. An authentication server with DNS installed on the authentication server
D. An authentication server with WEP running on the access point
Q. Your organization is planning to implement a wireless network using WPA2 Enterprise. Of the following choices, what is required?
A. An authentication server with a digital certificate installed on the authentication server
B. An authentication server with DHCP installed on the authentication server
C. An authentication server with DNS installed on the authentication server
D. An authentication server with WEP running on the access point
Monday, May 22, 2017
Security+ Device Security Concepts
Are you preparing to take the Security+ exam? See if you can answer this sample practice test question.
Q. Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices if a thief steals one?
A. Asset tracking
B. Screen lock
C. Mobile device management
D. GPS tracking
Check out the answer and the full explanation here.
Q. Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices if a thief steals one?
A. Asset tracking
B. Screen lock
C. Mobile device management
D. GPS tracking
Check out the answer and the full explanation here.
Friday, May 19, 2017
Defense In Depth
Are you preparing to take the Security+ exam? See if you can answer this Security+ practice test question.
Q. An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. Which of the following BEST identifies this principle?
A. Implicit deny
B. Layered security
C. Least privilege
D. Flood guard
Check out the answer and a full explanation here.
Q. An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. Which of the following BEST identifies this principle?
A. Implicit deny
B. Layered security
C. Least privilege
D. Flood guard
Check out the answer and a full explanation here.
Monday, May 15, 2017
WannaCry Ransomware
Are you one of the more than 200,000 users in over 150 countries that WannaCry today?
On May 12, the WannaCry ransomware began infecting computers around the world. This malware infects systems, encrypts user files, and demands a payment of about $300 within three days.
See if you can answer this sample Security+ question. It includes information on the standard security practice that would have prevented this infection, if people followed it.
On May 12, the WannaCry ransomware began infecting computers around the world. This malware infects systems, encrypts user files, and demands a payment of about $300 within three days.
See if you can answer this sample Security+ question. It includes information on the standard security practice that would have prevented this infection, if people followed it.
Q. A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating systems do not have current security fixes. Administrators have had to rebuild some servers from scratch due to mysterious problems. Which of the following solutions will mitigate these problems?
A. Virtualization
B. Sandboxing
C. IDS
D. Patch management
Friday, May 12, 2017
Security+ and Data Leakage
Are you planning to take the Security+ exam? See if you can answer this sample test question.
Q. Your organization blocks access to social media web sites. The primary purpose is to prevent data leakage, such as the accidental disclosure of proprietary information. What is an additional security benefit of this policy?
A. Improves employee productivity
B. Enables cognitive password attacks
C. Prevents P2P file sharing
D. Protects against banner ad malware
See if you're correct (and the full explanation) here.
Q. Your organization blocks access to social media web sites. The primary purpose is to prevent data leakage, such as the accidental disclosure of proprietary information. What is an additional security benefit of this policy?
A. Improves employee productivity
B. Enables cognitive password attacks
C. Prevents P2P file sharing
D. Protects against banner ad malware
See if you're correct (and the full explanation) here.
Monday, May 8, 2017
Security+ and Command Line Questions
Are you preparing for the Security+ exam?
If so, you might like to know about the command line questions that are appearing on the exam. The good news is that they are very likely beta questions. Read more here....
If so, you might like to know about the command line questions that are appearing on the exam. The good news is that they are very likely beta questions. Read more here....
Friday, May 5, 2017
Security+ and Management Controls
Are you preparing for the Security+ exam? See if you can you answer this practice test question?
Q. Which of the following is a management control?
A. Encryption
B. Security policy
C. Least privilege
D. Change management
Check out the answer here. The explanation will help you understand why the incorrect answers are incorrect and why correct answer is correct.
Q. Which of the following is a management control?
A. Encryption
B. Security policy
C. Least privilege
D. Change management
Check out the answer here. The explanation will help you understand why the incorrect answers are incorrect and why correct answer is correct.
Monday, May 1, 2017
Security+ and Server Management Using VMs
Are you preparing for the Security+ exam? See if you can you answer this sample question.
Q. A company is implementing a feature that allows multiple servers to operate on a single physical server. What is this?
A. Virtualization
B. IaaS
C. Cloud computing
D. DLP
Check out the answer and full explanation here.
Q. A company is implementing a feature that allows multiple servers to operate on a single physical server. What is this?
A. Virtualization
B. IaaS
C. Cloud computing
D. DLP
Check out the answer and full explanation here.
Subscribe to:
Posts (Atom)