Posts Categorized: CompTIA Security+

What is a distributed denial of service attack (DDoS)? Security+ Objectives A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely… Read more »

Different threat actors P.1 Advanced persistent threat (APT)    An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors (e.g., cyber, physical, and deception) to generate opportunities to achieve its objectives, which are typically to establish and extend footholds within the information technology infrastructure of… Read more »

Overview A large number of common threats need to be considered when securing a network, but a frequently overlooked area is the security of the LAN. When people think about security, often they’re thinking specifically of the layers above Layer 2, but there’s no reason to limit a security plan to these upper layers. A… Read more »

What do CCNA Security, CCNP Security, CEH, ISA, Infosec CISSP and Amazon AWS Certified Security have in common? They are all part of the large grouping of cybersecurity certifications currently available. Each of these certifications is valuable and serves a valid purpose. But what about the CompTIA Security+ certification? If you’ve got questions, we’ve got… Read more »

Remote Access VPN What is a Remote Access VPN? A remote access VPN gives employees access to secure connection with a remote computer network and they can access resources on the network as if they were directly plugged into the network’s servers. How Remote Access VPN Works? A remote-access VPN works by creating a virtual… Read more »

Data Sanitization For the general user, the delete or format command appears to be the logical method of removing unwanted data files. These methods, however, are like sweeping something under the carpet: you may not be able to see it, but it’s still there. When you delete files and then empty the Recycle Bin, you… Read more »

Security+ Objectives 1.5 The passive approach uses devices to watch the traffic as it passes by. These devices can be special purpose devices such as a Sniffer or they can be built into other devices such as routers, switches or end node hosts. Administrators can scan specific systems or an entire network. For example, many… Read more »

Security+ Objectives 1.4 Black Box, Grey Box, White Box testing: What Differences? There are several ways to conduct penetration tests. If you’re considering penetration testing for your network, you’ll likely choose either black, white, or gray box testing. Each method has merits, so it’s helpful to understand the difference between these tests in order to… Read more »

Ransomware CompTIA Sec+ Objectives 1.1 Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state… Read more »

Phishing What is Phishing and How to Detect Phishing Attacks? Part of CompTIA Security+ Objectives 1.2 Phishing is an email scam designed that appears to be from a legitimate company and ask you to provide sensitive information. Cybercriminals use phishing to attempt to obtain sensitive information such as credit card details and login credentials, by… Read more »