Hello CINners,

Anyone by chance know of the whereabouts of an On-Demand TTT Session for Linux+?

If not, what about access to a CertMaster for Linux+?

I ain't greedy, but I'll take both!!!

Thanks CINners!

STIX/TAXII is a joint global initiative to drive threat intelligence sharing and collaboration among authorities.

STIX and TAXII allow transportation of threat information among IT security and intelligence technologies.

STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Indicator Information) are pioneering standards developed under the Cyber Threat Intelligence Technical Committee, aiming to foster collaboration, standardization, and automation within the field of CTI (Cyber Threat Intelligence).



STIX provides a common syntax so users can describe threats consistently by their motivations, abilities, capabilities, and responses.

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX is open source and free, allowing those interested to contribute and ask questions freely.

STIX is for anyone involved in defending networks or systems against cyber threats, including cyber defenders, cyber threat analysts, malware analysts, security tool vendors, security researchers, threat sharing communities, and more.

STIX is a standardized language that allows for the detailed representation and contextualization of cyber threat information. By providing a structured format, STIX ensures a unified way of describing diverse cyber threat information, thereby facilitating more effective communication, analysis, and application of this information.



Trusted Automated eXchange of Intelligence Information (TAXII) is the format through which threat intelligence data is transmitted.

TAXII is a communication protocol that supports the exchange of cyber threat information, including STIX data, in a secure and automated manner. It outlines how to transport these data, regardless of the method or mechanism, ensuring the safe, reliable, and efficient exchange of information.




Bonus Coverage:

What are the types of Threat Intelligence?
Cyber Threat Intelligence is mainly categorized as strategic, tactical, technical, and operational.




Is either of these - STIX or TAXII - covered in any of the CompTIA courses?????

Anything you want to add to either layer?

Here are some common types of attack vectors:

- Weak or Compromised Access Credentials
- Phishing
- Malware
- Unpatched Software
- Third-party vendors & service providers
- Insider Threats
- Lack of Encryption
- Misconfigurations
- Trust Relationships
- Brute Force
- DDoS Attacks
- SQL Injections
- Cross-site scripting (XSS)
- Man-in-the-Middle (MITM)
- Session Hijacking


Got anymore to add to my list!!

Write Blocker - a forensic tool, to prevent the capture or analysis,
device or workstation, from changing data on a target disk or media.

Anyone ever used this tool?

Hello CINners,

Got a question for you: Is a Zero Day "a vulnerability" or "an attack"?



Looking forward to hearing from you!

Hello CINners,

Is Zero Touch Provisioning covered in any of the CompTIA courses?

Thanks CINners

Just got the Network+ Complementary exam voucher; Thank you @Stephen Schneiter, Thank you CompTIA.

Hi Everyone,

I’m P. Divakaran, an IT instructor with experience teaching hardware and software troubleshooting. I’m planning to earn the CompTIA CTT+ certification to enhance my teaching credentials. I’d appreciate your guidance on:

1. The best resources for studying TK0-201 and preparing for the TK0-202 video submission.
2. Tips for recording and submitting a video for the performance-based exam.
3. Any personal experiences or insights about the exam process, particularly the online proctoring option.

Thank you in advance for your support!

A student reach out to me asking about getting the Sec+ certification. They attempted the Net+ exam and failed (scoring a 518). They asked if they can 'skip' over the Net+ and go straight for the Security +. My response was a resounding no. The student did explain that they've completed their associates degree in IT and they're not working in the profession yet.

I encouraged the student to seek their A+ first. Is it just me, or are students 'jumping the line' for higher certifications. Particularly, without the requisite knowledge, training, or real world experience that aid in learning and progressing.

To the fellow CINers, what's your take on this.

Hello CINners,



The above pic is a partial snapshot of Task Manager, in a Windows 10 environment.

Either that "Search Background Task Host" process, or that "Search" process, is ALWAYS in a "suspended" state.
Anybody got a clue as to why that is?

Also, that "Microsoft Store" process that appears in that same snapshot always cranks up when I boot my machine.
Why does that bad boy kickoff?

As a famous person once asked: Why? Why!? Why?'
Who was that person
Always a time for a little trivia, even when taking care of serious business!!!


Okay CINners, that's all I've got for this episode of "Why Does This Do That?"

Hello CINners,

When we attend TTT events, do we get access to CertMaster
resources to prepare for that particular exam, in addition to
receiving an exam voucher?

Thanks CINners!!!

Hello CINners,

Does anyone know what is responsible for the Microsoft Sharepoint process
to automatically run? Each time I awake my computer from "sleep" mode,
or start from a cold boot, that Microsoft Sharepoint process is going to
appear in the list of processes, on the Processes tab in Task Manager.

Is there something in Windows 10 that requires Microsoft Sharepoint to be
running?

The great news is that I can terminate it, using the "End Task" button in
Task Manager, and it will go away for the duration of my computer running.

That Microsoft Sharepoint process isn't causing any issues - none that I know
of anyway. I'm just trying to lighten the load of my CPU - it's old like I am!!

Thanks CINners!!!

Hello CINners,

Is Phishing covered in any of the CompTIA courses? If that is the case,
that would mean that it's probably also assessed on an exam. If so,
which exam(s)?

Thanks CINners!!!

Hello CINners!

At this time of year, the world is preparing to celebrate Christmas, Hanukkah, Kwanzaa, Diwali, or another celebration.

We would like to know what you are celebrating. What traditions make this time of year special to you? Is there something you look forward to this time of year, a favorite event, activity or food & beverage?

Let's share with the community so we can all celebrate together!

Hello CINners,

Is there much coverage of Private Clouds in any of the CompTIA courses?
I would imagine that if there was, the most coverage would be in the Cloud+
course.

Thanks CINners

Hackers have stolen $12.38 million in cryptocurrency from LastPass users this month, leveraging data from a 2022 breach that compromised sensitive data that included customer vault information, according to crypto investigator ZachXBT. The theft of nearly 150 addresses, with funds quickly converted and moved, highlights the enduring impact of the 2022 breach.

Is this the same LastPass that someone in the CIN community recommended to me when I posted a query about password managers????

Hello everyone,

I am excited to be a part of this forum and would like to introduce myself. My name is Ashief Ahmed, and I have been passionately teaching Cybersecurity courses since 2014. Over the years, I have had the privilege of sharing my knowledge and expertise with students across Canada, teaching at various colleges and universities.

I am a certified instructor with ISC2, ISACA, and PECB, which enables me to deliver a wide range of professional certification courses, including CompTIA, ISC2, and ISACA programs. In addition to my teaching credentials, I hold 58 industry-leading certifications, reflecting my dedication to continuous learning and staying updated in the ever-evolving field of cybersecurity.

If you are interested, you can learn more about my professional background and connect with me through my LinkedIn profile:

LinkedIn - Ashief Ahmed

I am eager to engage in meaningful discussions with training centers and collaborate on initiatives to advance cybersecurity education. I also look forward to sharing my experiences and learning from the wealth of knowledge this community of educators brings to the table.

Let’s connect and grow together!

Best regards,
Ashief Ahmed

CAPP told me to reach out to my account manager but I havent been able to get a hold of him

Hello,

Just started going through the labsim material for Cloud+ and I have noticed a couple of typo errors and errors in some questions. look at the explanation for why Office 365 is wrong in this question for 2.5 Module Quiz. There is no mention of G Suite in the original question.

Big Thanks @Stephen Schneiter! I have received my Tech+ voucher.

Thanks @Stephen Schneiter I have finally received my complimentary Cloud+ voucher.

Hello CINners,

Got a question for the Windows 10 Elite!

When I power-up my computer, or wake it up from sleep mode, I will often times see
a couple (anywhere from 2 to 4) of Firefox processes running in Task Manager. Now,
the processes don't run indefinitely, and no actual browser is opened. However, just
the running of those Firefox processes consumes vital resources (CPU and Memory)
for the duration that they do run.

My question: Why do those Firefox processes launch automatically like that? If you do
know the why, are you able to guide me on how to prevent this from happening?

Remember, this is a question for the Windows 10 Elite, not the petite (i.e. neophytes or
casual users)!!!

Many thanks CINners.