Tags: 70-410, scott winger, Study hints, study resources, vade mecum
Editor’s note: today’s guest post was written by IT instructor Scott Winger. Scott is a computing technologist at the University of Wisconsin in Madison and a technical editor for VMware Press. He also teaches continuing education classes in IT for Madison College.
In Part 1, I provided a timeline for gathering resources and working yourself up to exam day. In this post, I’m going to focus on the exam’s content and provide examples from each of the 70-410 Objective Areas. In Part 3 I’ll provide tips for developing the required knowledge.
Vade Mecum (rhymes with shoddy kaboom): a handbook or guide that is kept constantly at hand for consultation. It’s the term elite computer scientists use when referring to a technical manual or field guide. But different types of manuals have different purposes:
- “Run Books” tell you every keystroke for building a particular server, but are, by intent, skimpy on concepts.
- The “Mastering,” “Unleashed,” and “Inside Out” tomes give an overview of every existing role and feature.
- White papers tend to be a vendor’s promotion of their product or a think tank’s comparisons and recommendations.
For passing the 70-410, a simple, custom-made field guide is a surprisingly effective learning tool.
I emphasize custom-made because building it also builds the neuronal pathways you’re going to need. And, for passing the 70-410, it’s the pathways, i.e., the learning, we’re after, though, as you’ll see in the next post, rote memorization will play a key role too.
After taking the exam you’ll have the beginnings of a custom-made Server 2012 reference; but that’s just a bonus. As for format, .html .docx, .pdf, .txt, pen and paper, take your pick. Just make sure you can have a copy in your hands in the waiting room at the exam center for last-minute review – before you check in.
So, right out of my personal Server 2012 reference, here are some samples of questions you must be able to answer quickly and confidently when you take your 70-410 exam, broken down by exam objective.
Install and configure servers (15–20%)
What are the important differences between Windows Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2?
What are the Server 2012 license types? How are they different?
What can you do when you run Server 2012’s setup.exe that you can’t do when you boot from the install DVD? And the reverse?
What is PowerShell Desired State Configuration? What are its requirements?
Configure server roles and features (15–20%)
Can you use RSAT on a Server 2008 or Windows 7 machine to remotely manage Server 2012 or Server 2012 R2 servers?
What is a “server pool” in the context of Server Manager 2012?
What are the limitations of Server Manager 2012 when managing Windows Server 2003 and 2008 servers?
What software must you install on Server 2003 servers in order to include them in Server Manager 2012 Pools? And on Server 2008?
What are “Work Folders” and what are the major steps for setting up the “simple” Work Folder configuration?
What are the architectural differences between the 6to4 and Teredo IPv6-over-IPv4 Tunneling Protocols? What has to be unblocked if you’re going to implement 6to4 and why? What are the optimal use cases for each?
What are the TCP and UDP ports that must be allowed in to a VPN server using PPTP? SSL? IPSec?
What are the tasks that can be done with Administrative Center that can’t be done with Active Directory Users and Computers?
What is iSNS and what is it used for?
What are the DHCP Code Numbers for the following DHCP Options:
• NetBIOS Name Server
• DHCP Relay Agent Information
• DNS server
• Domain Name
• NetBIOS Node Type
What are the IPv6 address prefix bit patterns? What are they each called? How are they used?
What is the maximum number of subnets you could create given this address space: 2001:5860:b002:3000::/53? And why? What is this address’ IPv6 prefix bit pattern? What is the type of this IPv6 address?
What is an ISATAP DNS host record, and how is it used? What, exactly, does an ISATAP device do?
What is an IPv6 port proxy, and when would you use it?
How do you configure a DNS server to always request name resolution services from the Source of Authority (SoA) DNS server for a particular name space?
What is the purpose of the built-in DNSUpdateProxy Security Group?
What is the purpose of the InetOrgPerson object?
What are the types of AppLocker rules, and how do they differ from each other?
What was the predecessor to AppLocker called? How does AppLocker differ from its predecessor?
If you anticipate migrating to AppLocker from its predecessor, what preparatory decision will make this migration easier?
What are the TCP and UDP ports that are required for PPTP-based VPNs? SSTP? L2TP? What do these acronyms stand for? How are these protocols different? Which, if any, of these protocols are usually preferred? Why?
What must be configured to allow a Windows Deployment Server to be on a separate subnet from the clients to which it deploys operating systems?
What are the mechanics of DNS conditional forwarding?
Configure Hyper-V (15–20%)
What, exactly, does paravirtualized mean? What are the Microsoft terms for paravirtualized and non-paravirtualized components?
What are the most important new features and roles in Hyper-V 2012? What are they for?
What can and, as importantly, can’t, members of the Hyper-V Administrators group do?
What are the differences between .vhd and .vhdx files? What version of Windows Server introduced each?
In Hyper-V, what is “Dynamic Memory”? What is “Startup Memory”?
Why are five disks required to protect against the failure of two disks in a mirrored set?
What is Virtual Machine Chimney? What does it mean when we say that this feature has been deprecated?
Why is the Allow management operating system to share this network adapter setting required if I want one VM’s NIC to have more bandwidth than another VMs’ NICs?
Deploy and configure core network services (15–20%)
What are the command line switches for diskpart, and what does the “clean” switch do?
What features are added to a Core Installation of Server 2012 when you enable “Desktop Experience?”
What does the Configure-SMRemoting.exe command do?
What does cmdkey do?
What does the wmic qfe list command do? What do “wmic” and “qfe” stand for?
Install and administer Active Directory (15–20%)
How do you use Active Directory Users and Computers to set a default tray selection on a printer?
Why does inter-site replication for Global Security Groups require more [or less] network bandwidth than inter-site replication for Universal Security groups?
What are the various types of Domain Security Groups to which the various types of Domain Security Groups can be converted? And for each pair of conversions, describe why it is or is not allowed and list the memberships that must be eliminated before conversion will be possible.
Do domain controllers have local Security Groups? Why or why not?
What, exactly, is a Security Principal?
Create and manage Group Policy (15–20%)
What are the things that can be done with Group Policy Preferences? How are Group Policy Preferences different from standard Group Policies?
What version of Windows Server first provided Group Policy Preferences?
As I said before, if you’ve got comments, I’d like to hear ’em!
Thanks in advance, and good luck.
Tags: 70-410, free stuff, resource review, study checklist, study resources, study tips
Editor’s note: today’s guest post was written by IT instructor Scott Winger. Scott is a computing technologist at the University of Wisconsin in Madison and a technical editor for VMware Press. He also teaches continuing education classes in IT for Madison College.
You did the labs, looked at countless flash cards, and sat almost two dozen mock exams. You read: tons. You paid your hundred and fifty bucks. Now you’ve just clicked End Exam on the real deal, the Microsoft 70-410: Installing and Configuring Windows Server 2012 exam.
So, in the second or two that Microsoft takes to grade your work, there’s a moment of confidence and pride because you know you nailed it. And then the confirmation appears: “Congratulations! You’ve passed.”
The above was my experience.
But how will you achieve that End-Exam moment of confidence and pride?
What do you need to buy?
What are the steps?
This set of posts, “Passing the Microsoft 70-410 exam,” will help you answer those questions. I’ll provide closely focused examples from each of the official objective areas to help you know, how, where, when, and on what to focus your three required types of effort: lab work, research, and drilling.
What to Buy
The serious student who lacks reasonable access to a server will need to pay for labs, textbooks, or even training at some point. However, the good news is that there are many professional-level resources available for free.
For the price of a simple login, the Microsoft Virtual Academy allows you to customize a course of targeted videos and some basic self-assessment materials. The following link will deliver over 20 mini-courses for you to explore:
On the TechNet Video channel, you can access a series of screencasts and technologies geared for IT pros:
These overviews can be a great way to gain confidence in the material. However, for serious study and practice assessment, you’ll probably want to investigate the following resources, all of which I can recommend from personal use.
Craig Zacker wrote the Microsoft Official Academic Curriculum, Installing and Configuring Server 2012 R2. This course is available as both a textbook and a lab manual, and they are superbly constructed. And, not only did Craig team up with Microsoft’s Server 2012 team to write this book, but if you don’t have access to a machine with at least 12GB of RAM and an i5 class or better processor, you can buy a MOAC edition that comes with the Microsoft Official Academic Curriculum Labs Online space, which provides all the horsepower you’ll need for doing the labs.
(Note: the “Server 1” course I taught at my local Technical College came right out of Craig’s book. So check out the course catalog of your nearest Technical or Community College. You may be surprised how pertinent, affordable, and enriching these institutions can be.)
The next vital acquisition is one of the Server 2012 R2 tomes, which are designed to cover every role and feature and provide the valuable insights of their highly qualified authors. I used Mark Minasi’s Mastering Windows Server 2012 R2, and found it to be excellent.
When you’re ready to test your knowledge, Transcender.com’s 70-410 Exam Engine is not an option: it’s essential. The only question is when to buy it. (Read on for my recommendations for timing your purchase.) However, at this early stage, it’s worth joining the Transcender Club (a free login) so that you’ll be notified of any flash sales and possibly score yourself a discount.
Finally, of course, you’ll have to register and pay for the exam. Microsoft frequently rolls out a Second Shot program, which allows a free exam retake in case you don’t pass the first time. It’s worth checking their Special Offers page on a regular basis while you’re still in learning mode. And as of this writing, I see you can download a free e-book by Mitch Tulloch, Introducing Windows Server 2012 RTM Edition (PDF, Mobi, EPub).
That’s it. Buy the above things at the right times as described below, and work with them as they were designed to be used, and you can pass the difficult 70-410 with confidence.
What to Do (and when to do it)
To get started, buy Craig’s book and lab manual. And if you don’t have access to the computing power you’ll need, buy them with the online lab space. And buy one of the Server 2012 tomes.
Next, spend about a hundred hours reading Craig’s book cover to cover, doing the labs as you go. (If you didn’t purchase the edition with online labs, refer to the free Microsoft Virtual Academy and TechNet video training.) During this lab/research phase, you should supplement your reading with TechNet’s Server 2012 collection and by skimming the related sections in your tome.
There are also quite a few excellent resources on the web. Microsoft’s TechNet Library should live in your bookmarks bar. (See http://technet.microsoft.com/en-us/library/hh801901.aspx )
When you’ve finished the research/lab phase, it’ll be time to buy the Transcender 70-410 test engine and drill with the flash cards and the mock exams. Your goal in this phase is to score in the mid-80 percentages each day for the entire week leading up to your exam. Remember, to be eligible for Transcender’s Pass Guarantee, you’ll need to take your exam within six months of the purchase date. (Also remember that if you buy the Exam Voucher with your test engine, that cost is not covered by the guarantee.)
In my next post I’ll describe how you can create a personalized Server 2012 study guide while doing your labs, research, flash cards, and mock exams. I’ll also focus in on questions from each of the 70-410 objective areas.
If you’ve got comments, I’d like to hear them.
Thanks in advance and good luck.
Tags: mobile app, PMI, PMP, pmp5ed, study resources
Do you need help memorizing all of those tricky project management terms and concepts? Do you want to keep your flash cards handy for studying on the go? Try our new Transcender Flash mobile app to study for your PMI Project Management Professional 5th Edition certification!
For now the app is compatible with all Android devices running 4.0 or higher. Our iPhone app will be released later in the year.
Our app features:
- Over 1,000 questions covering all exam objectives
- Simple and intuitive flash card interface
- Easy self-grading
- Answer history tracking and reporting
- Customizable based on your reading preferences
- Supports Android devices running Ice Cream Sandwich (4.0) and higher
Check out the video demonstration on YouTube!
Tags: CompTIA, Security+
In my first post, I covered the overall changes from SY0-301 to SY0-401. I described how the exam is moving from “tell” to “show and tell,” with more emphasis on applying your knowledge to scenarios than simply answering fact-based questions.
In my second post, I went into detailed changes in the first three domains. This post will wrap up the topic-level changes that will affect those who previously studied for the SY0-301, as well as those who are approaching the Security+ exam for the first time. I’ll also cover the alphabet soup of new acronyms added to the list of “terms you should be familiar with.” Hang on to your hats!
Domain 4: Application, Data and Host Security Changes
Domain 4.1 is “Explain the importance of application security controls and techniques.” There are two new topics for this domain: NoSQL databases vs. SQL databases, and Server-side vs. Client-side validation.
In SY0-301, mobile devices were covered as a subdomain of Domain 4.2, “Carry out appropriate procedures to establish host security.” The 2014 test makes mobile devices the sole topic of Domain 4.2, which is now called “Summarize mobile security concepts and technologies.” This domain covers these topics, all of which are new to the Security+ exam (with the exception of GPS):
- Device security
- Full device encryption
- Remote wiping
- GPS (included in 4.2 in SY0-301)
- Application control
- Storage segmentation
- Asset tracking
- Inventory control
- Mobile device management
- Device access control
- Removable storage
- Disabling unused features
- Application security
- Key management
- Credential management
- Application whitelisting
- Transitive trust/authentication
- BYOD concerns
- Data ownership
- Support ownership
- Patch management
- Antivirus management
- Adherence to corporate policies
- User acceptance
- Architecture/infrastructure considerations
- Legal concerns
- Acceptable use policy
- On-board camera/video
The non-mobile device topics from the old Domain 4.2 are now in the new Domain 4.3, which states “Given a scenario, select the appropriate solution to establish host security.” There are a few new topics in this domain: OS hardening, white listing vs. black listing applications, trusted OS, host-based intrusion detection, and virtualization subtopics (including snapshots, patch compatibility, host availability/elasticity, security control testing, and sandboxing).
Domain 4.4 now states “Implement the appropriate controls to ensure data security” where this SY0-301 domain (which was 4.3) merely asked you to explain concepts in data security importance. The new topics in this domain are cloud storage, SAN, Handling Big Data, data in-transit/data at-rest/data in-use, permissions/ACL, and data policies (including wiping, disposing, retention, and storage).
Domain 4.5 is another new domain, called “Compare and contrast alternative methods to mitigate security risks in static environments” (aka “Did someone hack your refrigerator?”). The topics are divided into Environments and Methods, with the following subtopics:
- Embedded (Printer, Smart TV, HVAC control)
- Android and iOS
- Game consoles
- In-vehicle computing systems
- Network segmentation
- Security layers
- Application firewalls
- Manual updates
- Firmware version control
- Control redundancy and diversity
Domain 5: Access Control and Identity Management Changes
Domain 5.1 now states “Compare and contrast the function and purpose of authentication services” where the SY0-301 domain was about explaining this information. There are only two new topics here: SAML and Secure LDAP.
Domain 5.2 now states “Given a scenario, select the appropriate authentication, authorization or access control,” where the SY0-301 domain asked you to simply explain these concepts. Many of the topics have changed their wording, but are essentially the same concept. The only new topics in this category are authentication (TOTP, HOTP, CHAP, PAP), federation, and transitive trust/authentication.
Domain 5.3 now states “Install and configure security controls when performing account management, based on best practices.” The new topics included in this domain are as follows:
- Account policy enforcement (credential management; Group policy; password history, reuse, and length; and generic account prohibition)
- User access reviews
- Continuous monitoring
Domain 6: Cryptography Changes
Domain 6.1 now states “Given a scenario, utilize general cryptography concepts” where the SY0-301 domain asked you to summarize these concepts, so this is another domain that will now involved scenario-based questions. This domain has four new topics: session keys, in-band vs. out-of-band key exchange, ephemeral key, and perfect forward secrecy.
Domain 6.2 now states “Given a scenario, use appropriate cryptographic methods,” where this SY0-301 domain did NOT mention scenarios. The new topics for this domain are Diffie-Hellman, DHE, ECDHE, cipher suites (specifically strong vs. weak ciphers), and key stretching (PBKDF2, Bcrypt).
Domain 6.3 now states “Given a scenario, use appropriate PKI, certificate management and associated components” and is the result of combining Domains 6.3 and 6.4 from SY0-301 and adding the scenario stipulation. This domain has added topic coverage for certificate authorities and digital certificates, including OCSP and CSR.
Alphabet Soup: Acronyms to Know and Love
The Security+ exam objectives also include a list of acronyms. While I don’t advocate trying to memorize the entire list, it’s good to skim it and read up on terms you’re not familiar with. You may know that concept in practice, but not by the specific name it’s called on the Security+ exam. Or it may be a concept so familiar that it never occurred to you to make an acronym of it (such as TOTP – Top of the Page ).
There are seventy new acronyms on the list (and only one removed – they no longer ask you to remember BOTS as Network Robots). I repeat, don’t panic: many of the new additions to the acronym list were already included as subtopics or topics on SY0-301. Also, the majority of these terms are familiar to anyone who does any kind of work in computers.
The completely new concepts are:
API – Application Programming Interface
ASP – Application Service Provider
BAC – Business Availability Center
BIA- Business Impact Analysis
BPA – Business Partners Agreement
BYOD – Bring Your Own Device
CAPTCHA- Completely Automated Public Turning Test to Tell Computers and Humans Apart
CIO– Chief Information Officer
COOP – Continuity of Operation Planning
CP – Contingency Planning (included as “IT contingency planning” in Domain 2.5 in SY0-301)
CSR – Control Status Register
CSU – Channel Service Unit
CTO- Chief Technology Officer
DHE – Data-Handling Electronics
DNAT – Destination Network Address Transaction
DSL – Digital Subscriber line
DSU – Data Service Unit
ECDHE – Elliptic Curve Diffie-Hellman Key Exchange
ESN- Electronic Serial Number
GPO – Group Policy Object
HOTP – HMAC based One Time Password
HTML – HyperText Markup Language
IRP – Incident Response Procedure
ISA – Interconnection Security Agreement
ISSO- Information Systems Security Officer
ITCP – IT Contingency Plan (included as “IT contingency planning” in Domain 2.5 in SY0-301)
LAN – Local Area Network (was LANMAN, Local Area Network Manager, in SY0-301)
MaaS- Monitoring as a Service
MOU – Memorandum of Understanding
MPLS – Multi-Protocol Layer Switch
MTBF – Mean Time Between Failures (a topic in 2.7 in SY0-301)
MTTR – Mean Time to Recover (a topic in 2.7 in SY0-301)
MTTF – Mean Time to Failure (a topic in 2.7 in SY0-301)
NDA – Non-Disclosure Agreement
OCSP – Online Certificate Status Protocol
OLA – Open License Agreement
P2P – Peer to Peer
PAM – Pluggable Authentication Modules
PBKDF2 – Password Based Key Derivation Function 2
PCAP – Packet Capture
PIV – Personal Identity Verification
ROI – Return of Investment
RPO – Recovery Point Objective
SAML – Security Assertions Markup Language
SAN – Storage Area Network
SCADA – System Control and Data Acquisition
SCEP- Simple Certificate Enrollment Protocol
SEH – Structured Exception Handler
SIEM – Security Information and Event Management
SOAP – Simple Object Access Point
SQL – Structured Query Language
SSD – Solid State Drive
TOTP – Top of the Page
TSIG – Transaction Signature
UEFI – Unified Extensible Firmware Interface
UDP- User Datagram Protocol
URI- Uniform Resource Identifier
UTM- Unified Threat Management
VDI – Virtualization Desktop Infrastructure
WPS – WiFi Protected Setup
WTLS – Wireless TLS
XML – Extensible Markup Language
That’s all, folks!
We have released our SY0-401 practice test, a feat we are especially proud of because we are the first product to market. Please visit the product page for more information!
Well, that’s all I have to say for now. I am sure that you will be hearing from me soon! -Robin
Tags: CompTIA, Performance-Based Testing, Security+, study tips, sy0-401
In my previous post, I covered the overall changes from SY0-301 to SY0-401. I described how the exam is moving from “tell” to “show and tell,” with more emphasis on applying your knowledge to scenarios than simply answering fact-based questions.
In this post I’ll delve into the first three domains and draw out the topic-level changes that may affect your study plan, especially if approaching your three-year renewal in Security+.
(In my final post, I’ll cover domains 4 through 6 and the list of acronyms.)
Domain 1: Network Security Changes
Domain 1.1 now states “Implement security configuration parameters on network devices and other technologies,” where this SY0-301 domain only asked you to explain each security function and its purpose. In addition, all-in-one security appliances are now referred to as UTM security appliances. These are now listed as including URL filters, content inspection, and malware inspection.
Domain 1.2 now states “Given a scenario, use secure network administration principles” where this SY0-301 domain focused on applying and implementing these principles. This particular change means that all questions now written for this domain will include scenarios.
Domain 1.3 now states “Explain network design elements and components” where they SY0-301 domain was only about distinguishing and differentiating between these components. The Cloud computing topic within this domain now has four new subtopics: Private, Public, Hybrid, and Community.
Domain 1.4 now states “Given a scenario, implement common protocols and services” where this SY0-301 domain was only about implementing common protocols. This particular change means that all questions now written for this domain will include scenarios. New protocols added to this domain include: iSCSI, Fibre Channel, FCoE, FTP, SFTP, TFTP, TELNET, HTTP, and NetBIOS. (Most of these were listed in Domain 1.5 in SY0-301 and were moved to this domain.) Also, this domain now includes a listing of port numbers that you should definitely know: 21, 22, 25, 53, 80, 110, 139, 143, 443, and 3389.
Domain 1.5 now states “Given a scenario, troubleshoot security issues related to wireless networking” where this SY0-301 domain was actually domain 1.6, where it read “Implement wireless network in a secure manner.” Once again, this domain change means that all questions now written for this domain will include scenarios. In addition, there are four new topics for this domain:
All of the new topics added to this domain are:
- Application-aware devices (1.1)
- Unified threat management (1.2)
- Layered security / Defense in depth (1.3)
- OSI relevance (1.4)
- Captive portals (1.5)
- Antenna types (1.5)
- Site surveys (1.5)
- VPN (over open wireless) (1.5)
Domain 2: Compliance and Operational Security Changes
There were so many new topics added in this domain that I have chosen to list them in the domain description (to prevent slow death by bulleted list).
Domain 2.1 now states “Explain the importance of risk-related concepts” instead of just defining the concepts, as in SY0-301. The topics that have been added to this domain are: False negatives, SLE, ARO, MTTR, MTTF, MTBF, Vulnerabilities, Threat vectors, Probability / threat likelihood, Recovery time objective, and recovery point objective.
Domain 2.2 is a new objective: “Summarize the security implications of integrating systems and data with third parties.” The topics included in this domain are as follows:
- On-boarding/off-boarding business partners
- Social media networks and/or applications
- Interoperability agreements
- Privacy considerations
- Risk awareness
- Unauthorized data sharing
- Data ownership
- Data backups
- Follow security policy and procedures
- Review agreement requirements to verify compliance and performance standards
Domain 2.3 now states “Given a scenario, implement appropriate risk mitigation strategies” instead of just carrying out these strategies as in SY0-301. One new topic was added to this domain: Enforce technology controls, including Data Loss Prevention (DLP).
Domain 2.4 is technically a new domain, but it was actually listed as a topic under Domain 2.4 in SY0-301. It states “Given a scenario, implement basic forensic procedures.” This is another domain that will include only scenario-based questions. Only one new topic is listed here: Big data analysis.
Domain 2.5 now states “Summarize common incident response procedures” where this SY0-301 domain was about executing the appropriate incident response procedures. All but one of this topics in this domain are new:
- Incident identification
- Escalation and notification
- Mitigation steps
- Lessons learned
- Recovery/reconstitution procedures
- First responder
- Incident isolation
- Device removal
- Data breach
Domain 2.6 is the same as Domain 2.4 in SY0-301. Topics that were added to this domain include: Role-based training, Information classification levels (High, Medium, Low, Confidential, Private, and Public), and Follow up and gather training metrics to validate compliance and security posture.
Domain 2.7 states “Compare and contrast physical security and environmental controls” and pulls some topics from SY0-301 Domain 2.6 Explain the impact and proper use of environmental controls. New topics to this domain include the following:
- Physical security
- Hardware locks
- Video Surveillance
- Proximity readers
- Access list
- Proper lighting
- Protected distribution (cabling)
- Motion detection
- Control types
Domain 2.8 is completely new and states “Summarize risk management best practices.” However, most of the topics in it are repeated from SY0-301 Domains 2.5 and 2.7. The NEW topics in this domain are as follows:
- Risk assessment
- IT contingency planning
- High availability
- Tabletop exercises
Domain 2.9 is completely new, and states “Given a scenario, select the appropriate control to meet the goals of security.” This domain, like many others, will only include scenario-based questions. The topics covered in this domain are as follows:
- Access controls
- Digital signatures
- Fault tolerance
- Escape plans
- Escape routes
- Testing controls
Domain 3: Threats and Vulnerabilities Changes
Domain 3.1 now states “Explain types of malware” where this SY0-301 domain asked you to analyze and differentiate malware. The new topics here are ransomware, polymorphic malware, and armored viruses.
Domain 3.2 now states “Summarize various types of attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Three new attack types were added to this domain: Password attacks (Brute force, Dictionary attacks, Hybrid, Birthday attacks, and Rainbow tables), typo squatting/URL hijacking, and watering hole attacks.
Domain 3.3 now states “Summarize social engineering attacks and the associated effectiveness with each attack” where this SY0-301 domain was about analyzing and differentiating these attacks. One new topic, Principles (reasons for effectiveness), was added with several subtopics: Authority, Intimidation, Consensus/Social proof, Scarcity, Urgency, Familiarity/liking, and Trust.
Domain 3.4 now states “Explain types of wireless attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Four new topics have been added to this domain: Near field communication, Replay attacks, WEP/WPA attacks, and WPS attacks.
Domain 3.5 now states “Explain types of application attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Four new topics have been added to this domain: Integer overflow, LSO (Locally Shared Objects), Flash Cookies, and Arbitrary code execution / remote code execution.
Domain 3.6 now states “Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.” The major change to this domain is that is uses the word scenario, which implies that all questions on this topic will now be scenarios. There are no new topics in this domain.
Domain 3.7 now states “Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities” where this Sy0-301 domain was about implementing these tools. Once again, scenarios are specifically mentioned as being the question type for this domain. Two new tools are listed in this domain: Passive vs. active tools and Banner grabbing.
Domain 3.8 now states “Explain the proper use of penetration testing versus vulnerability scanning.” Three vulnerability scanning topics have been added to this domain: Intrusive vs. non-intrusive, Credentialed vs. non-credentialed, and False positive.
Stay tuned next week, when I’ll finish out my summary of changes in Domains 4, 5, and 6!
Until next time!
Tags: CompTIA, Performance-Based Testing, Security+, study tips
Has it been three years already? It seems like just last week I was talking about SY0-301, and now here I am trying to catch my breath after pushing the 2014 Security+ exam, SY0-401, over the finish line and into our practice test lineup. (But really, I am just glad to finally get to write about something other than project management.) As usual, the new Security+ exam will include many of the same topics as the previous version. In this post I’ll focus on the overall differences between SY0-301 and SY0-401. In the next two posts (get excited!) I’ll take a closer look at changes within the examination blueprint, which can be downloaded here from CompTIA. (Note: the download requires you to provide personal information.)
Topics and weightings
At first glance, it may seem that very little has changed. The six domains are the same apart from some shifts in weighting (the percentage of the test devoted to that topic):
1.0 Network Security 20% (21% in SY0-301) 2.0 Compliance and Operational Security 18% (no change) 3.0 Threats and Vulnerabilities 20% (21% in SY0-301) 4.0 Application, Data and Host Security 15% (16% in SY0-301) 5.0 Access Control and Identity Management 15% (13% in SY0-301) 6.0 Cryptography 12% (11% in SY0-301)
As you can see from these numbers, this new distribution will probably only mean one or two questions more for Domains 5 and 6. But it’s more important to note that within each domain, there are many topic-level changes that will affect your study plan. Within these domains CompTIA has added several new topics which were not tested in 301. These new topics include application-aware devices, unified threat management, defense-in-depth, OS hardening, white-listing versus black-listing, and many others that I’ll cover in the next two posts. There are three new sub-domains distributed among Domains 2 and 4. These new sub-domains add topic coverage on mobile security, mitigating security risks in a static environment, and implementing basic forensic procedures. That last sub-domain leads neatly into my next topic: you can expect increased difficulty and more applied concept questions on the new Security+ exam, in comparison to the older style of asking straight knowledge-based questions.
Stop, Drop, & Scenario!
While many of the sub-domains cover the same list of topics, CompTIA has changed many of the keywords from “understand” and “explain” to “implement” and “troubleshoot.” Several also show the addition of one important phrase: “given a scenario.” Because this phrasing was added to so many domains, I feel I should take a little time to explain the distinction. As many of you know, the Security+ exam has been considered a mostly knowledge-based exam that includes mostly knowledge-based questions. Scenario questions are the next logical step up from knowledge-based questions. They expect you to take those tidbits of knowledge that you have memorized, remember them, and then apply them in the scenario to come up with the correct answer. Let me give you an example. First, look at a sample knowledge-based question from our practice test:
Which of the following is a default port used by FTP? a. 20 b. 53 c. 80 d. 443
Now look at another example, which turns this same question into a scenario:
Your company has recently implemented a new firewall. Users start complaining that they are unable to access resources on your company’s FTP server. What should you do? a. Open ports 20 and 21 on the new firewall. b. Open port 53 on the new firewall. c. Open port 80 on the new firewall. d. Open port 443 on the FTP server.
As you can see from my examples, you still need the same basic knowledge to answer both of these questions. So REALLY, answering these two questions is the same level of difficulty, but by adding the scenario you are ensuring that the student understands how the knowledge applies in a real-world situation. Instead of remembering which port belongs with FTP, the student also has to identify the location where the ports should be configured. I could also increase the difficulty of the scenario question by including more invalid options. We have released our SY0-401 practice test, a feat we are especially proud of because we are the first product to market. Please visit the product page for more information!
The next post will dive into the topic-level changes in Network Security (Domain 1), Compliance and Operational Security (Domain 2), and Threats and Vulnerabilities (Domain 3).
I’ll cover the other three domains in the final post in this series.
Until next time! –Robin
Tags: mcsa, mcse, test-taking tips, Windows Server 2012, Windows Server 2012 R2
The first song I ever heard by David Bowie was “Rebel, Rebel” and in the video, he had scarlet red hair, an eyepatch, and some stylin’ 70s pantaloons. If you have followed the (not parallel, but similarly meteoric) careers of Windows Server and British rock star David Bowie, you will see one common thread. Can you guess what it is?
Mr. Bowie, like Windows Server, has gone through several significant changes of appearance since those early days. The first version of Window Server I ever used was Windows NT 3.1. Despite undergoing several version updates since then, some core functionalities have stayed the same.
Now there is a new version on the market, Windows Server 2012 R2. Late last year Microsoft announced that they would modify the existing Window Server 2012 certification exams to cover R2 (70-410, 70-411, and 70-412). The Windows Server 2012 R2 exam changes officially took effect in January 2014, although we saw staggered rollout in the field. So if you spent good money taking a Microsoft Official Curriculum (MOC) course on Server 2012, only to find yourself under pressure taking an exam that tested concepts from Server 2012 R2, you may be asking why Microsoft felt the need to update the exam content so soon. I have met several people at Microsoft. They are not mean people who pull the wings off of butterflies; they are actually really, really nice folk. It’s simply that the exams needed to reflect the new features of Windows Server 2012 R2. David Bowie is not content to just live off his old tunes; he put out his 24th album in 2013. In similar fashion, Microsoft is not content for certification candidates to know what might soon be a legacy operating systems. They want to ensure that candidates for their flagship MCSA and MCSE certifications are tested on the newest features deployed to the field.
Without further ado, here are the additions to the official exam objectives list for the 70-410, 70-411, and 70-412 exams. While you can purchase the latest album from David Bowie and listen to it, you may not yet be able to find much training on the new R2 features. The best way to prepare for this exam is to set up a couple of servers and work through each of the tasks listed in the exam objectives. You can get a free evaluation copy of Windows Server 2012 R2. There aren’t a lot of books on Windows Server 2012 R2 yet. I would use TechNet and other online resources to study the information on each sub-objective. I find that Microsoft generally pulls test questions from the examples in TechNet. I would ensure that I was 100% confident with each sub-objective listed on the prep guide before attempting the live exam. Reviewing information on a particular sub-objective will ensure that you will not see anything that you are not familiar with on the exam.
If you need extra hands-on experience but do not want to spend hours configuring a server, try using the FREE virtual labs at the following link: http://technet.microsoft.com/en-us/bb467605. These labs allow you to have 90 minutes of practice lab time on a Windows Server for FREE.
We will be cranking out the Windows Server 2012 R2 updates for the 70-412 Transcender practice exam in the next few weeks. (Drop a comment here to be added to our notification list.) And you better believe I’ll be listening to a little David Bowie while we do it.
You can check out the already updated R2 Transcender practice tests here:
Tags: pmbok 5th edition, PMI, PMP
If you have been following Transcender’s blog for a while, you know that we write a lot of posts about the PMP certification. We’ve blogged about the PMBOK changes, the application process, and even our test-taking experience. And, sometimes, we find other sources that we feel are worth sharing with our readers.
Heather Christian recently blogged about her exam experience. It wasn’t pretty. It wasn’t perfect. But it was a pass! And although she didn’t use our exam preparation product, we felt what she had to say about her overall experience was important information. So we decided to share the link to her blog with you, hoping that it might help you on your journey: http://heatherchristian.wordpress.com/2014/02/17/journey-to-pmp/.
Here’s a quick sample:
I had been given the advice to read the last two sentences at the end of long questions and figure out what they are trying to ask before reading the whole thing. . . . I was only really caught out trying to over complicate a question once. I quickly realized that calculating the paths given me in one of the network diagram questions was a fools errand that would take me 20 minutes. A quick re-scan of the question revealed information that made the hairy seeming question very very simple.
Incidentally, if Heather’s blog inspires you, our PMP practice test has been updated to the PMBOK 5th Edition.
Tags: CISSP, study resources, study tips
Transcender developers Robin Abernathy and Troy McMillan have written the latest CISSP Cert Guide published by Pearson IT Certification, a leading publisher in the IT textbook and study guide field. This book is now available in print and electonic format through Amazon, Safari Books Online, Barnes & Noble, and other retailers, as well as directly from Pearson IT.
This book was released at the end of November. Purchasing the print copy also grants you a 45-day free trial of the e-edition through Safari Books Online. The print and electronic versions include two practice exams. The Premium Edition eBook includes additional practice exams and a more detailed answer key.
The authors were kind enough (a.k.a – they’re sitting right next to me so they don’t really have a choice) to provide a brief Q&A regarding the content.
Q. Would you say this book is exam-focused, or more of a general learning tool?
A: Definitely exam focused. It skips all of the intro fluff, and goes right to the meat of the exam topics.
Q. Who is the intended audience for this book?
A. The (ISC)2 CISSP exam itself requires that you have four to five years of hands-on experience in information systems security before trying to pass the test. This book contains what any EXPERIENCED security professional needs to review to pass the exam. It’s not designed for beginners.
Q. Do you need to own any particular equipment to use this book effectively?
A. The more devices and hardware you can use to practice the various security techniques, the better. For the book itself you’ll need a Windows desktop or VM to run the practice test engine.
Tags: PMI, PMI study tips, PMP, PMP study tips
This is the seventh installment of my PMBOK 5th Edition overview (and we’re finally finished with the Planning Process Group):
- Knowledge Area and Process Group changes
- Initiating Process Group changes
- Planning Process Group Changes – Part 1, Part 2, Part 3, Part 4
The Executing Process Group has quite a few changes, including a (sorta) new process and changes to the names of two processes. This post will cover the following processes:
- Direct and Manage Project Work
- Perform Quality Assurance
- Acquire Project Team
- Develop Project Team
- Manage Project Team
- Manage Communications
- Conduct Procurements
- Manage Stakeholder Engagement
So now let’s get to the Executing Process Group changes!
Changes to the Direct and Manage Project Work process
In this PMBOK 4th Edition, this process was referred to as Direct and Manage Project Execution.
The Direct and Management Project Work process has no changes to its inputs. However, the introductory explanation for this process has been expanded and includes a great explanation of the three types of changes that will affect this process: corrective actions, preventive actions, and defect repair.
One new tool has been added to this process: meetings.
One output of this process has a slight name change: work performance information has been changed to work performance data. Note that both of these concepts (data and information) have been retained in PMBOK 5th Edition; they were simply rearranged among the processes. Work performance data is raw data from the project. Work performance information is the work performance data combined with some technique or tool to produce usable conclusions or metrics.
Changes to the Perform Quality Assurance process
The Perform Quality Assurance process now has five inputs:
- The quality management plan – new to this process in the PMBOK 5th Edition
- The process improvement plan – new to this process in the PMBOK 5th Edition
- Quality metrics
- Quality control measurements
- Project documents – new to this process the PMBOK 5th Edition
While this process still lists three tools and techniques, the Plan Quality and Perform Quality Control tools and techniques was renamed Quality Management and Control Tools. For all of you project management professionals out there, just keep in mind that any quality management or control tool can basically be used throughout the Project Quality Management Knowledge Area. In the 220.127.116.11 section of the PMBOK 5th Edition, the following tools are specifically listed:
- Affinity diagrams
- Process decision program charts (PDPC)
- Interrelationship digraphs
- Tree diagram
But while these four tools are specifically listed, the seven basic quality tools from the Plan Quality Management process (which are included in the Planning Process Group Part 3) and the tools and techniques from the Control Quality process (which will be covered in the Monitoring and Controlling Process Group post next week) can also be used in this process.
Exam pro tip!
I, for one, think that this can make some of those questions asked on the exam quite tricky. Project managers will have to analyze HOW the tool is being used to determine which process is actually being performed. For example, if you are using the tool to create performance baselines, you are probably working in the Plan Quality Management process. If you use the tool to measure actual performance for comparison against the baselines, you are probably working in the Perform Quality Assurance process. Finally, if you take the results from using the tool and adjust certain work areas to eliminate poor work, you are probably working in the Control Quality process.
The outputs of the Perform Quality Assurance process have not changed.
Changes to the Acquire Project Team process
The Acquire Project Team process still has three inputs. However, the project management plan input from the PMBOK 4th Edition has been changed to the human resource management plan to more properly reflect the subsidiary plan that is actually used by this process. This process also has a new tool: multi-criteria decision analysis, which selects criteria on which the prospective team members should be analyzed. The criteria usually include availability, cost, experience, ability, knowledge, skills, attitude, and international factors.
The outputs of this process have not changed.
Changes to the Develop Project Team process
Like the Acquire Project Team process, the Develop Project Team has only a single change to its inputs list: the project management plan input from the PMBOK 4th Edition has been changed to the human resource management plan to more properly reflect the subsidiary plan that is actually used by this process.
The new tool listed for this process is personal assessment tools, which includes surveys, assessments, interviews, and focus groups.
The outputs of this process have not changed.
Changes to the Manage Project Team process
The Manage Project Team process has several major changes to its inputs and one minor change. The inputs to this process are as follows:
- The human resource management plan – new to this process in the PMBOK 5th Edition. This input replaces the project management plan that was listed in the PMBOK 4th Edition.
- Project staff assignments
- Team performance assessments
- Issue log – listed as a tool for this process in the PMBOK 4th Edition
- Work performance reports – referred to as simply performance reports in the PMBOK 4th Edition
- Organizational process assets
This process has the same tools and techniques. However, the conflict management techniques have been edited a bit to expand the explanation of each technique. In addition, each technique now has two names. For example, the compromise technique is also referred to as the reconcile technique, and the force technique is also referred to as the direct technique. Finally the collaborate technique was combined with the problem solving technique.
One new output was added to this process: project management plan updates. It includes updates to the issue log, roles description, and project staff assignments.
Changes to the Manage Communications process (formerly the Distribute Information process)
According to PMI, a name change occurred in the PMBOK 5th Edition for this process: Distribute Information was changed to Manage Communications. However, there were so many changes to this process that I feel we need to totally review all of this process.
The Manage Communications process has four inputs:
- The communications management plan (new to this process in the PMBOK 5th Edition)
- Work performance reports – referred to as work performance information and work performance measurements in the PMBOK 4th Edition
- Enterprise environmental factors (EEFs) (new to this process in the PMBOK 5th Edition)
- Organizational process assets (OPAs)
The Manage Communications process has five tools and techniques:
- Communications technology (new to this process in the PMBOK 5th Edition)
- Communication models (new to this process in the PMBOK 5th Edition)
- Communication methods
- Information management systems (new to this process in the PMBOK 5th Edition)
- Performance reporting – referred to as reporting systems in the PMBOK 4th Edition
The outputs of this process are as follows:
- Project communications – new in the PMBOK 5th Edition
- Project management plan updates (new to this process in the PMBOK 5th Edition)
- Project document updates (new to this process in the PMBOK 5th Edition)
- Organizational process assets updates
Changes to the Conduct Procurements process
The Manage Project Team process has one revised input and one new input. The project management plan listed as an input in the PMBOK 4th Edition has been changed to the procurement management plan, which is the subsidiary plan that actually affects this process. Procurement statement of work is a new input to this process.
The qualified seller list and teaming agreements inputs were removed from this process.
The Internet search technique for this process was changed to analytical techniques, which broadens the types of analytics that can be performed to obtain possible vendors.
The procurement contract award output is now referred to as agreements in the PMBOK 5th Edition. All other outputs are the same.
Changes to the Manage Stakeholder Engagement process
In this PMBOK 4th Edition, this process was referred to as Manage Stakeholder Expectations and was part of the Project Communications Management Knowledge Area. The Manage Stakeholder Engagement process is now part of the new Project Stakeholder Engagement Knowledge Area.
In the PMBOK 5th Edition, this process now has four inputs:
- The stakeholder management plan (new to this process in the PMBOK 5th Edition)
- The communications management plan (new to this process in the PMBOK 5th Edition)
- The change log
- Organizational process assets
No changes were made to the tools and techniques used by this process.
This process has one new output: the issue log.
That covers all the processes in the Executing Process Group.
We’d love your feedback…
With the popularity of our project management blog posts, we are considering following up with a few more PMBOK 5th Edition posts (after we finish this series, of course.) Some of the possible subjects include: 1) using the critical path method in the Develop Schedule process, 2) using earned value management in the Control Schedule process, 3) using earned value management in the Control Costs process, 4) using forecasting in the Control Costs process, and 5) measuring the to-complete performance index (TCPI) in the Control Costs process.
Are any of these of interest to you? Please feel free to comment on this post and let us know, or suggest your own topic. In the meanwhile, watch in the coming days for the posts covering the changes to the Monitoring and Controlling and Closing Process Groups.
Drop me a line if you have any questions! I would love to hear from you….