See https://gtia.org/

Thoughts?

Hello CINners,

Are Large Language Models (LLMs) covered in any CompTIA
course(s)? If so, which one(s)?


Thanks CINners

Hello CINners,

Anyone have any suggestions on the mechanics that can be used to
identify compromised SSH keys?

Thanks CINners

40K+? Are you kidding me!!!!!

Is this subject (CVEs) covered in any of the CompTIA courses?

Troubleshooting is discussed in multiple CompTIA certifications. It's covered in Tech+, A+, Network+, and Cloud+ to name a few.

What I'd like to know is why are the steps in the troubleshooting methodology different in each of the certifications. I'm teaching Cloud+ this week and there are ten steps. Tech+ and A+ have six steps. Network+ has seven steps. Shouldn't CompTIA be endorsing a consistent troubleshooting methodology across all their certifications? Isn't it more confusing for the learners to unlearn what they've learned when pursuing a new certification?

Hi All,

My first time on the thread so I hope there's someone out there that can help.

I run a B Corp Social Enterprise called TechForGood, the business is a B2B IT reseller, and we supply IT to socially or environmentally conscious businesses across UK, form SME up to corporates.

As a social enterprise we prioritise social & environmental impact alongside commercial success, and we do this by donating 50% of our profits to good causes. These include offsetting the carbon from every product we sell before point of sale, and we fund a range of social and environmental charities in line with the UN's 17 SDG's.

In 2025 we will be launching the TechForGood Foundation, that will serve as an education platform and will become our new impact model. The Foundation will provide IT skills, training and qualifications to individuals from disadvantaged, disabled and marginalised backgrounds, funded by the commercial activity of techforgood.co.uk along with grant funding we are currently pitching for.

CompTIA will serve as the platform for our education programme, and we will start with entry level courses like the A+ Tech+.

That's where you lovely people come in. I'm keen to speak to any UK based instructors that might be interested in helping us deliver these programmes, both online and in time in person as well.

Any and all comments welcome, and if you'd like to speak to me please email [email protected]

Hi fellow CIN'ers. I thought I'd comment on the fact that I just saw a student pass the A+ Core 1 exam and the logo on his printout has been completely redesigned and I have been asked by students about it. I haven't yet been able to find anything official from CompTIA on this.
The new logo is redesigned and states "CompTIA A+ Certification Plus Series" We are talking about the official score report, not the logo available after finishing Core 1 & 2.

Otherwise everything is the same, but if anyone has information on this I would love to know more if it is just the score report changing or all of the logos.

Happy New Year! I hope you’re all doing well. I’ve been hard at work preparing for the Cloud+ certification, and I’m thrilled to share that I successfully passed the exam this morning! It was quite a challenge—definitely not an easy test. My experience really came into play, and I just managed to scrape by with a passing score.

Now, I’m feeling elated and relieved, and most importantly, I’ve gained valuable experience. I have many exciting projects lined up across various Cloud Service Providers.

I am eagerly waiting for the CloudNetX results. Hoping for a pass too. Thank you CIN for the voucher.

Hello CINners,

Is the PAM (Pluggable Authentication Module) facility covered in the
Linux+ course?


Thanks CINners

Serverless architectures are growing, but are they making APIs more vulnerable to attacks due to the lack of traditional security controls?

Upcoming SME Workshops

CompTIA has a number of upcoming workshops. Whether you've been a SME with us for some time or are thinking about joining as one of our SMEs, we encourage all of you who can to sign up and join us! It's the knowledge and creativity of IT professionals that help us develop and maintain the quality of our certification exams.

We are currently recruiting for the following workshops:

January 13 - 17, 2025: A+ Cut Score Workshop
January 27-31, 2025: +Cyber AI Job Task Analysis Workshop
February 17 - 21, 2025: Cloud+ Item Writing Workshop
March 3 - 7, 2025: Linux+ Cut Score Workshop
March 10- 14, 2025: +Autocode Job Task Analysis Workshop

Hello, is it possible to extend the expiry date for the labsim course given during TTT?

Hello, pls i need CompTIA security+ slides to deliver to learners

Hello, CINners

Am thrilled to share with you that I have finally passed my compTIA tech + exam

Back in early December, I managed to take down O365 email and Teams messaging for my entire organization for 3 days. Anyone who sent an email or Teams message with an attachment would immediately have it quarantined without recourse as "High confidence phish." I didn't realize it was me until a bunch of people from the Microsoft 365 security team sent me LinkedIn requests - and one of them let me know.

So what happened?

I was going down the machine learning rabbit hole while building out a new program for Data Analysis and AI that maps to all of the content on the DataX certification. As a software developer, that meant I was playing with Tensorflow, Keras, Scikit-learn, and so on - and since I have one of those Snapdragon Copilot+ PCs, I was playing with ONNX + QNN for the purposes of automating the creation of my 1-on-1 progress report I have to do each month for my boss. It had full access to my O365/Teams/SharePoint/OneDrive, but all models (mostly quantized) were run locally to ensure that no sensitive data was copied elsewhere.

A bit of automation to comb through my previous month's emails, Teams messages, and key files to fill in a form with my vernacular seemed harmless to me, but freaked out Microsoft Sentinel on the O365 side as it wasn't used to that type of searching/activity.

But it ended well - our IT team got a good chaos engineering exercise, I got my 1-on-1 progress report finished, and others in my organization are now more paranoid about AI in general.

I'm looking forward to generating my 1-on-1 report again next week

Attack on the Committee on Foreign Investment in the U.S. was part of the recent Treasury Department breach.

They love agitating the U.S.!!!!

I'm helping a client develop some training materials for the Tech+ course, so I took and passed the exam to see what the questions would be like.

I only had 60 questions, with no PBQs. It was the shortest CompTIA certification exam I've taken in 25 years. Mostly, it consisted of understanding the vocabulary terms and being able to pick information from an example. In my opinion, it was much easier than the previous IT Fundamentals+ certification that preceded it.

It provides the learning with very basic digital literacy but the exam is very surface-oriented. It does not go deep on any topic at all.

Are VLANs covered in any of the Cybersecurity-based CompTIA courses?
If so, which one(s)?

I frequently use tools like ffuf to illustrate fuzzing to my students.

Using the following command, for instance:

bash
┌──(kali㉿localhost)-[~]└─$ffuf -w wordlist.txt -u http://mydomaintarget.org/FUZZ

Files like backup.sql, graphql.txt, config.json, and other possibly sensitive files may be discovered in this way.

To confirm their presence, we employ:
┌──(kali㉿localhost)-[~]└─$curl -I http://mydomaintarget.org/backup.sql on mydomaintarget.org

The server replies with an HTTP 200 status if the file is present. When we try to download the file, though: backup.sql using

bash
┌──(kali㉿localhost)-[~]└─$curl -o http://mydomaintarget.org/backup.sql on mydomaintarget.org

The output is a JavaScript obfuscated code rather than the anticipated content.
Are there any explainations to such behavior?

The dark web is a flourishing economic juggernaut - the world’s third-largest economy!!!
Yeah, the world's third largest!!!!

To shield businesses, and public organizations alike, from trouble, defenders must familiarize
themselves with the people, commodities, services and transactions that shape it.

No use in burying your head in the ground, cause these rats ain't goin' away!!! So, watcha
gonna do? Who you gonna call????

Hello CINners,

Got a question for you: Is a Zero Day "a vulnerability" or "an attack"?



Looking forward to hearing from you!

Although zero trust architecture is frequently hailed as the cybersecurity of the future, can most organizations actually implement it?

Do you want to be cyber crooks at their own game?

Do you know what tools you need to guard your hen house - some are larger than
others, and require a different set of tools

I'm still prepping for my journey to the Dark Web!

The dark web isn't just a shadowy corner of the Internet!! It's a THRIVING marketplace
that's driving cybercrime on a massive scale.

Threat actors, armed with advanced AI, and ever-evolving tactics, are pushing businesses,
as well as public institutions, to their limits! Well! Well! Well! The bad guys are not only
using AI, but advanced AI!!!

Do you know:
- who the key players on the dark web
- the key marketplaces on the dark web
- how AI is boosting cybercriminal tactics
- strategies for monitoring dark web threats
- strategies for mitigating - yeah mitigating, cause you ain't gonna prevent - dark web threats
- the importance of threat intelligence for cybersecurity

What are you doing to ensure that cyber crooks don't get ahead of you - or is too late,
they're already way out in front!!!

Non-volatile memory express (NVMe) -
A communications protocol developed specifically for all-flash storage,

NVMe enables faster performance and greater density compared to legacy protocols.
It’s geared for enterprise workloads that require top performance.


Is NVME covered in any CompTIA course? Is so, which one(s)?


Thanks CINners!

CompTIA bolsters penetration testing certification​

Very nice article published on networkworld.com. Very timely as well!!!