Cryptography info

Well, I just failed the Security+ with a 756. Eight lousy points. It sucks getting that close but not passing. Think I'd rather have bombed it. It would have been less frustrating!

My question is this..... I relied mostly on my my job experience, but I did read the Tcat .pdf to supplement that, and I was wondering if anyone had a good source of in depth info on cryptography? It looks like that is what did me in. Thanks!

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

haltok

swanny5150 wrote:

Well, I just failed the Security+ with a 756. Eight lousy points. It sucks getting that close but not passing. Think I'd rather have bombed it. It would have been less frustrating!

My question is this..... I relied mostly on my my job experience, but I did read the Tcat .pdf to supplement that, and I was wondering if anyone had a good source of in depth info on cryptography? It looks like that is what did me in. Thanks!

I am a big fan of the sybex security+ book. It goes into great detail.

RussS

Sounds like you are another that missed by one question

Did you use the full pdf or just the free one? Personally I recommend the Sybex book and Tcats full pdf.

Sartan

Heck, I'm going to suggest practice.
I could write my Security+ and ace it right about now, but.. I don't have the money!

Anyway, what I did was either get some nice computers together, or even have one decent computer with vmware.
Then I networked the **** out of them, ran ethereal, and compared encryption and encapsulation types. I've done this so often I could spew anything certificate/encryption/authentication in about 5 minutes on a legitimate server. Then I implemented encryption on cisco routers until I turned blue. I'm one of those kinds of guys who can read that "Shiva is a method used by the Intel Corporation" and memorize it. But theres so much much more

Practice encrypting on *nix, and compare the methods involved.
2.6.0testX now even has kernel support for it, (although im not still too sure how well it works).
But oh well anyway, the best source for Encryption I had was the Microsoft knowledge database, and implementation thereof.

RussS

You miss the point my friend. Knowing the subject does not necessarily mean passing Comptias exam. From a few different forums I frequent I have run across a few CISSP who failed the exam due to either very badly worded questions or Comptia having the wrong answers.
Being able to run exploits and being able to harden against them is far more important than knowing who Rivest was, or that how many bits a certain encryption is may be great, but knowing what encryption to use in what circumstance is far more valuable.

Sartan

Alot of the cisco exams I've written I wouldn't have ever been able to pass without the practical knowledge to say, "if i was cisco, what the hell would I do if routerA didn't actually exist but i was supposed to account for it".

RussS

Ahhh so true. Unlike Cisco however where we are dealing with facts, when sitting the Comptia Sec+ exam you have to deal with 'opinion' and 'considerations' rather than pure facts

swanny5150

Thanks for all your suggestions. I'll follow up on them and hopefully get this test beat here next time. In response to your question RussS, yes, I was just using the free Tcat. I'll check out the full one also.

This does bring up another question as well. Judging from some of the comments both this thread and others, the consensus appears to be on the Security+ exam that the "correct answer" so to speak, is based on CompTIA's opinions, rather than hardcore fact. Would I be correct in assuming this to be typical of all CompTIA exams? Or is that just the case for Server+?

I was looking at maybe pursing Linux+ and Network+ upon the completion of my MCSE. But I may look to other vendors if that is the case across the board with CompTIA exams.

RussS

A+ is basically correct. Net+ is good, if a little light in *nix and Netware.
Haven't looked at Linux+ yet, but I understand it is kind of A+ with a *nix bent to it. Server+ I have no idea at all about yet.

JDMurray

Server+ I have no idea at all about yet.

I've taken Server+ and it's all about hardware. SCSI, tape backup, cabling, and many A+ and Net+ type questions. It's a fairly vendor-neutral exam, but there were a few Windows, NetWare, *NIX questions. It was worth taking.

swanny5150

Well, I finally got back in to retake this exam, and I got 'er whipped on the second try. Took me about 40 minues, and I finished with an 812 this time. Thanks go out to this site in general, and more specifically to our fellow forum readers who gave me further study advice after failing it the first time (by one *#$ question). Your help was greatly appreciated. With this exam, in addition to gaining my Sec+, this also completes my MCSA. Now, it's back to MS tests. I suppose 216 is next (gulp!)

Thanks all,

Mike

janmike

Congrats on the new certs!!