CISSP

The CISSP quiz is updated as of January 2019. The old one was maintained by a 3rd party that did not maintain it. We’ve taken it over and boosted the item count to over 2300. There are 1300+ regular questions. They range from simple and fact-based to longer and requiring a judgement to be made. […]

CEH v10

The CEH v10 looks mostly like CEH v9 and v8.  The new Modules are Vulnerability Analysis and IoT Hacking.  The Vulnerability Module seems to be extracted from Scanning and perhaps Footprinting.  The IoT Module is 100 pages, but fairly spare on the exam. A few exhibits are present, but are in-line. You don’t click a […]

SY0-501 First Look

The newest Security+ test seems to be a bit more even-handed than earlier versions. It seems like no new simulations or exhibits are present. And, perhaps, there are fewer of them.  The breadth of topics is wider.  Much more on authentication systems, some in sparse use, like Shiboleth.?!  The topics are changed around from one […]

CEHv9 Review

The CEHv9 exam seems to be much less an archaeology adventure than previous versions. To be sure, it still has a few rather old items within.  But, the overall question quality is much higher.  There are a number of mystery questions, which to answer them, you must know the mind or even history of the […]

CEH Exam Snafu

CEH Exam Snafu When you go in to test with Vue, the signup is a bit involved and there is some misinformation.  You will have to have a Vue.com account., Then, they make it a pain to locate EC Council, and then the test you want.  To be sure, you want the 312-50 CEH exam. […]

CEHv9 Changes

CEHv9 Changes There is a new CEH version: CEHv9. The debut was November 1, 2015.  Here are the changes: Trojans and Backdoors has been combined with Viruses and Worms to form one chapter Cloud computing has been added Buffer overflow is deleted There are 400 more slide pages Increase lab count from 100 to 140 […]

Scenarios and Obfuscation

Scenarios and Obfuscation The test questions we are hearing of today seem to have been embellished. They do not ask a straight-up question, but bury it in superfluous text. For example: John is an administrator and has responsibility for monitoring intrusions.  He has heard that some defensive systems require frequent updating and are only able […]

New Simulations/Exhibits: Cisco NAT

New Simulations/Exhibits: Cisco NAT Device Defenses: A simulation wherein you must look at a diagram with user workstations, routers, switches and other items.  Then, you have a list of defense-related items: AV, 802.1x, ACLs, rules.  You must place all of them on the appropriate items.  Fairly do-able.  It is much like the placement of physical […]

New Simulations/Exhibits

New Simulations/Exhibits Forensics/Logs: Another poor exhibit has been added.  The test-taken is challenged to look at logs from: IDS, Web server, PC and a database.  You can see in the IDS and WWW logs that there is likely OS command injection going on against WWW, causing it to SCP some files off to the attacker. […]