Security+ and Proxy Servers

Are you planning to take the SY0-401 Security+ or SY0-501 Security+ exam?  If so, make sure you understand basic network components.

As an example, see if you can answer this sample Security+ question.

Q.  Management at your organization wants to prevent employees from accessing social media sites using company-owned computers. Which of the following devices would you implement?

A. Transparent proxy

B. Reverse proxy

C. Nontransparent proxy

D. Caching proxy

Check out the answer and explanation here.

Security+ and Penetration Testing

Are you planning to take the SY0-501 or SY0-401 Security+ exam. If so, make sure you understand some basic penetration testing concepts.

As an example, see if you can answer this sample question?

Q. A penetration tester has successfully attacked a single computer within the network. The tester is now attempting to access other systems within the network via this computer. Which of the following BEST describes the tester’s current actions?

A. Performing reconnaissance

B. Performing the initial exploitation

C. Pivoting

D. Escalating privileges

Check out the answer (and full explanation) here.

Security+ and Secure Coding

The CompTIA Security+ exam includes many concepts related to secure coding techniques. If you're planning to take the SY0-401 or the SY0-501 Security+ exam, you should have a basic understanding of techniques such as proper error handling, input validation, and more.

As an example, can you answer this sample SY0-501 practice question?

Q. You are reviewing some Java code for an application and come across the following snippet:

You suspect that this will cause a problem. Which of the following BEST describes the problem?

A. NullPointerException

B. Invalid null assignment

C. Pointer dereference

D. Buffer overflow

Check out this page to see if you're correct (and see the full explanation).