Some questions I have about the exam

jsondjsond Member Posts: 66 ■■□□□□□□□□
I don't know if any of these are possible questions that will come up exam but I wanted clarification on some of them. These are my own questions that I really would struggle with if they were actual exam questions. Any help would be greatly appreciated.

Which access control method allows for the highest level of granularity?

From everything I know MAC and RBAC offer high levels of granularity but I am not sure which access ctrl method has the highest level. I would guess RBAC but really not sure.

Are tokens more secure than biometrics?

I think yes but I could have sworn I read somewhere than biometrics are considered the most secure method even though it shouldnt be used by itself. I really think tokens but at the same time..

Is coax less resistant to EMI then STP?

I know coax is more resistant to it than UTP but is it also more resistant than STP?

What are back orifice, netbus, and subseven considered?

I think they are back doors 1st and foremost. But as I am worried about the exam's reputation of having "best answers", could it be a trojan, and illicit server, or maybe even a rootkit. I can see any of those being a possible answer but what would most here consider to be the "best" definition.

I know my ports pretty well but do you need to know any of the virus/trojan/malicious ports for the exam? I have not seen anyone say they are on the exam but I would think they would be important to know for this particular exam

Anyays any help would be greatly appreciated. I am taking the exam in a week and these are some questions I really need help on..


  • ospreyosprey Member Posts: 12 ■□□□□□□□□□
    I took the Security+ a month and a half ago, so someone please correct me if my memory fails me and I say something that's incorrect.

    [Snipped after RussS's post]

    Biometrics are the most secure. "Something you have" and "something you know" can both be taken or learned, respectively. Strictly-speaking, you can't take or learn someone's retinal pattern, for example. The way I look at it is that it's easier to steal someone's token AND learn their PIN than it is to steal their eyeball. Be wary of trick questions, though, remembering that biometrics plus something else is always more secure than biometrics alone.

    I don't know the answer to your coax question, but I'm almost certain that it won't be on the exam. The exam barely touches cabling types, much less the EMI properties of each.

    I believe that the "best answer" for what Back Orifice, NetBus and SubSeven are is illicit servers. The ExamCram2 book calls them illicit servers in the text, but trojans in the practice test. I came across "illicit servers" elsewhere, though, so I believe that is the best answer. Despite my semi-confusion on the matter (like you), I didn't get a question on it on the exam.

    The only ports that you need to know for the exam are the ports for common services. Because they're for common services, they're ports that are prone to be left open. I think that that's as far as the exam wants to cover on that issue.
    MCSE 2k3 & 2k, MCSA 2K3 & 2k, Security+
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    These look very much like questions I have seen in practice software.

    MAC is more granular than RBAC.

    A token can be stolen, lost or misplaced - therefore Biometrics are more secure.

    STP is more resistant to EMI than coaxial cable.

    An illicit server can be a Trojan, but not all illicit servers are trojans.
    OK - many chat programs such as MSN, AIM, ICQ, Yahoo etc have file transfer capabilities and THAT makes them an illicit server as far as Network Admin are concerned. However, as far as the exam (and your question goes) NetBus, Sub7, BO are all illicit servers OR Trojans - it really depends on the wording of the question.

    Ports - Know all of the well known ones. Plus a few that are common in the security area ...

    TCP 20 FTP Active Control Port
    TCP 21 FTP Active Control Data Port
    TCP 22 SSH Secure Shell
    TCP 23 Telnet
    TCP 25 SMTP
    TCP 42 WINS Name Server
    TCP 53 DNS Zone Transfer
    UDP 53 DNS request
    UDP 67 BOOTP – Server (DHCP)
    UDP 68 BOOTP- Client (DHCP)
    UDP 69 TFTP – Trivial FTP
    TCP 70 Gopher
    TCP 79 Finger
    TCP 80 HTTP
    TCP/UDP 88 Kerberos
    TCP 110 POP3 Post Office Protocol
    TCP 119 NNTP
    UDP 123 NTP
    UDP 135 RPC Locator service
    TCP/UDP 137 NetBios Name
    UDP 138 NetBios Datagram
    TCP 139 NetBios Service
    TCP 143 IMAP4
    UDP 161 SNMP
    UDP 162 SNMP Trap
    TCP 194 IRC
    TCP 389 LDAP
    TCP 443 HTTPS/SSL Secure Socket
    TCP/UDP 530 RPC
    TCP 543 Kerberos Shell
    TCP 544 Kerberos Remote Shell
    TCP 636 LDAPS
    TCP 993 IMAPS
    TCP 995 POP3S
    TCP/UDP 1293 IPSec
    UDP 1701 L2F, L2TP
    TCP 1723 PPTP
    UDP 1812 RADIUS Authentication
    UDP 1813 RADIUS Accounting
    TCP 3389 Terminal Services
    UDP 4500 ISAKMP/IKE (with NAT)
    TCP 8080 HTTP-Proxy
    FIM website of the year 2007
  • jsondjsond Member Posts: 66 ■■□□□□□□□□
    Thank you both very much for the help. And thank you Russ for the list of ports. I know that list is on this website as I printed it out a month or so ago and have those ports memorized very well. Plus I just started working for Trusecure a few months ago and that has helped me retain my knowledge of many of those ports. I would think ports 1433 and 1434 should be included based on how much it seems to come up on various books I have read. Not sure if they would be a possible exam question but I believe they might be.

    As far as biometrics being more secure than tokens, I have believed that all along but saw somewhere it said the opposite. However the fact that tokens can be lost, stolen very easy to me would make biometrics a more "reliable" method, not the most secure. Again it really is the same thing but I guess I am so worried about the wording of the exam questions. Regardless I know you are right and that is the way I felt all along just got sidetracked when I read the opposite a week or so ago.

    Again, thank you guys for your help. Between the books I have read and the job I have started a few months ago I feel I will be ready. My main concern is this is the 1st time I have not paid for a reputable practice exam from any company before taking an exam and hope that doesn't keep me from passing.
Sign In or Register to comment.