Security+ Practice Tests Question: help
I am using preplogic test software for me security+ preparation exam.
And i wanted to find out if preplogic practice test is harder than the security+ real test from those of u that might have used it for preparation.
Thank you.
And i wanted to find out if preplogic practice test is harder than the security+ real test from those of u that might have used it for preparation.
Thank you.
Comments
My gut feeling is the preplogic questions are gonna be pretty close to the difficulty as the real test.
Free Microsoft Training: Microsoft Learn
Free PowerShell Resources: Top PowerShell Blogs
Free DevOps/Azure Resources: Visual Studio Dev Essentials
Let it never be said that I didn't do the very least I could do.
It seems to me like an OK example of how the uestions are formatted ect... Would be the rpactice questions on teh CD of the Mike Meyers book (but a little harder than those questions).
A good example of what not to expect on the exam are questions like they have in the Syngress book.
I'm stumped on this question I hed appear. Some tests say the answer is C (which I thought) and other's say it's A. What do you think? Or better yet, what do you think the real exam's answer would be?
What kind of attack are hashed password vulnerable to?
A. Man in the middle.
B. Dictionary or brute force.
C. Reverse engineering.
D. DoS (Denial of Service)
Answer: A
Explanation:
I disagree with the original answer C. The man in the middle attack can steal the hashed password, and then it can be decrypted at their own leisure.
Well, this is a debatable one. Potentially, answer A could lead to answer B. I think answer B might be the best, specifically thinking of the "Birthday"* attack. Answer C at first appeared to me as "Social Engineering", which almost any form of security is susceptable to indirectly as it bypasses the technical controls in place. However, a hash is not susceptable to reverse-engineering, as you (in theory) cannot obtain the original password by simply having the hash alone. This is why you create a hash value for network traversal rather than just encrypting the real password to send. So I would say that C can be eliminated. Answer D doesn't really make any sense in this case either, a DoS attack is not directly related to passwords unless a brute force cracking attempt locks out an account, which is a DoS of sorts. I would have to say this is one of those "poorly formed" questions you hopefully won't see on the exam.
*Birthday Attack: http://www.google.com/search?hl=en&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=define:+%22BirthDay+Attack%22+&spell=1
I've been studying from a good 6 different sources and have used practice tests from that many different sources as well. Now I bought my voucher which included yet another practice test sim software. All of a sudden the questions I'm getting on this software are quite out there and I have absolutely no idea what most of the answers are! They're asking about "TCB Data Structures", "Seperation of Operator and Administrator Functions", "Aspects of Operations Controls", "Operating Systems' Responses to Failures Classifications", etc... And that's all from just a few questions out of over 500 questions like that.
Sure worried about what is really going to be on the exam. The pratice exams from the 6 different sources were okay and I did well on them until this one exam that's incredibly different from all the rest.
If you have used Transcender, it's a pretty good gauge of how well you can expect to do on the real deal. The practice questions on this site are spot on too. Have you tried it? Ditto the ports exam on this site.
Good luck!
Hard to say what would be the right answer on the real test. Judge by the context.