Archive for the ‘Certified Ethical Hacker (CEH)’ Category

New and Improved PrepLogic Learning System!

Wednesday, September 8th, 2010

Over the past few weeks our users have noticed some really cool new features and improvements that have been added to our Online LearnSmart Video Training. These new features are all part of our upgrade from Online LearnSmart Video Training to our brand new PrepLogic Learning System. This new system provides all the excellent features and benefits of LearnSmart Video Training, plus the extra bonus of enhanced training, custom study guides, audio training and much more. It gives you the total training solution you need to pass your exam and get certified more quickly and effectively than ever before. So, let’s take this opportunity to go over some of the new features you’ll see the next time you log in to your LearnSmart Training System.

LearnSmart Video Training

LearnSmart Video Training provides start-to-finish instruction from experts with years of training experience. LearnSmart is a video based training product created, written and developed by IT and vocational skills expert trainers. Each course contains complete instruction sufficient for certification exams from universally respected certification bodies, such as Microsoft, CompTIA, VMWare and Cisco. LearnSmart Video Training features elegant, studio quality presentation with full color video, graphics, screenshots and demos.

The new PrepLogic LearnSmart Video Training features improved video controls, where you can adjust screen size and start, stop and rewind video at your leisure. This allows you to work at a speed that is the most conducive to your pace of learning, and thus the most effective. We’ve also added the ability to toggle video from the main window to the smaller, brand new Content Reader. The Reader delivers study guide material related to your video segments in an easy to navigate window.

Log In

Accessing your personal PrepLogic Learning System account is now easier than ever with our new and improved log in process. You can access your individualized Online LearnSmart Video Training by logging into your account through the PrepLogic homepage. Once you have logged in, you simply click on the “Online LearnSmart Video Training Icon” where you will then be prompted to your personal video course catalog, containing all of the certification training courses you have purchased. PrepLogic offers a wide variety of IT certification exam training, such as CompTIA A+, Microsoft MCITP Enterprise Administrator and Server Administrator, CCNA certification training and more.

Video Index

The Video Index feature functions as a table of contents for the course. The Video Index lists every segment of the course, allowing you to click on different segments and watch each segment’s corresponding video as you choose. You can watch specific segments repeatedly, in the case of more difficult material, or even skip over segments that you are already familiar with. Each video segment in the Video Index lists the length of time in that particular segment and becomes highlighted in the Index after the segment has been viewed. The Video Index organizes the course study in an easy to navigate, easy to read fashion, in which you, the student, are in control of the course and can keep track of your progress as you make your way through the material.

PrepLogic has greatly improved the functionality of the Video Index. You can now shrink and expand the streamlined Index to your preferred size. We’ve also improved the visibility and usability of the Index, which helps keep you organized through out your training by clearly showing, in a syllabus type format, the order of the videos in your training course, as well as keeping track of which videos you have watched in previous sessions.

Starred Training

Another new facet of the Video Index is the “Starred Training” feature. To the left of each segment listed in the Index, there is the option to click on a white star, which becomes yellow when clicked, marking that segment “starred” and categorizing it in your “My Starred Items” folder. This feature allows you to mark those segments you find the most important or critical to your course of study. Clicking on the “Starred Training” icon above the Video Index changes the Video Index to show only the items you starred, letting you focus on those starred videos. Choosing specific videos you want to watch, through the Starred Training feature, allows you to create your own custom course, where you can focus specifically, on what you need to be learning.

Content Reader

New Feature! The PrepLogic Learning System now includes a smart content reader that delivers “wiki-style” study guide content related to your video into an easy to use window labeled “Reader” below the Video Index. You can follow along in the Reader while watching video, enlarge the Reader content to the main screen, switching the video to the smaller screen, or email yourself the content in the Reader, creating your own PDF study guide that you can use on the go. The Reader works in conjunction with the video training for a truly comprehensive exam training experience.

IT Glossary

Recently added to the PrepLogic Learning System is the IT Glossary. This tool enables users to look up key IT terms and their definitions. Along with the definition of a term, the glossary provides related tags to that term. There are thousands of essential technical terms in the glossary, relating to fields such as networking, security, data base management and project management. The glossary is a quick and easy tool that makes sure you are familiar and knowledgeable with the language of popular certification exams like CISSP, Oracle, PMP, Microsoft MCITP, and Microsoft MCSE.

Download Extras

The Download Extras feature allows you to download custom study guides and audio training. PrepLogic is committed to making your IT certification training extremely accessible, so while you can download the PDF’s instantly to your computer you can also send the content to your mobile device, Kindle, iPad, Blackberry, Barnes and Noble Nook and many more devices. Now you can study for your IT certification exam virtually anywhere!

Audio Training

The audio segments are set up just like the Video Index, but in their own “Audio Index”, and can be played on your computer, just like the Video Lecture Series. When listening to the Audio Training Series on your computer, in your PrepLogic Learning System, glossary terms appear on the video screen to enhance your learning experience.

You can now enjoy your Lecture Series audio training online, or download it for use on your MP3 player, iPhone, iPod or any other device that plays audio. You can study in your car, at the gym or even walking the dog! Audio training helps improve memory retention so learning can occur more quickly and training can be completed faster. With the ability to listen to your certification training program on any portable audio device you will be confident and ready to take that CCNA certification exam or CompTIA Network+ certification exam in no time!

Most Recent Training Sessions

Below the video screen, you will find an index of your most recent training sessions. Re-live recent training sessions with a single click. You can also see what date you engaged in that session, as well as the time and duration. This tool serves as an excellent reminder of what you studied in previous sessions, and is a super-convenient way to recap your prior lessons.

Personal Trainer

PrepLogic developed the Personal Trainer tool to help you not only create a realistic study plan, but more importantly, help keep you on track with that study plan. When you begin your PrepLogic Learning System training, the Personal Trainer prompts you to set an exact date (referred to as the target completion date) of when you want to be finished with the training and fully ready to take the desired certification exam, along with the number of days per week you will be training. The Personal Trainer then calculates how many hours per week you should train in order meet that completion date.

The Personal Trainer keeps track of your progress in the course and lets you know, at the current rate you are training, if you are on pace to finish by your goal date. If you are not, the Personal Trainer tells you the expected date you will be finished if you keep at the current pace and how many hours behind your target pace you actually are. The “Stay on Pace!” reminder tells you which video to begin training with that day and which video to continue training through in order to keep your original pace. The Personal Trainer also keeps a calendar, tracking what days you trained and for how long. The calendar color codes your training into three categories: “On Pace”, “Behind Target Pace” and “Goal at Risk”. This serves as a motivational tool, and makes it clear to you how you are progressing.

The Personal Trainer Preview, conveniently located at the bottom of the screen, keeps a constant tab on your progression through the program, continuously showing you, percentage wise, how much training you have completed, how many days left remaining until your target completion date and how many hours per week you should be training in order to obtain that goal. The Personal Trainer, in combination with the Video Index, provides the much desired structure and direction of a classroom syllabus, but is actually designed by you, which allows for the flexibility you need, at a speed you can handle.

The innovative PrepLogic Learning System was designed with you in mind. The PrepLogic Learning System helps you learn faster and train smarter. The combination of Online LearnSmart Video Training, Audio Training, customizable study guides, flexible training schedules, and many more unique features make IT certification training with PrepLogic simple and enjoyable.

If you would like to inquire further about the PrepLogic Learning System or have any questions, please call 1-800-418-6789. Thank you for your interest and good luck with your IT certification training!

Share

Posted in A+ Certification, Career, CCNA, CCNP, Certification, Certified Ethical Hacker (CEH), Cisco, CISSP®, CompTIA, Convergence+, CWNP, Hyper-V, IT Industry, IT Training, ITIL, MCITP, Microsoft, Network+, Preplogic, Security+, Sharepoint 2010, Virtualization, Windows 7 | No Comments »

Practice Exams $59 through August 31

Monday, August 23rd, 2010

For the rest of the month, PrepLogic is keeping the price of our practice exams lowered to just $59. As many of you know, almost 80% of certified professionals use practice exams to pass their tests. So, if you’re working towards passing a certification exam it’s very important that you get a great practice exam that will help you get prepared for exam day.

For years, one of our most popular practice exams is for the CCNA certification. The Cisco CCNA Certification is still one of the most important credentials a technician can earn. PrepLogic’s Practice Exams give you the most practical and reliable training you can get for this exam with 6 complete practice test modules. You’ll have the option of using simulation mode, which is a straight up simulation of your exam, or learning mode which gives you the opportunity to customize and randomize the exam for your own needs. There’s over 340 questions available in this practice exam, which will give you plenty of experience answering questions before test day. Want to test your skills now? Check out this sample question from our CCNA Practice Exam:

Question
You have two routers within your network, and you need to enable RIP as your routing protocol. The routers are connected by the 192.168.1.0/24 network. Router A also has an interface in the 10.1.1.0/24 network. Router B has an interface in the 172.16.0.0/16 network. What are all the commands necessary to enable RIP on router B, and ensure all connected networks are reachable by router A?

Select the best answer.

A. router rip
B. router rip network 192.168.1.0
C. enable router rip network 10.0.0.0 network 192.168.1.0
D. router rip network 172.16.0.0 network 192.168.1.0

Exhibit:

Q63-Exhibit

The correct answer is D

Explanations
Answer A is incorrect because this command would just activate the routing protocol.

Answer B is incorrect. In order to ensure that router A learns all the connected networks on router B, you must use the network command for each interface, and directly connnected interfaces.

Answer C is incorrect because “enable router rip” is not a correct command.

Answer D is the correct choice. The “router rip” command activates RIP as the routing protocol. The “network” command then activates RIP processing for interfaces associated with the networks. In order for router B to propagate and receive information, both the 192.168.1.0 and 172.16.0.0 network statements must be present.

PrepLogic’s CCNA Practice Exam also provides advanced scoring and testing features to help increase your learning speed, as well as integration with Lecture Series audio training to give you audio coaching along the way. The everyday price for the CCNA practice exam is over $100, so now is a great time to pick it up for just $59. All of our practice exams will be discounted from now through August 31. If you have any questions about the CCNA Practice Exam (or any of our other exams for Microsoft MCITP certification, CompTIA A+ certification, Cisco certification and many more) give our guys a call at 1-800-418-6789. Thanks and good luck on your exam.

Share

Posted in A+ Certification, Career, CCNA, Certification, Certified Ethical Hacker (CEH), Cisco, CISSP®, CompTIA, IT Industry, IT Training, MCITP, Microsoft, Network+, Preplogic, Security+, Uncategorized, Windows 7 | No Comments »

PrepLogic Responds to Your Feedback

Friday, June 18th, 2010
Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.
Our first comment is in regards to a question in our Certified Ethical Hacker (312-50) Practice Exam. The question is:
You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.
A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing
The correct answers are B, C and D.
Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”
This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.
Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:
Which of the following is NOT a preventative physical access control? Select the best answer.
A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)
The correct answer is C, Call back systems, which is a preventative technical access control.
Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?”
It is true that Biometrics is a technical control.  But it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.
The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:
Question: You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.
A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.
The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.
An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.”
One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.
Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.

Our first comment is in regards to a question in our Certified Ethical Hacker (CEH) (312-50) Practice Exam. The question is:

You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.

A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing

The correct answers are B, C and D.

Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”  This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.

Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:

Which of the following is NOT a preventative physical access control? Select the best answer.

A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)

The correct answer is C, Call back systems, which is a preventative technical access control.

Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?” While it is true that Biometrics is a technical control, it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.

The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:

You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.

A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.

The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.

An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.” One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.

Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Share

Posted in A+ Certification, Career, Certification, Certified Ethical Hacker (CEH), CISSP®, Microsoft, Preplogic, Security+, Wireless | No Comments »

PrepLogic Responds to Your Feedback

Friday, January 8th, 2010

Hello everyone!

As most of our customers know, each of our practice exam questions feature a little blue link at the top of the engine that enables you to issue feedback for that question.  This is a great benefit for us for a couple of reasons. First,  it helps us identify and correct the rare spelling/content errors that appear.  It also helps us keep in touch with customers and take the pulse of the people who are using our training to get ready for the exam .  We felt like this would be a neat opportunity to take some of the feedback people have sent us recently and use our blog as a way for us to answer those questions, personally.  So, let’s start it off with a good question regarding the Certified Ethical Hacker exam.  Specifically, question number 249, which reads:

What are some common ways to prevent password guessing on a Windows Machine?  Select the best answers:

A.) Block ports 135-139

B.) Enforce Complex passwords

C.) Log security events 529 and 539

D.) Use NTInfoScan (now CIS)

E.) Use L0phtcrack

Obviously we can eliminate answer choice D as it’s a vulnerability scanner.  The latter is eliminated because, while it is an password auditing tool, it would only help us—at best—identify weak passwords.  The correct answers, then, are A, B and C.  The feedback we received from the customer is as follows:

“The Question is asking for ‘ways to prevent’ but logging does not prevent anything.  It is a detective control.”

Allow us to elaborate, a bit.  It’s true that logging is a detective control, but remember that the question is asking for ways to prevent a very specific kind of network attack: password guessing.  Logging security events 529 and 539—the log on and log off events, respectively—will allow us to see where on the system someone might be attempting to gain access through password guessing.  Without the logs, we’d be hard pressed to identify and counteract the threat.

Ok, our next comment comes from question number 114 of the CompTIA A+ IT Technician (220-602) practice exam.  The question reads:

You are configuring an email application on a laptop for a new user. The user is a salesperson and will be traveling most of the time. The email client and the email server both support the IMAP and POP3 protocols for receiving mail and you need to determine which to use. Which of the following characteristics about the users’ needs would be most important in determining which protocol to use? Select the best answer.

A.) The user has a significant amount of disk space available.

B.) The user requires that all email delivery be encrypted.

C.) The user needs to access her email from multiple machines or email clients.

D.) The user requires access to existing email messages, even while offline.

The correct answer is C.  Here’s the feedback we got from the customer:

“This question clearly states ‘You are configuring an email application on a laptop for a new user. The user is a salesperson and will be traveling most of the time….’ Yet, the answer to the question implies the user will not be using the laptop. The correct answer according to the test is ‘The user needs to access her email from multiple machines or email clients.’ If that is the case, why state that a laptop is being configured for the user. The answer is B, or is this a trick question?”

You’re right, technically it is a trick question. But it is similar to the type of question you’ll find on the actual A+ exam.  The question relies on your assumption that because we opened with a laptop that means the salesperson will necessarily use the laptop.  This question is less about the hard, technical knowledge required to be a PC tech and more about preparing you for the kinds of questions you’ll encounter on CompTIA’s tests .  A+ may be an entry-level certification, but the test is no joke (one of the most gifted technicians I’ve known failed the 600 series A+ three times).  They will try to trick you.  You have to be able to see through distracters, like the laptop in this question, and get to the meat of what they’re looking for.

Alright, that’s all for now.  Keep the feedback coming in, folks!

Share

Posted in A+ Certification, Certification, Certified Ethical Hacker (CEH), Microsoft, Preplogic, Uncategorized | No Comments »