Options

Alphabet soup of protocols and hashing algorithms

SharkbaitSharkbait Member Posts: 35 ■■□□□□□□□□
in Security+
I'm at the point now where I'm refining my study habits. I'll take a practice test or two and then use the questions I got wrong to continue studying. I'm having a hard time differentiating between what's a protocol and what's an algorithm. The alphabet soup of acronyms is killin' me.

I'm just going to have to flat-out memorize what each one is and what it's for. This could delay my test day by a week or two. I know if I go in and take the test right now, I'll get blown away by any reference to which protocols sit on top of which, and which security algorithms are used for wireless... UGH. :)

-Sharkbait-
· Share on FacebookShare on Twitter

Comments

  • Options
    DarrilDarril Member Posts: 1,588
    Yes, the acronyms can get overwhelming. I wouldn't worry too much about whether an acronym is a protocol or an algorithm though.

    In general, a protocol is a formally defined set of rules while an algorithm is typically a mathematical formula or set of steps. Within the context of Security+, protocols normally refer to network protocols such as DNS, HTTP, ICMP, IPv4, IPv6, FTP, TFTP, Telnet, and so on. Algorithms typically refer to items such as SHA, RIPEMD, AES, DES, 3DES, HMAC, RSA, RC4, SSL, and TLS. Protocols and algorithms often work together. For example, HTTP and SSL (or HTTPS and TLS) work together in HTTPS.

    CompTIA frequently uses acronyms in question specifically to see if you know what they mean so it is extremely important that you recognize them. As an example, this could be a valid question.

    Q. Which of the following is the BEST choice to secure a wireless network?
    A. WPA2
    B. WEP
    C. SSID
    D. IV
    E. AES

    To answer it correctly, you would need to know that WPA2 provides the best security. WEP has been cracked and should not be used. CompTIA implies in their objectives that disabling SSID broadcast is a security method though many security experts disagree because a wireless sniffer can easily discover the SSID even when SSID broadcast is disabled. An IV attack is one of the ways that WEP can be cracked, and you cannot secure a wireless network with IV. While WPA2 uses AES, you cannot apply AES only to secure a wireless network.

    If you don't know what WPA2, WEP, SSID, IV, and AES are, the question would be very difficult. However, when you know what they are, the question becomes extremely easy.

    One free source of all the acronyms is the objectives. Pages 12-15 includes a listing of all the acronyms you should know and spells them out. It doesn't include any definitions though.

    Hope this helps.
    Darril Gibson
    CompTIA A+, Network+, Security+ Blogs
    Daily Network+ and Security+ Test Taking Tips on Twitter
    · Share on FacebookShare on Twitter
  • Options
    SharkbaitSharkbait Member Posts: 35 ■■□□□□□□□□
    Ahhh, ok. When I put them together on a chart (Protocol, Symmetric, Asymmetric, Algorithms), I can arrange them correctly and then make sure I keep everything straight. This helps my notes a lot...instead of having all of this stuff spread out all over in my notes. It makes studying a little easier.

    -Sharkbait-
    · Share on FacebookShare on Twitter
Sign In or Register to comment.