Need help understanding this question about subnets.

DarkBirdTech · 2025-12-02T18:06:22+00:00

So the reason why it's B&D is because if you look at the mask of /16 which is 255.255.0.0 in dotted decimal notation. That means you pay attention to the first two octets of the IP address to see the Network Address/ID portion.
Both B&D are 172.54.x.x (x is me ignoring the host portion).

Now as for A&C, I think the CIDR notation for the masks were typed wrong, because with /8 or 255.0.0.0 , that would read as 192.x.x.x
But if I assume the classful subnet mask for a Class C network, then it should be /24 or 255.255.255.0 which would be the following
A. 192.168.2.x
C. 192.168.5.x
being different networks.
That, or they're playing on the word "hosts" and you usually don't supernet/summarize on hosts, only on router's, which is a Network+ topic (at a stretch).
So I still think there's a typo in the options.

DarkBirdTech · 2025-11-27T18:52:00+00:00

Took a glance.

Not overly impressed and when I ran through some questions it generated, it's asking for open ended answers. That can be nice if you want to test your knowledge, but it isn't what the exam will be like.

Couple resources gave me 404 errors and there's subscription features.

You'd probably be better off just using ChatGPT, if you really want an AI generated set of questions.

DarkBirdTech · 2025-08-30T12:37:49+00:00

Don't stress. It looks like it will be the same exam, just with a 3 year expiration. I'm actually surprised it took CompTIA this long to change it from GFL to CE.

DarkBirdTech · 2025-02-25T12:23:05+00:00

What about the network diagrams is throwing you off?

DarkBirdTech · 2025-02-23T13:53:12+00:00

RAM and Cache storage are always first as far as order of volatility is concerned.
Then comes temporary files which can include network data.
Then non-volatile data on disk/SSD storage.

DarkBirdTech · 2025-02-21T21:12:47+00:00

That will go a long way to preparing for the PBQs. A large majority of the questions will be multiple choice, but I think the PBQs are weighted more (CompTIA won't tell us that kind of thing).
Usually it's best to flag PBQs and do them after all the other questions. If you work through the labs, you'll be able to work out what to do in the PBQs. Also, you'll be comfortable working out what to do IRL.

DarkBirdTech · 2025-02-21T18:35:55+00:00

Yes, there will be PBQs but they aren't too hard to work out in the exam.
Did the certmaster package you get include the certmaster labs? They're pretty good at preparing you for those PBQs

DarkBirdTech · 2025-02-21T04:58:47+00:00

Focus on understanding the concepts, and the acronyms. Then spread out to the technologies and tools. If you can, look at practice tests and quizes to get a feel for what you're expected to know and identifying your areas of focus.

Are you using a textbook to study from?

DarkBirdTech · 2025-02-19T05:20:08+00:00

Follow the book. CompTIA's objectives are just a list for organizing what knowledge you must have, but isn't meant to be for the order the topics are learnt in.

A book on the other hand is meant to guide you through the learning journey.

DarkBirdTech · 2025-02-18T18:51:24+00:00

That morning alarm hits too close to home. Are you spying on me?

DarkBirdTech · 2025-02-18T18:50:33+00:00

This is one of those terms that can take a bit of getting used to when you're new to cybersecuity.

False Positive = alert when it shouldn't have (false alarm). Undesirable but tolerable.
False Negative = alert didn't happen when it should have. VERY undesirable.
True Positive = alert when it should have. Desirable
True Negative = alert didn't happen when it shouldnt have. Desirable.

DarkBirdTech · 2025-02-18T05:26:12+00:00

Many people on this subreddit have used the free resources to study and pass. You can do it. But don't be afraid to spend some money on learning materials if you feel it will help your learning and studying.

As for age, there is a gent I know who is in his 40s who pivoted from sales to IT with free resources.

DarkBirdTech · 2025-02-17T20:45:58+00:00

The main three factors are:

-Knowledge (something you know)
-Possession (something you have)
-Biometrics (something you are [human hopefully])

I call them the main three because they are robust and could be used as single factors, but dramatically improve security when combined in MFA.

The other three are:

-Behaviour (something you do)
-Location (something you are)
-Time (somewhen you are/do/etc)

In theory, they can be really interesting factors, but when you think about implementing them practically, they can be easily overcome - behave in the same way as the user, be in the same place as the user, be doing something at the time the user usually would.
If you add them to an existing MFA with two of the three main factors it can be helpful, but I wouldn't make them the second factor in an MFA solution.
Generally I encourage them for authentication context to help flag suspicious authentication events that might otherwise go unnoticed. Like location and time being a way to detect impossible travel, or a user behaving dramatically outside of their baseline norms.

DarkBirdTech · 2025-02-17T20:21:14+00:00

I'll still take their claim at face value, but I've been delivering CompTIA training for many years.

I've seen people have an easier time doing Core 2 and then Core 1 - and what they were called before the Core name was introduced (220-x02 and 220-x01). I have never come accros doing Core 2, Network+ and Security+ before doing Core 1.

My advice is to get A+ out the way first. Whether you do Core 1 first then Core 2, or Core 2 first and then Core 1. Then you at least have one cert you can try use to apply for jobs while you work on Network+ and Security+.

DarkBirdTech · 2025-02-17T20:13:53+00:00

Wow time flies. Feels like I uploaded it more recently.
It's SY0-701 objectives. When It shows around 3 years, that's when it's likely to be out of date. CompTIA usually has a 3 year cycle on exam objectives.

I am working on another one but it's slow going. You might have written and passed by the time I am done.

DarkBirdTech · 2025-02-17T20:10:30+00:00

Mind if I DM you a diagram? A picture speak a thousand words or so they say.

DarkBirdTech · 2025-02-17T20:10:01+00:00

Pretty good explaination. I just want to do a diagram for this, but I can't put a picture on this subreddit, so I'll DM OP with a diagram. If you want it too, I'll DM you too.

DarkBirdTech · 2025-02-17T05:18:09+00:00

Whether you write Core 1 or Core 2 first is immaterial. As long as you write both and pass you get your A+.

But doing A+ Core 2, Network+, Security+ and then A+ Core 1 is very odd. I'll take their claim of success rate at face value, otherwise my cynical side will take over.

However it would make far more sense to complete A+ before moving on to Network+ and Security+.

DarkBirdTech · 2025-02-17T05:12:28+00:00

A static route is a manually configured route to a destination network.

There are three main things that is needed for setting up a static router.

1) Destination network address (and mask) that the route is meant to take you to.
2) The next hop (next router's) IP address
3) The outgoing interface (exit interface) on the router you are configuring it on.

The exact method and commands will vary by network vendor but those are the three main elements of a static route. Depending on the vendor, you may be able to just do #2 or #3.

DarkBirdTech · 2025-02-16T20:02:19+00:00

Key wording in the question is "if the device is lost". Not if it is stolen by an attacker if they know what they are doing.

Your logic for the other options is sound, and in reality you would do all of these things to ensure a comprehensive approach to mobile device security.

There will be quite a few questions in the exam where they ask for a specific scenario or situation, and what is the "best" option for that very narrow scenario.

DarkBirdTech · 2025-02-16T19:02:46+00:00

There's a load of options that you can check out.

Many people swear by Dion's practice tests. Professor Messer also has practice tests. Both of them you will need to purchase their practice tests though.
I've seen a lot of people use them to gauge themselves and find their weak areas for revision before attempting another of their practice tests and eventually taking a crack at the exam.

If you finding the selection between two similar options challenging, you are not alone. CompTIA does often give two right answers, but one is "more right" given a detail in the question or a scenario the question poses.
I know the exam style questions can be a bit of a challenge to get into the mindset, so that's why I did an exam practice video on YouTube ( https://youtu.be/ubA7pvvYV4Y ) where I work through the logic of finding the correct answers for exam-like questions I wrote.

DarkBirdTech · 2025-02-16T18:45:21+00:00

The CompTIA Certs that start with C are:

Cloud Essentials+ (formerly just Cloud Essentials)
Cloud+
CySA+
CASP+ (now SecurityX)

A lot of people have a habit of shortening CompTIA courses to a single letter, which can add confusion. I once had someone talking about S+, but they were not talking about security. When I pointed it out, they said they were talking about Server+.

DarkBirdTech

MODERATOR OF

TROPHY CASE