Concerened with study materials

dneffdneff Member Posts: 6 ■□□□□□□□□□
I have been preparing for the Sec+ for about a month now. I thought I was at the point of scheduling my exam when I ran into some odd practice test questions last night. My concern is that the questions were material that was not in my book (Dulaney Sec+ Deluxe 2nd ed.) nor in the Professor Messer videos. They were things like bonk attacks, land attacks, and CIA to name a few. I have found those items in the tech notes of this site, but my question is whether or not the two study references I am using are sufficient or if they have totally skipped a number of items that will appear on the test? Would love some input whether I am missing some things or if the materials in the tech notes here are outdated for the current test. Thanks everyone!

Comments

  • quinnyflyquinnyfly Member Posts: 243
    I would absolutley use another resource, most will tell you "me included" to use Darril Gibson's books, If you are getting around 90% with his questions, you may be ready for the exam. I also recommend the Exam Cram, I found the questions in that are a close simulation of what to expect. Also try the practise exams in the CompTIA website. Another thing I would do, is print out the exam objectives, tick off what you are sure you know, and read up what you do not know, or what may be weak areas. You can get them here: Exam Objectives

    I have included some of my notes regarding the above mentioned attacks:

    TEARDROP/TEARDROP2
    The teardrop series of attacks takes advantage of code that does not properly reassemble overlapping UDP packets. Usually associated with the ID protocol.

    Teardrop is a DOS attack that can cause a BSOD with the stop error
    STOP 0x0000000A.

    Teardrop is also known as the Boink attack.

    Teardrop2 is also known as the Bonk attack.
    Teardrop2 uses 20 bytes for data padding, it spoofs the UDP packet lenght, this can allow it to bypass updates, service packs and hotfixes for newer operating systems.

    These attacks are rare due to system updates and patched systems

    PING OF DEATH
    Crashes a system by sending an ICMP packet that is larger than 65,536 bytes, it is broken down into pieces and then sent to be reassembled at the target computer, this process causes massive buffer overflow.

    LAND ATTACK
    Sends spoofed IP packets that have the same destination and source IP address of the system being attacked, causing a DOS. It is similar to a SYN Flood attack, the packets have the SYN flags set to active, in a true SYN flood attack the source Ip is redomized.

    Patching and updating systems helps to mitigate these attacks, modern operating systems are already patched as such, so the above attacks are somewhat rare.

    I hope this is helpful
    The Wings of Technology
  • dneffdneff Member Posts: 6 ■□□□□□□□□□
    Thanks for the reply quinnyfly. I wish I had found this site prior to buying my study materials because everyone here recommends Gibson's books. I also noticed he is very active in the forums as well which is awesome. Looks like I will be checking out his book now to see what I missed from the others. Thanks for the attack information as well, I will be adding that to my notes. Have a good one!
  • DarrilDarril Member Posts: 1,588
    Quinnyfly gave you some great information on attacks. You also mentioned CIA which is a very important concept related to IT security. You might like to check out this blog: Confidentiality, Integrity, and Availability - Security Triad.

    Good luck.
  • dneffdneff Member Posts: 6 ■□□□□□□□□□
    Thanks Darril. I have actually been reading through a number of your blogs tonight. Good information and again a number of things I don't recall seeing, at least not as clearly as you have them stated. Much appreciated.
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    Another for Darril's book. Also use CompTIA's sample exam - take note of any questions you can't answer and research the topics when you are done, then take it again.
    When you go the extra mile, there's no traffic.
  • dneffdneff Member Posts: 6 ■□□□□□□□□□
    With the use of some extra materials I was able to take and pass the exam today on my first attempt! I will say this test was the hardest of all those I have taken thus far and required a firm knowledge of the materials. I found several questions to have some language in them that I dont think a normal person would ever use which complicated them but as long as you can recognize several key words you could get the answer. I actually laughed out loud at one point because I never actually expected to see war driving questions but sure enough I had a few. Its definately a mixed bag on what you expected to see and what you actually were tested upon.

    Thanks to everyone on the forums for posting their experiences and support to all members. It definately makes one feel better come test day.
  • quinnyflyquinnyfly Member Posts: 243
    Congrats Mate, what's up next?
    The Wings of Technology
  • dneffdneff Member Posts: 6 ■□□□□□□□□□
    Well, I am enjoying the security stuff but will probably go for the MCSA (or whatever the new equivalent is) since I have about 5 years experience as a sys admin, so it should be easiest for me to obtain. Also, the job market in my area basically requires sec+ and MCSA to move up so its probably the best play. Afterwards probably linux+ and who knows from there. Regardless of my choice, I'm going to take a break for a week or two and then start hitting the book again.
  • quinnyflyquinnyfly Member Posts: 243
    You do need to have that break between certs, I can only mutsa about 1 or 2 at best, then I am stuffed for the next coupla weeks!!!
    The Wings of Technology
  • KeenerKeener Member Posts: 146 ■■■■□□□□□□
    Congrats on the pass! I understand completely on the break as well. I take my Sec+ next week and then I am going to take some time off before starting the SSCP.
    Pain is only temporary. No matter how bad it gets, it always ends!
  • whatthehellwhatthehell Member Posts: 920
    Congratz on the pass!
    2017 Goals:
    [ ] Security + [ ] 74-409 [ ] CEH
    Future Goals:
    TBD
Sign In or Register to comment.