Tags: exam-taking tips, online proctored exams, study tips
So, you’ve spent months studying for the latest certification. You’re ready to schedule the exam and proudly showcase your new knowledge and skills. Until recently, your only option was to take the exam at an approved testing center. [Editor’s note: the following opinion does not represent the corporate viewpoint of Kaplan, Transcender, Graham Holdings, or any sane person, Josh. ~A.L.] Most test centers are a cross between a corporate cubicle farm and prison camp. Sure, there are people there, but people in their worst possible moments: bleary-eyed, nerve-wracked, and way too over-caffeinated. [Editor’s note: This would explain those horrible ID photos on my score reports. ~A.L.]
If you don’t live near a corporate testing hub, you might dread the half-day of commuting time, lost productivity, or even the need for an overnight hotel stay. (In a major hub like Atlanta, there are testing centers galore, but we have to fight bumper-to-bumper traffic to get there.) You may be too busy with your day job to get the time off, or you might want enough time to fit in a last-minute cram session. You may experience test anxiety that negatively affects your performance, especially when testing in an impersonal, sterile environment.
Enter online proctoring.
The glorious promise of an online proctored exam is the ability to take a certification exam wherever you are at the time of your choice, without travel or stressful interactions. And except for a few caveats, the dream is reality. But you need to really consider those caveats. The whirlwind home-alone experience isn’t for everyone!
Josh’s Excellent Proctored-Exam-At-Home Adventure
First: equipment. You need a decent PC with a camera and microphone and high-speed Internet bandwidth. Every online proctor will have a pre-flight checklist that will verify your hardware is up to snuff. Don’t wait until minutes before taking the exam to ensure your equipment will pass. Run the check as soon as possible, and leave yourself time to borrow, purchase, or overnight yourself any missing components.
Next: scheduling. You read that right – even though you have more flexibility than a testing center’s hours, including the ability to take your exam late at night or very early in the morning, a live proctor still has to be present on the other end of the connection to observe you take the exam. For this reason, some time slots may be unavailable – the proctor might already have too many test takers to keep track of. (Or maybe they actually sleep.)
Finally: location. From my personal experience, you need to find a room or an enclosed space in a room that will be quiet and isolated (where no one can here you scream). This is actually required to prevent accusations of cheating, so close all of your windows and make sure no one is in the same room with you. If you don’t have access to a private room in your home, check your local public library – most have study rooms that can be reserved for periods of up to two hours. Other options would be a hotel conference room or an unused cubicle or office in your workplace.
If you’re testing in your own home, secure any pets away from the exam area and make sure that children won’t enter the area. I chose my dining room (finally getting some use out of it!), because I would have at least three walls around me. I locked up my cats for the duration, especially after my first unsuccessful attempt when my cat Norio attempted to lie across my hands during the exam (the proctor had to pick himself off the floor laughing, but was gracious enough to allow me to continue). I also silenced my cellphone and let everyone, especially my wife, know that I would be completely unavailable and unresponsive for the duration.
Additional considerations for at-home online examinations
Here are a few other tips I’ve learned from online proctored experiences:
- Do not install any updates or new software on the same day as your exam appointment. Murphy’s law in action here. I’ve had to cancel at least one exam after installing an update to Visual Studio on the machine I was using for the exam. It took over an hour, and finished installing just in time for the proctor to tell me that my test time was up.
- If you’re using a laptop, make sure you’re plugged into a power source. Especially if you have some ridiculous 42-inch super AMOLED screens which will run dry after 5 minutes of operation.
- Empty your pockets of everything (and make sure you wear pants, too). Some test centers require this and will make you display your empty pockets to the camera. And you’ll have to spin around (so you may want to hold off of on the antihistamines for a bit).
- Clean up the table or desk where you are testing. You can’t have any loose papers or computer equipment lying around. You’ll have to pick up your laptop (or attached camera) and rotate it around the work space to demonstrate that no cheating materials are nearby, so make sure there’s nothing embarrassing lying around.
- You cannot have bags, purses, boxes, or any other items on the floor next to your chair.
- You must take off all bracelets and watches. This I forget all of the time, but the proctor won’t. Save yourself some testing time and do this beforehand.
- Make sure you can roll up long sleeves to display that you don’t have notes written on your skin.
- Do not bring any food, drinks or gum into the test environment. It’s not allowed. Well, at least don’t open your mouth too wide or smack too loud.
- Be nice to your proctor. It’s at their discretion if and when you get bathroom breaks!
If you have wearable medical devices (such as insulin pumps or medical alert bracelets) that should not be removed, or if your personal beliefs don’t allow you to comply with certain regulations (such as displaying bare arms), be sure to ask the vendor to specify IN WRITING whether exemptions are allowed in general, and to approve yours in particular, to avoid disappointment at test time.
“You keep using that word – I do not think it means what you think it means”
Different vendors have different terminology. When you’re searching for an exam you can take from home, be sure you’re searching for online proctored exams. For example, Oracle refers to exams taken online as “non-proctored” and exams taken in person at Oracle University testing centers as “proctored.” Here is more information on online proctored exams with Oracle.
Sold! Where do I sign up?
Due to security considerations, not every vendor offers an online exam experience. Project Management Institute, for example, only allows people to sit the PMP exam at approved testing centers.
At this time of writing, Cisco allows certain of its exams to be scheduled through Pearson Vue for an at-home exam experience.
CompTIA’s online exam program is called the Anywhere Proctored program, but the available information seems to be geared toward test providers, not test takers. At this time of writing, I could not definitely find a CompTIA exam that could be taken online outside of a boot camp or other training course.
Microsoft has a robust online proctored exam environment, called “online proctored exam delivery.” You can read their full list of policies here.
According to Pearson Vue, VMware offers all VCA exams in a 24/7 online format. There is a full FAQ available.
Online proctoring exam service PeopleCert offers online proctored exams for a variety of vendors, including ITIL®, PRINCE2®, MSP®, P3O®, MoV®, DevOps, Lean IT, Lean Six Sigma,ACCESSIBILITY PASS and ISO.
However you choose to take your exam, as always, we wish you good luck and happy testing!
~Josh aka codeguru
Tags: free stuff, office 365, study tips, webinar
Join Transcender’s subject matter expert and Microsoft practice test author, George Monsalvatge, for a free webinar that will prepare you for your Office 365 exam. This live, interactive webinar will walk you through the preparation process and cover such topics as:
- What exactly are they going to test me on?
- Have the technologies changed since Microsoft first released the exams? If so, which versions should I study?
- How in-depth are the questions?
- What’s the format of the question – multiple answer, fill-in-the-blank, interactive – and what’s the best approach for each question type?
To register for the webinar, click this link.
The webinar will take place on Wednesday, November 18, from 12:00 PM – 1:00 PM EST (Show in My Time Zone).
Tags: CISSP, Study hints, study tips
In my first post, I gave you a quick overview of the changes to the new CISSP exam. In my second post, I covered Domains 1 and 2 of the new CISSP exam. In my third post, I covered Domain 3 and 4 of the new CISSP exam.
Today I will cover the next two domains, Identity and Access Management and Security Assessment and Testing. In a nutshell, Domain 5 reflects the need to integrate cloud-based access control to workflows like Office 365 and Google Drive with on-premise access control, and Domain 6 adds coverage of designing, implementing, and analyzing security testing practices.
First I’ll give you the entire overview of each domain with its Key Areas of Knowledge, tell you where each topic fell in the old Candidate Information Bulletin (CIB), and put new topics in red italics. Next, I’ll call out the completely new content from each sub-domain and give you a brief rundown of what it entails. (If you’d like, you can skip straight to the new stuff by clicking here.)
Domain 5: Identity and Access Management – Framework and Key Areas of Knowledge
CISSP 2012 covered identity management as a knowledge area in the access control domain. In CISSP 2015, identity management is elevated to the domain level and combined with access control. The majority of the old Domain 1 (Access control) has been moved to the new Domain 5 (Identity and Access Management), with the addition of new topics that cover identity, session, and credential management.
This domain also includes a few topics from the old Domain 10 (Physical (Environmental) Security).
Domain 5 Key Areas of Knowledge:
- Control physical and logical access to assets – From Domain 10, subheading e in the old version.
- Information – New
- Systems – From Domain 10, subheading e in the old version.
- Devices – From Domain 10, subheading e in the old version.
- Facilities – New
- Manage identification and authentication of people and devices – From Domain 1, subheading a in the old version.
- Identify management implementation (e.g., SSO, LDAP) – From Domain 1 in the old version.
- Single/multi-factor authentication (e.g., factors, strength, errors, biometrics) – From Domain 1 in the old version.
- Accountability – From Domain 1 in the old version.
- Session management (e.g., timeouts, screen savers) – New
- Registration and proofing of identity – New
- Federated identity management (e.g., SAML) – New
- Credential management systems – New
- Integrate identity as a service – New
- Integrate third-party identity services (e.g., on-premise) – New
- Implement and manage authorization mechanisms – From Domain 1, subheading a in the old version.
- Role-based access control (RBAC) methods – From Domain 1, subheading a in the old version.
- Rule-based access control methods – From Domain 1, subheading a in the told version.
- Mandatory access control (MAC) – From Domain 1, subheading a in the old version.
- Discretionary access control (DAC) – From Domain 1, subheading a in the old version.
- Prevent or mitigate access control attacks – From Domain 1, subheading b in old version.
- Manage the identity and access provisioning lifecycle (e.g., provisioning, review) – From Domain 1, subheading c and d in the old version.
Next, here’s a shortlist of the entirely new topics in Domain 5.
Knowledge Area A, Control physical and logical access to assets, contains both new and old topics. The definition of “assets” is now a little more granular, replacing “systems and devices” with “information, systems, devices, and facilities.” The following topics within this Domain are new:
- Information – This is a new topic. This topic will focus on controlling physical and logical access to information.
- Facilities – This is a new topic. This topic will focus on controlling physical and logical access to buildings and equipment.
Knowledge Area B, Manage identification and authentication of people and devices, contains both new and old topics. The following topics within this Domain are new:
- Session management (e.g., timeouts, screen savers) – This is a new topic. This topic will focus on mechanisms that provide session management, both online and at the physical client level.
- Registration and proofing of identity – This is a new topic. This topic will focus on providing registration and using proof of identity mechanisms before issuing authentication credentials to personnel and devices.
- Federated identity management (e.g., SAML) – This is a new topic. This topic will focus on enterprise-level federated identity management used for single sign-on, including Active Directory Directory Services, SAML 2.0, and third-party identity providers.
- Credential management systems – This is a new topic. This topic will focus on using a credential management system for large enterprises.
Knowledge Area C, Integrate identity as a service, is a new knowledge area. It covers using cloud-based identity-as-a-service (IDaaS) to provide single sign-on services for both SaaS and internal applications.
Knowledge Area D, Integrate third-party identity services (e.g., on-premise), is also a new knowledge area. This covers using third-party identity services in an enterprise to access both cloud-based and on-premise applications.
Domain 6: Security and Assessment Testing – Framework and Key Areas of Knowledge
A portion of Domain 6 consists of content formerly included in the old Domain 1 (Access Control) and Domain 9 (Business Continuity and Disaster Recovery). However, the majority of this Domain contains content that was not specifically listed in the old CISSP version. To master this domain, you should know the various types of test strategies used by organizations, and understand the strengths and weaknesses of each approach. You should also understand how an organization’s information security policies should be implemented and continually validated. This domain combines policy with practice.
As before, I’ll start by introducing the new content in the context of its domain, then give you a granular breakdown (which you can skip to by clicking here).
- Design and validate assessment and test strategies – New
- Control security control testing – New
- Vulnerability assessment – From Domain 1, subheading b in the old version.
- Penetration testing – From Domain 1, subheading b in the old version.
- Log reviews – New
- Synthetic transactions – New
- Misuse case testing – New
- Test coverage analysis – New
- Interface testing (e.g., API, UI, physical) – New
- Collect security process data – New
- Account management (e.g., escalation, revocation) – New
- Management review – New
- Key performance and risk indicators – New
- Backup verification data – New
- Training and awareness – New
- Disaster recovery and business continuity – New
- Analyze and report test outputs (e.g., automated, manual) – New
- Conduct or facilitate internal and third party audits – From Domain 9, subheading e in the old version.
Here’s a closer look at the new topics in Domain 6.
Knowledge Area A, Design and validate assessment and test strategies, is a new knowledge area. It covers the different assessment and test strategies that are used to verify that a control is functioning properly, including automated and manual tests. The key word is “design” – the candidate should understand how to build an integrated strategy, from risk assessment and baselining to implementation and reporting.
From Knowledge Area B, Control security control testing:
- Log reviews – This is a new topic. It discusses using log review as part of a thorough security control testing plan.
- Synthetic transactions – This is a new topic. It discusses synthetic transactions as part of security control testing.
- Misuse case testing – This is a new topic. It discusses misuse cases as part of security control testing.
- Test coverage analysis – This is a new topic. It discusses analyzing test coverage to ensure that all security controls are tested.
- Interface testing (e.g., API, UI, physical) – This is a new topic. It discusses testing interfaces as part of security control testing.
From Knowledge Area C, Collect security process data:
- Account management (e.g., escalation, revocation) – This is a new topic. It covers account management as part of collecting security process data.
- Management review – This is a new topic. It covers management review of the collected security process data.
- Key performance and risk indicators – This is a new topic. It covers the key performance and risk indicators that should be collected as part of security process data.
- Backup verification data – This is a new topic. It covers verifying backup as part of security and assessment testing.
- Training and awareness – This is a new topic. It covers training and awareness for users to ensure that they understand security and assessment testing.
Knowledge Area D, Analyze and report test outputs (e.g., automated, manual), is a new topic. It covers interpreting and recording the results of your own testing, as well as the results from third-party audits, and developing new mitigations based on test results.
In the coming weeks, I will be posting the other 2 parts of this series. (Hyperlinks will be added as the posts are written.)
- Part 1 covered general information about the new CISSP.
- Part 2 covered new domain 1 and 2.
- Part 3 covered new domain 3 and 4.
- Part 4 (this post ) covers new domain 5 and 6.
- Part 5 will cover new domain 7 and 8.
The last post will come over the next few weeks.
It is our hope that this information will help you prepare for this exam! Remember, our practice test covers all the topics and also the different item types that you will see on the live exam.
Wishing you certification success!
Tags: 70-410, scott winger, Study hints, study tips
“Imagination is more important than knowledge.” –Einstein
In Part 1 and Part 2 of this series, I mentioned the resources you need to investigate and listed some of the questions you must be able answer quickly and confidently when you take your 70-410 exam. In this third and final post, I’m going to discuss how to build the required knowledge base.
Consider the previously mentioned sets of port numbers and DHCP Option numbers that you’ll have to know for the exam.
Consider memorizing these as a rite of passage.
If memorizing isn’t fun, you’re not doing it right.
But much more importantly, since you’re gonna forget most of that stuff anyway, you’ll want to know that there’s a secret sauce that master learners use.
Why The Mind is the Key To Mastery
Although Einstein is instructive, he’s subtle when he says imagination is more important than knowledge. Because that’s the key… right in front of your nose… and you were born with it. Once you’ve imagined a thing, really rendered it completely in your mind, you’re not going to forget it.
Here’s an example: Imagine a young child getting on a bus. Now imagine he’s got a note telling him the stops he’ll pass as he rides to his destination.
A kid … with a note.
Now imagine an Active Directory Security Principal. Instead of a kid with a note, it’s a Data Structure – with a list of permissions specifying what can, and can’t, be accessed.
Suddenly it’s obvious, and you’ll never forget it: Security Principals are Active Directory Data Structures to which permissions can be assigned for the simple reason that Security Principals have a place, called an Access Token, in which permissions can be listed. And if it’s not a Security Principal, it can’t be assigned permissions. And if it can be assigned permissions, it’s a Security Principal. (See http://technet.microsoft.com/en-us/library/cc759267(v=ws.10).aspx for more detail.)
So, after rendering this image in your mind, there won’t be any memorization involved when you answer your questions about Security Principals. You’ll simply know what they are and you’ll consult your imagined rendering to answer those questions.
The point here isn’t about Security Principals.
It isn’t about Storage, Networking, Virtualization, or Deployments.
The point is that your imagination is your key to mastery.
And whether your goal is the 70-410 or something far beyond that, it’s your imagination that builds the unforgettable neuronal pathways you’re going to need.
Words To Live (And Study) By
I think there are other words of Einstein’s apropos to your 70-410 endeavor:
- “To stay appropriately humble, don’t forget this one: “As our circle of knowledge expands, so does the circumference of darkness surrounding it.”
- “To know whether or not you understand a thing sufficiently: “If you can’t explain it simply, you don’t understand it well enough.”
In that spirit:
Stoke a burning passion for mastery.
If you’ve got comments I’d like to hear ‘em,
Editor’s note: today’s guest post was written by IT instructor Scott Winger. Scott is a computing technologist at the University of Wisconsin in Madison and a technical editor for VMware Press. He also teaches continuing education classes in IT for Madison College.
Tags: 70-410, free stuff, resource review, study checklist, study resources, study tips
Editor’s note: today’s guest post was written by IT instructor Scott Winger. Scott is a computing technologist at the University of Wisconsin in Madison and a technical editor for VMware Press. He also teaches continuing education classes in IT for Madison College.
You did the labs, looked at countless flash cards, and sat almost two dozen mock exams. You read: tons. You paid your hundred and fifty bucks. Now you’ve just clicked End Exam on the real deal, the Microsoft 70-410: Installing and Configuring Windows Server 2012 exam.
So, in the second or two that Microsoft takes to grade your work, there’s a moment of confidence and pride because you know you nailed it. And then the confirmation appears: “Congratulations! You’ve passed.”
The above was my experience.
But how will you achieve that End-Exam moment of confidence and pride?
What do you need to buy?
What are the steps?
This set of posts, “Passing the Microsoft 70-410 exam,” will help you answer those questions. I’ll provide closely focused examples from each of the official objective areas to help you know, how, where, when, and on what to focus your three required types of effort: lab work, research, and drilling.
What to Buy
The serious student who lacks reasonable access to a server will need to pay for labs, textbooks, or even training at some point. However, the good news is that there are many professional-level resources available for free.
For the price of a simple login, the Microsoft Virtual Academy allows you to customize a course of targeted videos and some basic self-assessment materials. The following link will deliver over 20 mini-courses for you to explore:
On the TechNet Video channel, you can access a series of screencasts and technologies geared for IT pros:
These overviews can be a great way to gain confidence in the material. However, for serious study and practice assessment, you’ll probably want to investigate the following resources, all of which I can recommend from personal use.
Craig Zacker wrote the Microsoft Official Academic Curriculum, Installing and Configuring Server 2012 R2. This course is available as both a textbook and a lab manual, and they are superbly constructed. And, not only did Craig team up with Microsoft’s Server 2012 team to write this book, but if you don’t have access to a machine with at least 12GB of RAM and an i5 class or better processor, you can buy a MOAC edition that comes with the Microsoft Official Academic Curriculum Labs Online space, which provides all the horsepower you’ll need for doing the labs.
(Note: the “Server 1” course I taught at my local Technical College came right out of Craig’s book. So check out the course catalog of your nearest Technical or Community College. You may be surprised how pertinent, affordable, and enriching these institutions can be.)
The next vital acquisition is one of the Server 2012 R2 tomes, which are designed to cover every role and feature and provide the valuable insights of their highly qualified authors. I used Mark Minasi’s Mastering Windows Server 2012 R2, and found it to be excellent.
When you’re ready to test your knowledge, Transcender.com’s 70-410 Exam Engine is not an option: it’s essential. The only question is when to buy it. (Read on for my recommendations for timing your purchase.) However, at this early stage, it’s worth joining the Transcender Club (a free login) so that you’ll be notified of any flash sales and possibly score yourself a discount.
Finally, of course, you’ll have to register and pay for the exam. Microsoft frequently rolls out a Second Shot program, which allows a free exam retake in case you don’t pass the first time. It’s worth checking their Special Offers page on a regular basis while you’re still in learning mode. And as of this writing, I see you can download a free e-book by Mitch Tulloch, Introducing Windows Server 2012 RTM Edition (PDF, Mobi, EPub).
That’s it. Buy the above things at the right times as described below, and work with them as they were designed to be used, and you can pass the difficult 70-410 with confidence.
What to Do (and when to do it)
To get started, buy Craig’s book and lab manual. And if you don’t have access to the computing power you’ll need, buy them with the online lab space. And buy one of the Server 2012 tomes.
Next, spend about a hundred hours reading Craig’s book cover to cover, doing the labs as you go. (If you didn’t purchase the edition with online labs, refer to the free Microsoft Virtual Academy and TechNet video training.) During this lab/research phase, you should supplement your reading with TechNet’s Server 2012 collection and by skimming the related sections in your tome.
There are also quite a few excellent resources on the web. Microsoft’s TechNet Library should live in your bookmarks bar. (See http://technet.microsoft.com/en-us/library/hh801901.aspx )
When you’ve finished the research/lab phase, it’ll be time to buy the Transcender 70-410 test engine and drill with the flash cards and the mock exams. Your goal in this phase is to score in the mid-80 percentages each day for the entire week leading up to your exam. Remember, to be eligible for Transcender’s Pass Guarantee, you’ll need to take your exam within six months of the purchase date. (Also remember that if you buy the Exam Voucher with your test engine, that cost is not covered by the guarantee.)
In my next post I’ll describe how you can create a personalized Server 2012 study guide while doing your labs, research, flash cards, and mock exams. I’ll also focus in on questions from each of the 70-410 objective areas.
If you’ve got comments, I’d like to hear them.
Thanks in advance and good luck.
Tags: CompTIA, Performance-Based Testing, Security+, study tips, sy0-401
In my previous post, I covered the overall changes from SY0-301 to SY0-401. I described how the exam is moving from “tell” to “show and tell,” with more emphasis on applying your knowledge to scenarios than simply answering fact-based questions.
In this post I’ll delve into the first three domains and draw out the topic-level changes that may affect your study plan, especially if approaching your three-year renewal in Security+.
(In my final post, I’ll cover domains 4 through 6 and the list of acronyms.)
Domain 1: Network Security Changes
Domain 1.1 now states “Implement security configuration parameters on network devices and other technologies,” where this SY0-301 domain only asked you to explain each security function and its purpose. In addition, all-in-one security appliances are now referred to as UTM security appliances. These are now listed as including URL filters, content inspection, and malware inspection.
Domain 1.2 now states “Given a scenario, use secure network administration principles” where this SY0-301 domain focused on applying and implementing these principles. This particular change means that all questions now written for this domain will include scenarios.
Domain 1.3 now states “Explain network design elements and components” where they SY0-301 domain was only about distinguishing and differentiating between these components. The Cloud computing topic within this domain now has four new subtopics: Private, Public, Hybrid, and Community.
Domain 1.4 now states “Given a scenario, implement common protocols and services” where this SY0-301 domain was only about implementing common protocols. This particular change means that all questions now written for this domain will include scenarios. New protocols added to this domain include: iSCSI, Fibre Channel, FCoE, FTP, SFTP, TFTP, TELNET, HTTP, and NetBIOS. (Most of these were listed in Domain 1.5 in SY0-301 and were moved to this domain.) Also, this domain now includes a listing of port numbers that you should definitely know: 21, 22, 25, 53, 80, 110, 139, 143, 443, and 3389.
Domain 1.5 now states “Given a scenario, troubleshoot security issues related to wireless networking” where this SY0-301 domain was actually domain 1.6, where it read “Implement wireless network in a secure manner.” Once again, this domain change means that all questions now written for this domain will include scenarios. In addition, there are four new topics for this domain:
All of the new topics added to this domain are:
- Application-aware devices (1.1)
- Unified threat management (1.2)
- Layered security / Defense in depth (1.3)
- OSI relevance (1.4)
- Captive portals (1.5)
- Antenna types (1.5)
- Site surveys (1.5)
- VPN (over open wireless) (1.5)
Domain 2: Compliance and Operational Security Changes
There were so many new topics added in this domain that I have chosen to list them in the domain description (to prevent slow death by bulleted list).
Domain 2.1 now states “Explain the importance of risk-related concepts” instead of just defining the concepts, as in SY0-301. The topics that have been added to this domain are: False negatives, SLE, ARO, MTTR, MTTF, MTBF, Vulnerabilities, Threat vectors, Probability / threat likelihood, Recovery time objective, and recovery point objective.
Domain 2.2 is a new objective: “Summarize the security implications of integrating systems and data with third parties.” The topics included in this domain are as follows:
- On-boarding/off-boarding business partners
- Social media networks and/or applications
- Interoperability agreements
- Privacy considerations
- Risk awareness
- Unauthorized data sharing
- Data ownership
- Data backups
- Follow security policy and procedures
- Review agreement requirements to verify compliance and performance standards
Domain 2.3 now states “Given a scenario, implement appropriate risk mitigation strategies” instead of just carrying out these strategies as in SY0-301. One new topic was added to this domain: Enforce technology controls, including Data Loss Prevention (DLP).
Domain 2.4 is technically a new domain, but it was actually listed as a topic under Domain 2.4 in SY0-301. It states “Given a scenario, implement basic forensic procedures.” This is another domain that will include only scenario-based questions. Only one new topic is listed here: Big data analysis.
Domain 2.5 now states “Summarize common incident response procedures” where this SY0-301 domain was about executing the appropriate incident response procedures. All but one of this topics in this domain are new:
- Incident identification
- Escalation and notification
- Mitigation steps
- Lessons learned
- Recovery/reconstitution procedures
- First responder
- Incident isolation
- Device removal
- Data breach
Domain 2.6 is the same as Domain 2.4 in SY0-301. Topics that were added to this domain include: Role-based training, Information classification levels (High, Medium, Low, Confidential, Private, and Public), and Follow up and gather training metrics to validate compliance and security posture.
Domain 2.7 states “Compare and contrast physical security and environmental controls” and pulls some topics from SY0-301 Domain 2.6 Explain the impact and proper use of environmental controls. New topics to this domain include the following:
- Physical security
- Hardware locks
- Video Surveillance
- Proximity readers
- Access list
- Proper lighting
- Protected distribution (cabling)
- Motion detection
- Control types
Domain 2.8 is completely new and states “Summarize risk management best practices.” However, most of the topics in it are repeated from SY0-301 Domains 2.5 and 2.7. The NEW topics in this domain are as follows:
- Risk assessment
- IT contingency planning
- High availability
- Tabletop exercises
Domain 2.9 is completely new, and states “Given a scenario, select the appropriate control to meet the goals of security.” This domain, like many others, will only include scenario-based questions. The topics covered in this domain are as follows:
- Access controls
- Digital signatures
- Fault tolerance
- Escape plans
- Escape routes
- Testing controls
Domain 3: Threats and Vulnerabilities Changes
Domain 3.1 now states “Explain types of malware” where this SY0-301 domain asked you to analyze and differentiate malware. The new topics here are ransomware, polymorphic malware, and armored viruses.
Domain 3.2 now states “Summarize various types of attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Three new attack types were added to this domain: Password attacks (Brute force, Dictionary attacks, Hybrid, Birthday attacks, and Rainbow tables), typo squatting/URL hijacking, and watering hole attacks.
Domain 3.3 now states “Summarize social engineering attacks and the associated effectiveness with each attack” where this SY0-301 domain was about analyzing and differentiating these attacks. One new topic, Principles (reasons for effectiveness), was added with several subtopics: Authority, Intimidation, Consensus/Social proof, Scarcity, Urgency, Familiarity/liking, and Trust.
Domain 3.4 now states “Explain types of wireless attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Four new topics have been added to this domain: Near field communication, Replay attacks, WEP/WPA attacks, and WPS attacks.
Domain 3.5 now states “Explain types of application attacks” where this SY0-301 domain was about analyzing and differentiating the attacks. Four new topics have been added to this domain: Integer overflow, LSO (Locally Shared Objects), Flash Cookies, and Arbitrary code execution / remote code execution.
Domain 3.6 now states “Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.” The major change to this domain is that is uses the word scenario, which implies that all questions on this topic will now be scenarios. There are no new topics in this domain.
Domain 3.7 now states “Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities” where this Sy0-301 domain was about implementing these tools. Once again, scenarios are specifically mentioned as being the question type for this domain. Two new tools are listed in this domain: Passive vs. active tools and Banner grabbing.
Domain 3.8 now states “Explain the proper use of penetration testing versus vulnerability scanning.” Three vulnerability scanning topics have been added to this domain: Intrusive vs. non-intrusive, Credentialed vs. non-credentialed, and False positive.
Stay tuned next week, when I’ll finish out my summary of changes in Domains 4, 5, and 6!
Until next time!
Tags: CompTIA, Performance-Based Testing, Security+, study tips
Has it been three years already? It seems like just last week I was talking about SY0-301, and now here I am trying to catch my breath after pushing the 2014 Security+ exam, SY0-401, over the finish line and into our practice test lineup. (But really, I am just glad to finally get to write about something other than project management.) As usual, the new Security+ exam will include many of the same topics as the previous version. In this post I’ll focus on the overall differences between SY0-301 and SY0-401. In the next two posts (get excited!) I’ll take a closer look at changes within the examination blueprint, which can be downloaded here from CompTIA. (Note: the download requires you to provide personal information.)
Topics and weightings
At first glance, it may seem that very little has changed. The six domains are the same apart from some shifts in weighting (the percentage of the test devoted to that topic):
1.0 Network Security 20% (21% in SY0-301) 2.0 Compliance and Operational Security 18% (no change) 3.0 Threats and Vulnerabilities 20% (21% in SY0-301) 4.0 Application, Data and Host Security 15% (16% in SY0-301) 5.0 Access Control and Identity Management 15% (13% in SY0-301) 6.0 Cryptography 12% (11% in SY0-301)
As you can see from these numbers, this new distribution will probably only mean one or two questions more for Domains 5 and 6. But it’s more important to note that within each domain, there are many topic-level changes that will affect your study plan. Within these domains CompTIA has added several new topics which were not tested in 301. These new topics include application-aware devices, unified threat management, defense-in-depth, OS hardening, white-listing versus black-listing, and many others that I’ll cover in the next two posts. There are three new sub-domains distributed among Domains 2 and 4. These new sub-domains add topic coverage on mobile security, mitigating security risks in a static environment, and implementing basic forensic procedures. That last sub-domain leads neatly into my next topic: you can expect increased difficulty and more applied concept questions on the new Security+ exam, in comparison to the older style of asking straight knowledge-based questions.
Stop, Drop, & Scenario!
While many of the sub-domains cover the same list of topics, CompTIA has changed many of the keywords from “understand” and “explain” to “implement” and “troubleshoot.” Several also show the addition of one important phrase: “given a scenario.” Because this phrasing was added to so many domains, I feel I should take a little time to explain the distinction. As many of you know, the Security+ exam has been considered a mostly knowledge-based exam that includes mostly knowledge-based questions. Scenario questions are the next logical step up from knowledge-based questions. They expect you to take those tidbits of knowledge that you have memorized, remember them, and then apply them in the scenario to come up with the correct answer. Let me give you an example. First, look at a sample knowledge-based question from our practice test:
Which of the following is a default port used by FTP? a. 20 b. 53 c. 80 d. 443
Now look at another example, which turns this same question into a scenario:
Your company has recently implemented a new firewall. Users start complaining that they are unable to access resources on your company’s FTP server. What should you do? a. Open ports 20 and 21 on the new firewall. b. Open port 53 on the new firewall. c. Open port 80 on the new firewall. d. Open port 443 on the FTP server.
As you can see from my examples, you still need the same basic knowledge to answer both of these questions. So REALLY, answering these two questions is the same level of difficulty, but by adding the scenario you are ensuring that the student understands how the knowledge applies in a real-world situation. Instead of remembering which port belongs with FTP, the student also has to identify the location where the ports should be configured. I could also increase the difficulty of the scenario question by including more invalid options. We have released our SY0-401 practice test, a feat we are especially proud of because we are the first product to market. Please visit the product page for more information!
The next post will dive into the topic-level changes in Network Security (Domain 1), Compliance and Operational Security (Domain 2), and Threats and Vulnerabilities (Domain 3).
I’ll cover the other three domains in the final post in this series.
Until next time! –Robin
Tags: CISSP, study resources, study tips
Transcender developers Robin Abernathy and Troy McMillan have written the latest CISSP Cert Guide published by Pearson IT Certification, a leading publisher in the IT textbook and study guide field. This book is now available in print and electonic format through Amazon, Safari Books Online, Barnes & Noble, and other retailers, as well as directly from Pearson IT.
This book was released at the end of November. Purchasing the print copy also grants you a 45-day free trial of the e-edition through Safari Books Online. The print and electronic versions include two practice exams. The Premium Edition eBook includes additional practice exams and a more detailed answer key.
The authors were kind enough (a.k.a – they’re sitting right next to me so they don’t really have a choice) to provide a brief Q&A regarding the content.
Q. Would you say this book is exam-focused, or more of a general learning tool?
A: Definitely exam focused. It skips all of the intro fluff, and goes right to the meat of the exam topics.
Q. Who is the intended audience for this book?
A. The (ISC)2 CISSP exam itself requires that you have four to five years of hands-on experience in information systems security before trying to pass the test. This book contains what any EXPERIENCED security professional needs to review to pass the exam. It’s not designed for beginners.
Q. Do you need to own any particular equipment to use this book effectively?
A. The more devices and hardware you can use to practice the various security techniques, the better. For the book itself you’ll need a Windows desktop or VM to run the practice test engine.
Tags: pmbok 5th edition, PMI, PMP, study tips
In January of this year, the Project Management Institute (PMI) released the 5th Edition of the Project Management Body of Knowledge (PMBOK). While the book was released in January, the revised version of the Project Management Professional (PMP) exam was not released until July 31, 2013. That means it’s now my favorite time of the year: time for Robin to develop a new Project Management Professional practice test for our customers! Each time I take on a PMP revision, I begin with a thorough analysis of the differences between the old and new PMBOK editions. As I review the two standards, I make notes of all the changes so that I can ensure that I am using the current terms, process names, Process Groups, and Knowledge Areas. Having just finished reviewing the new book, I thought this would be a great time to let all of our blog followers know about the Process Group and Knowledge Area changes.
Major and minor changes between PMBOK 4 and PMBOK 5
Many of you already know that I am a big fan of charts and tables. One of my favorite tables in the PMBOK is Table 3-1, which is included in both the 4th Edition and 5th Edition. This master table gives an overview of all Knowledge Areas, Process Groups, and processes so you can better understand their relationships. In reviewing the two versions of this Table, I discovered these key changes:
- A new Knowledge Area named Project Stakeholder Management has been added.
- Five new processes have been added.
- Eleven processes have had name changes.
Having isolated this information from Tables 3-1 (4th Edition and 5th Edition), I then listed all changes that I could find between the two editions, from name changes to additions and subtractions.
The Process Groups have not changed. They are still Initiating, Planning, Executing, Monitoring and Controlling, and Closing.
First, the newly added Project Stakeholder Management Knowledge Area contains four processes:
- The Identify Stakeholder process has been moved from the Project Communications Management Knowledge Area, but remains in the Initiating Process Group.
- The Plan Stakeholder Management process is a new process in the Planning Process Group.
- The Manage Stakeholder Expectations process has been moved from the Project Communications Management Knowledge Area, but remains in the Executing Process Group. The process has been renamed the Manage Stakeholder Engagement process.
- The Control Stakeholder Engagement process is a new process in the Monitoring and Controlling Process Group.
The Project Integration Management Knowledge Area has one change: The Direct and Manage Project Execution process has been renamed to Direct and Manage Project Work.
The Project Scope Management Knowledge Area has two changes:
- A new process named Plan Scope Management has been added within the Planning Process Group.
- The Verify Scope process has been renamed to Validate Scope.
The Project Time Management Knowledge Area has one change: The Plan Schedule Management process has been added within the Planning Process Group.
The Project Cost Management Knowledge Area has one change: The Plan Cost Management process has been added within the Planning Process Group.
The Project Quality Management Knowledge Area has two changes:
- The Plan Quality process has been renamed to Plan Quality Management.
- The Perform Quality Control process has been renamed to Control Quality.
The Project Human Resource Management Knowledge Area has one change: The Develop Human Resource Plan process has been renamed the Plan Human Resource Management process.
The Project Communications Management Knowledge Area has five changes:
- The Identify Stakeholders has been moved to the new Project Stakeholder Management Knowledge Area.
- The Plan Communications process has been renamed to Plan Communications Management.
- The Distribute Information process has been renamed Manage Communications, and has undergone some revisions.
- The Manage Stakeholder Expectations process has been moved to the new Project Stakeholder Management Knowledge Area.
- The Report Performance process has been renamed the Control Communications process and has undergone some revisions.
The Project Risk Management Knowledge Area has one change: The Monitor and Control Risks process has been renamed to Control Risks.
The Project Procurement Management Knowledge Area has two changes:
- The Plan Procurements process has been renamed to Plan Procurement Management.
- The Administer Procurements process has been renamed to Control Procurements.
Well, there you have it: All the changes to Process Groups and Knowledge Areas in PMBOK 5th Edition. Also, keep in mind that I am communicating to you the official stance of PMI according to the PMBOK 5th Edition. Some folks will want to discuss the possibility that the Identify Stakeholders and Management Stakeholder Engagement processes that were moved are actually new processes. But they aren’t. If you read the content and compare it to the 4th Edition sections, you will see that much of the information is exactly the same. If you want to see a bit of the information I communicated above in a table format, please go to Heather Christian’s blog post at http://heatherchristian.wordpress.com/2013/01/14/knowledge-area-and-process-changes-in-the-pmbok-5th-edition/. Watch for my upcoming PMBOK series posts that will go into the nitty-gritty details about the Process Groups and the changes within the processes. The first post will be on the Initiating Process Group. Also, for those customers anxiously awaiting our PMP 5th Edition practice test, please know that we are working on the development and hope to have a new product released later this year. (And yes, we will release a new CAPM 5th Edition practice test as well!) Until next time -Robin
Tags: resource review, SQL Server 2012, study resources, study tips
I am always trying to gain more knowledge that will advance my career. However, I’m finding that keeping up with the leading edge of technology can be a bit pricey. I don’t want to find myself looking for loose change in parking lots or scuba diving at night for quarters in the wishing fountain at the mall to pay for training and materials on SQL Server 2012. Thankfully, Microsoft offers a lot of FREE resources to help you learn SQL Server 2012.
I highly recommend the SQL Server 2012 virtual labs (http://www.microsoft.com/sqlserver/en/us/learning-center/virtual-labs.aspx). At the time of this post, there are 19 labs that are between 45 and 90 minutes each. They cover such topics as AlwaysOn Availability Groups and Upgrading to SQL Server 2012. Bang-for-the-buck-wise, this is the best way to gain experience with SQL Server 2012. With these virtual labs, you don’t have to invest money in SQL Server 2012 licenses or buy additional hardware to set up a multi-server configuration to prepare for certification; you just need a highspeed Internet connection and Internet Explorer. The labs consist of virtual machines running SQL Server 2012 with accompanying lab text in a sidebar. Not every feature of SQL Server 2012 is enabled in the VM, but there are enough features to play around with and get a feel for the controls.
The labs have step-by-step instructions. I actually recommend that you ignore them the first time around. The beauty of these VMs is that you do not have to perform the lab by the directions. You can use the lab to experiment with the software and test different features.
Free Books Online
The SQL Server 2012 Books Online resource contains everything that you wanted to know about SQL Server 2012 but were too clueless to ask. You can access it on the web at http://msdn.microsoft.com/en-us/library/ms130214.aspx. If you are in a firewall or proxy-restricted environment, you can download the information directly from http://www.microsoft.com/en-us/download/confirmation.aspx?id=347. The downloaded version is nice to have on your mobile device if you’re stuck in an airport with no Internet connection and the airline can’t locate the plane that is supposed to take you home…totally hypothetical situation of course.
Microsoft Books Online allows you to search on any topic. The search results are pulled from TechNet and other authoritative sources.
The information is FREE and is generally used by technical writers to put together materials for SQL Server.
Microsoft Prep Guides
These are the classic pre-certification resource: the objectives and sub-objectives that you must master to pass the test. For example, the prep guide for the 70-462 exam, Administering Microsoft SQL Server 2012 Databases, can be located at http://www.microsoft.com/learning/en/us/exam.aspx?id=70-462. Here’s a tip: you can change the last number in the URL to match, your specific Microsoft exam to find the prep guide for that exam.
The prep guide pages have four tabs: Overview, Skills Measured, Preparation Materials and Community. The Overview tab describes the audience profile for the exam and any certifications associated with the exam. The Skills Measured tab lists tasks that you must master to be successful on the exam. The tasks are broken down by objective and each objective’s weighting percentage for the exam. The Preparation Materials tab displays the officially Microsoft sanctioned training materials. By now you might be reading along and saying, “Gee, George, I already checked there, and it was a dead end!” I feel your pain. Generally, there is not a lot of preparation information listed for a relatively new exam, and what is listed usually isn’t free. So I encourage you to check out the Community tab which has links to newsgroups that can give you a better perspective on training and possible offer some reviews on just-released instructional materials, so I find them a better resource for new technologies.
The Skills Measured tab lists the tasks Microsoft recommends that you know for the exam. I would suggest that you don’t limit your knowledge or experience to the items on this list. In my recent experience with Microsoft exams, the Skills Measured tab contains about 95% of what you will be asked on the exam. The other 5% will be the kinds of questions you can only answer from experience (which is where the virtual labs come in handy). Remember, Microsoft is moving away from the standard fact-based multiple choice question types, and weighing their exams more heavily toward question types that emphasize hands-on knowledge — such as Build List and Reorder, Extended Matching, and Case Studies. This is why you need to have a lot of practical knowledge of SQL Server 2012 to pass the exam.
Despite what is listed, there probably is a Transcender practice test available or SOON TO BE AVAILABLE for most of these exams. Check the Transcender web site regularly over the next few months for the availability of the practice test.
Free e-book: Introducing Microsoft SQL Server 2012
You should definitely obtain the free e-book on Microsoft SQL Server 2012. This e-book is an overview of SQL Server 2012 and will introduce you to some new features in SQL Server 2012. You can download the e-book from the link for the 70-462 Microsoft Prep Guide, http://www.microsoft.com/learning/en/us/exam.aspx?id=70-462#tab2.
Again, this is where those virtual labs come in handy. I guarantee that the certification exam will expect you to be familiar with the functionality changes between previous versions of SQL Server and SQL Server 2012. Go through the e-book chapter by chapter, and use the virtual lab to poke around every new feature introduced in the book.
To successfully pass a Microsoft exam and not spend a dime on additional training is possible, and I have done it, but you have to dedicate some time to it. You should go through each task in the prep guide for the exam. Learn all you can by searching for the task in the books online, and then perform the task in the virtual labs. This will enable you to update your existing knowledge of administering older versions of SQL Server and translate those concepts into 2012.
It is not hard or expensive to learn SQL Server 2012, but it is time consuming. Block out some time in your schedule and use the free resources that are available to master the skills required to gain your SQL Server 2012 certification.