Archive for the ‘Wireless’ Category

PrepLogic Responds to Your Feedback

Friday, June 18th, 2010
Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.
Our first comment is in regards to a question in our Certified Ethical Hacker (312-50) Practice Exam. The question is:
You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.
A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing
The correct answers are B, C and D.
Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”
This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.
Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:
Which of the following is NOT a preventative physical access control? Select the best answer.
A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)
The correct answer is C, Call back systems, which is a preventative technical access control.
Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?”
It is true that Biometrics is a technical control.  But it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.
The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:
Question: You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.
A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.
The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.
An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.”
One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.
Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Every PrepLogic Practice Exam question includes a “Feedback Link” that allows you to provide feedback or alert us to items you believe may be in error. From time to time we like to address some of your remarks here in our blog. Let’s take a look at some of our recent Practice Exam Feedback.

Our first comment is in regards to a question in our Certified Ethical Hacker (CEH) (312-50) Practice Exam. The question is:

You are a security consultant hired to perform a wireless penetration test. Which of the following would be considered part of the test? Select the best answers.

A.) Application Testing and Code Review
B.) Cordless Communications Testing
C.) Privacy Review
D.) Infrared Systems Testing
E.) PBX Testing
F.) Intrusion Detection System Testing

The correct answers are B, C and D.

Vincent writes in to say that “IDS testing should be a part of any Pen Testing for WAN or LAN.”  This is an excellent point for discussion. It’s true that IDS, in theory, can be used in the testing of wireless network vulnerabilities, but it isn’t a standard practice according to the CEH exam. IDS testing is essentially meant for wired communications. This journal article notes the need for improvements to IDS systems in order to account for the inherent vulnerabilities in wireless networks, but at this time, IDS systems are not used in this way. In the wireless penetration test example given, Cordless Communications Testing, Privacy Review and Infrared Systems Testing would be considered part of the test.

Our next comment comes from the feedback for our CISSP® Practice Exam. The question is:

Which of the following is NOT a preventative physical access control? Select the best answer.

A.) Biometrics
B.) Fences
C.) Call back systems
D.) CCTV (Closed-Circuit TV)

The correct answer is C, Call back systems, which is a preventative technical access control.

Our commenter asks “Isn’t biometrics considered more of a technical control than a physical control?” While it is true that Biometrics is a technical control, it is also a physical control.  Consider that a technical access control mechanism is one that prevents access to systems with the intention of protecting information. Laptops with built-in fingerprint scanners would be an example of biometrics used as a technical access control mechanism.  Physical access control mechanisms are distinguished from technical access control mechanisms, in that they restrict you from physically entering a space you don’t belong.  A finger print scanner at a secure entryway would be a biometric physical access control mechanism. Of the choices listed, Call back systems are not a preventative physical access control.

The final comment we will address today is from PrepLogic’s A+ Practical Application (220-702) Practice Exam. The question is:

You upgrade a system that contains a layered service provider from a previous version of Windows Vista.  The system loses network connectivity when configured for dynamic address assignment. How would you verify that this upgrade is the probable issue? Select the best answer.

A.) Open a command prompt with administrator rights, issue netsh winsock reset and check the listings.
B.) Open a command prompt, issue ipconfig and check for a “169.254.x.x” IPv4 address.
C.) Unplug and reinsert the network card, check for a loose cable and try to ping a nearby host.
D.) Call the Internet Service Provider and contact a network administrator.

The correct answer is B.  The 169.254.x.x is an APIPA address, signifying that the computer has no current network visibility.

An A+ candidate writes that “an APIPA does not verify an upgrade issue. There are many possible reasons for an APIPA. The only thing it verifies is that there is no network connectivity.” One of the biggest problems with Layered Service Providers is corruption of the TCP/IP stack, usually as a result of improper or incomplete removal of the service.  This is a widely known issue.  If the TCP/IP stack does become corrupted, the computer no longer can access the network and, thus, the computer pulls an APIPA address rather than one assigned by DHCP.  We can verify that the upgrade is the problem on the simple notion of causality.  Before the upgrade, my computer had access to the network.  After the upgrade, my computer pulls an APIPA address, leaving me to believe the TCP/IP stack is corrupted, since the question includes no additional information regarding improper DHCP configuration is included in the stem.

Remember, if you have any comments or questions about a practice question, simply submit your comment and our editorial team will review it. If we made a mistake (we’re only human!) we’ll correct it in a practice exam update. Thanks for your feedback, and good luck on your exams.

Share

Posted in A+ Certification, Career, Certification, Certified Ethical Hacker (CEH), CISSP®, Microsoft, Preplogic, Security+, Wireless | No Comments »

Free CWNP Retakes All Summer

Tuesday, May 11th, 2010
Certified Wireless Network Professional (CWNP) is giving all exam takers a do-over this summer. All summer long, people who fail their CWNP exam will be given a free second shot to try it again. The Second Shot program runs from May 1 – August 31 and includes CWNP’s most popular exams. Summer is a great time to catch up on your certifications, even if it takes you an extra shot to do it.
Here’s how it works, straight from CWNP:
Take the CWTS (PW0-070), CWNA (PW0-104), or CWSP (PW0-204) exam between May 1 and August 31, 2010.
If you do not pass the exam, send CWNP your Pearson VUE score sheet via fax (866-422-8354) or email (customercare@cwnp.com).  Make sure CWNP gets your full name and email address.
Within 15 business days, CWNP will email you your free second shot exam voucher.
It really is that simple.  CWNP wants you to go into any exam with confidence that you can pass the exam.  Below are some caveats that we want you to be aware of.
In related news, PrepLogic’s Certified Wireless Technology Specialist (CWTS) LearnSmart Video Training is in final production and will go live within days. Check out CWNP’s website to learn more about the small print and special details of the Second Shot offer. Good luck on your exams this summer.

Certified Wireless Network Professional (CWNP) is giving all exam takers a do-over this summer. All summer long, people who fail their CWNP exam will be given a free second shot to try it again. The 2nd Shot Program runs from May 1 – August 31 and includes CWNP’s most popular exams. Summer is a great time to catch up on your certifications, even if it takes you an extra shot to do it.

Here’s how it works, straight from CWNP:

  • Take the CWTS (PW0-070), CWNA (PW0-104), or CWSP (PW0-204) exam between May 1 and August 31, 2010.
  • If you do not pass the exam, send CWNP your Pearson VUE score sheet via fax (866-422-8354) or email (customercare@cwnp.com).  Make sure CWNP gets your full name and email address.
  • Within 15 business days, CWNP will email you your free second shot exam voucher.
  • It really is that simple.  CWNP wants you to go into any exam with confidence that you can pass the exam.

In related news, PrepLogic’s Certified Wireless Technology Specialist (CWTS) LearnSmart Video Training is in final production and will go live within days. Check out CWNP’s website to learn more about the small print and special details of the 2nd Shot offer. Good luck on your exams this summer.

Share

Posted in Certification, CWNP, Preplogic, Wireless | No Comments »

Two New Wireless Professional Certifications from CWNP

Tuesday, May 4th, 2010
Two New Wireless Professional Certifications from CWNP
Certified Wireless Network Professional (CWNP) recently announced the addition of two new professional-level wireless certifications to their line up of credentials. The new certifications offer IT pros the opportunity to distinguish themselves as experts in the ever-growing field of wireless technologies.
Brief descriptions from CWNP:
CWDP. The new CWDP certification will ensure that network engineers understand how to properly design 802.11 networks for a variety of applications in many different deployment environments. Because today’s Wi-Fi networks provide far more than portable Internet access, Wi-Fi engineers must be able to design networks for challenging mission-critical applications, regardless of the infrastructure and client vendor or the deployment environment.
CWAP. The CWAP certification is coming out of retirement. The CWAP certification was first launched in 2004 to lackluster success, mainly because the industry was not ready for the depth of analysis and troubleshooting that was required to earn CWAP. The CWAP certification will be reintroduced in late 2010, with updated content for 802.11n, WMM/QoS, and 802.11r/k, as well as a renewed focus on helping engineers troubleshoot and solve common real-world problems.
For more information about CWNP, or any other IT certifications and exams, call PrepLogic at 1-800-418-6789.
Certified Wireless Network Professional (CWNP) recently announced the addition of two new professional-level wireless certifications to their line up of credentials. The new certifications offer IT pros the opportunity to distinguish themselves as experts in the ever-growing field of wireless technologies.
Brief descriptions from CWNP:
CWDP
The new CWDP certification will ensure that network engineers understand how to properly design 802.11 networks for a variety of applications in many different deployment environments. Because today’s Wi-Fi networks provide far more than portable Internet access, Wi-Fi engineers must be able to design networks for challenging mission-critical applications, regardless of the infrastructure and client vendor or the deployment environment.
CWAP
The CWAP certification is coming out of retirement. The CWAP certification was first launched in 2004 to lackluster success, mainly because the industry was not ready for the depth of analysis and troubleshooting that was required to earn CWAP. The CWAP certification will be reintroduced in late 2010, with updated content for 802.11n, WMM/QoS, and 802.11r/k, as well as a renewed focus on helping engineers troubleshoot and solve common real-world problems.
For more information about CWNP, or any other IT certifications and exams, call PrepLogic at 1-800-418-6789.
Share

Posted in CWNP, Wireless | No Comments »