Please submit a support ticket via email@example.com. Make sure you include which lab and witch module you're having an issue with. Submitting it with screenshots, if possible will always be helpful. This will get you the most direct help.
Security is easy to implement but harder to explain. In the enterprise, most places will block you from accessing what policy has stated as "unsafe links". or has implemented a proxy etc. This abstracts security so the user just does what he/she does. They have a plan for when the computer gets infected for remediation. End User Awareness training cannot be too difficult or most people will not even try.
We will release them as soon as they have it ready to go. We do not have a timeline for that release from them yet.
The standard pattern that every vendor wants to release as close to the release date as possible but that is no guarantee they will do drop it anytime sooner than that date nor guarantee to do close the exam release date.
Pretty much. What you'll find is that many people will double up on roles in small to medium size companies. Plus, in an ISO 27001 environment, the organization's Board of Directors is ultimately accountable for much of what happens in the company. What typically happens is that the person responsible will be working closely with the accountable person with a reporting structure to the accountable and support in resources to the responsible. It's supposed to be a two way street. In reality, this can become an issue if there isn't appropriate communication and well-defined tasks. And in the case of your example, if it was a bad enough incident, you'd be fired. :-)
Thank you for the answer ronnie! I'll narrow my search to routers and modems that can support these protocols. I just started learning it and networking stuff. So I'll have to go get my own soon to try some home networking of my own!
Hey @Stephen-Mol !
Some great advice here from the community. As someone who has had to use a resume in the past 5 years or so after being in the industry for 25 years, I'd add just two things:
Make sure you read the job posting carefully and look for some key words that they use. You can "throw them back" at the application process by doing just some small tweaks to your CV/Resume. For instance, let's say they are looking for a service/help desk technician. Notice they say "technician". I would then change all my previous roles that are similar to service/help desk technician vs what your title might have actually been. This helps if they use screening software.
Research the company that you are applying at. Look at their mission statements, recent press releases, etc. If you can use verbiage from those resources, do it!
Hope that helps along with everyone elses advice. The cool thing is that you have this community to come to if you have questions or just need some emotional support. Good luck Stephen!!
So the CompTIA IT Fundamentals+ (FC0-U61) is still a valid and current exam from CompTIA. The goal of preparing for this exam is fundamentally like a "survey of the world of IT" and the potential jobs IT related jobs that are out there. It very much lets the career seeking "sample" just enough what it each of the job roles we covered and currently has not been updated. Having said that, CompTIA does plan on changing this and updating this in the future...it will change to CompTIA TECH+. We have no idea on dates for that yet; when it does get announced, we will recorded a course for that too.
I tried draggin/dropping another installer into the Terminal, and it worked (it was the iPerf utility). I'm having a different issue trying to run iPerf, but that's another story... At least I know dragging and dropping files into the Terminal works.
I am a little stumped on the whole equation for finding the amount of host's available on a subnet mask. lets say I have a subnet mask of 255.255.0.0, how would I calculate that if the portion of the host i.d is all 0's? (I am basing this on the fact that if you have a 255.255.0.0 subnet mask the number for X in the equation is 0, which doesn't seem to be correct or is wrong I am uncertain) or if the subnet mask was 255.255.240.0, then it is a classless subnet correct? so How would you determine that as well? thank you in advance :)
The key is understanding what a subnet mask does. The subnet mask helps to identify which portion of the IP address is the NETWORK ID in 32-bit binary numbering. So that means 2 things you need to know...if you do not, you will not understand how to arrive at your question.
Can you convert an IP address into a 32-bit binary number and the subnet mask into a 32-bit binary number?
e.g. Convert 192.168.10.1 into binary = 11000000.10101000.00001010.00000001
e.g. Convert 255.255.0.0 into binary = 11111111.11111111.00000000.00000000
If this is confusing you, then you need to learn to do some decimal to binary conversion training.
Do you know how to do binary ANDing?
e.g., Using a binary ANDing truth table as below.
You want to apply that to the given IP address and Subnet mask in the same manner
11000000.10101000.00000000.00000000 = result of binary ANDing shows you that the subnet mask reveals the NETWORK ID = 1st 16bits
The remaining 16-bits are the number of HOST IDs possible = 2^16 = 65,536 -2 = 65,534.
Do not get me wrong, you can know the answer without knowing how to get the answer but that doesn't mean you know what will help you.
Sorry I didn't see this post earlier, and thanks to @Andrew-Despres for throwing out some ideas.
As a CISA, I can tell you that a Full test would be wonderful for your BCP and DRP, but most recovery tests fall short of a full-scale test of all operational portions of the corporation. However, this shouldn't preclude full or partial testing because one of the purposes of the disaster recovery tests is to determine how well it works.
As an auditor, I would first find out if there is any regulation that requires a full-test for your organization. If not, then testing should be according to your risk strategy that is in place from your senior management. At that point you have options of DRP tests like:
Checklist Review - Recovery checklists are distributed to all members of a recovery team to review and ensure that the checklist is current
Structured walk-through - Team members physically implement the plans on paper and review each step to assess its effectiveness, identify enhancements, constraints and deficiencies.
Parallel Test - The recovery site is brought to a state of operational readiness, but operations at the primary site continue normally
Full interruption test - Operations are shut down at the primary site and shifted to the recovery site in accordance twith the recovery plan.
When it comes to your outside Vendors and how they incorporate into the BCP/DRP, one of the major components of any SLA or contract should be the responsibilities of the provider in case of disaster with THEIR equipment, infrastructure, connectivity, etc. As an IS auditor, that's what I would be looking for. If there are not clear responsibilities outlined in a SLA about business continuity/disaster recovery, we would mark down a non-conformity and suggest re-negotiating the agreement, having both parties agree to responsibilities decided ahead of time. That way, you can do a full-test by simply disconnecting the vendor from your systems. Insurance and other entities will be insistent on knowing what and who is responsible for recovery.
Hope that helps James! Feel free to post some follow up questions if you have them.
Listen to the episodes over my car radio on my drives to and from work. I know I probably won't absorb material the way I would watching the videos and taking notes, but it's a way to sneak in some extra ACI Learning time where I can.
Hi, Doug! You have the definition of each well spelled out. Incident and breach are technically two separate but related terms. You can have an incident that doesn't result in a breach. Incidents ONLY become breaches if an organization’s information is stolen.
I hope this helps clarify things for you. Thanks for taking the time to point out our presenters' error.