More on this book
Community
Kindle Notes & Highlights
Read between
January 9 - January 13, 2020
When using practice test questions, ensure they have explanations.
scores of at least 90 percent on practice tests
resources at http://gcgapremium.com/501-extras.
I strongly encourage you to repeat the information in the text boxes to yourself as often as possible. The more you repeat the information, the more likely you are to remember it when you take the exam. A tried-and-true method of repeating key information is to take notes when you’re first studying the material and then rewrite the notes later.
Start your MP3 recorder and read the information in each text box for a chapter and the information in the Exam Topic Review section of each chapter.
Read the question, only the correct answer, and the first sentence or two of the explanation in each practice question.
Free Online Resources There are many additional free resources available to you at http://gcgapremium.com/501-extras/, including: • Free online labs
However, a recipe for success in almost any endeavor includes setting a goal.
They pick a date close to the end of the course and register. I’ve found that when we do this, about 90 percent of the students take and pass the exam within one week after completing the course.
However, many people regularly pass it and you can pass it,
These include matching, drag and drop, and data entry questions.
http://blogs.getcertifiedgetahead.com/security-blog-links/.
https://blogs.getcertifiedgetahead.com/security-blog-links/.
Many people memorize practice test questions and answers. However, this is not a successful path to success because CompTIA often modifies the questions. Ideally, you should know why the correct answers are correct and why the incorrect answers are incorrect.
Mike Chapple. They’re available on Lynda.com
http://gcgapremium.com/501-extras/. Additionally, you can check this book’s
A use case describes a goal that an organization wants to achieve.
check out the Steganography Lab in the online exercises for
a hash is simply a number created by executing a hashing algorithm against data, such as a file or message.
A hash is simply a number created by applying the algorithm to a file or message at different times.
• Least privilege. The principle of least privilege specifies that individuals or processes are granted only the privileges they need to perform their assigned tasks or functions, but no more. Privileges are a combination of rights and permissions.
known as operational or management controls. They help ensure that day-to-day operations of an organization comply with the organization’s overall security plan. People (not technology) implement these controls. Operational controls include the following families:
Chapter 9. However, it’s important to realize that many of these are also technical controls. For example, a fire suppression system is a physical security control because you can touch it. However, it’s also a technical control because it uses technologies to detect, suppress, or extinguish fires.
This includes disabling unnecessary ports and services, implementing secure protocols, using strong passwords along with a robust password policy, and disabling default and unnecessary accounts.
software that creates, runs, and manages the VMs is the hypervisor.
The physical system hosting the VMs is the host.
Application cell virtualization or container virtualization runs services or applications within isolated application cells (or containers).
VM on a server. One benefit of using a VDI/VDE is that user PCs can have limited hardware resources.
a persistent virtual desktop, each user has a custom desktop image.
Virtual desktops that support non-persistence serve the same desktop for all users.
Kali Linux is a free Linux distribution used by many security professionals for penetration testing and security auditing.
As you read through this section and learn about these tools, I strongly encourage you to run the commands. You will also find some basic commands that you can run through in the online labs at http://gcgapremium.com/501labs/. A challenge many test takers have is that they don’t have a Linux system to play around with these commands. If you can’t enter them and see what they do, you might have trouble with even the easy questions. The online labs include labs you can use to create a virtual Linux environment on a Windows system.
Check out the online Linux lab for different ways to query help on Linux systems.
replies. On Linux-based systems, ping continues until you press the Ctrl + C keys to stop it.
Many denial-of-service (DoS) attacks use ICMP to disrupt services on Internet-based systems. To protect systems, firewalls commonly block ICMP traffic to prevent these attacks from succeeding.
You can also use ping to check the security posture of a network.
For example, a simple distributed denial-of-service (DDoS) attack can send thousands of pings to a server and overload it.
You can use ping to simulate an attack from a couple of computers to repeatedly send ping requests. If the IPS is working, it will block these attacks and the pings will stop receiving replies.
Technicians often use ipconfig as a first step when troubleshooting network problems.
Promiscuous mode allows a NIC to process all traffic it receives.
Windows systems use ipconfig to view network interfaces. Linux systems use ifconfig, and ifconfig can also manipulate the settings on the network interfaces. You can enable promiscuous mode on a NIC with ifconfig. The ip command is similar to ifconfig and can be used to view and manipulate NIC settings.
The tracert command lists the routers between two systems.
Network administrators typically use tracert to identify faulty routers on the network. Ping tells them if they can reach a distant server. If the ping fails, they can use tracert to identify where the traffic stops.
From a security perspective, you can use tracert to identify modified paths.
From another perspective, you can identify if Internet paths have been modified.
ARP resolves IP addresses to MAC addresses and stores the result in the ARP cache.
You can also use arp to identify the MAC address of other systems on your local network. As an example, imagine you want to identify the MAC address of server1. You can ping server1 and ARP will identify server1’s IP address. You can then use arp -a to show the ARP cache, which includes the MAC address for server1.
Authentication, authorization, and accounting (AAA) work together with identification to provide a comprehensive access management system.
If users can bypass the authentication process, the authorization and accounting processes are ineffective.
Although this looks like a high number of possibilities, there are password-cracking tools that can test more than 20 billion passwords per second on desktop computers with a high-end graphics processor. An attacker can crack a 10-character password using only lowercase characters (141 trillion possibilities) in less than two hours.
