Free Security+ Practice Test Questions

April 17, 2012 By Leave a Comment

If you’re preparing for the Security+ SY0-301 exam, you might like to check your readiness with a few free practice test questions. This page includes six free practice test questions, one from each of the six domains in the Security+ SY0-301 exam.

Practice Test Question 1

Q. What can you use to logically separate computers in two different departments within a company?

 

A. A hub

B. A VLAN

C. NAT

D. A flood guard

 

Answer at end of post.

Practice Test Question 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?

 

A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators

 

Answer at end of post.

Pass the Security+ SY0-301 exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Practice Test Question 3

Q. Of the following choices, what best represents an attack against specific employees of a company?

 

A. Phishing

B. Vishing

C. Spim

D. Spear phishing

 

Answer at end of post.

Practice Test Question 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?

 

A. Input validation

B. Phishing

C. Whaling

D. Social engineering

 

Answer at end of post.

Realistic practice test questions for the Security+ SY0-301 exam
Available through LearnZapp on your mobile phone

Practice Test Question 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)

 

A. CAC

B. MAC

C. DAC

D. PIV

 

Answer at end of post.

Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the “Remember This” blocks
Over three hours and 20 minutes of questions and answers on audio

Practice Test Question 6

Q. What type of key is used to sign an email message?

 

A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key

 

Answer at end of post.

These practice test questions are from the CompTIA Security+: Get Certified Get Ahead- SY0-301 Practice Test Questions book. It includes 275 realistic practice test questions with in-depth explanations for the CompTIA Security+ SY0-301 exam. If you’ve been studying for this exam and want to test your readiness, this book is for you.

It is also available as Kindle ebook for only $9.99 and the Kindle version also includes dozens of flash cards to help you reinforce key testable topics. You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:

  • Windows PC
  • MAC
  • iPhone
  • iPad
  • Android
  • BlackBerry
  • Windows Phone 7

You may also like to check out these Security+ blogs:

SY0-301: Exam Answer 1

Q. What can you use to logically separate computers in two different departments within a company?

 

A. A hub

B. A VLAN

C. NAT

D. A flood guard

 

B is correct. A virtual local area network (VLAN) can group several different computers into a virtual network, or logically separate the computers in two different departments.

A is incorrect. A hub doesn’t have any intelligence and can’t separate the computers.

C is incorrect. NAT translates private IP addresses to public IP addresses, and public back to private.

D is incorrect. A flood guard protects against SYN flood attacks.

 

Objective: 1.2 Apply and implement secure network administration principles

All Security+ domain objectives are fully explained in the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

SY0-301 Exam: Answer 2

Q. Employees in the accounting department are forced to take time off from their duties on a regular basis. What would direct this?

 

A. Account disablement policy

B. Mandatory vacation policy

C. Job rotation policy

D. Dual accounts for administrators

 

Answer B is correct. Mandatory vacation policies require employees to take time away from their job and help to detect fraud or malicious activities.

A is incorrect. An account disablement policy (sometimes called an account expiration policy) specifies when to disable accounts.

C is incorrect. Job rotation policies require employees to change roles on a regular basis.

D is incorrect. Dual accounts for administrators help prevent privilege escalation attacks.

 

Objective: 2.1 Explain risk related concepts

SY0-301: Answer 3

Q. Of the following choices, what best represents an attack against specific employees of a company?

 

A. Phishing

B. Vishing

C. Spim

D. Spear phishing

 

Answer D is correct. A spear phishing attack targets a specific person or specific groups of people such as employees of a company.

A is incorrect. Phishing sends email to users with the purpose of tricking them into revealing personal information, such as bank account information, but it doesn’t target specific employees of a company.

B is incorrect. Vishing is a form of phishing that uses recorded voice over the telephone.

C is incorrect. Spim is a form of spam using instant messaging (IM).

 

Objective: 3.2 Analyze and differentiate among types of attacks

If you’re looking for more information on the CompTIA Security+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.

SY0-301: Answer 4

Q. Your organization hosts several websites accessible on the Internet, and is conducting a security review of these sites. Of the following choices, what is the most common security issue for web-based applications?

 

A. Input validation

B. Phishing

C. Whaling

D. Social engineering

 

Answer A is correct. Input validation checks input data, but because so many sites do not use it they are vulnerable to buffer overflow, SQL injection, and cross-site scripting attacks.

B is incorrect. Phishing is the practice of sending email to users with the purpose of tricking them into revealing personal information (such as bank account information).

C is incorrect. Whaling is a phishing attack that targets high-level executives.

D is incorrect. Social engineering is the practice of using social tactics to encourage a person to do something or reveal some piece of information.

 

Objective: 4.1 Explain the importance of application security

SY0-301 Exam: Answer 5

Q. Which one of the following includes a photo and can be used as identification? (Choose all that apply.)

 

A. CAC

B. MAC

C. DAC

D. PIV

 

Answers A and D are correct. A common access card (CAC) and a personal identity verification (PIV) card both include photo identification and function as smart cards.

B and C are incorrect. MAC and DAC are access control models, not photo IDs.

 

Objective: 5.2 Explain the fundamental concepts and best practices related to authentication, authorization and access control

Learn by listening
Key points from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Over one hour and 20 minutes of audio from the “Remember This” blocks
Over three hours and 20 minutes of questions and answers on audio

SY0-301 Exam: Answer 6

Q. What type of key is used to sign an email message?

 

A. Sender’s public key

B. Sender’s private key

C. Recipient’s public key

D. Recipient’s private key

 

Answer B is correct. A digital signature is an encrypted hash of a message, encrypted with the sender’s private key.

A is incorrect. The recipient decrypts the hash using the sender’s public key.

C and D are incorrect. Recipient keys are used with encryption, but not with a digital signature.

 

Objective: 6.1 Summarize general cryptography concepts, 6.2 Use and apply appropriate cryptographic tools and products

If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.


Success is within your reach.

Filed Under: Security+ Tagged With: ,
April 9, 2012 By Leave a Comment

If you’ve been studying for the SSCP exam, you may be looking for a good source of SSCP practice test questions. You’ll find that the SSCP Systems Security Certified Practitioner All-in-One Exam Guide covers the content in the exam but I’m hearing that test questions from the studISCope test banks are the most helpful.

(ISC)2 changes the questions in their live test bank regularly and they also update their practice test questions in the studISCope banks. Here’s a link: https://www.expresscertifications.com/ISC2/Catalog.aspx.

The SSCP is a good next step for many people that have taken and passed the Security+ exam. It will give you a good idea of what to expect from the premier security certification – CISSP – if you choose to take it. Also, many people have the experience to meet the requirements for SSCP, but not CISSP. As a reminder, the requirements are:

  • For the SSCP, you need one year of experience in one the seven (ISC)2 domains.
  • For the CISSP, you need five years of experience on one of the ten domains.

Good luck.

Filed Under: Security+

Free SQL Server 2012 eBook

April 8, 2012 By Leave a Comment

Microsoft Press has released a free ebook on SQL Server 2012 titled Introducing SQL Server 2012, by Ross Mistry and Stacia Misner. If you’re trying to learn some of the new features of SQL Server 2012, this is a great freebie. I haven’t read it cover to cover but have noticed that it includes many of the concepts mentioned in the new SQL Server 2012 exams.

It’s available in multiple formats:

You don’t need a Kindle to read and view Kindle books. You can download free apps for most platforms from Amazon here.

You can also buy a paperback copy for $14.99.

 

Filed Under: Uncategorized

Installing Windows Server 8 as Virtual Server

April 3, 2012 By Leave a Comment

I decided to play around with the beta version of Windows Server 8 and took these notes so you could download and install it on your own. Specifically, these steps will show you how to install a virtual instance of Windows Server 8 on a Windows 7 system.

While these steps will help you install and play around with Windows Server 8, they also let you play around with virtualization which is a topic of growing importance for any certifications.

Windows Server 8

Windows Server 8 is the next server operating system and it’s currently in beta stage. Microsoft has a history of pairing server operating systems with desktop operating systems to fully use the features of both. For comparison, Windows Server 2003 was paired with Windows XP, Windows Server 2008 was paired with Windows Vista, and Windows Server 2008 R2 was paired with Windows 7.

You can expect to see Windows 8 go live later this year, probably in October. Windows Server 8 will probably be released within three months of Windows 8.

Virtual Box

Windows Server 8 is a 64-bit operating system. Unfortunately, the Windows Virtual PC application that is available as a free update on Windows 7 will not run 64-bit operating systems. An alternative is VirtualBox.

You can get a free copy of VirtualBox here: https://www.virtualbox.org/wiki/Downloads.

After downloading it, browse to where you saved it, and double-click it to start the installation. You can just accept the defaults by clicking Next through each screen.

Download ISO or VHD

You can download the Windows Server 8 beta here: http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx. You’ll have the choice of downloading the 64-bit ISO which is a DVD image, or a virtual hard disk (VHD) image. The 64-bit VHD image will run as a virtual system on a Windows Server 2008 R2 system using Hyper-V but it won’t run on Windows Virtual PC.

However, if you download the ISO DVD image, you can use it to install the operating system on Virtual Box running within Windows 7. It’s a 3.3 GB file so it may take a while depending on the speed of your connection.

Windows 8 Consumer Preview

While this article is focused on Windows Server 8, you can also use the steps to download and install the Windows 8 Consumer Preview available here: http://windows.microsoft.com/en-us/windows-8/download

Install VirtualBox

Start VirtualBox by clicking Start, All Programs, Oracle VM VirtualBox, and selecting Oracle VM VirtualBox. During the install, you’ll be prompted several times to install device software. This software is needed for various virtual devices so should be installed. These are signed and the Publisher is identified as Oracle Corporation. When the install completes, click Finish. VirtualBox will then start.

Create a VM

You can use the following steps to create a virtual machine (VM) used for Windows Server 8.

  1. Click the New button on the menu bar. Review the information on the Welcome page and click Next.
  2. Give your VM a name such as Windows Server 8.
  3. On the OS Type ensure that Microsoft Windows is select as the operating system. Select Windows 8 (64-bit) as the Version. Click Next.
  4. The default memory size is 1536. Change this to 2048 and click Next.
  5. Accept the defaults on the Virtual Hard Disk page. This creates a new 20 GB hard disk that can be used to boot (or start up) the VM. Click Next.
  6. Accept the default of VDI (VirtualBox Disk Image) for the new virtual disk and click Next.
  7. Accept the default of dynamically allocated for the virtual disk. Click Next.
  8. On the Virtual Disk File Location and Size page, modify the size to 40 GB. If desired, you can change the location by clicking the folder and browsing to a new location. Click Next.
  9. On the Summary page, click Create.

After the VM is created, Virtual Box will look similar to the following graphic. In the figure, I have both the Windows 8 Consumer Preview and Windows Server 8 installed.

Windows Server 8 VM

It’s worthwhile stating the obvious here. At this point, this VM is empty. Even though it’s named Windows Server 8, it doesn’t have Windows Server 8 installed yet. This is similar to you creating a file in Word and naming it “My Plan for Success”. Just naming the file doesn’t add the contents.

Attach the ISO to the VM

If you were installing this on a new computer, you’d put the DVD into the drive and boot to the DVD. You simulate this by attaching the ISO image to the virtual CD/DVD drive. The following steps show this process.

  1. Ensure the Windows Server 8 VM Is selected and click Settings.
  2. Select Storage. Click on Empty under IDE Controller.
  3. In the Attributes section, click on the CD icon to the right of CD/DVD Drive.
  4. Select Choose a virtual CD/DVD disk file.
  5. Browse to the location where you saved the Windows 8 DVD ISO file and select it. Click Open.
  6. The IDE Controller will no longer be listed as Empty, but instead has the name of the ISO file. It should look similar to the following graphic.

Adding DVD ISO file

Installing Windows Server 8

At this point, you should have the following:

  • VirtualBox installed
  • An empty VM created for Windows Server 8
  • An ISO image file for Windows Server 8 attached to the VM

You can use the following steps to install Windows Server 8.

  1. Select the Windows Server 8 VM in VirtualBox and click Start.
  2. Review the message on Auto Capture Keyboard and the host key and click OK. You will likely see one or more additional messages. Review them and click OK.
  3. When the Install screen appears, click Next. Click Install Now.
  4. Select Server 8 Beta Datacenter (Server with a GUI) and click next. The Server Core installation includes a command prompt but not a graphical user interface (GUI).
  5. Review the license terms, select the checkbox to accept the license terms, and click Next.
  6. Select Custom: Install Windows only (advanced).
  7. The 40 GB drive you created with the VM will be selected as Drive 0 Unallocated Space. Click Next.
  8. The installation will begin and you won’t need to do anything else for a while. Now may be a good time to take a break.
  9. When prompted, enter a password for the Administrator account in the Password and Retype password text boxes. As a test machine, you may want to use something you can easily remember such as P@ssw0rd. Click Finish.

To log in, press the host key plus the Delete key to simulate the CTRL + ALT + DELETE key combination. The host key is the right-CTRL key by default.

Navigation and Shutting Down

The Windows Key (normally located between CTRL and ALT on the left of the spacebar is an important key for navigation and you can use it to toggle between views.

Additionally, there are many different Windows key combinations. One that you’ll want to remember to shut down your system is Windows + i. This will bring up a display similar to the following graphic and you can select the power button to reboot or power down your system.

 

Filed Under: Uncategorized Tagged With: , ,

Free Network+ Practice Test Questions

March 29, 2012 By Leave a Comment

If you’re preparing for the Network+ N10-005 exam, you might like to check your readiness with a few free practice test questions.  This page includes five free practice test questions, one from each of the five domains in the Network + N10-005 domain.

Practice Test Question 1

Q. A company wants to ensure that other mail servers on the Internet can locate its company based email server. What type of record is needed?

A. AAAA

B. MX

C. CNAME

D. PTR

Answer at end of post.

Practice Test Question 2

Q. What can you use to dynamically assign the same IP address to a printer configured as a network device?

A. DNS

B. DHCP reservation

C. SNMP

D. DHCP exclusion

Answer at end of post.

Realistic practice test questions for the Network+ N10-005 exam
Available through LearnZapp on your mobile phone

Practice Test Question 3

Q. You are tasked with purchasing some cable and you have  a choice between plenum and non-plenum cable.  When would you select plenum cable?

A. When complying with fire codes

B. When connecting two similar devices

C. When connecting dissimilar media

D. When protecting against EMI

Answer at end of post.

Practice Test Question 4

Q. You are using Cat 5e cables in your network and recently added a 1 Gbps switch. However, several of the computers are not running at 1 Gbps. Of the following choices, what is the best choice to resolve the problem?

A. Replace the cables with CAT 6

B. Verify the cables with a cable certifier

C. Replace the NICs on the computers

D. Check the cables with a toner probe

Answer at end of post.

Realistic practice test questions for the Network+ N10-005 exam
CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead)
Use on any platform with free Kindle apps from Amazon

Practice Test Question 5

Q. Of the following choices, what will raise an alarm about a possible attack but not block it?

A. Port scanner

B. IPS

C. IDS

D. Honeypot

Answer at end of post.

These practice test questions are from the CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead) available as a Kindle ebook for only $9.99.  You can download free Kindle apps from Amazon so that you can access the ebook from just about any platform including:

  • Windows PC
  • MAC
  • iPhone
  • iPad
  • Android
  • BlackBerry
  • Windows Phone 7

Over 275 realistic practice test questions with in-depth explanations. The Kindle version also includes 175 flash cards to reinforce key testable topics.

You may also like to check out these Network+ blogs:

N10-005: Exam Answer 1

Q. A company wants to ensure that other mail servers on the Internet can locate its company based email server. What type of record is needed?

A. AAAA

B. MX

C. CNAME

D. PTR

Answer:  B is correct. An MX (mail exchange) record is used to locate a mail server and would be configured on a Domain Name System (DNS) server.

A  is incorrect. An AAAA (IPv6 host) record provides the name to IPv6 address mapping and is used for forward lookups. If you query DNS with the name of the host, DNS responds with the IPv6 address of the host.

C  is incorrect. A CNAME (canonical name) record is used to give a host an alias so that it can be resolved with more than one fully qualified domain name (FQDN).

D  is incorrect. A PTR (pointer) record is used for reverse lookups where a query to DNS includes the IP address of a host, and the DNS server responds with the name of the host.

Objective: 1.7 Summarize DNS concepts and its components.

N10-005 Exam: Answer 2

Q. What can you use to dynamically assign the same IP address to a printer configured as a network device?

A. DNS

B. DHCP reservation

C. SNMP

D. DHCP exclusion

Answer: B is correct. Dynamic Host Configuration Protocol (DHCP) is used to dynamically assign IP addresses to network devices including network printers that can be configured as DHCP clients. A DHCP reservation maps the IP address to the printer’s media access control (MAC) address. Once a DHCP reservation is configured,  DHCP will always issue the same IP address to this printer.

A is incorrect. Domain Name System (DNS) is used to resolve host names to IP addresses with A records (also called host records). DNS can also resolve IP addresses to host names with pointer (PTR) records, but it does not assign IP addresses.

C is incorrect. The Simple Network Management Protocol is used to administer and monitor network devices.

D is incorrect. A DHCP exclusion would be used if the printer is manually assigned an IP address within a DHCP scope and you want to ensure that the address is not issued to any other DHCP clients.

Objective:  2.3 Explain the purpose and properties of DHCP.

If you’re looking for more information on the CompTIA Network+ exam, click here.
The link provides a listing of relevant blogs on the Get Certified Get Ahead site.

N10-005 Exam: Answer 3

Q. You are tasked with purchasing some cable and you have  a choice between plenum and non-plenum cable.  When would you select plenum cable?

A. When complying with fire codes

B. When connecting two similar devices

C. When connecting dissimilar media

D. When protecting against EMI

Answer: A is correct. Plenum-safe rated cable is used to  comply with fire codes when a cable runs through a plenum space. A plenum is a space between walls, in false ceilings, and raised floors. Forced air for  heating and air conditioning is commonly sent through the plenum and it’s also  possible to run cables through the plenum. Cables are covered with a plastic  jacket and this plastic jacket on non-plenum-safe cables can emit toxic fumes if burned. Plenum safe cables have a fire retardant jacket and do not emit  toxic fumes.

B is incorrect. A crossover cable is used to connect two similar devices, such as two switches that do not support automatic medium dependent interface crossover (MDIX).

C is incorrect. Media converters or transceivers are used to connect dissimilar media such as an Ethernet cable to a fiber cable.

D is incorrect. Fiber is immune to electromagnetic interference (EMI). Shielded twisted pair (STP) and coax cable are resistant to EMI problems. However, cable identified as plenum-safe is not related to EMI.

Objective:  3.1 Categorize standard media types and associated properties.

N10-005 Exam: Answer 4

Q. You are using Cat 5e cables in your network and recently added a 1 Gbps switch. However, several of the computers are not running at 1 Gbps. Of the following choices, what is the best choice to resolve the problem?

A. Replace the cables with CAT 6

B. Verify the cables with a cable certifier

C. Replace the NICs on the computers

D. Check the cables with a toner probe

Answer: B is correct. A cable certifier is the best choice of those given and it will verify the CAT 5e cables are performing at the CAT 5e specifications. It’s possible for a cable that doesn’t fully meet the specifications to work at 100 Mbps but not at 1000 Mbps.

A is incorrect. Cat 5e cables support 1 Gbps so it not necessary to replace all the cables with CAT 6.

C is incorrect. You may want to ensure that the network interface cards (NICs) support the higher speed and are using auto sense (or auto negotiate). Replacing the NICs wouldn’t be the best choice before testing the cables.

D is incorrect. A toner probe is commonly used to locate the end of a cable in another room, or verify continuity of a cable, but it won’t verify that a cable meets specifications.

Objective: 4.2 Given a scenario, use appropriate hardware tools to troubleshoot connectivity issues.

N10-005 Exam: Answer 5

Q. Of the following choices, what will raise an alarm about a possible attack but not block it?

A. Port scanner

B. IPS

C. IDS

D. Honeypot

Answer: C is correct. An intrusion detection system (IDS) can detect attacks but is typically passive and will not block it. An active IDS can block an attack, though an active IDS is often called an intrusion prevention system (IPS).

A is incorrect. A port scanner can detect open ports but does not detect attacks.

B is incorrect. An IPS will detect and block an attack to prevent a malicious intrusion.

D is incorrect. A honeypot is a system designed to tempt an attacker with false data. An IDS or IPS will often monitor activity on a honeypot, but the honeypot itself doesn’t raise an alarm.

Objective:  5.6 Categorize different types of network security appliances and methods.

What’s next for you after the Network+ exam?
Many people take the Security+ exam shortly after passing Network+.
If you want to take and pass the Security+ exam the first time you take it, check out the
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.


Success is within your reach.

Filed Under: Network+ Tagged With: ,

CompTIA Testing Changes

March 22, 2012 By Leave a Comment

There are a few changes coming up with CompTIA testing you may be interested in. They are going to Pearson Vue exclusively as a testing center and the older version of Network+ will be retiring in August, 2012. Many resources including quality practice test questions for the new CompTIA Network+ exam are currently available.

CompTIA to Use Pearson VUE Exclusively

CompTIA has decided to use a single vendor for testing and has opted to go with Pearson Vue. They have been using both Pearson Vue and Prometric but effective, July 9, 2012, you will no longer be able to take a test at a Prometric testing center.

If you have a Prometric voucher to take a test, you must use it prior to July 8, 2012. After that date, it will be worthless.

Compare to Microsoft

Microsoft took a similar step a few years back, but in a different direction. You could previously take Microsoft exams at either a Pearson Vue or a Prometric testing center. They switched over to a single vendor at end of 2007 but chose to use only Prometric.

Compare to SSCP/CISSP Testing

SSCP and CISSP exams have been available as paper-and-pencil exams but are switching over to computer based testing. Effective June 1, 2012, you’ll be able to register to take these exams (and other ISC2 exams) at Pearson Vue testing centers. ISC2 has been using Pearson Vue for several other exams including CSSLP and CAP.

Network+ Exams N10-004 and N10-005

The N10-005 exam was released by CompTIA in December 2011 and many people are taking it now. The N10-004 exam which was released in 2009 retires August 31, 2012. After that date, you can only take the N10-005 exam. This update is in line with CompTIAs practice of updating their exams every three years.

A common question people ask is “What are the differences between N10-004 and N10-005?” This blog gives some information on these differences.

Realistic practice test questions for the Network+ N10-005 exam
CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead)

Another common question people ask is “Which exam should I take?” The most important consideration is that you should take the exam that you’ve been studying for. In other words, if you’ve been using N10-004 study materials, take the N10-004 exam. If you’re just starting to study and don’t have any materials yet, your best bet is to study the newer exam. It covers topics that are more relevant today.

Also, if life events prevent you from taking the exam before August 31, 2012, you won’t have to start over if you’re studying N10-005 materials. In contrast, if you were studying for N10-004 and missed the August deadline, you’ll need to pick up new study materials.

New A+ Exams on the Horizon

The current version of A+ exams are the 220-701 (Essentials) and 220-702 (Practical Application) exams. These were released in 2009 and an update is due in 2012, three years later. CompTIA has published the objectives for the 220-801 and 220-802 exams but they haven’t provided any information on when these exams will be live. However, it is possible to make educated guesses.

  • CompTIA does three workshops for most of their exams.
  • The third workshop for the N10-005 Network+ exam was July 18-22, 2011 and that exam went live a little over four months later on December 1, 2011.
  • The third workshop for the A+ exams was April 23-27, 2012. It’s very possible these new exams will go live a little over four months later on September 1, 2012.

Similarly, we can predict when the 220-701 and 220-702 exams will be retired.

  • The N10-004 exam retires Aug 31, 2012, nine months after N10-004 was released
  • The 220-701 and 220-702 exams will likely retire six to nine months after the 220-801 and 220-802 exams are released, perhaps at the end of March or June, 2013.

Comparing Security+ Exams

As a comparison, the SY0-201 Security+ exam was released in 2008. New objectives were released in 2011 as SY0-301 and there was an overlap where you could take both exams. The SY0-201 exam retired December 31, 2011 and currently only the SY0-301 exam is available. An update isn’t due until 2014.

Pass the Security+ exam the first time you take it

CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Summary

CompTIA is switching to Pearson Vue testing centers exclusively. If you bought vouchers ahead of time make sure you either purchase Pearson Vue vouchers or use Prometric vouchers before July 9, 2012. The Network+ exam has two active exams N10-004 and N10-005 and the N10-004 exam retires August 31, 2012. The A+ exams are being updated with new 220-801 and 220-802 exams coming out but won’t be live before September, 2012.

Filed Under: Network+ Tagged With: , ,

Network+ Practice Test Questions

March 10, 2012 By Leave a Comment

Network+ practice test questions are now available in the Get Certified Get Ahead series for only $9.99. Use these to help you take and pass the Network+ exam the first time you take it. The book includes:

  • 275 realistic practice test questions
  • Over 175 flash cards

Each practice test question includes in-depth explanations to help you understand why the correct answer is correct and why the incorrect answers are incorrect. Master this content and no matter how CompTIA words the questions, you’ll be able to correctly answer them correctly.

  

The book is organized in five chapters matching the five Network+ domains:

  • Network Concepts
  • Network Installation and Configuration
  • Network Media and Topologies
  • Network Management
  • Network Security

The introduction includes details on the exam to give you an idea of what to expect such as the passing score, time to take the exam, and how to register.

Each chapter includes four sections to meet the needs and learning styles of different users. You can go through the questions in quiz mode and see the answers on the next Kindle screen, go through them without the answers readily available, or read them with the answers and explanations on the same screen. You can choose what works best for you.

Quiz Mode Section

This section includes practice test questions including answers formatted specifically for the Kindle. One screen shows the question. When you decide what you think is the correct answer, go to the next screen to see the correct answer and the in-depth explanation. If the question or answers include an acronym, you’ll see it spelled out in the explanation to help you remember what it is.

Flash Cards

These flash cards are formatted specifically for the Kindle to help reinforce important concepts. One screen shows a flash card type question and the next screen shows the answer. If a flash card question or answer includes an acronym, you’ll see it spelled out in the answer to help you remember what it is.

Practice Test Questions Without Answers

This section repeats the questions in the quiz mode section but the answers are not readily available. You can use this to test yourself to see if you know why the correct
answers are correct, and why the incorrect answers are incorrect.

Practice Test Questions with Answers

This section combines the questions, answers, and explanations so you can use it as a last minute review for any of the domains.

Pass the Security+ exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Free Kindle Apps Available

While the Kindle are great for reading, you don’t need one to use this eBook. Amazon has created free applications you can use on just about any platform including:

  • Windows PC
  • MAC
  • Android
  • iPhone
  • iPad
  • BlackBerry
  • Windows Phone 7

You can also read books in some web browsers through the Kindle Cloud Reader.

Mobile App Coming Soon

The folks at LearnZapp are working on a mobile app with this content too. The mobile app includes an interactive test engine and will be available for the following platforms:

  • iOS devices including iPhones and iPads
  • Android devices
  • Barnes and Noble Nook
  • BlackBerry

The Network+ app will be using the same format as their successful Security+ app.

Networking Concepts

If you’re looking for a book to understand networking concepts, check out Microsoft Network Essentials. It was writen for the Microsoft Technology Associates (MTA) Networking Fundamentals exam (98-366) but some instructors are using it to teach Network+ classes.

Summary

If you’re studying for the Network+ N10-005 exam and want a resource to help you take and pass the exam the first time you take it, check out the CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead). At only $9.99 it’s a steal.

 

Filed Under: Network+ Tagged With: ,

Taking Action for Success

March 7, 2012 By Leave a Comment

“Only action is action.”

— Brian Tracy

The third step to achieve success with any worthwhile goal you desire is to take action. It sounds simple to say that you need to take action to achieve your goals, but it is also a step that stops many people in their tracks. Many people have great ideas related to their goals but they don’t take action and their ideas slip away.

This is part of a four article series outlining the steps to achieve success with any worthwhile goal you desire.

If you’ve set a goal, written it down, and think about it regularly, ideas to achieve it will come in different forms of inspiration. Inspiration ignites ideas that will burn brightly for a short time and if you’re willing to embrace the ideas with action you can convert them into success. However, if you just allow yourself to be momentarily amused by the inspirational spark, these ideas will fade and disappear.

Once you’ve set a goal and begin receiving inspiration, you must start taking action. It doesn’t matter how big or small the action is. It only matters that you start and you continue. Success will follow.

There’s an old joke told about a spiritual man named Matt who found himself in dire financial need. When he was laid off his job, Matt prayed to God “Please let me win the lottery.” Several lottery drawings passed but he didn’t win. As he was about to lose his home, Matt again prayed “Please let me win the lottery.” Several more drawings passed but still no winnings. One more time he prayed, but this time he asked “God, why have you forsaken me? Why won’t you help me?” Suddenly the heavens opened up and he heard a voice boom down to him “Matt, meet me halfway. Buy a lottery ticket.”

I’m not suggesting you spend your money on lottery tickets, but I am strongly suggesting that you need to take action. You may find that even the smallest steps will catapult you closer to your dreams than you thought possible. Without action, your ideas may simply disappear into empty dreams.

Take Action Regularly

Your future is created by what you do today, not tomorrow.”

- Robert Kiyosaki

Whatever goal you pursue, it’s important to regularly take action toward that goal. You don’t have to put 100 percent of every waking moment on achieving a goal, but you do need to regularly spend time with any goal.

As an example, if you want to stay healthy, many experts recommend at least 30 minutes of exercise at least three times a week. However, if you miss a month of exercising, you can’t go to the gym and work out for six hours to make up the time. It just doesn’t work that way.

Additionally, after the month of missed exercising is past, you may find that you can’t even do the same level of exercise you did a month ago. If you’re pursuing a goal, spend time with it regularly. This keeps up the momentum. If you stop, you’ll lose your momentum and any progress may be lost.

Expect Obstacles

Sometimes adversity is what you need to become successful.”

- Zig Ziglar

As you pursue any goal, you should expect obstacles to appear but it’s important to remember that obstacles are rarely roadblocks. An obstacle doesn’t mean that you should stop pursuing your goal. Instead obstacles are often opportunities to look at things a little differently.

There’s an old story about a farmer whose donkey fell down a hole that he had left uncovered. The farmer couldn’t think of a way to get the donkey out and ultimately decided the donkey was old and the hole needed to be covered up anyway. He enlisted the help of his neighbors and they began shoveling dirt into the hole.

At first, the donkey was braying horribly with each shovel of dirt that fell on him. But then he quieted down. The farmer looked down into the hole and saw that as each of shovel of dirt hit the donkey’s back, he shook it off and took a step up. As everyone continued to shovel dirt into the hole, the donkey continued to shake it off and take another step up. In time, the donkey was able to step over the edge.

When an obstacle to your goal comes up, your first inclination may be to fight it. However, if you’re able to shake off the nuisance of the obstacle, you may be able to use it as an opportunity to get closer to your goal. If you’re able to resist an urge to fight, you may be able to look at any obstacle from a different perspective.

One of the reasons people choose not to act is the fear of making mistakes. However, mistakes are a part of the learning process and part of what can move you forward. If you never try, you’ll never identify what works and what doesn’t. Making mistakes is good. The only problem occurs if you are unable to learn from your mistakes and you repeat them.

 

Filed Under: Uncategorized Tagged With: , ,

SQL Server 2012 Certifications

March 5, 2012 By Leave a Comment

I just saw where the SQL Server 2012 certification tracks are announced (listed at the bottom of the page). I was having trouble making the seven exams line up to three tracks before and now I understand why. There are only two tracks. They are:

Data Platform (this is related to an administrator)

  • 70-461 Querying Microsoft SQL Server 2012
  • 70-462 Administering Microsoft SQL Server 2012 Databases
  • 70-463 Implementing a Data Warehouse with Microsoft SQL Server 2012
  • 70-464 Developing Microsoft SQL Server 2012 Databases
  • 70-465 Designing Database Solutions for SQL Server 2012

Business Intelligence (this is related to a developer)

  • 70-461 Querying Microsoft SQL Server 2012
  • 70-462 Administering Microsoft SQL Server 2012 Databases
  • 70-463 Implementing a Data Warehouse with Microsoft SQL Server 2012
  • 70-466 Implementing Data Models and Reports with Microsoft SQL Server 2012
  • 70-467 Designing Business Intelligence Solutions with Microsoft SQL Server 2012 Platform

Each track requires a candidate to take and pass a total of five exams. The first three exams are the same for both tracks, but the last two are different. Also, it looks like they are abandoning the MCITP name for the SQL 2012 certifications and just calling them Professional-level certifications.

I’m really wondering how popular these tracks will be. Five exams for either of the certifications sounds quite challenging, and in my experience, the database certifications aren’t valued as highly as the network certifications (such as the server MCITP certifications). On the administration side, an administrator pursues and completes a server track, and then may also specialize with database servers.

In contrast, SQL Server 2008 has these three tracks:

MCITP: Database Administrator 2008

  • Exam 70-432: TS: Microsoft SQL Server 2008, Installation and Maintenance
  • Exam 70-450: PRO: Designing, Optimizing and Maintaining a Database Server Infrastructure using Microsoft SQL Server 2008

MCITP: Database Developer 2008

  • Exam 70-433: TS: Microsoft SQL Server 2008, Database Development
  • Exam 70-451: PRO: Designing Database Solutions and Data Access Using Microsoft SQL Server 2008

MCITP: Business Intelligence Developer 2008

  • Exam 70-448: TS: Microsoft SQL Server 2008, Business Intelligence Development and Maintenance
  • Exam 70-452: PRO: Designing a Business Intelligence Infrastructure Using Microsoft SQL Server 2008

 

Filed Under: Uncategorized Tagged With: ,

Network+ Hardware Tools

March 3, 2012 By Leave a Comment

If you’re planning on taking the Network+ exam soon, you may want to review the hardware tools used to troublshoot connectivitity.  I was recently doing some work with Network+ practice test questions and ended up creating a short list for my own use. This list doesn’t provide complete details of these tools, but it should give you enough for the Network+ exam.

Many people are using the Microsoft Windows Networking Essentials book to help prepare for the the Network+ exam. This book was actually written for the MTA 98-366 Networking Fundamentals exam but there is a lot of crossover. I’m developing some Network+ practice test questions that can also be used to help people take and pass the Network+ exam the first time they take it.

Cable Tester

Cable testers verify that a cable is wired accurately and doesn’t have any breaks in it. You can use it to check a cable after connecting connectors to the cable. Additionally, you can use on cables you suspect are faulty due to problems such as being stepped on or run over by a chair.

Check out google images.

Cable Certifier

A cable certifier is used to verify that a cable meets its specifications such as the bandwidth and frequency. For example, it can verify a CAT 5e cable meets specifications and supports speeds of 1000 Mbps, and can verify a CAT 6 cable supports speeds of 10 Gbps.

Check out google images.

Crimper

A crimper is tool used to attach a connector to a cable. As an example, technicians commonly use a crimper to attach an RJ-45 cable onto a twisted pair cable.

Check out google images.

Butt Set

A butt set is used by telephone technicians to test telephone lines. It includes a handheld set used to make phone calls and do testing. The handheld set has pushbuttons to enter phone numbers and codes, a speaker, and microphone. Technicians connect it to phone lines with alligator clips.

Check out google images.

Toner Probe

A toner probe allows you to place a tone on one end of a wire and then locate the other end of the wire by finding the wire that has the tone. It includes two components: a tone generator and a speaker. You connect the tone generator onto one end of the cable to place a tone on the cable. You can then go to the other end of the cable in another room. The speaker has a probe you can touch to individual cables and the tone plays on the speaker when you’ve found the correct cable.

Check out google images.

Punch Down Tool

Punch down tools are used to terminate cables to jacks, or connect cables to wiring blocks such as 66 block or a 110 block. Punch down tools are spring loaded requiring just a little pressure by the technician. The technician positions the wire over the connection and pushes it in with the punch down tool. When the spring releases, it strips the insulation off the wire and secure the wire into the connection.

Check out google images.

Protocol Analyzer / Sniffer

A protocol analyzer (also called a sniffer) can capture packets traveling over the network for analysis. These packets can be saved in a capture file, inspected, and analyzed. Information within packets includes the source and destination IP addresses, source and destination media access control (MAC) addresses, source and destination ports, and payload data.  If data is sent across the network in clear text (not encrypted), it can easily be viewed in the protocol analyzer.

Protocol analyzers can be hardware devices or software programs running on a computer.

Administrators use a protocol analyzer to analyze network activity and troubleshoot problems on a network.  For example, if they
suspect an unauthorized peer-to-peer software application is running on the network, they can use a protocol analyzer to verify their  suspicions and identify which computer is running the application. If they suspect an Internet-based server is being attacked, they can use the sniffer to capture and analyze the traffic sent to the server.

Attackers also use sniffers. For example, wireless attackers use wireless sniffers to capture wireless traffic. Once captured, it’s relatively easy to discover information such as the service set identifier (SSID) even if SSID broadcast is disabled, or to detect MAC addresses allowed via a MAC address filter.

Pass the Security+ exam the first time you take it:
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Environmental monitor

An environmental monitor logs environmental conditions such as temperature and humidity. It is useful in server rooms or data centers
to identify problems in environmental controls before they cause problems for the equipment. Many include logs that can be used to see if there is any relationship between system problems and environmental controls. For example, an overworked or failing air conditioner can result in systems overheating and randomly rebooting. The reboot times can be matched to the temperatures recorded in the environmental monitor logs.

Check out google images.

Loop back plug

A loop back plug swaps the send and receive signals on a single connector and can  be used for testing ports. Data sent out the send pins is looped back to the receive pins and if it succeeds it verifies the port is working. Loopback plugs are commonly used to check network interface card (NIC) jacks and ports on switches.

Check out google images.

TDR

A time domain reflectometer (TDR) is used to identify the location of a break in a cable. It sends a signal down the wire and when the signal reaches the break, it is reflected back. The TDR is able to measure how much time it takes for the reflected signal to arrive and based on the time it can determine the exact location of a break. For cables that are hundreds of feet in length (or more), the TDS is invaluable in troubleshooting breaks.

A TDR can also identify the location of less severe problems. For example, if a cable is nicked, it affects the electrical characteristics of the cable and the TDR shows these differences, and the location of the problem.

Check out google images.

OTDR

An optical time domain reflectometer (OTDR) measures the distance between cable ends for a fiber optic cable. It works similar to how a TDR works by sending a signal down the fiber cable and measuring how long it takes the signal to return. An OTDR will work with fiber cable.

Check out google images.

Summary

If you’re plannin on taking the Network+ exam soon, this list of hardware tools are important to know.  Good luck.

Filed Under: Network+ Tagged With: ,
« Older Posts