Practice Test Questions

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following statements about modern implementations of syslog is incorrect? A. The rsyslog daemon does not support encryption B. The syslog-ng daemon is newer than the rsyslog daemon C. The syslog-ng daemon only supports UDP, not TCP D. The rsyslog daemon limits message sizes to 1,024 characters Correct Answer: B Modern implementations of syslog avoid many of the limitations of the original protocol. Both rsyslog and syslog-ng support TCP communications and encryption. They are also not subject to the 1,024 character limit of the original protocol. The rsyslog daemon (2004) is, however, newer than syslog-ng (1998).   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Gavin has been tasked with collecting several types of forensic information from a system involved in a security incident.  Which one of the choices below lists the preferred order in which he should collect this evidence, from first to last? A.  RAM first, then virtual memory, then SSD, and finally backups B. Virtual memory come first followed by RAM, SSD, and backups C. RAM first, then virtual memory, then backups, and wrapping up with SSD D. Virtual memory, then move to RAM, then backups, and then SSD Correct Answer: A The order of volatility says that you should first collect the evidence most likely to be destroyed first. The proper ordering of these evidence sources in order of volatility is RAM first, as the contents of RAM are deleted when the system is turned off. The next step is to collect the virtual memory paging file, as this file is frequently modified. Next, Gavin should collect other files stored on the SSD disk. Backups are the least volatile item and they can be collected last.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. What Linux command allows you to view the contents of the system journal that are currently stored in memory? A. Sysview B. Syslogd C. Journalview D. Journalctl Correct Answer: D Sysview and journalview are not Linux commands, making them incorrect answers .The journalctl command is used to view the contents of the system journal, which is stored in memory. This is the correct answer. Syslogd is the daemon used to write syslog entries to disk, making it an incorrect answer as well.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...