Character Encodingby Bob Weiss
Happy Pi Day. It is also Albert Einstein’s birthday.
As we discussed in our first article, many of the cybersecurity certifications that I teach have content that involves the uses of encoding, code injection, directory transversal, and scripting. These concepts can be difficult to grasp, and the exam questions can be challenging to answer correctly. ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.The delivery of cloud-based malware also shot up in 2022, triggered by an increase in the volume of apps being exploited to launch malware and the number of malicious downloads ...
Continue Reading →This post is for my cybersecurity students, and anyone else taking a cybersecurity class or studying for a certification exam.
From Jason Dion: “The most common type of code injection is SQL injection. An SQL injection attempts to modify one or more of an SQL query’s four basic functions: select, insert, delete, or update. Two common methods of performing an SQL injection are either using a single apostrophe (‘) or submitting an always true statement like 1=1. As a penetration tester, you ...
Continue Reading →
Yesterday we provided some commentary on the PT0-002 exam. Today I am going to share my study resources and notes.
First. there are some excellent articles about this from Globalcerts and on Reddit. I used their guidance to help me prepare for this exam. I usually do not do a lot of prep for certification exams, especially ...
Continue Reading →I just passed the Pentest+ PT0-002 exam on January 6, 2023. I had taken and failed the PT0-001 when the certification was first introduced three years ago. Of the four CompTIA cybersecurity certifications, Sec+, CySA+, Pentest+, and CASP+, this exam is the hardest of the four. or at least the second hardest. CASP+ does have the dreaded and difficult
Continue Reading →
I wanted to share this subnetting tip. I came from simiangeek on the CompTIA sub-Reddit . I am also including some links to other training resources that I have found
I wanted to share my experience, hope it will work for some other people. I went ahead and got to a point where I could jot ...
Continue Reading →
I took the 220-1102 exam yesterday, and passed with a score of 781 out of 900. It takes a score of 700 to pass. Again, there were 80 questions, with 90 minutes allowed to complete. If you haven’t already read my previous companion article Notes on the New CompTIA A+ 220-1101 Exam, you can find it
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.I picked this up on Reddit/r/CISSP.
Continue Reading →
Humans learn in a variety of different ways. There are learning modalities that correspond to the physical senses. Visual learning takes place as we read a book, flip through a slideshow, or watch a video. Auditory learning happens when we listen to a lecture or as the second modality engaged when watching a video. Kinesthetic/tactile learning happens when we use the senses ...
As you know from taking my classes, computers prefer numbers and humans prefer letters or words. Port numbers are numerical placeholders for protocol names. The best way to learn them is through daily professional use, or memorization. Flash cards can be helpful if you are preparing for an exam that is heavy in ports and protocols, such as the CompTIA A+ or Network+.
Here is another study aid provided by Rich Muldoon. Click on the image to enlarge to full size ...
Continue Reading →