|
Home > Archive > Security+ > March 2004 > Sec+ passed
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| mantis2k 2004-03-20, 2:40 pm |
| Hello all,
Just passed yesterday first try with a 764 (yes, 764 is the cutoff). Only missed 17 out of 100 questions. 90 minutes long.
Here are my impressions:
I used Testtaker's exam guide, Syngress Security+ Guide, and Boson practice exams. I would recommend the Syngress and one other 'good' guide like one of the new ones being released this year or maybe TCat's. Use two or more guides and know them backwards and forwards.
The exam IMHO is quite vexing and frustrating. I've taken many other tests and have 5 years of IT experience and this one was the single most ambiguous and poorly worded exam. With that said, it is a security test which is a field that is also quite ambiguous and poorly worded at times. Anyway, your only hope is to get a couple good study guides and 'completely understand' what every page in them is trying to explain to you.
When taking the test, use common sense and pick the answer you think they are looking for (the study guides should help you with that). None of the practice tests I have taken come close to the difficulty of the exam questions. Be prepared to be tricked, IE. Most questions will contain at least two answers that are almost identical, X.500 or X.509, audit or audit trail, email or email the user, ESP or IPSec, etc.
Alot of other questions will contain phrases like Pick the 'most' common form of social engineering or What is the 'primary' concern with centralized key repositories? Again, the study guides and guessing what they 'want' you to pick is your only hope.
Some questions I still can't find the answer to (ie. What are TCP wrappers used for? and What is the start of the LDAP directory called? top, root, head, or tree).
On a side note, all the questions were only single answer (I didn't have any 'all the above' or 'pick two or more' type questions).
Most of the questions I missed were from the Domain "General Security Concepts" (the exam tells you from what sections the questions you missed were from).
I'll I can say is good luck, because no matter how much you study luck will play a factor. And know cryptography inside and out (ie. be able to teach it to somebody else with all the proper terms).
All the best,
Chris | |
| Supertech 2004-03-20, 4:19 pm |
| Good 4U, Chris! | |
| lseals 2004-03-20, 5:48 pm |
| Congrats | |
|
| Congratulations!
What I have found to be the best way of avoiding the similar/ambiguous alternatives is to read the question thoroughly (of course!), and then attempt to answer it without looking at the answer options. By thinking about the question for a while and not doing the test strictly as a multiple choice, I usually find that I managed to find the correct answer on my own - which then stands out from the other three when you look at the possible answers.
Good to know that there were no "pick all that apply", those are impossible with ambiguous alternatives.
Are there any "fill in the blank"-type questions like in some of the pre-tests? You know, stupid questions like "A ______ user is not a security risk" and it is literally *impossible* to know what they want.
When you say your misses were in Domain 1.0 (General concepts), is that by percent, points, number of questions? After all, domain 1.0 is 30% of the test!
Taking the test on Tuesday... I'll post my own experiences to the forum. | |
| mantis2k 2004-03-21, 6:37 pm |
| I don't remember any fill in the blank questions.
Although, the test seemed to do a good job with the wording as is to allow for sufficient ambiguity. 
At the end of the exam, you get a printout listing the 'areas' that you missed one or more questions in (no percentages). Since I missed 17 questions and there were 17 areas listed by topic, I was able to count how many general security concepts (which were further broken down my type) questions I missed.
Good luck to you...I think your answer strategy should help. | |
| nickaz 2004-03-22, 4:57 pm |
| Q. What are TCP Wrappers used for?
A. TCP Wrappers is a tool commonly used on Unix systems to monitor and filter connections to network services.
The CERT Coordination Center has received confirmation that some copies of the file tcp_wrappers_7.6.tar.gz have been modified by an intruder and contain a Trojan horse. This file contains the source code for TCP Wrappers version 7.6. This Trojan horse appears to have been made available on a number of FTP servers since Thursday, January 21, 1999 at 06:16:00 GMT. Copies downloaded prior to this time are not affected by this particular trojan horse.
The Trojan horse version of TCP Wrappers provides root access to intruders initiating connections which have a source port of 421. Additionally, upon compilation, this Trojan horse version sends email to an external address. This email includes information identifying the site and the account that compiled the program. Specifically, the program sends information obtained from running the commands 'whoami' and 'uname -a'.
II. Impact
An intruder can gain unauthorized root access to any host running this Trojan horse version of TCP Wrappers.
Note: If you have already installed a Trojan horse version of TCP Wrappers, intruders can identify your site using information contained in this advisory. Please read the "Solution" section and take appropriate action to protect your site as soon as possible.
Q. What is the start of the LDAP directory called?
A. Root
An LDAP directory is organized in a simple "tree" hierarchy consisting of the following levels:
The root directory (the starting place or the source of the tree), which branches out to
Countries, each of which branches out to
Organizations, which branch out to
Organizational units (divisions, departments, and so forth), which branches out to (includes an entry for)
Individuals (which includes people, files, and shared resources such as printers)
An LDAP directory can be distributed among many servers. Each server can have a replicated version of the total directory that is synchronized periodically. An LDAP server is called a Directory System Agent (DSA). An LDAP server that receives a request from a user takes responsibility for the request, passing it to other DSAs as necessary, but ensuring a single coordinated response for the user.
What are TCP Wrappers used for | |
| Ddice 2004-03-23, 12:10 am |
| Congrats!! | |
| mantis2k 2004-03-27, 3:53 pm |
| Thanks for definitions Nickaz!
Worth noting that those two definitions are from two completely different sources and that they aren't detailed in any study guides that I've seen so far. (http://www.cert.org/advisories/ and http://searchmobilecomputing.techtarget.com)
Kind of puts the security+ test more in line with Trivial Pursuit than a technical compendium.
The cert.org site is a great source for supplementing your sec+ knowledge though. |
|
|
|
|