{"id":160,"date":"2019-01-04T08:00:38","date_gmt":"2019-01-04T14:00:38","guid":{"rendered":"https:\/\/storyconsulting.info\/?p=98"},"modified":"2019-01-02T12:34:28","modified_gmt":"2019-01-02T18:34:28","slug":"comptia-cysa-objective-1-1","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/","title":{"rendered":"CompTIA CySA+ Objective 1.1"},"content":{"rendered":"\n

Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes.<\/p>CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0<\/cite><\/blockquote>\n\n\n\n

One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. “Time spent on reconnaissance is seldom wasted.” – Duke of Wellington Arthur Wellesley. This is true in cybersecurity just like war. We must know what we’re defending if we have any hope of defending it.<\/p>\n\n\n\n

“Time spent on reconnaissance is seldom wasted.”<\/p>Duke of Wellington Arthur Wellesley<\/cite><\/blockquote><\/figure>\n\n\n\n

Often the first step for a <\/g>security<\/g> analyst is to review any existing documentation on the network and the devices on the network.  This documentation will often include topology maps and lists of the assets on the network and what they do.  Unfortunately<\/g> this documentation is often outdated, inaccurate and even non-existing and will serve only as a starting point.  <\/p>\n\n\n\n

NMAP<\/h4>\n\n\n\n

Thankfully there are several tools and sources of information that will aid in getting the information that is needed.  One of the most versatile tools is the Network Mapper NMAP<\/a>, which is a free (as in beer and speech) tool that will scan the network for hosts and then help to identify them.  NMAP can scan both wide and deep.  First scanning wide, it can identify all of the devices that respond to ICMP or UDP pings on the network.  An example of an NMAP ping scan is below.<\/p>\n\n\n\n

$ nmap -sn 192.168.7.2-254\nStarting Nmap 7.70 ( https:\/\/nmap.org ) at 2018-09-20 21:54 CDT\nNmap scan report for 192.168.7.24\nHost is up (0.28s latency).\nNmap scan report for 192.168.7.25\nHost is up (0.0038s latency).\nNmap scan report for 192.168.7.26\nHost is up (0.066s latency).\nNmap scan report for 192.168.7.30\nHost is up (0.021s latency).\nNmap scan report for 192.168.7.31\nHost is up (0.0057s latency).\nNmap scan report for 192.168.7.37\nHost is up (0.00028s latency).\nNmap scan report for 192.168.7.39\nHost is up (0.12s latency).\nNmap scan report for 192.168.7.46\nHost is up (0.033s latency).\nNmap scan report for 192.168.7.53\nHost is up (0.0057s latency).\nNmap scan report for 192.168.7.54\nHost is up (0.17s latency).\nNmap scan report for 192.168.7.59\nHost is up (0.093s latency).\nNmap done: 253 IP addresses (11 hosts up) scanned in 9.09 seconds<\/code><\/pre>\n\n\n\n
Once live hosts are determined it can go deep and scan the hosts to interrogate them to determine what services are running, what versions of server software and with most hosts the operating system (OS) that the host is running through fingerprinting. This information will help to document what OS’s  what server software and what services are present on the network.  Knowing this information, helps to focus the security analyst on the attacks that are possible.  For example, if you know that there are no Apple Macintosh OSX devices on the network, you can filter out some attacks that might show up in Intrusion Prevention System (IPS) logs as not relevant.  This allows an analyst to focus on the detections that are potential issues.  An example of a deep scan of a host is below.<\/p>\n\n\n\n
$ nmap -T4 -A -v 192.168.7.53\nStarting Nmap 7.70 ( https:\/\/nmap.org ) at 2018-09-20 21:58 CDT\nNSE: Loaded 148 scripts for scanning.\nNSE: Script Pre-scanning.\nInitiating NSE at 21:58\nCompleted NSE at 21:58, 0.00s elapsed\nInitiating NSE at 21:58\nCompleted NSE at 21:58, 0.00s elapsed\nInitiating Ping Scan at 21:58\nScanning 192.168.7.53 [2 ports]\nCompleted Ping Scan at 21:58, 0.00s elapsed (1 total hosts)\nInitiating Parallel DNS resolution of 1 host. at 21:58\nCompleted Parallel DNS resolution of 1 host. at 21:58, 0.02s elapsed\nInitiating Connect Scan at 21:58\nScanning 192.168.7.53 [1000 ports]\nDiscovered open port 23\/tcp on 192.168.7.53\nDiscovered open port 80\/tcp on 192.168.7.53\nDiscovered open port 8080\/tcp on 192.168.7.53\nDiscovered open port 631\/tcp on 192.168.7.53\nDiscovered open port 515\/tcp on 192.168.7.53\nDiscovered open port 9100\/tcp on 192.168.7.53\nCompleted Connect Scan at 21:58, 0.15s elapsed (1000 total ports)\nInitiating Service scan at 21:58\nScanning 5 services on 192.168.7.53\nCompleted Service scan at 21:59, 18.52s elapsed (6 services on 1 host)\nNSE: Script scanning 192.168.7.53.\nInitiating NSE at 21:59\nCompleted NSE at 21:59, 0.45s elapsed\nInitiating NSE at 21:59\nCompleted NSE at 21:59, 0.00s elapsed\nNmap scan report for 192.168.7.53\nHost is up (0.010s latency).\nNot shown: 994 closed ports\nPORT     STATE SERVICE    VERSION\n23\/tcp   open  telnet     HP LaserJet debug telnetd\n80\/tcp   open  http       HP LaserJet CP1205nw or P1606 http config\n| http-methods: \n|_  Supported Methods: GET HEAD POST\n|_http-server-header: Mrvl-R1_0\n| http-title: HP LaserJet Professional P1606dn\u00a0\u00a0\u00a0192.168.7.53\n|_Requested resource was \/SSI\/index.htm\n515\/tcp  open  printer\n631\/tcp  open  http       HP LaserJet CP1205nw or P1606 http config\n| http-methods: \n|_  Supported Methods: GET HEAD POST\n|_http-server-header: Mrvl-R1_0\n| http-title: Site doesn't have a title.\n|_Requested resource was \/SSI\/index.htm\n8080\/tcp open  http       HP LaserJet CP1205nw or P1606 http config\n| http-methods: \n|_  Supported Methods: GET HEAD POST\n|_http-server-header: Mrvl-R1_0\n| http-title: Site doesn't have a title.\n|_Requested resource was \/SSI\/index.htm\n9100\/tcp open  jetdirect?\nService Info: Device: printer; CPE: cpe:\/h:hp:laserjet_p1606\n\nNSE: Script Post-scanning.\nInitiating NSE at 21:59\nCompleted NSE at 21:59, 0.00s elapsed\nInitiating NSE at 21:59\nCompleted NSE at 21:59, 0.00s elapsed\nRead data files from: \/usr\/local\/bin\/..\/share\/nmap\nService detection performed. Please report any incorrect results at https:\/\/nmap.org\/submit\/ .\nNmap done: 1 IP address (1 host up) scanned in 20.38 seconds<\/code><\/pre>\n\n\n\n
Packet Analyzers<\/h4>\n\n\n\n
Another tool for investigating a network is a packet analyzer.  One of the most popular is known as Wireshark<\/a> and is also a free tool.  With Wireshark you can capture the packets that a computer sees on the network.  Even without using techniques to tap or otherwise see traffic that won’t normally come to the computer on a switched network, one can learn a lot about the network.  For example, broadcast traffic can tell you what kind of switch the computer is attached to (LLDP) or the MAC addresses of other computers on the network via the ARP packets sent out.<\/p>\n\n\n\n
If you have access to the logs on a network, they can be a good source of information as well.  Reviewing firewall logs can document what types of network traffic are present.  Intrusion Prevention(Detection) Systems (IPS\/IDS) also provide useful logs that may indicate malicious behavior.<\/p>\n","protected":false},"excerpt":{"rendered":"
One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. “Time spent on reconnaissance is seldom wasted.” – Duke of Wellington Arthur Wellesley. This is true in cybersecurity just like war. We must know what we’re defending if we have any hope of defending it.<\/p>\n","protected":false},"author":1,"featured_media":200,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CompTIA CySA+ Objective 1.1 Study Notes #cysa+ #security #ciscochampion","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,31,95],"tags":[89,90,91],"class_list":["post-160","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-certification","category-cysa","tag-blog","tag-certification","tag-cysa"],"yoast_head":"\nCompTIA CySA+ Objective 1.1 -<\/title>\n<meta name=\"description\" content=\"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CompTIA CySA+ Objective 1.1 -\" \/>\n<meta property=\"og:description\" content=\"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-04T14:00:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"425\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CompTIA CySA+ Objective 1.1\",\"datePublished\":\"2019-01-04T14:00:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/\"},\"wordCount\":548,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1\",\"keywords\":[\"blog\",\"certification\",\"cysa+\"],\"articleSection\":[\"Blog\",\"Certification\",\"CySA+\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/\",\"name\":\"CompTIA CySA+ Objective 1.1 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1\",\"datePublished\":\"2019-01-04T14:00:38+00:00\",\"description\":\"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1\",\"width\":640,\"height\":425,\"caption\":\"Photo by Francis Seura from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/01\\\/04\\\/comptia-cysa-objective-1-1\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CompTIA CySA+ Objective 1.1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CompTIA CySA+ Objective 1.1 -","description":"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/","og_locale":"en_US","og_type":"article","og_title":"CompTIA CySA+ Objective 1.1 -","og_description":"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-01-04T14:00:38+00:00","og_image":[{"width":640,"height":425,"url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CompTIA CySA+ Objective 1.1","datePublished":"2019-01-04T14:00:38+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/"},"wordCount":548,"commentCount":2,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","keywords":["blog","certification","cysa+"],"articleSection":["Blog","Certification","CySA+"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/","name":"CompTIA CySA+ Objective 1.1 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","datePublished":"2019-01-04T14:00:38+00:00","description":"One of the first things both attackers and defenders do is to reconnoiter the network that they are attacking or defending. We must know what we're defending if we have any hope of defending it.","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","width":640,"height":425,"caption":"Photo by Francis Seura from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/04\/comptia-cysa-objective-1-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CompTIA CySA+ Objective 1.1"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/09\/pexels-photo-802412.jpeg?fit=640%2C425&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-2A","jetpack-related-posts":[{"id":161,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/07\/comptia-cysa-objective-1-2\/","url_meta":{"origin":160,"position":0},"title":"CompTIA CySA+ Objective 1.2","author":"Ben Story","date":"January 7, 2019","format":false,"excerpt":"Given a scenario, analyze the results of a network reconnaissance.CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 While gathering the reconnaissance about a network, the data must be turned into actionable information.\u00a0 The first type of analysis is the point in time analysis.\u00a0 Sources for such analysis may include\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by PhotoMIX Ltd. from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":465,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/26\/comptia-cysa-objective-4-5\/","url_meta":{"origin":160,"position":1},"title":"CompTIA CySA+ Objective 4.5","author":"Ben Story","date":"February 26, 2019","format":false,"excerpt":"Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 So this objective is more of a laundry list than anything else. I would suggest going through the list of tools and familiarize yourself with what\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":337,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/11\/comptia-cysa-objective-1-4\/","url_meta":{"origin":160,"position":2},"title":"CompTIA CySA+ Objective 1.4","author":"Ben Story","date":"January 11, 2019","format":false,"excerpt":"Explain the purpose of practices used to secure a corporate environment. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Penetration Testing Penetration testing is performed by security analysts to test a network to see where security improvements can be made. The testing could be external or internal and may\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by rawpixel.com from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1498958.jpeg?fit=640%2C557&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1498958.jpeg?fit=640%2C557&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-1498958.jpeg?fit=640%2C557&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":159,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/01\/comptia-cysa-cs0-001\/","url_meta":{"origin":160,"position":3},"title":"CompTIA CySA+ CS0-001","author":"Ben Story","date":"January 1, 2019","format":false,"excerpt":"Security has always been an important component in being a Network Engineer.\u00a0 Today's Internet of Things (IoT) and the growing number of cyber attacks has made it even more crucial.\u00a0 Because of this, I've decided to go back into the Security realm of certification coursework and exams.\u00a0 It has been\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Security","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":165,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/14\/comptia-cysa-objective-2-2\/","url_meta":{"origin":160,"position":4},"title":"CompTIA CySA+ Objective 2.2","author":"Ben Story","date":"January 14, 2019","format":false,"excerpt":"Given a scenario, analyze the output resulting from a vulnerability scan.CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Analyze Reports from a Vulnerability Scan The data from a vulnerability scan must be interpreted and analyzed to turn it into usable and actionable information.\u00a0 One of the first parts of\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Microscope","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":371,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/22\/comptia-cysa-objective-3-3\/","url_meta":{"origin":160,"position":5},"title":"CompTIA CySA+ Objective 3.3","author":"Ben Story","date":"January 22, 2019","format":false,"excerpt":"Explain the importance of communication during the incident response process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Communication is important during an incident response. The stakeholders and types of communication need to be defined before an incident. Stakeholders Human Resources HR should provide the following responsibilities in reference\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"communication","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/160","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=160"}],"version-history":[{"count":0,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/160\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/200"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}