The Common Vulnerability Scoring System (CVSS) is part of the Security Content Automation Protocol (SCAP). It allows security researchers to quantitatively evaluate the risk posed by a vulnerability. CVSS is comprised of three metric groups. The scoring ranges from 0-10. For the purposes of the current version of the exam (as of 1/1/2019), CVSS v2 […]
The Security Content Automation Protocol (SCAP) is a standard that defines how software flaws and configuration errors are classified. Four components make up SCAP. Common Configuration Enumeration (CCE) The Common Configuration Enumeration (CCE) is a list of best practices maintained by the National Institute of Standards and Technology (NIST). They may be downloaded from the […]
Given a network-based threat, implement or recommend the appropriate response and countermeasure. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 For this objective we will explore some potential countermeasures and controls to help secure a network and what kinds of attacks they may thwart. Network Segmentation One of the most basic things that can […]
Given a scenario, analyze the results of a network reconnaissance. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 While gathering the reconnaissance about a network, the data must be turned into actionable information. The first type of analysis is the point in time analysis. Sources for such analysis may include packet captures, Netflow and […]
One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. “Time spent on reconnaissance is seldom wasted.” – Duke of Wellington Arthur Wellesley. This is true in cybersecurity just like war. We must know what we’re defending if we have any hope of defending it.
The Problem Recently at work, we had an issue where one of our guest networks wasn’t allowing new hosts onto the network. After some investigation, it appeared that we had simply run out of available IP addresses in the DHCP pool. We added 100 addresses and thought we were done until we noticed that within […]
Security has always been an important component in being a Network Engineer. Today’s Internet of Things (IoT) and the growing number of cyber attacks has made it even more crucial. Because of this, I’ve decided to go back into the Security realm of certification coursework and exams. It has been over a decade since I […]
Happy New Year! Welcome to my new bit of territory on the Internet. For those who found it via my old blog, welcome back. For the new readers, welcome and I hope you find something useful. Pack IT Forwarding will be a place where I can share my experiences in the IT world. My hope […]