{"id":455,"date":"2019-02-25T08:00:55","date_gmt":"2019-02-25T14:00:55","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=455"},"modified":"2019-02-23T22:02:04","modified_gmt":"2019-02-24T04:02:04","slug":"comptia-cysa-objective-4-4","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/","title":{"rendered":"CompTIA CySA+ Objective 4.4"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC). <\/p><cite>CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 <\/cite><\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Best Practices During Software Development<\/h3>\n\n\n\n<p>The software development life cycle is the framework for how software should be created and upgraded.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Plan\/initiate project<\/li><li>Gather requirements<\/li><li>Design<\/li><li>Develop<\/li><li>Test\/validate<\/li><li>Release\/maintain<\/li><li>Certify\/accredit<\/li><li>Perform change management and configuration management\/replacement<\/li><\/ol>\n\n\n\n<h4 class=\"wp-block-heading\">Security Requirements Definition<\/h4>\n\n\n\n<p>During the gather requirements step, the security requirements should also be gathered in additional to the functional requirements. Potential vulnerabilities and threats should be identified in the requirements. The data that will be produced by the application should also be evaluated for sensitivity.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Security Testing Phases<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Static Code Analysis: Done without executing the code. <ul><li>Data flow analysis: Looks at runtime information in a static state.<\/li><li>Control flow graph: Graph components and their relationships including entry and exit points.<\/li><li>Taint analysis: Identifies variables that are tainted with user-controllable input.<\/li><li>Lexical analysis: parses the code into tokens to abstract it and make it easier to manipulate for testing.<\/li><\/ul><\/li><li>Web App Vulnerability Scanning:  Scan web applications using either synthetic transactions or real user monitoring (RUM). Examples include Nessus, Nexpose and Nikto.<\/li><li>Fuzzing: Injects invalid or unexpected input into applications to see how it reacts. Usually an automated process.<ul><li>Mutation fuzzing: Changes the existing input values blindly.<\/li><li>Generation-based fuzzing: generates new inputs from scratch<\/li><\/ul><\/li><li>Use Interception Proxy to Crawl Application: An example is the OWASP Sed Attack Proxy (ZAP) , analyzes requests and responses to the application<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Manual Peer Reviews<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Over-the-shoulder: Developer looks over the author&#8217;s shoulder while walking through the code.<\/li><li>E-mail pass-around: New code commits are e-mailed to the team for review<\/li><li>Pair programming: Two authors work together to create the code.<\/li><li>Tool-assisted code review: Peer code review facilitated by tools.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">User Acceptance Testing<\/h4>\n\n\n\n<p>Make sure that the application is both secure and still usable<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Mirror the testing environment with the live environment.<\/li><li>Identify use cases for execution<\/li><li>Select UAT staff from various departments<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Stress Test Application<\/h4>\n\n\n\n<p>Determine the load that an application can withstand.<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Identify test objectives by the desired outcomes.<\/li><li>Identify key scenarios to test<\/li><li>Identify the workload<\/li><li>Identify the metrics for testing<\/li><li>Create test cases<\/li><li>Simulate the load<\/li><li>Analyze the results<\/li><\/ol>\n\n\n\n<h4 class=\"wp-block-heading\">Security Regression Testing<\/h4>\n\n\n\n<p>Any changes to software should be regression tested to make sure the changes have not reduced the security of the software.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Unit Regression: Tests the new code as a single unit<\/li><li>Partial regression: New code is used with the old code.<\/li><li>Complete regression: Final type of regression testing.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Input Validation<\/h4>\n\n\n\n<p>Many attacks use a lack of input validation as a way to exploit an application. Input validation checks all inputs to make sure it is the proper format and length. Input validation will look for certain characters that should not be in the input and things like SQL injections.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Secure Coding Best Practices<\/h3>\n\n\n\n<h3 class=\"wp-block-heading\">OWASP<\/h3>\n\n\n\n<p>The Open Web Application Security Project (OWASP) is a group that maintains a list of the top 10 attacks on web applications. It provides resources and tools for testing, code review and development.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Software Assurance Maturity Model: Guidance on continuous improvement for software development<\/li><li>Development Guide: Tips on secure coding practices<\/li><li>Testing Guide: Framework for pentesting<\/li><li>Guide to Building Secure Web Applications: Best practices for secure web applications.<\/li><li>Code Review Guide: Advice on code review<\/li><li>Testing Guide: Code test guidelines<\/li><li>Application Security Verification Standards: basis for testing security controls for web applications<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">SANS<\/h4>\n\n\n\n<p>The SysAdmin, Audit, Network and Security Institute (SANS) provides guidelines for secure development and sponsors the Global Information Assurance Certification (GIAC). GIAC helps train and certify developers in secure coding practices.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Center for Internet Security<\/h4>\n\n\n\n<p>CIS is funded in part by SANS and is a non-for-profit organization. It compiles the CIS Security Controls and organizes them into the <a href=\"https:\/\/learn.cisecurity.org\/20-controls-download\">top 20<\/a>. They also provide benchmarks for technical settings for OS, software and network devices.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC). CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Best Practices During Software Development The software development life cycle is the framework for how software should be created and upgraded. Plan\/initiate project Gather requirements Design Develop Test\/validate Release\/maintain [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":456,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"CompTIA CySA+ Objective 4.4 - Study Notes #comptia #cysa+ #ciscochampion","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,31,95],"tags":[90,104,91],"class_list":["post-455","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-certification","category-cysa","tag-certification","tag-comptia","tag-cysa"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CompTIA CySA+ Objective 4.4 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CompTIA CySA+ Objective 4.4 -\" \/>\n<meta property=\"og:description\" content=\"Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC). CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Best Practices During Software Development The software development life cycle is the framework for how software should be created and upgraded. Plan\/initiate project Gather requirements Design Develop Test\/validate Release\/maintain [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-25T14:00:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"CompTIA CySA+ Objective 4.4\",\"datePublished\":\"2019-02-25T14:00:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/\"},\"wordCount\":644,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/startup-photos.jpg?fit=640%2C426&ssl=1\",\"keywords\":[\"certification\",\"comptia\",\"cysa+\"],\"articleSection\":[\"Blog\",\"Certification\",\"CySA+\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/\",\"name\":\"CompTIA CySA+ Objective 4.4 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/startup-photos.jpg?fit=640%2C426&ssl=1\",\"datePublished\":\"2019-02-25T14:00:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/startup-photos.jpg?fit=640%2C426&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/startup-photos.jpg?fit=640%2C426&ssl=1\",\"width\":640,\"height\":426,\"caption\":\"Photo by Startup Stock Photos from Pexels\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2019\\\/02\\\/25\\\/comptia-cysa-objective-4-4\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CompTIA CySA+ Objective 4.4\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CompTIA CySA+ Objective 4.4 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/","og_locale":"en_US","og_type":"article","og_title":"CompTIA CySA+ Objective 4.4 -","og_description":"Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC). CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Best Practices During Software Development The software development life cycle is the framework for how software should be created and upgraded. Plan\/initiate project Gather requirements Design Develop Test\/validate Release\/maintain [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2019-02-25T14:00:55+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/i1.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","type":"image\/jpeg"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"CompTIA CySA+ Objective 4.4","datePublished":"2019-02-25T14:00:55+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/"},"wordCount":644,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","keywords":["certification","comptia","cysa+"],"articleSection":["Blog","Certification","CySA+"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/","url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/","name":"CompTIA CySA+ Objective 4.4 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","datePublished":"2019-02-25T14:00:55+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","width":640,"height":426,"caption":"Photo by Startup Stock Photos from Pexels"},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/25\/comptia-cysa-objective-4-4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"CompTIA CySA+ Objective 4.4"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/startup-photos.jpg?fit=640%2C426&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-7l","jetpack-related-posts":[{"id":371,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/22\/comptia-cysa-objective-3-3\/","url_meta":{"origin":455,"position":0},"title":"CompTIA CySA+ Objective 3.3","author":"Ben Story","date":"January 22, 2019","format":false,"excerpt":"Explain the importance of communication during the incident response process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Communication is important during an incident response. The stakeholders and types of communication need to be defined before an incident. Stakeholders Human Resources HR should provide the following responsibilities in reference\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"communication","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/marketing-man-person-communication.jpg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":165,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/14\/comptia-cysa-objective-2-2\/","url_meta":{"origin":455,"position":1},"title":"CompTIA CySA+ Objective 2.2","author":"Ben Story","date":"January 14, 2019","format":false,"excerpt":"Given a scenario, analyze the output resulting from a vulnerability scan.CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Analyze Reports from a Vulnerability Scan The data from a vulnerability scan must be interpreted and analyzed to turn it into usable and actionable information.\u00a0 One of the first parts of\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Microscope","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/01\/pexels-photo-256262.jpeg?fit=640%2C424&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":174,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/10\/comptia-cysa-security-content-automation-protocol-scap\/","url_meta":{"origin":455,"position":2},"title":"CompTIA CySA+ &#8211; Security Content Automation Protocol (SCAP)","author":"Ben Story","date":"January 10, 2019","format":false,"excerpt":"The Security Content Automation Protocol (SCAP) is a standard that defines how software flaws and configuration errors are classified. Four components make up SCAP. Common Configuration Enumeration (CCE) The Common Configuration Enumeration (CCE) is a list of best practices maintained by the National Institute of Standards and Technology (NIST). They\u2026","rel":"","context":"In &quot;Certification&quot;","block_context":{"text":"Certification","link":"https:\/\/packitforwarding.com\/index.php\/category\/certification\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/12\/pexels-photo-1173735.jpeg?fit=640%2C640&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/12\/pexels-photo-1173735.jpeg?fit=640%2C640&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/12\/pexels-photo-1173735.jpeg?fit=640%2C640&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":465,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/02\/26\/comptia-cysa-objective-4-5\/","url_meta":{"origin":455,"position":3},"title":"CompTIA CySA+ Objective 4.5","author":"Ben Story","date":"February 26, 2019","format":false,"excerpt":"Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 So this objective is more of a laundry list than anything else. I would suggest going through the list of tools and familiarize yourself with what\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/02\/keys-workshop-mechanic-tools-162553.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":159,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/01\/comptia-cysa-cs0-001\/","url_meta":{"origin":455,"position":4},"title":"CompTIA CySA+ CS0-001","author":"Ben Story","date":"January 1, 2019","format":false,"excerpt":"Security has always been an important component in being a Network Engineer.\u00a0 Today's Internet of Things (IoT) and the growing number of cyber attacks has made it even more crucial.\u00a0 Because of this, I've decided to go back into the Security realm of certification coursework and exams.\u00a0 It has been\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Security","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":161,"url":"https:\/\/packitforwarding.com\/index.php\/2019\/01\/07\/comptia-cysa-objective-1-2\/","url_meta":{"origin":455,"position":5},"title":"CompTIA CySA+ Objective 1.2","author":"Ben Story","date":"January 7, 2019","format":false,"excerpt":"Given a scenario, analyze the results of a network reconnaissance.CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 While gathering the reconnaissance about a network, the data must be turned into actionable information.\u00a0 The first type of analysis is the point in time analysis.\u00a0 Sources for such analysis may include\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Photo by PhotoMIX Ltd. from Pexels","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/11\/pexels-photo-95916.jpeg?fit=640%2C426&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/455","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=455"}],"version-history":[{"count":0,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/455\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/456"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=455"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=455"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=455"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}