Category: SY0-501 Security+

Security+ SY0-501 Domain 4 Identity and Access Management: A look into common account management practices

Intro In 2016, the Central Intelligence Agency (CIA) experienced a data breach containing up to 34 terabytes of data (34,000,000,000,000 bytes) [1]. Later dubbed as “Vault 7”, these collections of documents (including classified data on cyber tools) were published on WikiLeaks, March 2017 [2]. After internal investigations it was revealed that an employee took advantage […]

Security+ SY0-501 Domain 2 Technologies and Tools: a look into weak security configurations

Intro CISA (Cybersecurity & Infrastructure Security Agency) released an alert from their National Cyber Awareness System on April 29, 2020 for, “Microsoft Office 365 Security Recommendations”. This response is due to a massive surge in a “work from home” workforce. Such an abrupt change demanded rapid deployment of cloud collaboration services, hastily put together with […]

Security+ SY0-501 Domain 6 Cryptography and PKI: A look into AES and Encryption

Intro April 20, 2020. The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform) [1]. This is in response to the security issues plaguing the app [zoom] with concerns for privacy and end-to-end encryption [2]. Zoom quickly […]