March 2021

Article

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Henry would like to capture network packets from the command line. What command would best meet his needs? A. dd B. tcpdump C. FTK D. Wireshark Correct Answer: B Tcpdump is a command-line packet capture utility. Wireshark is also a packet capture utility but it is designed for interactive use through a GUI. FTK and dd are forensic utilities used to capture disk images, not network packets. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Jessica is creating a virtual private cloud (VPC) with a private subnet in her IaaS environment. Which one of the following IP address ranges would not be appropriate for this subnet? A. 172.16.0.0/16 B. 10.16.0.0/16 C. 192.168.0.0/16 D. 181.10.0.0/16 Correct Answer: D The following address ranges are available for use on private networks and subnets: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255. Three of the subnets presented in this question fall into these ranges while the fourth, 181.10.0.0/16 does not. That subnet is a public address range assigned to a particular user and should not be used on a private subnet.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Brynn is concerned about the risks associated with web application attacks and wishes to perform input validation. What is the best place to perform this task? A. In the user's browser via HTML B. On the web server C. In the user's browser via JavaScript D. On the database server Correct Answer: B Input validation should always be performed on the web server. Database servers do not see the full input provided by the user and are not well-situated to perform input validation. Input validation should never be performed at the web browser because a malicious user can disable that validation code. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...