Archive for the ‘A+ Certification’ Category

PrepLogic Responds to Your Feedback

Friday, June 18th, 2010
Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.
Our first comment is in regards to a question in our Certified Ethical Hacker (312-50) Practice Exam. The question is:
You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.
A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing
The correct answers are B, C and D.
Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”
This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.
Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:
Which of the following is NOT a preventative physical access control? Select the best answer.
A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)
The correct answer is C, Call back systems, which is a preventative technical access control.
Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?”
It is true that Biometrics is a technical control.  But it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.
The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:
Question: You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.
A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.
The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.
An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.”
One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.
Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.

Our first comment is in regards to a question in our Certified Ethical Hacker (CEH) (312-50) Practice Exam. The question is:

You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.

A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing

The correct answers are B, C and D.

Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”  This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.

Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:

Which of the following is NOT a preventative physical access control? Select the best answer.

A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)

The correct answer is C, Call back systems, which is a preventative technical access control.

Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?” While it is true that Biometrics is a technical control, it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.

The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:

You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.

A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.

The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.

An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.” One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.

Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Posted in A+ Certification, CISSP®, Career, Certification, Certified Ethical Hacker (CEH), Microsoft, Preplogic, Security+, Wireless | 2 Comments »

New Product Focus: Convergence+ LearnSmart Video Training

Thursday, June 10th, 2010

One of PrepLogic’s newest titles is Convergence+ LearnSmart Video Training. The new course trains IT professionals in the topics you need to know to pass the CompTIA Convergence+ certification exam. Over the past few years, the Convergence+ certification has grown in popularity and acceptance as the adoption of VoIP technology has ramped up.

Convergence+ is a credential for technicians who specialize in unified communications. Passing the exam illustrates a technician’s ability to design, implement and manage both data and voice networking.

The Convergence+ LearnSmart Video Training course goes into detail about why VoIP really matters. Expert Tom Carpenter discusses the origins of telephony and the series of technological advances that have brought us into this era. In addition to Convergence+, the material in this video can prepare you to earn your CCNA Voice certification.  Some of the topics Tom covers include:

  • Understanding Traditional Telephony
  • VOIP Fundamentals
  • Unified Communications
  • Working with Gateways
  • Configuring Dial Peers
  • Quality of Service
  • Gatekeepers
  • Troubleshooting

The 13 hour Convergence+ LearnSmart Video Training course takes you step-by-step through the process of implementing IP address schemes and IP services to meet network requirements in a medium-size enterprise branch office network. In addition, this course will show you how to design and implement full featured switched networks that converge efficiently. To help get you familiar with the course, PrepLogic has put up a free 30-minute preview of Convergence+ LearnSmart Video Training. Check it out today.

Posted in A+ Certification, Career, Certification, CompTIA, Convergence+, IT Training, Network+, Uncategorized | No Comments »

High Tech Jobs on the Rise

Monday, May 24th, 2010

A new article published by the Associated Press has good news for people looking for a job in technology. High-tech jobs, especially positions for individuals with IT certifications, are on the rise.  According to the article, the U.S. Bureau of Labor Statistics rates job prospects as excellent for IT positions  “ranging from network administrators, software engineers and programmers to computer manufacturers, operators and repairers.”

Sources in the article recommend certifications including CompTIA A+, Network+ and Security+ for those interested in taking advantage of the opportunities in the field.

Additionally, the article indicates that the opportunities aren’t limited to high-tech companies. IT positions in the medical field are likely to increase due to the ramping up of online, confidential medical records and documentation.  “Feeding that growth is the more than $25 billion that the federal government plans to spend to expand use of health IT by 2014.”  Positions that should increase in demand include network systems analysts, data communication analysts and software engineers.

For more information about IT certifications and the opportunities they provide, contact PrepLogic’s IT career counselors at 1-800-418-6789.

Posted in A+ Certification, Career, Certification, CompTIA, Preplogic, Security+ | 1 Comment »

New! PrepLogic A+ Training on Your Amazon Kindle

Wednesday, March 31st, 2010

Aplus-Essentials

Now you can train for your exam with PrepLogic on your Amazon Kindle ebook reader. Just this week, PrepLogic has launched the A+ Essentials (220-701) Exam Manual and the A+ Practical Application (220-702) Exam Manual for the Amazon Kindle. PrepLogic’s Exam Manual line of IT certification training is perfect for the Amazon Kindle. Each Exam Manual gives you the down and dirty details you need to pass your exam and get certified. These products were designed specifically for the Amazon Kindle, so you can use them anywhere, take notes and learn whenever you have the opportunity. They’re available directly through the Amazon Kindle store, so you can choose, download and start learning in under a minute. The first wave of titles include the A+ Essentials (220-701) Exam Manual and the A+ Practical Application (220-702) Exam Manual. Shortly after PrepLogic will be introducing the Cisco CCNA (640-802) Exam Manual, Network+ (N10-004) Exam Manual, Window 7 Configuration (70-680) Exam Manual and many more. Of course, if you have any questions about the CompTIA A+ or any other certification training, please give PrepLogic a call at 1-800-418-6789.

Posted in A+ Certification, Certification, CompTIA, Preplogic, Uncategorized | No Comments »

CompTIA Goes Green with Eco-Friendly IT Certification

Friday, March 26th, 2010

A new certification from CompTIA can help IT pros demonstrate their knowledge of environmentally friendly IT practices. According to CompTIA, the Strata Green IT certificate is designed to “enhance the technology professional’s experience, knowledge and existing certifications to incorporate green IT methodologies.”

CompTIA is the certification entity that brings you the A+, Network+, Security+ and many more vendor-neutral certifications. As their motto suggests, the company’s goal is “Advancing the Global IT Industry.” With their newest credential, CompTIA hopes to help people who are concerned about the environment as well as their company’s bottom line. Environmentally friendly “green” initiatives have ramped up over the past few years, and the benefits of going green are plenty. The CompTIA Strata Green fact sheet states that eco-friendly initiatives can lower costs, reduce economic impact and “ultimately enhance a company’s green credentials and improve competitiveness.”

To earn the Strata Green IT certificate, CompTIA recommends that the candidate have 18+ months of experience and possess a CompTIA A+ or CompTIA Server+ certification. The test has 30 questions and lasts 60 minutes. The passing score is 70%.  A list of test objectives can be downloaded from CompTIA. Some of the knowledge areas that are required to pass include knowledge of green IT methodologies, ROI for green practices, cost-cutting green techniques and environmentally sound waste disposal. In addition, test-takers will need to be familiar with many of the green-related organizations and standards including the United Nations Intergovernmental Panel on Climate Change (IPCC), the UN Environmental Program (UNEP), the U.S. Environmental Protection Agency and others.

The CompTIA Strata Green certificate exam is available now and can be taken at Pearson VUE and Prometric centers. If you have any questions about this exam, or any other CompTIA certification exam, give PrepLogic a call at 1-800-418-6789.

Tags: ,
Posted in A+ Certification, Certification, CompTIA | No Comments »

PrepLogic Responds to Your Feedback

Tuesday, March 2nd, 2010

How about another round of QA with your Managing Editor and a few inquisitive customers? Our first item comes from the A+ Essentials (220-701) Practice Exam. The question is:

Your boss wants you to procure an external hard drive for his PC so that it can be quickly backed up. If he wants the quickest backup, which of the following busses should you use? Select the best answer.

A.) IEEE 1394
B.) IEEE 1284
C.) RS-232
D.) USB 2.0

The correct answer is A. Let’s run through why A is the right choice.

Answer choice B, IEEE 1284, is the spec for parallel ports which, when compared to either USB or FireWire (IEEE 1394), is much slower—about 1.5 MB/s. Definitely out. C, RS-232 is the spec for serial ports. Also too slow at 115 KB/s. That leaves A and D. USB 2.0 is an excellent transfer mechanism; but, when compared to FireWire, it’s slower: 480 Mpbs.
Tom from Mariposa CA had a question about the explanation for why FireWire is correct. We explain that FireWire is good for up to 800 Mbps and is, thus, faster than USB 2.0. Tom writes: “IEEE 1394 is 400 Mbps; USB 2.0 is 480 Mbps; IEEE 1394b which is not a choice here, runs at 800.”
Technically, Tom is correct. The b revision for IEEE 1394 is the one that runs at 800 Mbps. But, the community doesn’t refer to FireWire by its revision designation in more common parlance. All things being equal, the IEEE 1394 revision that runs at 400 Mbps is actually IEEE 1394-1995. But we don’t call it that; likewise, we don’t refer to the 2006 revision of the standard as IEEE 1394c-2006. Nor will we call the as yet unreleased (and blazingly fast at 6.2 Gbps!) IEEE 1394 revision as IEEE P1394d. Whatever the currently used FireWire standard is, it will be referred to as IEEE 1394 (or FireWire).

The next item we’ll go over comes from PrepLogic’s CCNA Voice Practice Exam. The question states:
“Using the given analog sound wave diagram, which part of the sound wave depicts the amplitude?” For reference, we’ve included this diagram.

ccna-voice-q43

The answer choices are as follows:

A.) Letter A
B.) Letter B
C.) Letter C
D.) Letter D

The correct answer is B.

James from Melbourne, Australia remarks that he “[does not] agree with… letter B. Self study says it’s… Letter C”.
Here’s the rub: the diagram actually shows two different types of amplitude identified by both Letter B and Letter C. So how do you distinguish? Well, only one type of amplitude is important to telecommunications and, thus, the CCNA Voice exam: peak amplitude. Peak amplitude is exemplified by Letter B. Peak-to-peak amplitude (Letter C) is a common way of measuring amplitude, but peak amplitude—the absolute value of the signal, is more appropriate for this measurement.

The last item we want to discuss comes from PrepLogic’s Security+ (SY0-201) Practice Exam. The question:

Which of the following is NOT true about password security?

A.) Passwords are kept secret at all times.
B.) Passwords are of a minimum sufficient length.
C.) Passwords are of a minimum sufficient strength.
D.) Passwords are generated of personal possessions or preferences.

The correct answer is D.

Stuart from Sierra Vista, AZ writes that he sees two answer choices that are repeated. This is actually another excellent demonstration of how CompTIA creates distracters that pull you away from the correct answer. The problem is that, in reading quickly, answer choices B and C do, indeed, look the same. However, if you look closely you’ll see that answer B indicates passwords “of a minimum sufficient length” while answer C indicates passwords “of a minimum sufficient strength.” This just shows that you have to make sure to read your questions very carefully when taking the test.

Ok, that’s all for now. Check back soon for another installment!

Posted in A+ Certification, CCNA, Certification, CompTIA, Preplogic, Security+, Uncategorized | No Comments »

A+ Certified Guy Going for the Gold in Vancouver

Friday, February 26th, 2010

A little less than an hour from now (1 p.m. PST), Olympic athlete and certified IT professional Steven Holcomb will continue his quest for the Gold Medal at the Winter Olympics in Vancouver, Canada.  As reported by the Microsoft Born to Learn blog and by CNET, Steven’s an A+ certified professional and a Microsoft MCP who has taken some time off from the tech world to pursue the ultimate prize in both the 2-man and 4-man bobsleigh events at the super-fast Whistler track in Vancouver.  Holcomb and his partner Curtis Tomasevicz finished out of the medal race at sixth place in the 2-man event. However, coming into competition on Friday Holcomb, Tomasevicz and their U.S. teammates Steve Mesler and Justin Olson are sitting in first place in the 4-man bobsleigh event.

Holcomb is an avid video gamer and is pursuing a computer science degree.  And you can see his dedication to the IT business just by looking at his twitter name; pcbobsledder.  He also likes to have fun at work. Check him out as he does The Holcy Dance in his free time in Vancouver.

Be sure to check out Holcomb as he continues his quest for Olympic gold. The 4-man bobsleigh event concludes Saturday, February 27.

UPDATE

They did it!

CompTIA A+ certified technician Steven Holcomb and his “Night Train” U.S. Olympic 4-man Bobsleigh team took the Gold Medal.  It was the first time the U.S. won the gold in that event since 1948, and almost certainly the first Olympic Gold Medal for an A+ certified technician.

Posted in A+ Certification, Certification, CompTIA, MCITP, Microsoft, Preplogic, Uncategorized | No Comments »

Exclusive A+ 2009 Video Preview : Video Cards

Tuesday, January 19th, 2010

We really enjoy the new A+ 2009 LearnSmart Video Training more and more everyday. It’s filled with some of the most entertaining and clever video instruction methods ever released. Instead of just using boring slides and arrows to illustrate training topics and software components, your instructor Mike Meyers shrinks down and gets in there himself! I can’t describe it well enough to do it justice, so why not take a look yourself. Watch the following clip and learn about Video Cards from Mini-Mike, your instructor for CompTIA A+ 2009 LearnSmart Video Training.

Tags: , , ,
Posted in A+ Certification, Certification, CompTIA | No Comments »

PrepLogic Responds to Your Feedback

Friday, January 8th, 2010

Hello everyone!

As most of our customers know, each of our practice exam questions feature a little blue link at the top of the engine that enables you to issue feedback for that question.  This is a great benefit for us for a couple of reasons. First,  it helps us identify and correct the rare spelling/content errors that appear.  It also helps us keep in touch with customers and take the pulse of the people who are using our training to get ready for the exam .  We felt like this would be a neat opportunity to take some of the feedback people have sent us recently and use our blog as a way for us to answer those questions, personally.  So, let’s start it off with a good question regarding the Certified Ethical Hacker exam.  Specifically, question number 249, which reads:

What are some common ways to prevent password guessing on a Windows Machine?  Select the best answers:

A.) Block ports 135-139

B.) Enforce Complex passwords

C.) Log security events 529 and 539

D.) Use NTInfoScan (now CIS)

E.) Use L0phtcrack

Obviously we can eliminate answer choice D as it’s a vulnerability scanner.  The latter is eliminated because, while it is an password auditing tool, it would only help us—at best—identify weak passwords.  The correct answers, then, are A, B and C.  The feedback we received from the customer is as follows:

“The Question is asking for ‘ways to prevent’ but logging does not prevent anything.  It is a detective control.”

Allow us to elaborate, a bit.  It’s true that logging is a detective control, but remember that the question is asking for ways to prevent a very specific kind of network attack: password guessing.  Logging security events 529 and 539—the log on and log off events, respectively—will allow us to see where on the system someone might be attempting to gain access through password guessing.  Without the logs, we’d be hard pressed to identify and counteract the threat.

Ok, our next comment comes from question number 114 of the CompTIA A+ IT Technician (220-602) practice exam.  The question reads:

You are configuring an email application on a laptop for a new user. The user is a salesperson and will be traveling most of the time. The email client and the email server both support the IMAP and POP3 protocols for receiving mail and you need to determine which to use. Which of the following characteristics about the users’ needs would be most important in determining which protocol to use? Select the best answer.

A.) The user has a significant amount of disk space available.

B.) The user requires that all email delivery be encrypted.

C.) The user needs to access her email from multiple machines or email clients.

D.) The user requires access to existing email messages, even while offline.

The correct answer is C.  Here’s the feedback we got from the customer:

“This question clearly states ‘You are configuring an email application on a laptop for a new user. The user is a salesperson and will be traveling most of the time….’ Yet, the answer to the question implies the user will not be using the laptop. The correct answer according to the test is ‘The user needs to access her email from multiple machines or email clients.’ If that is the case, why state that a laptop is being configured for the user. The answer is B, or is this a trick question?”

You’re right, technically it is a trick question. But it is similar to the type of question you’ll find on the actual A+ exam.  The question relies on your assumption that because we opened with a laptop that means the salesperson will necessarily use the laptop.  This question is less about the hard, technical knowledge required to be a PC tech and more about preparing you for the kinds of questions you’ll encounter on CompTIA’s tests .  A+ may be an entry-level certification, but the test is no joke (one of the most gifted technicians I’ve known failed the 600 series A+ three times).  They will try to trick you.  You have to be able to see through distracters, like the laptop in this question, and get to the meat of what they’re looking for.

Alright, that’s all for now.  Keep the feedback coming in, folks!

Posted in A+ Certification, Certification, Certified Ethical Hacker (CEH), Microsoft, Preplogic, Uncategorized | No Comments »

A+ certified, what’s next?

Wednesday, October 21st, 2009

So, in those first few months after I got my A+, I tried some old school kind of things, like cold-calling local businesses in my home town, walking up to the doors of some of the bigger corporations (my hometown is the host of Aflac, home of that annoying duck voiced by Gilbert Godfrey) and, eventually, driving up to the local metropolis—Atlanta, in my case—and doing the same thing there. I actually didn’t have a lot of success finding a job that way, but I did learn a few important lessons about the hunt. For instance, be prepared for a large degree of cluelessness on the part of human resource personnel. As it turns out, most people don’t know what an A+ or Net+ certification means, who CompTIA is and why any of that stuff is important. Try not to get discouraged when you hit roadblocks like that. You can actually use that cluelessness as a conversation starter to explain what your certification means. At the very least, it gives you the opportunity to explain your qualifications and what sort of job roll you might be able to play.

Learn to market yourself. This is a big one. And, today, you have so many places to market yourself for free. Start a blog about the job hunt and the things you’re doing to stay current in the industry and get hired. Leverage all those social networking sites you’re a part of. I’ve seen three people get jobs simply by posting a status message that says, “Hey, I just got my whatever certification and if anyone knows anybody looking, let me know!” I have a former CPA relative that gets Facebook contacts hired to positions at his previous customers’ places of business all the time.

Another thing to keep in mind: you’re now officially “that guy or gal” that your friends go to for basic technical support. In our ever more connected society, that’s networking you just can’t buy. So, sure, go fix Aunt Patty’s printer problem; but make sure you tell her to let her friends and associates know what a great techie you are. Within a month or so of doing pro bono work for your circle of acquaintances, you should have a pretty nice list of contacts you can mine for job search data. (more…)

Tags: , ,
Posted in A+ Certification | 3 Comments »