Hello, CINners

Am thrilled to share with you that I have finally passed my compTIA tech + exam

Back in early December, I managed to take down O365 email and Teams messaging for my entire organization for 3 days. Anyone who sent an email or Teams message with an attachment would immediately have it quarantined without recourse as "High confidence phish." I didn't realize it was me until a bunch of people from the Microsoft 365 security team sent me LinkedIn requests - and one of them let me know.

So what happened?

I was going down the machine learning rabbit hole while building out a new program for Data Analysis and AI that maps to all of the content on the DataX certification. As a software developer, that meant I was playing with Tensorflow, Keras, Scikit-learn, and so on - and since I have one of those Snapdragon Copilot+ PCs, I was playing with ONNX + QNN for the purposes of automating the creation of my 1-on-1 progress report I have to do each month for my boss. It had full access to my O365/Teams/SharePoint/OneDrive, but all models (mostly quantized) were run locally to ensure that no sensitive data was copied elsewhere.

A bit of automation to comb through my previous month's emails, Teams messages, and key files to fill in a form with my vernacular seemed harmless to me, but freaked out Microsoft Sentinel on the O365 side as it wasn't used to that type of searching/activity.

But it ended well - our IT team got a good chaos engineering exercise, I got my 1-on-1 progress report finished, and others in my organization are now more paranoid about AI in general.

I'm looking forward to generating my 1-on-1 report again next week

Attack on the Committee on Foreign Investment in the U.S. was part of the recent Treasury Department breach.

They love agitating the U.S.!!!!

I'm helping a client develop some training materials for the Tech+ course, so I took and passed the exam to see what the questions would be like.

I only had 60 questions, with no PBQs. It was the shortest CompTIA certification exam I've taken in 25 years. Mostly, it consisted of understanding the vocabulary terms and being able to pick information from an example. In my opinion, it was much easier than the previous IT Fundamentals+ certification that preceded it.

It provides the learning with very basic digital literacy but the exam is very surface-oriented. It does not go deep on any topic at all.

Are VLANs covered in any of the Cybersecurity-based CompTIA courses?
If so, which one(s)?

I frequently use tools like ffuf to illustrate fuzzing to my students.

Using the following command, for instance:

bash
┌──(kali㉿localhost)-[~]└─$ffuf -w wordlist.txt -u http://mydomaintarget.org/FUZZ

Files like backup.sql, graphql.txt, config.json, and other possibly sensitive files may be discovered in this way.

To confirm their presence, we employ:
┌──(kali㉿localhost)-[~]└─$curl -I http://mydomaintarget.org/backup.sql on mydomaintarget.org

The server replies with an HTTP 200 status if the file is present. When we try to download the file, though: backup.sql using

bash
┌──(kali㉿localhost)-[~]└─$curl -o http://mydomaintarget.org/backup.sql on mydomaintarget.org

The output is a JavaScript obfuscated code rather than the anticipated content.
Are there any explainations to such behavior?

The dark web is a flourishing economic juggernaut - the world’s third-largest economy!!!
Yeah, the world's third largest!!!!

To shield businesses, and public organizations alike, from trouble, defenders must familiarize
themselves with the people, commodities, services and transactions that shape it.

No use in burying your head in the ground, cause these rats ain't goin' away!!! So, watcha
gonna do? Who you gonna call????

Hello CINners,

Got a question for you: Is a Zero Day "a vulnerability" or "an attack"?



Looking forward to hearing from you!

Although zero trust architecture is frequently hailed as the cybersecurity of the future, can most organizations actually implement it?

Do you want to be cyber crooks at their own game?

Do you know what tools you need to guard your hen house - some are larger than
others, and require a different set of tools

I'm still prepping for my journey to the Dark Web!

The dark web isn't just a shadowy corner of the Internet!! It's a THRIVING marketplace
that's driving cybercrime on a massive scale.

Threat actors, armed with advanced AI, and ever-evolving tactics, are pushing businesses,
as well as public institutions, to their limits! Well! Well! Well! The bad guys are not only
using AI, but advanced AI!!!

Do you know:
- who the key players on the dark web
- the key marketplaces on the dark web
- how AI is boosting cybercriminal tactics
- strategies for monitoring dark web threats
- strategies for mitigating - yeah mitigating, cause you ain't gonna prevent - dark web threats
- the importance of threat intelligence for cybersecurity

What are you doing to ensure that cyber crooks don't get ahead of you - or is too late,
they're already way out in front!!!

Non-volatile memory express (NVMe) -
A communications protocol developed specifically for all-flash storage,

NVMe enables faster performance and greater density compared to legacy protocols.
It’s geared for enterprise workloads that require top performance.


Is NVME covered in any CompTIA course? Is so, which one(s)?


Thanks CINners!

CompTIA bolsters penetration testing certification​

Very nice article published on networkworld.com. Very timely as well!!!

I recently gave my A+ students a project in which they act as support technicians and must solve a list of common issues like a printer not connecting, faded print, a system running slow, or intermittent shutdown of PC.

Do you reinforce A+ with mini-projects? Which ones work best for you?

Can BYOD policies be compatible with good cybersecurity? It depends!!!!!
Oh, my bad: BYOD (Bring Yo Own Device)

The rise of remote work has brought a flood of BYO-devices, whether they’re
company-approved or just sneak in.

The question is: should IT and security pros embrace BYOD or try to ban it?

The answer depends on a wide range of factors!! One thing is for certain,
whichever policy you choose, you must be able to enforce it. The inmates
MUST NOT be allowed to run the place of confinement!!!

As data professionals, we often deal with massive datasets and complex models.
Occam's Razor: The simplest explanation is often the best.

In data analysis and decision-making this means:

• Simpler Models: A straightforward model that's easy to interpret often performs just as well as (or better than) an overly complex one.
• Data Cleaning: Removing unnecessary variables can uncover clearer insights and reduce noise.
• Decision-Making: Avoid over complicating processes by focusing on essential, actionable data.

Consider that you are analyzing network traffic for potential anomalies. A basic pattern recognition model may be more effective and efficient than a complex, resource-heavy AI system, especially when speed and clarity are crucial.

How do you apply Occam's Razor in your approach to data modeling, or analysis?

Given a dataset, how do you determine which statistical method or concept to apply?
Which factors influence your choice of technique?

According to one source, ransomware attacks are the MOST common attack type, targeting
businesses - 21% of total cyberattacks are caused by ransomware.

Do you agree, or disagree??

Zero Trust Fundamentals:
- effective against insider threats
- effective against lateral movement
- effective against cloud vulnerabilities

Zero Trust Key Components
- identity verification
- continuous monitoring
- network segmentation



How does a company go about assessing is current security posture?


What are some of the ways to go about securing endpoints?

Passkeys? Is this covered in any Cybersecurity-focused CompTIA course?
If so, which one(s)?


A passkey is a sort of digital identification, that's interlocked to any individual's account, on a given
app or website. That may sound a little like a password, but not quite - there's an important distinction.
Passkeys are bilateral authentication, that have two separate components: a private key, and a public key.
The private key is stored locally on the user's device (computer, phone, etc.). When logging in with a
passkey, the public and private key pair give a user access to his/her account.

Here's where is gets good: Passkeys are more secure than traditional passwords!!!

Passkeys are more secure because they are never stored on any server, and instead reside as an encrypted
key on the user's personal device. And, like passwords, they can be paired to biometrics, like facial recognition
or fingerprint authentication, to initiate the login process. Even if a hacker got were able to get an individual's
device, they’d need the biometrics associated with that individual, to access any accounts, which is significantly
harder than brute forcing a poor-quality traditional password - you know, like "Password1234".

A passkey is a locally stored, system-generated cryptographic key.

Passkeys are completely unique. Almost sounds like a hash!

Passkeys are infinitely more difficult for nefarious actors to exploit.

This is a biggie: Passkeys are phishing-resistant!!!!!!!
Again, what's the #1 attack vector? Ah, you remembered: PHISHING!!!!

Don't I have anything to say about passwords? Yes - passwords are susceptible to breaches and hacks :-(



The END!

Threat intelligence is essential if IT professionals want to stay a step ahead of bad actors.

Threat Intelligence: Is this covered in any of the CompTIA cybersecurity-related courses?

When writing an article for CEUs, where is the article submitted to receive the necessary credit?


Thank you!

One of the requirements for attaining CEUs for mentoring is to submit a
signed document from the mentee, that the mentor dates and times are
valid.

Question: Where is this document obtained?



Thank you.

Cybersecurity - in which CompTIA course is this term defined ?????

What challenges do you face when teaching CompTIA Courses, and how do you tackle them?

Many things can prevent our students from completing their goals, including:
• Fear: Fear of failure can paralyze them, while fear of success can lead to self-sabotage.
• Lack of clarity: They might not know what they want to achieve or why they're doing it.
• Procrastination: Putting off their goal or waiting to take action.
• Lack of support: They might not have the support they need to achieve their goals.
• Negative thoughts: Doubting their abilities. Negative emotions like fear of criticism.
• Not prioritizing it: Not prioritizing their goal in their schedule.
• Underestimating the difficulty: Not realizing how hard it will be to achieve their goal.
• Giving up too soon. Quitting. Giving up before they see results.
• Not anticipating problems: They might not plan or anticipate their challenges.
• Focusing on the reward: They might focus on getting a reward instead of putting in the effort.
As instructors, we must help students overcome these obstacles and complete their goals.