Category: Security+

Security+ related

SY0-501 First Look

The newest Security+ test seems to be a bit more even-handed than earlier versions. It seems like no new simulations or exhibits are present. And, perhaps, there are fewer of them.  The breadth of topics is wider.  Much more on authentication systems, some in sparse use, like Shiboleth.?!  The topics are changed around from one […]

Scenarios and Obfuscation

Scenarios and Obfuscation The test questions we are hearing of today seem to have been embellished. They do not ask a straight-up question, but bury it in superfluous text. For example: John is an administrator and has responsibility for monitoring intrusions.  He has heard that some defensive systems require frequent updating and are only able […]

New Simulations/Exhibits: Cisco NAT

New Simulations/Exhibits: Cisco NAT Device Defenses: A simulation wherein you must look at a diagram with user workstations, routers, switches and other items.  Then, you have a list of defense-related items: AV, 802.1x, ACLs, rules.  You must place all of them on the appropriate items.  Fairly do-able.  It is much like the placement of physical […]

New Simulations/Exhibits

New Simulations/Exhibits Forensics/Logs: Another poor exhibit has been added.  The test-taken is challenged to look at logs from: IDS, Web server, PC and a database.  You can see in the IDS and WWW logs that there is likely OS command injection going on against WWW, causing it to SCP some files off to the attacker. […]