Some questions I have about the exam
I don't know if any of these are possible questions that will come up exam but I wanted clarification on some of them. These are my own questions that I really would struggle with if they were actual exam questions. Any help would be greatly appreciated.
Which access control method allows for the highest level of granularity?
From everything I know MAC and RBAC offer high levels of granularity but I am not sure which access ctrl method has the highest level. I would guess RBAC but really not sure.
Are tokens more secure than biometrics?
I think yes but I could have sworn I read somewhere than biometrics are considered the most secure method even though it shouldnt be used by itself. I really think tokens but at the same time..
Is coax less resistant to EMI then STP?
I know coax is more resistant to it than UTP but is it also more resistant than STP?
What are back orifice, netbus, and subseven considered?
I think they are back doors 1st and foremost. But as I am worried about the exam's reputation of having "best answers", could it be a trojan, and illicit server, or maybe even a rootkit. I can see any of those being a possible answer but what would most here consider to be the "best" definition.
I know my ports pretty well but do you need to know any of the virus/trojan/malicious ports for the exam? I have not seen anyone say they are on the exam but I would think they would be important to know for this particular exam
Anyays any help would be greatly appreciated. I am taking the exam in a week and these are some questions I really need help on..
Which access control method allows for the highest level of granularity?
From everything I know MAC and RBAC offer high levels of granularity but I am not sure which access ctrl method has the highest level. I would guess RBAC but really not sure.
Are tokens more secure than biometrics?
I think yes but I could have sworn I read somewhere than biometrics are considered the most secure method even though it shouldnt be used by itself. I really think tokens but at the same time..
Is coax less resistant to EMI then STP?
I know coax is more resistant to it than UTP but is it also more resistant than STP?
What are back orifice, netbus, and subseven considered?
I think they are back doors 1st and foremost. But as I am worried about the exam's reputation of having "best answers", could it be a trojan, and illicit server, or maybe even a rootkit. I can see any of those being a possible answer but what would most here consider to be the "best" definition.
I know my ports pretty well but do you need to know any of the virus/trojan/malicious ports for the exam? I have not seen anyone say they are on the exam but I would think they would be important to know for this particular exam
Anyays any help would be greatly appreciated. I am taking the exam in a week and these are some questions I really need help on..
Comments
-
osprey
Member Posts: 12 ■□□□□□□□□□
I took the Security+ a month and a half ago, so someone please correct me if my memory fails me and I say something that's incorrect.
[Snipped after RussS's post]
Biometrics are the most secure. "Something you have" and "something you know" can both be taken or learned, respectively. Strictly-speaking, you can't take or learn someone's retinal pattern, for example. The way I look at it is that it's easier to steal someone's token AND learn their PIN than it is to steal their eyeball. Be wary of trick questions, though, remembering that biometrics plus something else is always more secure than biometrics alone.
I don't know the answer to your coax question, but I'm almost certain that it won't be on the exam. The exam barely touches cabling types, much less the EMI properties of each.
I believe that the "best answer" for what Back Orifice, NetBus and SubSeven are is illicit servers. The ExamCram2 book calls them illicit servers in the text, but trojans in the practice test. I came across "illicit servers" elsewhere, though, so I believe that is the best answer. Despite my semi-confusion on the matter (like you), I didn't get a question on it on the exam.
The only ports that you need to know for the exam are the ports for common services. Because they're for common services, they're ports that are prone to be left open. I think that that's as far as the exam wants to cover on that issue.-Jon
MCSE 2k3 & 2k, MCSA 2K3 & 2k, Security+ -
RussS
Member Posts: 2,068 ■■■□□□□□□□
These look very much like questions I have seen in practice software.
MAC is more granular than RBAC.
A token can be stolen, lost or misplaced - therefore Biometrics are more secure.
STP is more resistant to EMI than coaxial cable.
An illicit server can be a Trojan, but not all illicit servers are trojans.
Confused??
OK - many chat programs such as MSN, AIM, ICQ, Yahoo etc have file transfer capabilities and THAT makes them an illicit server as far as Network Admin are concerned. However, as far as the exam (and your question goes) NetBus, Sub7, BO are all illicit servers OR Trojans - it really depends on the wording of the question.
Ports - Know all of the well known ones. Plus a few that are common in the security area ...
TCP 20 FTP Active Control Port
TCP 21 FTP Active Control Data Port
TCP 22 SSH Secure Shell
TCP 23 Telnet
TCP 25 SMTP
TCP 42 WINS Name Server
TCP 49 TACACS
TCP 53 DNS Zone Transfer
UDP 53 DNS request
UDP 67 BOOTP – Server (DHCP)
UDP 68 BOOTP- Client (DHCP)
UDP 69 TFTP – Trivial FTP
TCP 70 Gopher
TCP 79 Finger
TCP 80 HTTP
TCP/UDP 88 Kerberos
TCP 110 POP3 Post Office Protocol
TCP 119 NNTP
UDP 123 NTP
UDP 135 RPC Locator service
TCP/UDP 137 NetBios Name
UDP 138 NetBios Datagram
TCP 139 NetBios Service
TCP 143 IMAP4
UDP 161 SNMP
UDP 162 SNMP Trap
TCP 194 IRC
TCP 389 LDAP
TCP 443 HTTPS/SSL Secure Socket
UDP 500 ISAKMP/IKE
TCP/UDP 530 RPC
TCP 543 Kerberos Shell
TCP 544 Kerberos Remote Shell
TCP 636 LDAPS
TCP 993 IMAPS
TCP 995 POP3S
TCP/UDP 1293 IPSec
UDP 1701 L2F, L2TP
TCP 1723 PPTP
UDP 1812 RADIUS Authentication
UDP 1813 RADIUS Accounting
TCP 3389 Terminal Services
UDP 4500 ISAKMP/IKE (with NAT)
TCP 8080 HTTP-Proxywww.supercross.com
FIM website of the year 2007 -
jsond
Member Posts: 66 ■■□□□□□□□□
Thank you both very much for the help. And thank you Russ for the list of ports. I know that list is on this website as I printed it out a month or so ago and have those ports memorized very well. Plus I just started working for Trusecure a few months ago and that has helped me retain my knowledge of many of those ports. I would think ports 1433 and 1434 should be included based on how much it seems to come up on various books I have read. Not sure if they would be a possible exam question but I believe they might be.
As far as biometrics being more secure than tokens, I have believed that all along but saw somewhere it said the opposite. However the fact that tokens can be lost, stolen very easy to me would make biometrics a more "reliable" method, not the most secure. Again it really is the same thing but I guess I am so worried about the wording of the exam questions. Regardless I know you are right and that is the way I felt all along just got sidetracked when I read the opposite a week or so ago.
Again, thank you guys for your help. Between the books I have read and the job I have started a few months ago I feel I will be ready. My main concern is this is the 1st time I have not paid for a reputable practice exam from any company before taking an exam and hope that doesn't keep me from passing.