Security+ Performance Based Questions (PBQs) SY0-601 Practice
HTML-код
- Опубликовано: 10 янв 2023
- These are some well-made performance based questions that will give you a good idea of what to expect on the CompTIA Security+ SY0-601 certification exam. Thanks for watching
Thank you for showing us the PBQ test questions behind COMPTIA's paywall. I feel like these questions set us up to fail, the questions have several correct options, you just have to choose the "best one". And their grading system is proprietary so we really don't even know how we are being graded. Throw in the fact that we don't even get a retake unless we want to shovel out a few hundred more bucks makes me think the entire COMPTIA certification platform is a massive money grab. Oh well, I am taking the test Saturday, wish me luck! .... Oh and I have learned to not second guess myself from passing COMPTIA A+ part one and two so you nailed it on the 2nd question!
You are absolutely correct! The first thing I noticed when taking practice exams is they are designed to confuse you and make you re-read the questions multiple times. You realize there are several possible answers, but the only answer is the one THEY want you to choose, not always the correct answer. I have run across several questions that were answered incorrectly, but based on their scenario, by one word it could technically be correct. It's infuriating and it is absolutely a scam to get more money! They make loads off the test costs, and they make even more off their course material that also doesn't really benefit you either. You'll notice that most professionals, myself included, will utilize other methods especially RUclips to get the information more broadly and more focused, and based on the actual exam and from people who have taken and passed it. We all know whats up after that, especially if we had to take it more than once-to pass. My job requires I have it or else I don't have a job. Unfortunately, it is a scam to get more money, and not really to teach you anything. It does teach you stuff, don't get me wrong, but they purposely design the tests for failure.
I have my sec+ test on Monday and definitely appreciate a view of potential PBQs. Also, I really like that you keep your experience raw and don't try to edit it to make it seem like you know all the answers! Thanks for the conten!
@A Rose, how did you go?
How'd your test go? I have mine this upcoming friday.
@@jonasmosby6526 I know you asked A Rose, but I took mine couple weeks ago and cleared it 🙂. All the best!
@@namrathak7178 I passed!!! Definitely recommend doing those PBQs at the end. I’m a fast test taker but I finished the regular questions with only 12 minutes left for all PBQ.
@@jonasmosby6526 I passed! Super excited. Like I said above, definitely do those PBQs at the end.
I liked that you were honest and showed not getting it 100% right first time.
Great work. Do some in depth videos on dissecting logs to get the answer.
Need more boss. Watched a couple times now and a few more to go...
Thank you so much for this when I took my A+ I think the only way I passed the core one and core two on the first try is because I nailed the PBQs because I don't think I did so hot on the multiple choice questions and when I failed the Net+ the first time it is was because despite feeling like I did great on the multiple choice I did not do so good on the PBQs. I got the Sec+ coming up and this will help a lot.
I passed! Thanks for the help!
Glad it helped!
Question, great video. Did CompTIA come after you for streaming these? I have the 701s and I’d love to do the same.
Where can i purchase the program that you use for the simulation PBQs? Thank you and nice video!
CompTIA.org look for certmaster
Thanks!
Thanks Richard!!!
Thanks for this ☺
My pleasure 😊
I teach Sec+ for a living and the CertMaster PBQs (and Practice Questions) are absolute T R A S H.
any advice, it is what I failed on the first time I took the exam. Taking it again thursday
@@quizzicalsquare3385 same advice I give all students: study the material.
Song?
Wouldn't the fact that the Victim's defenses has MFA nullify using a keylogger? At that point, even if you have a keylogger, you wouldn't know the code given to the user until they logged in?
That was my thought too. I hope the actual exam isn't this hair-splitting (Trojan vs Virus...) and self-conflicting.
@@nasonguy It will be just like this because there are indeed differences between these terms that CompTIA wants you to know. The technical definition of a virus includes that, along with obviously being malicious software (which everyone already knows it as), it distinctly makes copies of itself. A trojan doesn't technically fall under the category of virus for this reason, and a trojan also executes its payload specifically through embedding the malicious code in an otherwise operational document/program. In both cases we are sending some document that also includes a hidden payload (not virus), like a keylogger. Assuming you know the technical definitions, there is no hair-splitting and no apparent conflicts.
Are these PBQ's the ones that I can purchase off of Comptia's website?
Yes, these PBQs come from the certmaster training produced by CompTIA
Thanks! Are you doing zoom teaching/coaching?
I've never even considered that! But thank you for the idea and thank you for watching! 🙂
I'm really struggling to understand the second PBQ. If Alice encrypts the message with her private key, and her public key is - public - then wouldn't anyone be able to decrypt it? I thought the correct answer would be Alice encrypting it with Bob's public key (anyone can know this), and the only decryption method would be in Bob's possession - his private key. I'm lost on how this is flipped around in this question. Anyone care to explain?
She has a key pair one public and one private. Review digital signatures if you want more in depth answers
@@wrenh5046 Yeah I think I figured it out. The exercise was specifically non-repudiation, not confidentiality. That's what threw me off. You are right for anyone else in my boat, if you're confused, read up on non-repudiation and digital signatures.
@@ArminFPV awesome glad you found it. Hope you do well on your test!
@@wrenh5046 Passed today :) Thank you Vincent for all of your videos, used a ton during my studies
@@ArminFPV congrats! Taking mine on Monday :)
Is the reason why they are supposed to be trojans possibly because in both scenarios we would be sending a REAL actual functional document (to not tip the victims off that anything was up) that is modified w/embedded malicious code (invisibly to the user).. so the attachments are made to appear & feel like something good/benign that the user wanted/expected/needed.. and by that definition our "virus" would actually be labelled/categorized as a trojan-horse? Clicking on them would bring up a document. In contrast, if they ran them & NOTHING happened - no doc popped up on the screen (but they would get infected), then that would be called a virus? Is that what's going on here???
That is... possible
To be a virus means it must create copies of itself. To be a trojan means some invisible malicious code (a payload, NOT a virus) is embedded in some document/program that otherwise functions. In both of these cases, we're sending a document with a malicious payload embedded, so ezpz there you go
so, do you think CompTIA's eLearning is worth it? It seems ridiculously expensive.
I suppose it depends on your budget. Students get a discount. I will say it's the most comprehensive and accurate resource I've tried, but you can also definitely pass while only studying other resources.
CompTIA is nowhere near as expensive as some certs. There are also discounts etc (Professor Messer's website offers a small discount code for test vouchers for example). But yeah, considering certs could land you a job they basically pay for themselves.
Please what website did you get these questions
CompTIA.org
Who can honestly say they've met a bob or alice smart enough to use encryption without IT sitting at their deskside waiting to hold their hand?
What a bunch of hair splitting nonsense? Your answers were absolutely correct. Their answers were correct. There is always more that one way to attack a system. This makes me nervous for this test
Don't be nervous. You definitely have to read between the lines on these questions, but if you do your due diligence and study up, you should be able to pass :)
So, when it comes to phishing and SPEAR phishing, it's not "splitting hairs", as you describe it. The 2 are very different. Not to insult your intelligence or anything.
Touche
I think what he meant is in the context of the question it is a bit of splitting hairs. The question doesn't explicitly state if the attacker has a lot of information about the individual victims or if they are an unknown factor. Either answer seems technically correct to the question. I guess you really have to assume if it's not mentioned in the question, it's not something the attacker has. That's especially confusing though because you have to assume the attacker has the victims emails to get it correct.
Most of all their answers are common sense
Pbq are designed to filter out noobs
LOL hmmm they do seem to get some people really riled up. Mine were not that difficult, but I have no way of knowing if I got them right or not since we can't review questions from the exam :o
I thought your logic made sense. This is most poorly written question I think I've seen of these. I just don't see how it's reasonable to put questions like these on tests that you have to pay hundreds of dollars to take