Hello CINners,

Based on what you know about the new SecurityX exam, out of 100 persons, having nothing more than user-level knowledge, how many do you feel would be lucky enough to attain a passing score on that exam?

Now, keep in mind that these persons have almost zero knowledge in the area of cybersecurity. In fact, to put their knowledge in some meaningful context, let's say that they are folks who bring home their new router from Xfinity (or whomever), and don't know that it's a GREAT idea to change the default password for the admin account. Yeah, at that level

Anyway, give me a number. There's no right or wrong - just your number. I'm going somewhere with this, but not in this post!

Thanks CINners

Microsoft issued 71 patches for December Patch Tuesday to address vulnerabilities that include a zero-day bug in the Windows Common Log File System, which is under active exploit, and could enable system-level privileges.

Other critical vulnerabilities include a remote code execution flaw in Windows Lightweight Directory Access Protocol, and one in Hyper-V, that could allow code execution on the host operating system.

71 patches? Just for the month of December? Ouch!!!!

Well, as the old saying goes, "it's all relative" - I say that because, relative to the year's total of 1,020 patches for the very popular OS, 71 for a single month ain't that bad

Peace and blessings to all those with the responsibility of guarding the Microsoft Windows OS palace!!!

CompTIA's IT Industry Outlook 2025 presents educators and IT professionals with both exciting prospects and difficulties. Highlights are as follows:

1. AI Costs vs. Potential: While AI increases productivity, it also presents issues with cost, cybersecurity, and privacy. Give students the tools they need to control AI risks and ROI.

2. Workforce Upskilling: 66% of businesses want to provide cybersecurity, software, and data analytics training to their staff. compared to 59% in 2024. To close the skills gap, practical training is essential.

3. Growing Cyberthreats: Stronger frameworks and stricter MSP controls are essential. Utilize realistic simulations in the Security+ and Pentest+ labs.

4. Flexibility in IT: Greater work-life balance and prospects for career advancement are brought about by the high demand for IT talents.

5. Collaborations Are Important: 90% of businesses collaborate to handle complexity. Emphasize teamwork and how it fosters creativity.

Read More: CompTIA IT Industry Outlook 2025

What trends resonate with you, and how are you preparing students for the future of IT?

Hello CINners,

Is the MITRE ATT&CK Framework a part of the objectives of any CompTIA exam?

Cybercriminals no longer need to be tech geniuses to bypass your MFA—they just need $200.

A new phishing kit is making waves in the cybercrime world, offering attackers everything they
need to intercept MFA tokens, steal session cookies, and gain unauthorized access to your systems.
The worst part? Many organizations still rely on phishable factors, like SMS codes or OTPs.

Here’s what you need to know:

• These kits mimic legitimate login portals, intercept MFA tokens in real-time, and hijack sessions without detection.
• Weak MFA like SMS are easily phishable—giving attackers access to interconnected systems through a single breach.
• Organizations should act now to classify, strengthen, and enforce phishing-resistant MFA solutions.

Just when you thought MFA provided a piece to the secure assurance puzzle - now this!

Okay folks, I'm not attempting to cause a global panic. As usual, I'm just a messenger!!!
You've been informed!

Hello CINners,

Does anyone out there encrypt the hard drive on your home computer?
If so, what encryption algorithm do you use?

Hello CINners,

My guess is that the majority of web browser users make use of one of the
following browsers on a regular basis:
- Chrome
- Firefox
- Internet Explorer

Question? Whatever browser you use, why is it your preference?

Thank you CINners!!!

72% of successful breaches involve phishing emails,
such as the attack on a public transportation authority
that compromised scheduling systems, and caused
significant delays.

Be diligent all!!!

Hello CINners,

Got a couple a questions regarding Password Managers.

Q1. Is Password Manager covered on any of the CompTIA exams?


Q2. If you use a Password Manager, which one do you use? I would
have included a couple of names in my question, but I don't want to
influence anyone.


Thanks CINners!

Hello CINners,

I'm seeking persons who have 2-3 years of practical experience using Nmap.
Now, before you get too excited, there's no pay involved here!!!

Still reading? Okay, a colleague of mine is developing a certification exam
blueprint for Nmap Security Specialists, and she requires persons to participate
in a survey, that will require 30-45 minutes to complete. If you think you are
willing to spare that amount of time, and are able to complete the survey by
December 20, please let me hear from you.

Just let me know that you meet the criteria, and that you would like to help!

Many thanks in advance!!!

When sending an email with an attachment, does anyone routinely encrypt the attachment?
If so, what do you use to peform the encryption?

The hat in the pic, as well as the refusal to listen to a well-intended warning, reminded me of one of the members of the CIN community! A $5 Starbucks gift card to the first person to tell me who that CINner is!!!!

Hey CIN-ners,

I took the A+ Core 1 220-1101 exam yesterday and wanted to "share" a question which I thought I was interesting. The problem based question showed an WAP and the back of a patch panel and the question was to select what cable you would use to connect the two. Looking at this question, I immediately thought to myself, "Who would connect an WAP directly to the back of the patch panel?" I saw my cable choices and went with an RJ-45 straight through to a stripped Cat 5e to punchdown in the back of the patch panel. Just wondering if the SMEs in here can shed a little light on this interesting question because if I'm teaching in my A+ class - you connect an AP to a switch and A+ is telling me otherwise..... this question could be the difference between someone passsing and failing.

Appreciate your insights, comments, etc.....

-Jason Perretta
IT Instructor (A+/Net+) Dunbar High School
Fort Myers, FL

CompTIA examinations can indeed be tough, particularly to those who are fresh. There are many students who are not good at managing time, while there are others who simply try too hard to figure out performance-based questions.

As instructors, let’s share tips to help our learners prepare effectively, control anxiety and have a go at the examination.

Simulation labs offer practical experience, connecting theoretical knowledge with real-world application for CompTIA A+ certification. They assist in developing confidence when addressing actual troubleshooting situations, equipping you for achievement in both examinations and IT professions.

These labs not only prepare students for exams but also equip them with practical skills they’ll use in their IT careers.

Enhance your lessons with a simulation lab:

TestOut-Hands-On Lab Simulations

Dear CINners,

Due to overlapping engagements, I will be unable to attend the CIN Sneak Peek, on this coming Thursday, December 12, at 1pm CST. Is there anyone else planning to attend, whom I can trust, to take attendance in my absence? Let me know.

Thank you in advance!

Hello CINners!! This is a Public CINner Announcement (PCA)! Login detour ahead!! Next Wednesday, December 18th, when you log into CIN, you will be required to reset your password! This will be a one-time request.

Why?

I am super excited about what is coming in 2025 with the CIN community! CompTIA has noticed how great you CINners are and wants to expand the community and services! We will be making major changes to our community, making it easier to connect with your CompTIA contacts, get access to tech support, find answers to your questions about products, provide more resources and more. We will even see changes coming to the look and feel for our community, new forums, and a lot of new badging and engagement opportunities!

However, as we know, with progress comes a lot of construction. Our first step is moving off our existing authentication platform. This move will come next Wednesday. We will move your CIN data, however, passwords do not move. That is why you will be asked to reset your password when you log in.

IMPORTANT NOTE! This will NOT affect your CompTIA SSO or access to other CompTIA Services! This is just for CIN access. CIN authentication will stand-alone event for the duration of the construction.

They don't even need to be in range of your network - just hacking an adjacent network is all that's needed

The Daisy Chain Attack

Old CASP+ certs will be rebranded SecurityX on December 17, 2024​

CompTIA CASP+ Name Change

CompTIA Advanced Security Practitioner (CASP+) name will be renamed to SecurityX December 17, 2024.

CompTIA Advanced Security Practitioner (CASP+) will be renamed to SecurityX on December 17, 2024. The name change will not affect your CASP+ certification. You will automatically receive the rebranded SecurityX badge and can download a new certificate and transcript in CertMetrics. This update emphasizes the advanced (i.e. “Xpert”) level of the certification.

I'd like to get some suggestions from you CINners on basic cybersecurity hygiene.
Keep it simple (e.g. brush after every meal is recommended in the area of dental hygiene)!!!!

Okay, give me what you got!!!!

I'm at a loss here. A student had a Title IX situation late in the semester. I offered them an "incomplete" grade to give them more time to complete the materials for TestOut (TO) Network Pro and another TO title. Unfortunately, the student can't complete the materials before Network Pro retires on Dec. 20th. I believe in this student, and it took a bit to convince them to take the incomplete grade. Now, I feel like I've set them up for failure on the Network Pro. Any ideas?

When imparting knowledge of CompTIA certifications, the task does not only include syllabus content, it also involves sharpening the minds of the students. This week I turned to problem solving in dynamic tasks of A+ certification for students and also started using memory aids such as remembering their OSI mnemonics A1, A2, A3, A4, and A5.

Memory aids allow students to learn almost easily. For instance, ‘Please Do Not Throw Sausage Pizza Away’ in order to remember OSI layers! Another source that can be considered is the link on memory devices:

Core1
Core2

What other memory devices do you have that assist your students? Let’s combine our strength and creativity!

In a discussion today with another instructor that centered on CompTIA's Tech+ certification, I went to the CompTIA.ORG site and ended up here:

The site indicates the following:

Exam details coming soon.​

Note - Unexpired ITF+ certification exam vouchers can be used for the Tech+ certification exams.​

Does anyone know what's going on? Is the exam live? Vouchers for Tech+ do not appear as available for purchase on the CompTIA Academic Store.

Hello CINners,

I'd like to learn what antivius (AV) sotware you're running
on your endpoint(s) - either at your residence, or at the
place of your professional endeavor.

Thank you.

So, this is a for-what-it's-worth topic? I saw this story on the morning news and was just left with one question. Why? https://www.today.com/news/ai-jesus-christ-switzerland-controversy-rcna182980

I thought I would share with the community to get some insight. A church in Switzerland ran an experiment where it used an AI generated Jesus to listen to confessions and provide feedback. The avatar of Jesus was created using OpenAI's GPT-40. According the story, the AI Jesus confessional was very popular and many folks came to talk to it!

So then I started thinking.
If we are starting to experiment with AI Jesus, replacing the priest as the middleman, what is next?
Who will be next to be replaced by AI?
What does this mean for education?
This brings back the original question we have heard for years. In the long run, will AI replace all of our jobs?

Looking forward to your insights!