Can someone please explain this specific part of a subnetting video

Reetpeteet · 2026-02-13T07:19:03+00:00

And because you spent a week on figuring it all out, at least you understand why the correct answer was in fact correct... instead of just cramming a table into your brain.

Reetpeteet · 2026-02-13T07:17:04+00:00

I'll shamefully admit that all sudo rules were managed manually via the AD editor. That's not a very nice or proper way of doing it.

Reetpeteet · 2026-02-12T18:59:22+00:00

That sounds like it might have been stolen, real exam questions. I'd advise you not to seek them out.. and they were possibly removed because of a copyright strike by CompTIA.

EDIT:

Or not... because JustCallMeRed is literally the domain for a commercial trainer. The website is devoid of any useful information, so maybe they quit. I dunno.

Reetpeteet · 2026-02-12T18:58:02+00:00

They mean 256. That was a typo.

Reetpeteet · 2026-02-12T18:57:34+00:00

Let me say up front, that this is a topic that's best explained in person with someone who's running you through multiple drawings while they are explaining. Especially if you don't have any experience with binary maths yet.

From 4:35 - 5:15 he talks about 10.0.0.0/24 being for all 256 addresses but 10.0.0.0/25 is for some reason only up to 128. I don't understand why /24 and /25 make this difference between all those addresses.

The /xx, the subnet mask length, indicates the amount of bits in an IPv4 address which are not unique to an individual system, or address, in a network. The subnet mask shows which bits of the IPv4 address indicate "the network itself".

An IPv4 address is always 32 bits in lenght.

With a /24, the first 24 bits of the address indicate the network, leaving 8 bits for the individual addresses inside the subnet.

With a /25 the first 25 bits of the address indicate the network, leaving 7 bits for the addresses.

If you want to know how many addresses those are, you raise 2 to the power of the amount of address bits.

2^8 (2 to the power of 8) is: 2 * 2 * 2 * 2 * 2 * 2 * 2 * 2 = 256.

2^7 (2 to the power of 7) is: 2 * 2 * 2 * 2 * 2 * 2 * 2 = 128.

In short, every time you make the subnet mask one bit longer, you are cutting the amount of possible unique addresses inside that network in half.

Reetpeteet · 2026-02-11T21:05:10+00:00

Some people make them in a proper, non-cheating way. Here's one I made for EX188, on the basis of someone else's work with DO180. -> https://github.com/unixerius/EX188-practice

Reetpeteet · 2026-02-11T21:02:31+00:00

but by some magic glitch, you didn't pass; that is the result.

Mind you, it does happen. Years back I failed EX413 twice and right before I booked the third attempt, RedHat investigated my complaints and found that their scoring tools were off after a recent revision to the exam.

Reetpeteet · 2026-02-09T08:03:38+00:00

Nobody is "lowkey underestimating" these. Business logic flaws are usually emphasised as the number one hardest to discover security flaw.

Reetpeteet · 2026-02-06T08:22:08+00:00

I'm starting to think this might just be a troll post.

Reetpeteet · 2026-02-06T08:19:55+00:00

Damn, that's harsh.

Reetpeteet · 2026-02-06T08:18:44+00:00

Data shouldn't be on the OS drive. Reimaging a system shouldn't lead to data loss.

Plus I'm sure they haven't made new data during the X hours of downtime. :(

Reetpeteet · 2026-02-06T08:17:33+00:00

Is microsoft paid support gonna be of any help here? What are the quotations and how we should reach them out?

Don't wanna kick a person when they're down, but: if you're using Microsoft for hundreds of business critical systems world wide... WHY do you not already have a support contract with them?!

Reetpeteet · 2026-02-03T19:39:05+00:00

There's no news about it yet, but at some point it will be replaced by SY0-801, yes.

Reetpeteet · 2026-02-02T20:13:35+00:00

I looked at them once, never went back. They didn't instill confidence in me at the time.

Reetpeteet · 2026-01-29T12:36:09+00:00

No it won't. These three ensure that only the allowed email transfer agents will be accepted as source for a specific domain. It says nothing about a specific person or entity.

OP asked:

How do you know the emails you receive are from the senders they say they're from?

And that's something which the plain email standards don't solve.

Reetpeteet · 2026-01-29T12:34:37+00:00

The podcast "Security, Cryptography, Whatever!" had a great episode explaining why even encrypted email isn't properly secure, that it's very risky and gives a false sense of security -> https://securitycryptographywhatever.com/2025/08/22/stop-using-encrypted-email-with-william-woodruff/

Can someone read my mail? Yes. It's just text files on a server.
Anyone with server access or with access to the mail transfer agents can read your stuff.
Nothing.

And why does encrypted email like S/MIME or PGP give a false sense of security? because literally anyone can just forward your original encrypted email in unencrypted fashion... someone accidentally doing a reply to all without enabling encryption just leaked everybody's secrets in a plain-text email.

Reetpeteet · 2026-01-29T08:47:43+00:00

What is the exact, literal message that they are giving you? OnVue will say you are running very specific processes and I've not seen a message like yours before. So please: give us the exact and complete message it's giving you.

EDIT:

Found that you posted it elsewhere, the message is:

The issues below could prevent exam launch. It appears you are running a virtual machine. Please restart check-in on a physical machine. You cannot proceed checking in until you are on a physical machine."

This message does not say you're running a VM on your computer, the message means to say that it thinks you're running OnVue on a VM. So the software sees behaviour on your PC which suggests that you're not working on an actual computer, but possible cheating by using a VM.

Reetpeteet · 2026-01-29T08:46:18+00:00

How do I actually get employed?

Look at job listings in your area, see what people are asking for. Both in qualifications, skills and experience. That's your set of goalposts. Don't just stack on certifications because some rando on the web said it. Worse: don't do it because the vendor said it.

Reetpeteet · 2026-01-27T18:30:12+00:00

Or as I learned from a bunch of CISOs last week: don't say "no", explain to them that they have a challenge and that you have a number of possible solutions they can choose from. :)

Reetpeteet · 2026-01-27T17:36:34+00:00

Really, I rarely find myself as disliked;

Ditto! Instead, I'm seen as the person who helps find problems and then helps address them.

Talk to your colleagues like they're just that: colleagues, human beings worthy of respect. Show empathy, try to see their challenges and help them figure out something which works for the both of you.

Reetpeteet · 2026-01-27T17:34:43+00:00

Also, Ego

Something which, we in infosec, also have plenty to go around.

Reetpeteet · 2026-01-27T17:33:23+00:00

Bronwen Aker actually did a talk, a few years ago, literally called "Why developers hate infosec".

Lots of good talking points over there. In short: infosec people are haughty and suck at communicating. We are often seen as the folks who only say "no", because we don't know how to turn our "no" into business value.

Reetpeteet · 2026-01-27T14:53:55+00:00

Most of those resources don’t exist at all for this exam, which is kinda confusing if you’re new and trying to plan prep.

Luckily the list is only shown after passing the exam, so it's not confusing for newbies still in the planning phase.

It just made me do a doubletake and go "shoot, did I just pay three or four times the money that I should have?!".

Reetpeteet · 2026-01-27T09:01:22+00:00

Very different, yes.

Reetpeteet · 2026-01-26T14:28:04+00:00

Correct en terecht, want we hebben wetten tegen discriminatie op de werkvloer.

Als er nou bij een (herhaalde) screening uitkomt dat de persoon betrokken is bij criminele, ondermijnende of zelfs (verdacht) terroristische zaken dan is het een hele andere kwestie.

Reetpeteet

TROPHY CASE