Analyzing Network Traffic & Hard Drives

Are you preparing for the Security+ exam? If so, make sure you understand some basics related to forensics.

See if you can you answer this sample practice test question.

Q. After a recent incident, a forensic analyst was given several hard drives to analyze. What should the analyst do first?

A. Take screenshots and capture system images.
B. Take hashes and screenshots.
C. Take hashes and capture system images.
D. Perform antivirus scans and create chain-of-custody documents.

Check out the answer and full explanation here.

BYOD Policies and Security+

Are you preparing for the Security+ exam? If so, make sure you understand the security issues related to mobile devices.

For example, see if can you answer this sample Security+ question?

Q. Management within your company is considering allowing users to connect to the corporate network with their personally owned devices. Which of the following represents a security concern with this policy?

A. Inability to ensure devices are up to date with current system patches

B. Difficulty in locating lost devices

C. Cost of the devices

D. Devices might not be compatible with applications within the network

See if you're correct here.

Vulnerabilities and Security+

Are you planning to take the Security+ exam?

If so, make sure you understand various methods used to reduce vulnerabilities, including vulnerability scans.

As an example, can you answer this sample question?

Q. You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after checking the servers, you’ve verified the servers have these patches installed. Which of the following BEST describes this?

A. False negative

B. Misconfiguration on servers

C. False positive

D.Servers not hardened

Check out the answer (and full explanation) here.

Matching Security Controls to Security Goals

Are you planning to take the Security+ exam? Do you know how to match security controls to security goals?

As an example, see if you can answer this sample Security+ question.

Q. An organization needs to improve fault tolerance to increase data availability. However, the organization has a limited budget. Which of the following is the BEST choice to meet the organization’s needs?

A. RAID

B. Backup system

C. Cluster

D. UPS

Check out the answer (and the full explanation) here.

Security+ and Incident Response

Are you preparing to take the Security+ exam? If so, make sure you understand incident response procedures. For example, see if you can answer this practice test question.

Q. You work as a help-desk professional in a large organization. You have begun to receive an extraordinary number of calls from employees related to malware. Using common incident response procedures, what should be your FIRST response?

A. Preparation

B. Identification

C. Escalation

D. Mitigation

Check out the answer and the full explanation here.

Attacks and Countermeasures

Are you planning to take the Security+ exam? See if you can answer this sample practice test question.

Q. Some protocols include timestamps and sequence numbers. What types of attacks do these components help protect against?


A. Smurf

B. Replay

C. Flood guards

D. Salting

See if you're correct and view the full explanation here.

Security+ and Query Attacks

Are you preparing to take the Security+ exam? If so, make sure you can identify common attacks. For example, can you answer this question?

Q. Looking at logs for an online web application, you see that someone has entered the following phrase into several queries:

' or '1'='1' --

Which of the following is the MOST likely explanation for this?

A. A buffer overflow attack

B. An XSS attack

C. A SQL injection attack

D. An LDAP injection attack

Check out the answer (and the full explanation) here. 

Protocols and Ports in Security+

If you're planning to take the Security+ exam, you should have a basic understanding of relevant protocols and ports to implement basic network security.

For example, can you answer this question?

Q. Bart wants to block access to all external web sites. Which port should he block at the firewall?

A. TCP 22

B. TCP 53

C. UDP 69

D. TCP 80

More, do you know why the correct answer is correct and the incorrect answers are incorrect?

See if you're correct here.

Will you see port questions on the Security+ exam? You never know. However, I saw two.

Detecting Hidden System Infection

Are you preparing to take the Security+ exam? See if you can answer this sample question.

Q. A security administrator recently noticed abnormal activity on a workstation. It is connecting to computers outside the organization’s internal network, using uncommon ports. Using a security toolkit, the administrator discovered the computer is also running several hidden processes. Which of the following choices BEST indicates what the administrator has found?

A. Rootkit

B. Backdoor

C. Spam

D. Trojan

Check your answer and view the full explanation here.