I think one of the questions has an issue
kevindulany
Member Posts: 3 ■□□□□□□□□□
While taking the Security+ exam, I cam across a question...I want to make sure I am not missing something...
The question is:
You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
a. S/MIME
b. IPSec
c. TLS
d. PGP
Now, my issue is this...the correct answers (according to the test) is a and d. My issue is that PGP is NOT a protocol...
Am I off the mark or not???
The question is:
You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
a. S/MIME
b. IPSec
c. TLS
d. PGP
Now, my issue is this...the correct answers (according to the test) is a and d. My issue is that PGP is NOT a protocol...
Am I off the mark or not???
Comments
-
JDMurray Admin Posts: 13,101 AdminFor the purpose of answering this question correctly, it really doesn't matter if PGP is a protocol or not. Tthe question is really asking "What are the common ways of securing email?" PGP and S/MIME would be the correct answers. The fact that three of the four answers listed are cryptographic protocols is meant to test how well you know common email security mechanisms.
-
Webmaster Admin Posts: 10,292 AdminIndeed.
As a CISSP you probably don't want to go over 'any' Security+ questions, which includes the actual exam. This is as good as it gets with CompTIA level questions, and actually very typical CompTIA. Actually, as a CISSP even the exam objectives and CompTIA's categorizations of those will probably seem 'off'. Once you've gone deeper in the material (and this goes for "anything"/ any type of education), you will quickly find out that on the basic level things weren't entirely accurate. But instead influenced by the scope and depth of the educational material, without going into to much detail about this: to simplify and teach complex topics on a very basic level, child-objects that would normally have a different parent in the hierarchy are simply thrown on a single pile for the sake of teaching. The available parents are limited by the level of depth of the material. As JD explained, this practice question is a rather obvious exampe of this. One of the dangers when taking CompTIA exams is overthinking it, just go with the obvious.
I'm always open for suggestions on how to improve our material though so thanks nevertheless. -
kevindulany Member Posts: 3 ■□□□□□□□□□I agree (for the most part)...
I am a firm believer that the question should not be the distractor itself...
As JD said, the question is really asking ""What are the common ways of securing email?" PGP and S/MIME would be the correct answers." Then that should be the question.
When I took the CISSP exam, I had to read the questions, pick out the key words (i.e. BEST, WORST, PROTOCOL, SERVICE)...then, mark out the two obvious distractors...and finally, map the last two answers to the key words in the question...
As far as the question that I discussed, I looked at the key words...TWO PROTOCOLS....even though I did answer it correctly (using common sense and understanding the functions of IPSec and TLS...)...
As far as suggestions...I would recommend making the questions clear and concise...and let the answers test the person...
Thanks for all of your attention...
Kevin -
JDMurray Admin Posts: 13,101 Adminkevindulany wrote:As far as the question that I discussed, I looked at the key words...TWO PROTOCOLS....even though I did answer it correctly (using common sense and understanding the functions of IPSec and TLS...)...
As far as suggestions...I would recommend making the questions clear and concise...and let the answers test the person...