studying for 701 and even though some of these pbqs might not be on the 701 since there all 601, it’s definitely still nice to go over concepts i don’t fully understand and maybe it would help me with questions and filtering answers. thank you
I really hate these types of questions. So easy to go a few other routes that seem to make sense in the scenario, but then sometimes their justifications include information that was never given to us in the first place. Let alone the fact that you will never be doing these things all on your own or without being able to research. It's just a bit over the top. But then again it's their game so you either learn to play or don't play at all.
The explanation at 17:45 mentions a real-world case study; Professor Messer went into a lot of detail about the Target and Capital One attacks, so maybe check those out? Vincent Humble got a 4 or 5 on this. I think some of these are just luck.
@cyberkaft you say to focus on the questions themselves yet for the delivery method you focused on the imagery. There, I was convinced the best choice for both would be Appliciation vulnerabilities since in both cases there's an issue with application patch vulnerabilities. Also in scenario 1, given that the malicious actor intends on exploit WFH I was convinced that the best payload option would be RAT or spyware. I was wrong obviously but hard to wrap my head around it. it still seems to me that you read much more into it than I did (I don't even get where you came up with the keylogger) when I was inferring less and pulling from the literal information given
Yeah, I don't see how you pull intellectual property with just a keylogger when it mentioned MFA is set up, the answer even admits that it would only work if you can figure a way to get around the MFA, seriously? RAT alone would allow for data extraction from the device and a keylogger for anything else. A keylogger alone would be detected just as fast as a RAT so there is no benefit of using it with zero way to exfiltrate IP. Spear phishing in the second question makes little sense either. Either it is the best way to have someone open a malicious file or it isn't, if it was then the first question would also be spear phishing because why not? Spear Phishing is always better if you can gather the information to do it, neither scenario shows you have a method to do it though.
For the first question, I think the reason that they mention Microsoft Office 365 having security misconfigurations is that they do not have a DLP(Data Loss Prevention) settings configured to block the malicious email or prevent data exfiltration.
I think the email icon could symbolize as well a network packet going over the web. Possibly spear phishing for the second scenario for the purpose of extorting financial gain from those with access to the funds. It's like hitting the restaurant manager to open their safe instead of wasting time on the employees.
I am concerned with the amount of time it might take to answer these multi-answer PBQs. Does the actual exam consider this 1 question and therefore I only have 1 minute to answer or it is more like 8 questions and I can take longer to go through the variables?
I recommend just skipping the PBQs at the beginning of the test and do the multiple choice first. You get 90 minutes total for the whole test so you should wait until the end to do PBQs because they take longer. Each question does not have a set amount of time.
@jfpasky I agree on doing the PBQs last. I took Net+ exam a few months ago and the PBQs really threw me for a loop (failed the exam btw). CompTia's own practice exam didn't come close to what was on the real exam. All new scenarios that were never touched on in their study material. Then again I only had access to their practice exam and the quiz modules (which is a terrible way of teaching). But yeah save them for last bc you'll spend way more time trying to parse everything out and when you're through the PBQs you have less than an hour to get through at least 85 more questions.
![Eminem - Fuel (feat. JID) [Official Lyric Video]](http://i.ytimg.com/vi/t5H_CewqpKA/mqdefault.jpg)
Thank you. These are the kinds of questions that drive me nuts. I don't feel that I ever really learn anything. Just more questions.
I just got back from passing my Sec+ exam. Thanks for doing these! They really helped me with my PBQ’s and the thought process to answer them.
Congratulations on passing your exam!
studying for 701 and even though some of these pbqs might not be on the 701 since there all 601, it’s definitely still nice to go over concepts i don’t fully understand and maybe it would help me with questions and filtering answers. thank you
I think that O365 being mentioned in the first question means that there's nothing blocking malicious email (O365=Exchange/Email/Outlook)
I think the important distinction is O365 *security misconfigurations* here which would imply a weak spam/phishing protection in my mind.
I really hate these types of questions. So easy to go a few other routes that seem to make sense in the scenario, but then sometimes their justifications include information that was never given to us in the first place. Let alone the fact that you will never be doing these things all on your own or without being able to research. It's just a bit over the top. But then again it's their game so you either learn to play or don't play at all.
As a cyber analyst with 10+ years of experience, I would fail this questions big time..
Some of these pbqs are so open ended.. It just seems pretty unreasonable to only have one right answer in some of these cases...
Thank you for putting out good content
The explanation at 17:45 mentions a real-world case study; Professor Messer went into a lot of detail about the Target and Capital One attacks, so maybe check those out? Vincent Humble got a 4 or 5 on this. I think some of these are just luck.
Luv yr labs, yr explainations ar awesome, u xplain everything, gives me insute to real life situations😊 tx
Why do u type like that
Thank was tricky! 🤔
Yes, it was! This question does not make sense!
@cyberkaft you say to focus on the questions themselves yet for the delivery method you focused on the imagery. There, I was convinced the best choice for both would be Appliciation vulnerabilities since in both cases there's an issue with application patch vulnerabilities. Also in scenario 1, given that the malicious actor intends on exploit WFH I was convinced that the best payload option would be RAT or spyware. I was wrong obviously but hard to wrap my head around it. it still seems to me that you read much more into it than I did (I don't even get where you came up with the keylogger) when I was inferring less and pulling from the literal information given
Yeah, I don't see how you pull intellectual property with just a keylogger when it mentioned MFA is set up, the answer even admits that it would only work if you can figure a way to get around the MFA, seriously? RAT alone would allow for data extraction from the device and a keylogger for anything else. A keylogger alone would be detected just as fast as a RAT so there is no benefit of using it with zero way to exfiltrate IP.
Spear phishing in the second question makes little sense either. Either it is the best way to have someone open a malicious file or it isn't, if it was then the first question would also be spear phishing because why not? Spear Phishing is always better if you can gather the information to do it, neither scenario shows you have a method to do it though.
For the first question, I think the reason that they mention Microsoft Office 365 having security misconfigurations is that they do not have a DLP(Data Loss Prevention) settings configured to block the malicious email or prevent data exfiltration.
I think the email icon could symbolize as well a network packet going over the web. Possibly spear phishing for the second scenario for the purpose of extorting financial gain from those with access to the funds. It's like hitting the restaurant manager to open their safe instead of wasting time on the employees.
good content , anyone passed sec+ and had these exact pbqs on test ???
I am concerned with the amount of time it might take to answer these multi-answer PBQs. Does the actual exam consider this 1 question and therefore I only have 1 minute to answer or it is more like 8 questions and I can take longer to go through the variables?
I recommend just skipping the PBQs at the beginning of the test and do the multiple choice first. You get 90 minutes total for the whole test so you should wait until the end to do PBQs because they take longer. Each question does not have a set amount of time.
Moreover, you might get 3 or four of those
@jfpasky I agree on doing the PBQs last. I took Net+ exam a few months ago and the PBQs really threw me for a loop (failed the exam btw). CompTia's own practice exam didn't come close to what was on the real exam. All new scenarios that were never touched on in their study material. Then again I only had access to their practice exam and the quiz modules (which is a terrible way of teaching). But yeah save them for last bc you'll spend way more time trying to parse everything out and when you're through the PBQs you have less than an hour to get through at least 85 more questions.
What a question 😂😂
🧂😄
Jk man loving the channel and your content keep doing what you do!
Hope they've scrapped this question by now. It's set up horribly.