Certificates and Certificate Authorities - CompTIA Security+ Performance Based Question

แชร์
ฝัง
  • เผยแพร่เมื่อ 24 ธ.ค. 2024

ความคิดเห็น • 32

  • @eswalls
    @eswalls 10 หลายเดือนก่อน +2

    "Jovan Hayden: ​​Each time I watch your videos I feel nervous about taking the sec+ but I keep learning so fingers crossed"
    Me too!

  • @htwingnut
    @htwingnut ปีที่แล้ว +16

    I don't see those tools listed in the objectives anywhere. How are we supposed to know what tools to be familiar with?

  • @Tempy90
    @Tempy90 10 หลายเดือนก่อน

    "we should always restart first" Love it

  • @Stanky-kun
    @Stanky-kun ปีที่แล้ว +12

    I can't believe they actually used "pwned"....
    Great videos, I am going through all your PBQ's after failing the Sec+ by 10 points due to these questions. Surely next attempt will be a pass!

    • @1Qustion
      @1Qustion 10 หลายเดือนก่อน +2

      Hi, did you retake the exams, do they let you skip the pbq's and were they similar to the questions on here ?

  • @iSgapetti
    @iSgapetti ปีที่แล้ว +29

    CompTIA's semantics really grinds my gears sometimes. How is Attack 2 not a dictionary attack? The attacker literally used rockyou, a wordlist, as their dictionary for the attack?
    I thought brute-force attacks are about trying every possible combination of characters, and NOT using a wordlist like rockyou?
    Also hashcat and john the ripper are almost the same tool. In fact, most professionals these days use hashcat w/ multiple GPUs as it is faster than JtR. They justified hashcat being used in Attack 2 and not Attack 3 just because the question mentioned "hash"? Hashcat can also be used on Attack 3. What a load of bullshit

    • @hosamdaoud
      @hosamdaoud ปีที่แล้ว +4

      same problem here

    • @Ati27
      @Ati27 10 หลายเดือนก่อน

      Yep, it's dictionary attack by the book.
      ChatGPT: In the context of using "rockyou.txt.gz" for a dictionary attack, it's not a brute force attack because the attacker isn't trying every possible combination of characters. Instead, they're using a list of commonly used passwords and words.

  • @chriskeller8451
    @chriskeller8451 ปีที่แล้ว +29

    How tf are we supposed to answer a question like this in 1-5 minutes. I hate these questions smh most of this stuff isn’t even in the objectives

    • @Jay-qt9lk
      @Jay-qt9lk 7 หลายเดือนก่อน +4

      exactly

  • @eswalls
    @eswalls 10 หลายเดือนก่อน

    I guess we've heard of the tools now. "Mimikatz vs Windows and Kerberos."
    Professor Messer mentioned John the Ripper in one of his videos.

  • @zacherymahoney12
    @zacherymahoney12 ปีที่แล้ว +4

    Where can i learn more about these tools thats something new to me. Not in my study guide or any course ive watched

    • @cyberkraft1
      @cyberkraft1  ปีที่แล้ว +1

      Hi Zachery, I do teach all of these tools in my Security+ course: cyberkrafttraining.com/security-plus-sp/

  • @AcidoCaustico
    @AcidoCaustico ปีที่แล้ว +1

    Thank you

  • @ironsilk6634
    @ironsilk6634 ปีที่แล้ว

    Good video, thanks!

  • @imdyan
    @imdyan ปีที่แล้ว

    Always catch me out with the first few seconds of video just smiling ..I always think "is my sound working?" Great vids though cheers!

  • @codingcryptofitness738
    @codingcryptofitness738 21 วันที่ผ่านมา

    Will this kind of question be asked in the 701?

  • @arminelyaderon9322
    @arminelyaderon9322 5 หลายเดือนก่อน

    I don’t understand how the second one is not a dictionary attack if the attacker is using the rockyou wordlist. Brute force would mean you are using every possible combination.

  • @unregisterednumbertone3276
    @unregisterednumbertone3276 ปีที่แล้ว +4

    The hybrid one is a little iffy, would you technically be bruteforcing?? Seems like just a dictionary attack to me, just MAYBE adding characters to each line for the salt. (As we are using the file from haveibeenpwned). That was tough 😂 good work boss

    • @iSgapetti
      @iSgapetti ปีที่แล้ว +5

      How is Attack 2 not a dictionary attack? The attacker literally used rockyou, a wordlist, as their dictionary for the attack?
      I thought brute-force attacks are about trying every possible combination of characters, and NOT using a wordlist like rockyou?

    • @Squatch76
      @Squatch76 8 หลายเดือนก่อน

      @@iSgapettiI believe since it had keywords like “tool several hours to recreate” meaning it’s more of a brute force. I agree I would not have picked it though. That’s why we gotta watch these and learn how to answer the CompTIA questions and not necessarily how we would answer. So many questions have multiple “correct” answers but there is always the one they are looking for.

  • @grundikelectron3207
    @grundikelectron3207 11 หลายเดือนก่อน +2

    is it possible to skip PBQ question on the exam and then return to answer it later ?

    • @tim57564
      @tim57564 10 หลายเดือนก่อน +5

      Yes, I always skip and go back. After you finish the last question a window appears with 1-90 so u can click 1 and do the pbqs. Helps with stress and time management

    • @Squatch76
      @Squatch76 8 หลายเดือนก่อน +1

      @@tim57564I’ve also heard people say “tag” a question for later. Is there a button to click for each question or is there a visual aid to see what questions remain once you choose an answer to the last question?

    • @jorgevalencia6926
      @jorgevalencia6926 8 หลายเดือนก่อน +2

      @@Squatch76 yes when you are done with the last question they bring you to a screen with all of the questions, and you can see which ones you flagged. You can also jump from one question to another.

    • @Squatch76
      @Squatch76 8 หลายเดือนก่อน +2

      @@jorgevalencia6926 amazing I was hoping that was the case. Thanks very much for the info. Taking this exam in a couple weeks.

  • @gladcomming
    @gladcomming 10 หลายเดือนก่อน +1

    Next out of touch pbq, those tools arent even mentioned in objective list

  • @ian562ADF52E
    @ian562ADF52E ปีที่แล้ว +1

    Wow, I hope I don't get one like this.

  • @MrNiceGuy1422001
    @MrNiceGuy1422001 ปีที่แล้ว +2

    Thanks for posting! Why would both a root and secure cert be needed? Please feel free to pretend like you're speaking to an 8-year-old with reply.

    • @Huleeorhulio
      @Huleeorhulio 6 หลายเดือนก่อน

      Good question

  • @MrNiceGuy1422001
    @MrNiceGuy1422001 ปีที่แล้ว +1

    Pwned!

  • @Vi1lage__idi0tt
    @Vi1lage__idi0tt 6 หลายเดือนก่อน

    These are the most poorly written prompts I have ever seen in my life lol