What is STIX/TAXII ?

STIX/TAXII is a joint global initiative to drive threat intelligence sharing and collaboration among authorities.

STIX and TAXII allow transportation of threat information among IT security and intelligence technologies.

STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Indicator Information) are pioneering standards developed under the Cyber Threat Intelligence Technical Committee, aiming to foster collaboration, standardization, and automation within the field of CTI (Cyber Threat Intelligence).



STIX provides a common syntax so users can describe threats consistently by their motivations, abilities, capabilities, and responses.

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX is open source and free, allowing those interested to contribute and ask questions freely.

STIX is for anyone involved in defending networks or systems against cyber threats, including cyber defenders, cyber threat analysts, malware analysts, security tool vendors, security researchers, threat sharing communities, and more.

STIX is a standardized language that allows for the detailed representation and contextualization of cyber threat information. By providing a structured format, STIX ensures a unified way of describing diverse cyber threat information, thereby facilitating more effective communication, analysis, and application of this information.



Trusted Automated eXchange of Intelligence Information (TAXII) is the format through which threat intelligence data is transmitted.

TAXII is a communication protocol that supports the exchange of cyber threat information, including STIX data, in a secure and automated manner. It outlines how to transport these data, regardless of the method or mechanism, ensuring the safe, reliable, and efficient exchange of information.




Bonus Coverage:

What are the types of Threat Intelligence?
Cyber Threat Intelligence is mainly categorized as strategic, tactical, technical, and operational.




Is either of these - STIX or TAXII - covered in any of the CompTIA courses?????

Common Attack Vectors

Here are some common types of attack vectors:

- Weak or Compromised Access Credentials
- Phishing
- Malware
- Unpatched Software
- Third-party vendors & service providers
- Insider Threats
- Lack of Encryption
- Misconfigurations
- Trust Relationships
- Brute Force
- DDoS Attacks
- SQL Injections
- Cross-site scripting (XSS)
- Man-in-the-Middle (MITM)
- Session Hijacking



Got anymore to add to my list!!
  • Love
Reactions: precious

Need Guidance for CompTIA CTT+ (TK0-201 & TK0-202/203) Preparation

Hi Everyone,

I’m P. Divakaran, an IT instructor with experience teaching hardware and software troubleshooting. I’m planning to earn the CompTIA CTT+ certification to enhance my teaching credentials. I’d appreciate your guidance on:

  1. The best resources for studying TK0-201 and preparing for the TK0-202 video submission.
  2. Tips for recording and submitting a video for the performance-based exam.
  3. Any personal experiences or insights about the exam process, particularly the online proctoring option.
Thank you in advance for your support!

Jumping the line

A student reach out to me asking about getting the Sec+ certification. They attempted the Net+ exam and failed (scoring a 518). They asked if they can 'skip' over the Net+ and go straight for the Security +. My response was a resounding no. The student did explain that they've completed their associates degree in IT and they're not working in the profession yet.

I encouraged the student to seek their A+ first. Is it just me, or are students 'jumping the line' for higher certifications. Particularly, without the requisite knowledge, training, or real world experience that aid in learning and progressing.

To the fellow CINers, what's your take on this.

Process in "Suspended" State

Hello CINners,

1734987896793.png

The above pic is a partial snapshot of Task Manager, in a Windows 10 environment.

Either that "Search Background Task Host" process, or that "Search" process, is ALWAYS in a "suspended" state.
Anybody got a clue as to why that is?

Also, that "Microsoft Store" process that appears in that same snapshot always cranks up when I boot my machine.
Why does that bad boy kickoff?

As a famous person once asked: Why? Why!? Why?'
Who was that person :)
Always a time for a little trivia, even when taking care of serious business!!!


Okay CINners, that's all I've got for this episode of "Why Does This Do That?"
  • Love
Reactions: precious

Microsoft Sharepoint

Hello CINners,

Does anyone know what is responsible for the Microsoft Sharepoint process
to automatically run? Each time I awake my computer from "sleep" mode,
or start from a cold boot, that Microsoft Sharepoint process is going to
appear in the list of processes, on the Processes tab in Task Manager.

Is there something in Windows 10 that requires Microsoft Sharepoint to be
running?

The great news is that I can terminate it, using the "End Task" button in
Task Manager, and it will go away for the duration of my computer running.

That Microsoft Sharepoint process isn't causing any issues - none that I know
of anyway. I'm just trying to lighten the load of my CPU - it's old like I am!!

Thanks CINners!!!

Happy Holidays!! What Are Your Traditions?

Hello CINners!

At this time of year, the world is preparing to celebrate Christmas, Hanukkah, Kwanzaa, Diwali, or another celebration.

We would like to know what you are celebrating. What traditions make this time of year special to you? Is there something you look forward to this time of year, a favorite event, activity or food & beverage?

Let's share with the community so we can all celebrate together!

LastPass Breach

Hackers have stolen $12.38 million in cryptocurrency from LastPass users this month, leveraging data from a 2022 breach that compromised sensitive data that included customer vault information, according to crypto investigator ZachXBT. The theft of nearly 150 addresses, with funds quickly converted and moved, highlights the enduring impact of the 2022 breach.

Is this the same LastPass that someone in the CIN community recommended to me when I posted a query about password managers????

Open to work as an CompTIA Instructor.

Hello everyone,

I am excited to be a part of this forum and would like to introduce myself. My name is Ashief Ahmed, and I have been passionately teaching Cybersecurity courses since 2014. Over the years, I have had the privilege of sharing my knowledge and expertise with students across Canada, teaching at various colleges and universities.

I am a certified instructor with ISC2, ISACA, and PECB, which enables me to deliver a wide range of professional certification courses, including CompTIA, ISC2, and ISACA programs. In addition to my teaching credentials, I hold 58 industry-leading certifications, reflecting my dedication to continuous learning and staying updated in the ever-evolving field of cybersecurity.

If you are interested, you can learn more about my professional background and connect with me through my LinkedIn profile:

👉 LinkedIn - Ashief Ahmed

I am eager to engage in meaningful discussions with training centers and collaborate on initiatives to advance cybersecurity education. I also look forward to sharing my experiences and learning from the wealth of knowledge this community of educators brings to the table.

Let’s connect and grow together!

Best regards,
Ashief Ahmed

Apparent Errors in Labsim Quiz

Hello,

Just started going through the labsim material for Cloud+ and I have noticed a couple of typo errors and errors in some questions. look at the explanation for why Office 365 is wrong in this question for 2.5 Module Quiz. There is no mention of G Suite in the original question.

1734637716688.png

  • Question
Firefox Processes Launching

Hello CINners,

Got a question for the Windows 10 Elite!

When I power-up my computer, or wake it up from sleep mode, I will often times see
a couple (anywhere from 2 to 4) of Firefox processes running in Task Manager. Now,
the processes don't run indefinitely, and no actual browser is opened. However, just
the running of those Firefox processes consumes vital resources (CPU and Memory)
for the duration that they do run.

My question: Why do those Firefox processes launch automatically like that? If you do
know the why, are you able to guide me on how to prevent this from happening?

Remember, this is a question for the Windows 10 Elite, not the petite (i.e. neophytes or
casual users)!!!

Many thanks CINners.

Filter