Security+ Practice Tests Question: help

I am using preplogic test software for me security+ preparation exam.
And i wanted to find out if preplogic practice test is harder than the security+ real test from those of u that might have used it for preparation.
Thank you.

Find more posts tagged with

Comments

Non-Profit Techie

I havent taken the test yet, however i doubt the questions are much harder then on the test. Preplogic questions are pretty easy compared to the boston test and the transcender test. I wouldnt worry as much about the questions being hard or not, if you fully understand the material they are questioning you on, you should be able to answer the question or at least have a pretty good idea before you see the choices.

My gut feeling is the preplogic questions are gonna be pretty close to the difficulty as the real test.

Slowhand

The questions on the test, itself, are pretty straight-forward. As long as you've studied up with at least one book, the technotes here on this site, and, preferably, used something along the lines of CBT Nuggets or TestOut, (in leau of having your own test lab set up,) you should be able to figure out most of the questions, no problem.

Danman32

The problem with this test that may have us all debating if it is easy or not is the fact that the objectives are open-platform and general enough that almost anything could be asked of you, so it is hard to know what you need to know and what you don't.

Megadeth4168

The questions are straight forward on the test. That's not to say they are easy, just that they are fairly straight forward.

It seems to me like an OK example of how the uestions are formatted ect... Would be the rpactice questions on teh CD of the Mike Meyers book (but a little harder than those questions).

A good example of what not to expect on the exam are questions like they have in the Syngress book.

mivmann

I used the Preplogic practice test software and I would say that the exam was a bit harder than the practice test. In the days before my exam I scored between 92% - 99% in the practice tests and scored a 87% in the exam. Preplogic was a big help, but can not be used as a single source as I got 12-15 questions that Preplogic did not cover.

p0et

Not sure if this is the right place to post this...

I'm stumped on this question I hed appear. Some tests say the answer is C (which I thought) and other's say it's A. What do you think? Or better yet, what do you think the real exam's answer would be?

What kind of attack are hashed password vulnerable to?
A. Man in the middle.
B. Dictionary or brute force.
C. Reverse engineering.
D. DoS (Denial of Service)
Answer: A
Explanation:
I disagree with the original answer C. The man in the middle attack can steal the hashed password, and then it can be decrypted at their own leisure.

sprkymrk

p0et wrote:

Not sure if this is the right place to post this...

I'm stumped on this question I hed appear. Some tests say the answer is C (which I thought) and other's say it's A. What do you think? Or better yet, what do you think the real exam's answer would be?

What kind of attack are hashed password vulnerable to?
A. Man in the middle.
B. Dictionary or brute force.
C. Reverse engineering.
D. DoS (Denial of Service)
Answer: A
Explanation:
I disagree with the original answer C. The man in the middle attack can steal the hashed password, and then it can be decrypted at their own leisure.

Well, this is a debatable one. Potentially, answer A could lead to answer B. I think answer B might be the best, specifically thinking of the "Birthday"* attack. Answer C at first appeared to me as "Social Engineering", which almost any form of security is susceptable to indirectly as it bypasses the technical controls in place. However, a hash is not susceptable to reverse-engineering, as you (in theory) cannot obtain the original password by simply having the hash alone. This is why you create a hash value for network traversal rather than just encrypting the real password to send. So I would say that C can be eliminated. Answer D doesn't really make any sense in this case either, a DoS attack is not directly related to passwords unless a brute force cracking attempt locks out an account, which is a DoS of sorts. I would have to say this is one of those "poorly formed" questions you hopefully won't see on the exam.

*Birthday Attack: http://www.google.com/search?hl=en&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=define:+%22BirthDay+Attack%22+&spell=1

p0et

Thanks sprkymrk.. sure hope i answer correctly on the real exam!

I've been studying from a good 6 different sources and have used practice tests from that many different sources as well. Now I bought my voucher which included yet another practice test sim software. All of a sudden the questions I'm getting on this software are quite out there and I have absolutely no idea what most of the answers are! They're asking about "TCB Data Structures", "Seperation of Operator and Administrator Functions", "Aspects of Operations Controls", "Operating Systems' Responses to Failures Classifications", etc... And that's all from just a few questions out of over 500 questions like that.

Sure worried about what is really going to be on the exam. The pratice exams from the 6 different sources were okay and I did well on them until this one exam that's incredibly different from all the rest.

sprkymrk

Yeah, those questions look "off" to me. If you were confident until this last set of practice questions then don't lose too much sleep over it.

If you have used Transcender, it's a pretty good gauge of how well you can expect to do on the real deal. The practice questions on this site are spot on too. Have you tried it? Ditto the ports exam on this site.

Good luck!

p0et

Thanks for the quick reply! Yes, I felt confident until this last practice exam software. I did well with Transcender as well as this site's questions. Ports are definately not an issue either. I'm scheduled to write in a couple days on Saturday morning.

p0et

Going to write the exam tomorrow morning but ran into another confusing question conflicting with different sources. Cat5 maximum speed is 100Mb (free-tests.com) or Cat5 maximum speed is 1Gb (Transcender). Which should I answer if this is on the real test?

Danman32

Technically, I believe Cat5E or Cat6 is supposed to be used for 1Gb, but most Cat5 can handle 1Gb.

Hard to say what would be the right answer on the real test. Judge by the context.