Control Categories (Operational vs Managerial)

I noticed a lot of discussion about how Comptia determines the differences between Managerial and Operational Controls?
On example is Awareness Programs (Training) because depending on the author, some categorize them as Managerial while others consider it as an Operational Control.
What are your thoughts? and what are your recommendations on how to better explain this to students (and even to explain them why testout content differs from most internet sources)?

(ICS)2 Certified Cybersecurity

I know that ICS2 and CompTIA are competitors in the certification space. However as a teacher in the high schools space I am always looking for low cost and free resources to help my students start in the field. I have come across the (ICS)2 One million certified in Cyber promotion they are doing.

I ran though there free training material in a few hours and am trying it out on some of my students to see what they think of it. It seems to be a base level of “very” basic knowledge of Cybersecurity. I wanted to know what other thoughts on it are if any.

I am still going to keep my main certifications with CompTIA and Cisco for my class but do people think if the material is easier to understand for the students would you use it with your classes (High school students).


This is something that I wish CompTIA would jump on, a basic Cybersecurity certification that is not geared to technical. That both non-IT professional and IT starters could take.

PS if anyone has any other material that they want to share would love to know of more. I am always looking for ways my students can do more.

Free VMs with Walk Throughs:

Greetings,
I publish a couple of times a month on the page below. I try to make sure the skills emphasized are aligned with Sec+/PenTest+, but are on level with what one might expect on an exam like the OSCP. I do teach cybersecurity certification classes and I find that labs like these work really well for individuals who want to go beyond the test training, apply what they are learning, and develop notes that are easily referenced when tackling challenges on sites like Hack-the-Box.

Perhaps someone out there will find these labs useful either individually or in the classroom!
https://medium.com/@josh.beck2006

  • Question
CONTENT QUESTION

SINCE THE A+ 2001 CORE1 SCSI HAS BE IN THE IN THE Curriculum and the 220-1101 while it has appeared both the 2001 and 220-1101 as some who also goes out to clients to sort their Desktop PCS I am yet I see one any where in the field once SATA came I am yet a physical with SCSI,

The last question I got book and the objectives covers IDE 40 pin cable. I think back I have had to work on most PCs with Sata , So I dont recall getting a machine to fix with scsi and IDE 40pin,

Can any share where we have these and don't make use of this ? in my filed work with desktops?

thanks
Peter
  • Like
Reactions: James P.

Booked the wrong exam! Security+

I accidently booked one of my students for Security+ SY0-701, but he wanted to write 601 while it's still available.
(And that's the content he's studied for)
We run our PearsonVue test center, so I think there is an option to cancel the order.
But I'm worried that the voucher will not be available again. (or will it be usable again so I can book him for the correct exam?)
Can anyone confirm this?
Thanks!


EDIT: I phoned pearsonvue and they were going to get me a new voucher code. While on the phone, I cancelled the order, and then re-tried to book with the correct exam, and the voucher code worked again! So all is good.

  • Question
CompTIA Exam Discount Codes?

In the past Academic Partners were able to receive discount codes for the CompTIA exams. However, now we cannot get the codes. Trying to figure out why. Any attempt to get answers, well.... there are none. In the previous year, requesting the codes only took a day or two. Now, we have been requesting for weeks and still no resolution. We have numerous students waiting to test and without the discount codes, financially, there is no way for them to test otherwise. Any info would be greatly appreciated.

Do you teach students that encoding is the same as encrypting?

Topic 3A in the 701 course uses "encoding" and "encryption" as synonyms. I think students should understand the difference between the two terms.

I would appreciate knowing what other instructors think about these terms. Does encoding = encryption?

I would also appreciate feedback from a CompTIA SME. What is CompTIA's definition of encoding, and CompTIA's definition of encryption?


My notes on the use of "encoding" in Topic 3A [edited 2/15/2024 to distinguish my opinions from the CompTIA course content]:

The Official CompTIA Security+ Instructor Guide (Exam SY0-701)

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Slide 4

CompTIA content:

"Cryptographic Concepts
Encryption and decryption—encoding and decoding
Plaintext is the unencoded message
Ciphertext is the coded message"

I think this content is misleading, unhelpful, or inaccurate because:
Students need to learn the difference between encoding and encryption. This slide should not confuse encryption and decryption with encoding and decoding. If encoding is mentioned at all, the slide should point out that encoding is not cryptography or encryption.

Lesson 3: Explain Cryptographic Solutions, Topic 3A, Page 38, first paragraph

CompTIA content:

“A cryptographic algorithm is the particular operations performed to encode or decode data.”

I think this content is not accurate because:
Encoding is not the same as encrypting.
Encryption uses a cryptographic key as one of the inputs to a cryptographic algorithm. Encoding does not use a cryptographic algorithm or require the use of a cryptographic key. Geeks for Geeks has an explanation of the difference.
One example of encoding is the use of ASCII codes to represent letters of the alphabet. No cryptographic algorithm or cryptographic key is used.

Page 38, second paragraph:

CompTIA content:

‘Cryptography, which literally means “secret writing,” is the art of making information secure by encoding it. ‘

I think this content is not accurate because:
Cryptography is “transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.” Encryption and hashing can provide this confidentiality or integrity, however encoding does not.
Using ASCII or Morse code are examples of encoding; however they are not examples of cryptography.

Lesson 11: Enhance Application Security Capabilities | Topic 11A, page 317, Question 2

CompTIA content:

“the session key does the actual data encoding”

I think this content is not accurate because:
First, the answer should say “encryption,” not “encoding.”
Second, the key does not do the actual encryption. The encryption algorithm does the encryption, using the key as one of the inputs.

Project+ Success!

When the boss asks me to run a project... No problem!

Sat and passed Project+ yesterday! Woohoo!

CompTIA Project+
is critical for successful project implementation as it equips professionals with essential skills in project management, ensuring effective planning, communication, and risk management throughout the project lifecycle. ?

1000006956.png

Prepping Students for Tech Roles (CompTIA Volley)

Last year I was able to see Brad Chamberlain from Maricopa High School in Arizona present at ACTE CareerTech Vision 2023 in Las Vegas. Brad was part of a panel of presenters talking about instructional delivery methodologies for students. Brad has unique approach to helping students get ready for entering the workforce buy running a student-led business called 24PinTech where students have the opportunity to gain real world expereince troubleshooting and servicing computers.

Earlier this week Brad appeared on CompTIA Volley and talked about his program. I thought I would share the podcast here for anyone show might be interested. Login to view embedded media
Do you offer something similar? Share you comments here.

14 active certifications......for now

At this time, there are 14 recognized active CompTIA certifications:

A+
CASP+
Cloud+
Cloud Essentials+
CySA+
Data+
DataSys+
IT Fundamentals+
Linux+
Network+
PenTest+
Security+
Server+

There are also 12 recognized active CompTIA stackable certifications:

CompTIA IT Operations Specialist
CompTIA Systems Support Specialist
CompTIA Cloud Admin Professional
CompTIA Network Infrastructure Professional
CompTIA Linux Network Professional
CompTIA Secure Infrastructure Specialist
CompTIA Secure Cloud Professional
CompTIA Security Analytics Professional
CompTIA Network Vulnerability Assessment Professional
CompTIA Network Security Professional
CompTIA Security Analytics Expert
CompTIA Secure Infrastructure Expert

CompTIA Technical Trainer (CTT+) is good for life, but has been retired.
New versions of Network+, Cloud+, and PenTest+ will be launching this year.
DataX will be launching this year.

How many of the recognized active CompTIA certifications do you have? How many retired CompTIA certifications do you have?

Networking Concepts in Security+

So, here is a question for those that teach Security+ before Network+. How do you handle networking concepts that are included in Security+ objectives? Do you just cover them as you come across them, or do you offer a basic networking modular component as an add on to Security+? Thanks in advance! Inquiring minds want to know! ?

CompTIA 2024 Partner Pricing

So, this email went out today:

Dear CompTIA Authorized Partner,

CompTIA is committed to providing our Partners with innovative, best-in-class training and the most current, high-quality certification exams. To continue to provide you and your learners with excellent experiences and leading services and solutions, effective February 1, 2024, we are increasing pricing for Authorized Partners.

Updated pricing allows us to improve industry standards, expand our services and solutions, and unlock the potential of even more learners.

A follow-up communication will be sent out on February 1, 2024 to direct to the latest Partner price sheets.

Please connect with your CompTIA business development manager with any questions or submit a help request if you need further assistance.

Thank you for your continued partnership!

Sincerely,
Your CompTIA Authorized Partner Program Team

What does this mean for exam pricing?

Filter