Transcender answer doesn't make sense!

p0etp0et Member Posts: 48 ■■□□□□□□□□
Hey guys.

I've just started using Transcender Security+ and one question is:
Between which 2 layers does SSL operate?
Their answer is: between the OSI Transport and Application layers.

This doesn't make sense because SSL is on the Session layer which is right in between the Transport and Presentation layers. If the answer truely is correct, then SSL would be on Session AND Presentation layers because there are 2 layers between Transport and Application.

Any help please?

Comments

  • cdad2000cdad2000 Member Posts: 323
    Dude, I'm stumped...
    I thought it was between the 2 & 3 layers.
    Shows what I NO!!!
    But I'll ask my professor
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Member Posts: 1,262 ■■■■□□□□□□
    The Transcender answer is correct. SSL operates between the Application layer and the Transport layer. It is really part of the Session layer, but operates in conjunction with the other layers in between Transport and Application.

    More info
  • Danman32Danman32 Member Posts: 1,243
    What choices of answers were you given?

    Although SSL operates mostly on the session layer, it requires cooperation of the application.
  • p0etp0et Member Posts: 48 ■■□□□□□□□□
    I've done a few practice exams for the Security+ exam with Transcender and am freaked out! The last test with 50 random questions had about 5 that I knew for sure and remembered from my studying and the rest I just blindly guessed on.

    Most of all the Transcender questions were not covered on any of my other security+ books that I've used. Have other's found this the same? It seems more aimed at a higher level security cert like CISSP. Not sure if I should be confusing myself with Transcender...

    Transcender has a lot of Unix and some Solaris questions too. (ie. Unix umask 077 paramters = ? & /etc/motd contains what?) It also has questions on the Rainbow books. (ie. US DOD Trusted Computer System Evaluation Criteria (TCSEC) level C1 provides ___?)

    Still confused about the whole SSL being on Session AND Presentation layers.
  • CessationCessation Member Posts: 326
    p0et wrote:
    I've done a few practice exams for the Security+ exam with Transcender and am freaked out! The last test with 50 random questions had about 5 that I knew for sure and remembered from my studying and the rest I just blindly guessed on.

    Most of all the Transcender questions were not covered on any of my other security+ books that I've used. Have other's found this the same? It seems more aimed at a higher level security cert like CISSP. Not sure if I should be confusing myself with Transcender...

    Transcender has a lot of Unix and some Solaris questions too. (ie. Unix umask 077 paramters = ? & /etc/motd contains what?) It also has questions on the Rainbow books. (ie. US DOD Trusted Computer System Evaluation Criteria (TCSEC) level C1 provides ___?)

    Still confused about the whole SSL being on Session AND Presentation layers.

    POet, I wouldnt worry about the exam if I were you.
    Every test I take within the first 5 questions I am wondering if I am even taking the test I need because the questions are crazy.
    But I soon just relax and start figuring them out.
    The same is with me from transcenders. Just take the tests and make sure you understand the reasoning behind the answer.(thats what its there for). Then follow up from your source books and continue on.

    BTW (quoting TeKniques here)

    SSL.jpg

    Its hard to put it in better words than this unless it comes from a manual.
    GL!,
    Cess
    A+, MCP(270,290), CCNA 2008.
    Working back on my CCNA and then possibly CCNP.
  • p0etp0et Member Posts: 48 ■■□□□□□□□□
    This is another Transcender question that caught me off guard. It's contradicting itself in the answer!

    Which of the following provides confidentiality?
    Asymmetric encryption
    A disk array
    Authentication
    A digital signature

    Answer: d (A digital Signature)
    Explanation:
    Asymmetric encryption provides confidentiality because encryption protects the contents of a file from being viewed by unauthorized users. If a user signs a file with a digital signature before sending the file to a user, the recipient can then use the digital signature to ensure that the file was not changed during transmission. The digital signature is a form of Integrity.

    Anyone have a guess as to why they just gave me two answers? I thought:
    Asymmetric Encryption = Confidentiality
    Digital Signature = Integrity
  • Danman32Danman32 Member Posts: 1,243
    You are correct on your answer assesment. Somebody messed up on that Transcender answer and explanation. I have seen that kind of thing alot in practice exams. As I stated several months earlier, I wish these things would go through peer review before being published.
  • p0etp0et Member Posts: 48 ■■□□□□□□□□
    Thanks for the info. Just want to be clear on these things going in to write the test.
  • rcooprcoop Member Posts: 183
    p0et,

    You should send Transender an email with the above question. I did this with a number of early PrepLogic and BeachFront Quizzer practice exam questions, and they thanked me, and incorporated the corrections in the next version of their exams.

    With current PrepLogic exams you can check to see if there are updates, and it will automatically update the questions if there is.

    Take Care,
    RCoop
    Working on MCTS:SQL Server 2005 (70-431) & Server+
Sign In or Register to comment.