Passing the comptia A+ Exams

First of all, I already had a lot of experience. I earned my 800 series A+ previously and only 25% of the content was new. Also, I use several versions of Linux regularly and was already comfortable with both normal and administrative tasks.

Furthermore, I use Windows 7 as a “daily driver” on my desktop and always play around in virtual machines with Linux, Windows 8, and other operating systems.

Leading up to this exam, I worried about one topic – Mac OS X. I don’t have access to it nor the cash to buy an expensive PC for practice. None of my friends have Macs either. My best course of action was to study the Mac section of the GTS Learning Book and watch a couple videos on YouTube introducing users to the OS X interface.

I found one question related to Macs and it related back to Linux. They asked for the equivalent of Windows stop error. I clicked Kernel Panic and move on.

Although the 900 series includes Mac OS X and Linux, it is still heavily weighted towards Microsoft, particularly Windows Vista and 7. Focus on these operating systems and Windows 8. If you never messed with Linux before, use Ubuntu to gain familiarity.

What about for people with little to no experience? With serious dedication, you can do the same. I did the vast majority of my studying over three days. I had work, three classes, homework for those classes, still had to make time for my social life, and time for myself to avoid burn out. If you have the ability to devote an entire week to studying, you can pass both exams in six days.

 More Info: comptia a+ description

Practice CompTIA Exams

Study Online Guides: No Other teacher or trainer is better than self-studying and understanding the topic. it is not about how much you study it is about how you study and where you get the materials. Here is the link to Complete study notes for All in On Exam Notes For CompTIA Main Domains

Let us Know what is CompTIA: CompTIA is the leading provider of vendor-neutral IT certifications and learning content for IT professionals around the world. CompTIA works with numerous delivery channel partners around the world to help IT professionals advance their knowledge, skills and career abilities to allow growth and development in the workplace performance levels.

CompTIA A+ 220–901: Undoubtedly, A+ Certification is the most widely recognized certification in the field of computer hardware and Operating Systems.here is the link to complete study guide for CompTIA A+ Essentials Exam Cram Study Guide

CompTIA A+ Practical 220–902: This topic covers windows operating systems, other operating systems and technologies, computer security, software troubleshooting and other topics For more details go through this link CompTIA A+ Practical Exam Cram Study Guide

CompTIA Network+ N10–007: CompTIA Network+ topics include Critical security concepts to helping networking professionals work with security practitioners, Key cloud computing best practices and typical service models, Coverage of newer hardware and virtualization techniques, Concepts to give individuals the combination of skills to keep the network resilient. For More details go through this link CompTIA Network+ Exam Cram Study Guide here on this topic it covers networking concepts, networking operations, network security, etc.,

More Info: comptia it fundamentals jobs

How to DDoS Like an Ethical Hacker

A DDoS attack is short for “Distributed Denial of Service”, and is the bigger brother of simpler denial-of-service attacks.

The point of these exercises to take down a website or service, typically by flooding it with more information than the victim website can process.

DoS attacks typically send information from only one source (think PC’s, or other internet-connected devices), but a DDoS attack uses thousands, or hundreds of thousands, of sources to flood its target. This makes it a few orders of magnitude more powerful than its smaller sibling.

This past October, a major DDoS attack occurred which put many popular websites such as Netflix, PayPal and Reddit out of service. A Distributed Denial of Service attack, or DDoS, occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

These attacks aren’t limited to major websites, either. Anybody can be a target. If DDoS attacks are one of the last things on your manufacturing mind, then now might be a good time to start preparing in case your business is targeted by cybercriminals.


More Info: how does a ddos work

Security Threat of a DDoS Attack

More importantly, in many cases a DDoS attack is merely designed to distract from other criminal activity, such as data theft or network infiltration. The attacker keeps its target busy fighting off the DDoS attack, to then sneak in a piece of malware.
Five Most Famous DDoS Attacks

In recent years, DDoS attacks have only been increasing in both frequency and severity. Here, we’ll examine five of the largest and most famous DDoS attacks.
1. GitHub: 1.35 Tbps

On Feb. 28, 2018, GitHub—a popular developer platform—was hit with a sudden onslaught of traffic that clocked in at 1.35 terabits per second. If that sounds like a lot, that’s because it is—that amount of traffic is not only massive, it’s record-breaking.

According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”

In this graph, you can see just how much of a difference there was between normal traffic levels and those of the attack:

What’s worse is that GitHub was not entirely unprepared for a DDoS attack—they simply had no way of knowing that an attack of this scale would be launched.

As GitHub explained in the incident report linked above, “Over the past year we have deployed additional transit to our facilities. We’ve more than doubled our transit capacity during that time, which has allowed us to withstand certain volumetric attacks without impact to users…. Even still, attacks like this sometimes require the help of partners with larger transit networks to provide blocking and filtering.”

More Info: dos attack vs ddos

How to know if a DDoS attack

Protocol attacks (sometimes also called state-exhaustion attacks) target a weakness in how a protocol operates. A well-known protocol attack is the SYN flood, which targets the three-way handshake mechanism in TCP. When a server receives a SYN packet, this is a signal to the server that another machine wants to open a TCP connection. The server will allocate some of its resources to this half-open connection, and send a SYN ACK packet back to the initiating machine. Under normal circumstances, the initiator will then send an ACK packet to the server, the three-way handshake is complete, and the machines will then exchange data.

US-CERT or the United States Computer Readiness Emergency Team has provided key guidelines on how to determine if an attack is imminent.
If the network performance degrades, especially when trying to open files stored on websites.
Failure to open a particular website
Problems opening any website
A higher than the customary volume of spam mail

There are newer DDoS techniques to watch out for. Such attacks include badly secured and unpatched IoT (Internet of Things) plug-and-play devices. These are highly vulnerable to traffic spikes. With threats always around the corner, network administrators and IT professionals must jointly work toward better security and DDoS mitigation. Despite the fact that several technologies exist to prevent various types of DDoS attacks, preventing one is a huge challenge.

In a SYN flood attack, an attacker sends a rapid succession of TCP SYN requests--typically from spoofed source IP addresses--to open a connection to a network server. The server sends SYN ACK packets back to the source addresses, which never reply with an ACK. The server keeps the half-open TCP connections around, using up resources, until the server is no longer able to accept any new connections.

 More Info: what is ddos

The different types of DDoS

The Mirai source code from the KrebsOnSecurity DDoS attack was leaked online after that attack and, not surprisingly, it appears that the Dyn DDoS attack was powered at least in part by the same Mirai code and vulnerable IoT devices, including webcams and DVRs. What was the motivation for the attack on Dyn? Retaliation for Dyn researcher Doug Madory's recent talk on DDoS attacks likely played a role, much as Brian Krebs was targeted after he reported on vDOS, a DDoS-for-hire service.

The power of recent attacks, the damage done, and the fact that such attacks can be conducted by small teams of adversaries or even determined individuals should serve as a wakeup call to enterprises everywhere. Companies often mistakenly assume that their Internet infrastructure is "too big to fail." They’ve purchased significant amounts of bandwidth, rarely coming anywhere near peak capacity, and they leverage service providers that can deliver more as needed. Yet the reality of a DDoS attack exceeding 620 Gbps, as was the case in the KrebsOnSecurity attack, is that any site would struggle to stay afloat. Bandwidth alone isn’t enough.

There are several types of attacks that are still in the DoS – “Denial of Services“ perimeter:
Network DoS
Applicative DoS
Network DDoS (including DrDOS)
Applicative DDoS
More Info: distributed denial of service attack

How Does a DDoS Attack Work

From one or more computers designated as the command and control (C&C) server, the attacker sends remote “launch” instructions to the bots. Collectively, these systems provide enough power to carry out massive attacks—far larger than those launched from a single source. And by using a botnet, attackers are able to hide their identity because the attack originates from many different systems that all appear to be legitimate.

It was an attack that would forever change how denial-of-service attacks would be viewed. In early 2000, Canadian high school student Michael Calce, a.k.a. MafiaBoy, whacked Yahoo! with a distributed denial of service (DDoS) attack that managed to shut down one of the leading web powerhouses of the time. Over the course of the week that followed, Calce took aim, and successfully disrupted, other such sites as Amazon, CNN and eBay.

Certainly not the first DDoS attack, but that highly public and successful series of attacks transformed denial of service attacks from novelty and minor nuisance to powerful business disruptors in the minds of CISOs and CIOs forever.

Since then, DDoS attacks have become an all too frequent menace, as they are commonly used to exact revenge, conduct extortion, as a means of online activism, and even to wage cyberwar.

More Info: distributed denial of service (ddos) attack