Paying it forward by sharing knowledge
Compare and contrast common vulnerabilities found in the following targets within an organization. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Servers There are many kinds of servers (server applications) in Enterprise networks. The most common vulnerabilities are for web servers and database servers. Web servers may have vulnerabilities in the actual service or […]
Given a scenario, analyze the output resulting from a vulnerability scan. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Analyze Reports from a Vulnerability Scan The data from a vulnerability scan must be interpreted and analyzed to turn it into usable and actionable information. One of the first parts of this analysis is the […]
Given a scenario, implement an information security vulnerability management process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Identification of Requirements One of the key parts of managing vulnerabilities is knowing what the enterprise is trying to achieve. The first set of requirements often come from regulatory bodies. Some of these are listed below. […]
Explain the purpose of practices used to secure a corporate environment. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Penetration Testing Penetration testing is performed by security analysts to test a network to see where security improvements can be made. The testing could be external or internal and may vary in scope. A definition […]
The Common Vulnerability Scoring System (CVSS) is part of the Security Content Automation Protocol (SCAP). It allows security researchers to quantitatively evaluate the risk posed by a vulnerability. CVSS is comprised of three metric groups. The scoring ranges from 0-10. For the purposes of the current version of the exam (as of 1/1/2019), CVSS v2 […]
The Security Content Automation Protocol (SCAP) is a standard that defines how software flaws and configuration errors are classified. Four components make up SCAP. Common Configuration Enumeration (CCE) The Common Configuration Enumeration (CCE) is a list of best practices maintained by the National Institute of Standards and Technology (NIST). They may be downloaded from the […]
Given a network-based threat, implement or recommend the appropriate response and countermeasure. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 For this objective we will explore some potential countermeasures and controls to help secure a network and what kinds of attacks they may thwart. Network Segmentation One of the most basic things that can […]
Given a scenario, analyze the results of a network reconnaissance. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 While gathering the reconnaissance about a network, the data must be turned into actionable information. The first type of analysis is the point in time analysis. Sources for such analysis may include packet captures, Netflow and […]
One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. “Time spent on reconnaissance is seldom wasted.” – Duke of Wellington Arthur Wellesley. This is true in cybersecurity just like war. We must know what we’re defending if we have any hope of defending it.
Recently at work, we had an issue where one of our guest networks wasn’t allowing new hosts onto the network. After some investigation, it appeared that we had simply run out of available IP addresses in the DHCP pool. We added 100 addresses and thought we were done until we noticed that within seconds those […]
© Pack IT Forwarding 2019. Powered by WordPress