CompTIA CYSA+ CS0-002 – Risk Mitigation Part 2
4. Risk Calculation (OBJ 5.2) Conducting an assessment. In this lesson we are going to talk about conducting an assessment and what that really means. Now, when we talk about an assessment, most businesses have to assess their different assets. Most business assets have a specific value associated with them. If I look at the… Read More »
CompTIA CYSA+ CS0-002 – Risk Mitigation Part 1
1. Risk Mitigation (Introduction) In this section of the course, we’re going to cover risk mitigation. Now, we’re going to be covering domain five in this section of the course. Specifically objective 5. 2. Objective 5. 2 states that given a scenario, you must apply security concepts in support of organizational risk mitigation. As we… Read More »
CompTIA CYSA+ CS0-002 – Frameworks, Policies, and Procedures Part 2
5. Audits and Assessments (OBJ 5.3) Audits and assessments. In this lesson we are going to talk all about audits and assessments and all the different components that are comprised as part of this auditing and assessments. Now, this is going to include things like quality control and quality assurance, verification and validation, assessments and… Read More »
CompTIA CYSA+ CS0-002 – Frameworks, Policies, and Procedures Part 1
1. Frameworks, Policies, and Procedures (Introduction) In this section of the course, we’re going to cover frameworks, policies and procedures. We’re going to be covering domain five in this section, specifically, Objective 5. 3. Now, Objective 5. 3 states that you must be able to explain the importance of frameworks, policies, procedures, and controls. Now,… Read More »
CompTIA CYSA+ CS0-002 – Enumeration Tools Part 4
8. Responder (OBJ 1.4) Responder. In this short video, we are going to talk about the tool known as Responder. Now responder comes as part of the Kali open source penetration testing system. Responder is a command line tool that is used to poison responses to NetBIOS, LLMNR and Mdns name resolution requests in an… Read More »
CompTIA CYSA+ CS0-002 – Enumeration Tools Part 3
6. Using Nmap (OBJ 1.4) In this lesson, I want to show you handson how we use Nmap by combining some of those commands we learned about in the Nmap usage lecture into a real scan and real information gathering techniques. Now this is really important come test day because I guarantee you’re going to… Read More »
CompTIA CYSA+ CS0-002 – Enumeration Tools Part 2
3. Nmap Port Scans (OBJ 1.4) Nmap port scans. So now that we’ve started and we’ve gone through and done our Discovery scans, we have now finished our footprinting. But we now need to start beginning our fingerprinting and learning information about individual hosts. One of the ways we do this is by using Service… Read More »
CompTIA CYSA+ CS0-002 – Enumeration Tools Part 1
1. Enumeration Tools (OBJ 1.4) Enumeration tools. In this lesson, we’re going to talk about some of the enumeration tools that we’re going to experience as we’re trying to enumerate our networks. Now, what exactly is enumeration? Well, enumeration is the process to identify and scan network ranges and hosts that belong to the target… Read More »
CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 3
6. Scheduling and Constraints (OBJ 1.3) Scheduling and constraints. In this lesson, we’re going to talk about scheduling and constraints. So the first question I have for you is, how often should you scan? Well, this is going to be determined based on your internal risk management decisions of your organization. If you have a… Read More »
CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 2
4. Scanner Types (OBJ 1.3) Scanner types. In this lesson, we’re going to talk about the different ways you can configure your scanner. Now, different scanners have different capabilities. Some are going to be passive, some are going to be active, and some are going to be active with particular configurations that we’re going to… Read More »
