Skills to Master for the New CompTIA A+

What’s new in the CompTIA A+ certification exam?

The new CompTIA A+ exam requires IT specialists to exhibit more knowledge on networking, cloud computing, and virtualization than previous exams. The prior emphasis on hardware and Windows software is now balanced with these additional focus areas:
IT security fundamentals, including physical security versus logical security, as well as topics like malware detection and removal
Configuration and support of IoT hardware and knowledge of related network protocols
Managing network and device connectivity
Scripting basics so that specialists can readily identify malicious code
Handling privacy concerns, especially around GDPR
Basic disaster prevention and recovery
9 Skills to master for the CompTIA A+ 1001 and 1002 exams

The two CompTIA A+ exams cover high-level domains foundational for IT specialists. Those domains are then broken down into much more detailed subdomains. The exams themselves are a mix of multiple-choice and scenario-based questions to help visualize the real-world application of common technical issues. Each exam is comprised of 90 questions which must be completed in 90 minutes.

CompTIA Network+ Certification

Taking this course helps students prepare for the N10-007 exam and certification. Students learn about the basic network theory concepts, major network communications methods, troubleshooting network issues, and more. CompTIA A+ is a suggested prerequisite for Network+. This class will take students 5 days to complete, with a better understanding of Network+ and enough practice to help with the certification exam. Learn more here.

Here are the 9 skills areas to focus on as you prepare for the new CompTIA A+ exams, which I cover in detail in my courses for the CompTIA A+ 1001 exam and the 1002 exam.
More INfo: what can you do with an a+ certification

CompTIA A+ Certification to a Better Career!

Certifications and qualifications lead to better job security. They also mean better career opportunities and higher pay rates.

For companies, certified workers mean better credibility among customers and increased productivity. But how does one differentiate among the myriad of trainings and courses available out there?

As cybersecurity becomes a more pressing concern in almost every industry, the demand for qualified information security professionals is growing. But pushing ahead in a cybersecurity field often means getting certified. While there are many different certifications available, many cybersecurity professionals choose CompTIA Security+ as a starting point. For years, CompTIA offered the Security+ sy0-401 certification. However, as cybersecurity needs have evolved, the set of skills required for starting positions in the field has changed, and to stay relevant, CompTIA had to adapt their Security+ certification. They retired the English version of the sy0-401 exam as of July 31, 2018, replacing it with a new version, CompTIA Security+ sy0-501.

The Demand of Information Technology

Even in these tough economical times, Information Technology (IT) has become a rapidly growing field. The IT industry is wide, and there are many people out there calling themselves IT professionals. So how do you differentiate yourself from the rest of the pack?

CompTIA certifications are your answer to these burning questions. These certifications not only confirm your skills but also give you a professional edge.

CompTIA certifications are internationally trusted, and there are more than 80,000 CompTIA certified computer technicians all over the world. These certifications are created in accordance with industry standards. Industry experts from public and private sectors are consulted when creating the training matter. Large international focus groups are engaged, and government and academic subject experts from around the world are invited to write and appraise the exams.

More Info: comptia a+ jobs near me

The Evolution and Future of Cybersecurity

It’s hard to believe that it's been 20 years since I got my first office-issued Blackberry. Or, it might be more accurate to say, I was rewarded with the Blackberry. When I was handed that device, it felt like I had finally made it in my career and was getting a rare badge of honor that came with that success. I'd proven my ability to the company, which also meant that I'd proven to IT that I could be trusted not to compromise this treasured, cutting-edge mobile device.

Now it's 2020. Rapid advancements in enterprise technology and equally significant shifts in how people interact with it in their everyday lives have meant a few different things. End users now have an unprecedented level of knowledge about how to use technology and, even if they don't have explicitly technical skills, are using numerous sophisticated devices to perform daily tasks at work and at home.

The technology itself, its potential and the way it is implemented has begun to diverge from its familiar on-premise incarnations. And perhaps paradoxically, at a time when it has never been more important for IT departments to ensure cybersecurity, the preceding factors have made it infinitely more challenging.

By looking at a new framework for understanding how end users relate to technology and to the IT department, and seeing where things go wrong when companies try to implement old-school thinking in the new world of cybersecurity, we'll have a better idea of what it this all means for the IT pros working to manage and secure infrastructure.

In retrospect, the Blackberry was hardly a powerful device. The lengths I had to go to to get one, though, were no joke. Back in 2000, internet access at work was a privilege, not a right. The IT team exercised meticulous control over everything from the provisioning of machines to what each person was allowed to do. People had to petition to be allowed to connect to the internet. Getting a laptop from which to login remotely via VPN was often a C-level perk or only available under the most dire circumstances – an illness, necessary remote IT support or an earthquake!

More info: comptia it fundamentals salary

UNDERSTANDING HARDWARE COMPTIA A+

Compare and contrast various RAM types and their features.
What is important here is to understand that not every ram is the same and getting them mixed up can damage them. You will need to know SDRAM, DDR, RDRAM, SODIMMS and DIMMS. You’ll need to know about the memory speed, CAS Latency and the different types of Cache.

Install and configure PC expansion cards.
Peripheral Component Interconnect Express. You have the PCI (take off the express part), PCIe x1, PCIe x4, PCIe x8, PCIe x16. You don’t need to go so far as to learn the pinouts but you certainly need to understand that they all have different power draw limits.
90 Minutes to Mastery

In information technology (IT), having a CompTIA Security+ certification is definitely an advantage. You earn your certification by demonstrating mastery of the skills and knowledge that, as CompTIA puts it, “covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography.”

At 90 minutes for 90 test items (multiple choice and performance-based questions), the $311 exam is not to be taken lightly. The performance-based questions (PBQs), for example, use realistic simulations of various software and programming environments. You have to actually perform tasks. The CompTIA website provides as a sample task the quick formatting of a drive in a Windows 8.1 environment.

Install and configure storage devices and use appropriate media.
Making sure you have enough storage for your games is almost as important as understanding that the different kinds of disks will impact the speed of your games. Learn about IDE, SATA and RAID. What the differences are and for RAID make sure you understand what each level does.

Install various types of CPUs and apply the appropriate cooling methods.
Know about Land Grid Array (LGA) and Pin Grid Array (PGA). Understand about thermal paste, how to apply it and why you should.

More Info: a+ jobs near me

CompTIA Certification: Benefits

CompTIA is a global provider of vendor neutral IT certifications, such as the popular A+, Network+, Security+ certifications. Most, if not all, CompTIA certifications are entry-level attracting students and those new to the IT field.

People who highlight their career credentials, such as CompTIA certifications, on their LinkedIn profile get six times more profile views than people who don’t, according to LinkedIn. Additionally, individuals who list their certifications get six times more inbound inquiries through LinkedIn that those who don’t have certifications listed.

“This enhanced listing functionality helps our certification holders raise the level of their credibility and visibility with prospective employers, recruiters and partners,” said Randy Gross, CIO, CompTIA.

In the first few days that the feature was available, nearly 1,200 CompTIA certification references were added to their LinkedIn profiles by certification holders.

“Hiring managers and HR professionals believe having IT job candidates with industry certifications saves time and resources in evaluating applicants, ensures a candidate’s credibility and demonstrates that they have a baseline set of knowledge,” Gross noted.

The biggest benefit of CompTIA certs is that they're not bound to a specific technology, like Microsoft, Cisco, VMware or other vendor specific certifications. They're also a good way for beginners to get a start in the IT field.

More INfo: a+ jobs near me

CompTIA Security+ Salary Overview

As an entry-level credential, Security+ is frequently one of the first certifications obtained by aspiring IT security professionals. It validates that a candidate possesses the knowledge and skills to fulfil a variety of junior and entry-level security related roles, such as penetration tester, junior IT auditor, and systems, network or security administrator. Security+ skills are also used by security specialists, engineers and security consultants.

According to the May 2017 BLS Occupational Employment and Wages (BLS wage) report, the national mean wage for security analysts is $99,690, with the top ten percent earning more than $153,000. There are a number of factors — specific job role, years of experience, industry sector and geographic location, for example — that influence individual salaries. The report notes that IT security employment rates are highest in Virginia, California, Texas, New York and Florida. On the other hand, if you’re looking for top earning power, then the District of Columbia, New Jersey, New York, Virginia and Maine are the big winners. (Similarly, Global Knowledge’s 2018 IT Skills and Salary Report says that survey participants in the south and northwest earned lower salaries, and higher salaries were reported in the eastern states.)

The BLS report also indicates that the top five paying industries for IT security professionals are (1) Wholesale Electronic Markets and Agents and Brokers; (2) Securities, Commodity Contracts, and Other Financial Investments and Related Activities; (3) Scientific Research and Development Services; (4) Utility System Construction; and (5) Legal Services. Please refer to the May 2017 BLS Occupational Employment and Wages to learn more about security job opportunities and salaries in your location and industry.

To provide typical salaries for some of the various Security+ job roles, I conducted a salary search on SimplyHired (a popular job board). As noted above, many factors influence an individual’s salary, but the table below provides an example of what wages different security-related roles command.

More Info: a+ certification salary

About CompTIA Security+

Globally recognized, CompTIA is one of the world’s largest IT trade associations. A leader in vendor-neutral certifications, CompTIA has awarded more than two million certifications since its inception in 1993. Currently, it offers 13 vendor-neutral credentials across four focus areas: core skills, infrastructure, cybersecurity and other professional skills (project management or training, for example).

One of CompTIA’s most popular certifications to get, the CompTIA Security+ credential is part of CompTIA’s Core certification portfolio, which includes the IT Fundamentals+, A+, and Network+ credentials. Security+ builds on the technical and networking skills gained through the A+ and Network+ certifications. Both A+ and Network+ are recommended prerequisites for the Security+ certification, along with two years of security-focused IT administration experience.

An entry-level credential, Security+ is ideal for individuals seeking to establish themselves as IT security professionals. The certification targets IT professionals who troubleshoot, configure and manage networks. It not only validates a candidate’s knowledge of core cybersecurity topics, but also their ability to perform core cybersecurity tasks. Security+ credential holders are able to identify and solve security issues and are well-versed in managing and mitigating risks and detecting threats.

The latest version of the certification exam is sy0-501. Like many other certifications, Security+ is valid for a limited period of time and requires continuing education for each renewal.

More Info: comptia a+ salary

Focus on Technology Overrated

Overrated/Underrated is a monthly column featuring CompTIA members and experts sharing which tech trends are getting more buzz than they might deserve and which ones aren't getting enough. This month, we talked to Tony Francisco, CEO of CloudPlus, a private-labeled hosted-services platform developed entirely around the end-user experience.

And so just as state and local municipalities have become favored targets over federal government agencies, there is a growing concern among small and medium-sized businesses (SMBs) in verticals adjacent to big business or in sensitive areas like health care that their IT operations are in the crosshairs of some very powerful, very well-funded criminals.

What does this mean for the cybersecurity pro? In one word: stress. There’s a whole world of concerns weighing down on businesses, and those who secure the tech infrastructure are undoubtedly feeling it.

As higher-level cybersecurity threats continue to fall into the laps off smaller companies and their cybersecurity staff, the Exabeam Cybersecurity Professionals Salary, Skills, and Stress Survey revealed that last year 62% of cybersecurity pros reported being stressed or very stressed at work, with 44% stating they are unable to achieve any work–life balance at all.

Such numbers can look scary, especially for those looking to get into cybersecurity. But as we dig deeper into the Exabeam survey, we can find both distinct advantages to working in cybersecurity and methods to ease the stress it creates.

Overrated: Technology

The concept of technology itself can sometimes be overwhelming and misleading—especially if it adds nothing of real value. Tony Francisco, CEO of CloudPlus and member of CompTIA’s Channel Advisory Board, believes technology is simply a tool to automate what’s being done manually, and the real focus should be on how the channel enhances the end-user experience.

More info: computech a+ certification

the Right Solution For Your Business

Traditional IT security
In the traditional IT framework, businesses used to purchase, install, and maintain your IT devices on-site. For years, the traditional cloud has been used by businesses to collect, store and manage the data for various operations.

CompTIA lists the question types as being either multiple choice or performance-based. The possibility of various question types may cause some anxiety as some people worry about the possibility of several elaborate performance tasks on the exam. Relax. All security practitioners should be able to configure basic access control lists and firewall rules, syslog, SSH connections, and SNMP. This is a vendor-neutral exam so there will not be any complex configurations beyond the fundamentals.

I strongly recommend you know how to configure an IPsec IKEv1 site-to-site VPN with pre-shared keys between two routers. Even if you do not use it in the exam, it is a valuable skill since so many organizations use solutions like Amazon Web Services (AWS).

Also, be aware that the “use of open-source intelligence” exam objective does not refer to using open-source code. Do yourself a favor and search the web for “OSINT” before the exam.

Although cryptography and PKI are only about 12% of the exam, I recommend watching “The Art Of the Problem” videos from Brit Cruise on YouTube to help prepare for that bank of questions. AES-GCM-128 (or 256) and elliptic curve are also very popular algorithms and modes, so make sure you have those bases covered.

Furthermore, the traditional cloud would allow you to choose a security plan for data security. In other words, you can have the freedom to decide which security device you will purchase to manage and defend your data from the possible threats. Also, you will be responsible for responding to the threats and maintaining the disaster recovery plan.

More Info: a+ certification job opportunities

Why should I get CompTIA A+ certified?

CompTIA A+ is a certification for computer support and repair technicians. It is meant to measure competency with computer hardware and software equivalent to 9 to 12 months of on-the-job-experience as a computer support professional.

CompTIA A+ Certification shows employers that you have the skills and experience required for a variety of entry-level computer support positions such as Support Specialist, Field Service Technician, Desktop Support Analyst, and Help Desk Support. Such positions pay at least $45K a year in most areas, and don’t always require a 4-year college degree.

The basic structure of the A+ qualification is unchanged. After completing this course, students will be able to:
Identify types and characteristics of PC components, including motherboard, CPU, memory, and storage, input, and output devices
Install and configure peripheral devices
Identify types and characteristics of portable computers
Install and configure commonly used operating systems
Perform basic PC maintenance and troubleshooting
Understand fundamental principles of securing IT systems and working safely
Communicate effectively with customers
Install and configure print and imaging devices
Understand fundamental principles of implementing LANs and internet access

CompTIA A+ certification can also be a good starting point for additional certification and training that can lead to more senior positions. After you complete your CompTIA A+ certification, you may wish to explore CompTIA Network+ training, for example, or a Microsoft Certified Systems Engineer (MCSE) certification.

More Info: comptia a+ certification jobs

CompTIA qualifications

Just like producing a fine wine, it can take a long time for an IT qualification to become recognised and valued by individuals and employers. This is not a bad thing, as the IT industry has historically been littered with ‘print your own certificate’ schemes that are not worth the paper they are written on.

The most respected global IT qualifications are awarded by organisations that include Microsoft, Cisco, CompTIA, EXIN, APMG, BCS, ISACA and (ISC) 2. In addition to the heritage of their training schemes, each of these companies has delivered reliable and updated content, together with exams that are certificated by independent third parties (US and UK governments, ISO 17024).

Who are CompTIA?

CompTIA (Computing Technology Industry Association) is a pre-eminent training organisation best known for its ubiquitous A+, Network+ and Server + qualifications. The organisation was originally founded in 1982 in the US as the Association of Better Computer Dealers (ABCD). In 1992, ABCD changed its name to CompTIA and expanded its scope of activities to include public advocacy, liaison with government and the education of IT professionals.

More Info: comptia a+ careers

Most Valuable IT Certifications

IT certifications can open many doors throughout your career, especially when you’re searching for your next opportunity. Recruiters and hiring managers tend to look at the Certifications section of a tech resume before anything else.

Why? They want candidates with up-to-date knowledge, and IT certifications quickly show them a person’s mastery of a particular technology or practice — from help desk basics to mastery of complex cloud environments.

So whether you’re a recent graduate or seasoned tech specialist, preparing for and attaining a certification is a great way to expand your skill set, impress prospective employers and stand out from the crowd.

For the most part, the 900 series A+ remains the same as the older version. The following points are what changed between the 800 and 900 series exams:
220-901 Topics
No CRTs: You may see it in your study guide, but nothing more than minor adjustments with the screen controls. I did not encounter CRTs on my particular exam
No RAMBUS RAM
More focus on printers, specifically virtual printers
UEFI BIOS is new
No AGP: You may notice it on past study materials
PCMCIA removed
802.11ac WiFi now included
Mobile devices, in particular Windows phone is new
Command line tools
More Info: jobs with comptia a+

What You Need To Know About CompTIA

Back in the 1980s, IT certifications were issued by particular manufacturers and were only truly relevant to their specific systems. While there was some overlap between the certifications, IT workers still had to be certified separately for Dell, Compaq, IBM, Macintosh, and so on.

This certification regime was both inefficient and costly, forcing IT pros to pay fees to multiple organizations. CompTIA is the largest non-vendor issuer of IT certifications in the world, and the second largest overall after computing giant Microsoft.
The important features of Exam Simulators are given below:
Conforms to the latest exam objectives
Up to date practice questions with detailed explanations.
Immediate online activation.
Integrated Test Engine with online feedback
Verify for any product updates.
Complete explanation is provided for each question in Learn mode
Simulates actual test surroundings in exam mode.
Store and view results at a later date, or review answers.
Supports several question types including multiple choice, true/false, fill-in-the-blanks, drag-n-drop, etc.
Flash cards.

Each year, CompTIA certifies around 160,000 people and issues hundreds of Trustmarks to channel organizations. Part of CompTIA's success lies in the fact that, prior to their existence, getting certified as an IT professional was an unwieldy affair.

This also meant it was cost-prohibitive to get a certification on your own; it was much more difficult to get a certification before you were hired by a company willing to put up the money to pay for it.


More Info: a+ network+ security+ jobs

How I Passed the CompTIA A+

The CompTIA A+ certification 900 exam series will retire on July 31st, 2019. You can either prepare for the 220-901 and 220-902 exams or opt for the recently released 220-1001 and 220-1002 versions. This blog post applies to the 900 series, but the information and advice is also relevant for the newest exams. If you have a little prior experience, you can earn your A+ very quickly. I updated my A+ certification in after only six days of studying for the 900 series exams.The exams seemed even easier than before. This blog post recaps when I learned, what you should expect, and tricks to watch out for.

That’s because cybersecurity is no longer just about deploying the right malware scanner or correctly configuring a firewall. Keeping any organization safe is about setting standards for how people use networks and applications, who can access them, how they’re architected and a long list of other controls.
It’s this complex matrix of relationships between people, process and technology that Hodson analyzes and communicates to make sure any enterprise he works with meets the world of cyber-threats with a comprehensive stance.

It’s high-level stuff. But Hodson’s combination of high-tech understanding, strategic acumen and futuristic foresight are all rooted in IT basics. At their foundation is the CompTIA A+ certification.

More Info: jobs for a+ certification entry level

How does a DDoS attack work

An attacker gains control of a network of online machines to carry out a DDoS attack. Computers and other machines (such as IoT devices) are infected with malware, turning each one into a bot (or zombie). The attacker controls the group of bots, which is called a botnet.

After establishing a botnet, the attacker directs the machines by sending updated instructions to each bot using remote control. A targeted IP address may receive requests from a multitude of bots, causing the targeted server or network to overflow capacity. This creates a denial-of-service to normal traffic. 

Because each bot is a legitimate Internet device, separating the attack traffic from normal traffic can be difficult.Distributed denial of service incidents are closely associated with botnets, where hackers take over command and control of thousands of Internet-connected devices, and then in coordinated attacks, direct all of those devices to simultaneously send requests to the target. In recent years, however, hacktivist groups and crime organizations have increasingly begun using attack tools that are easy to obtain and simple to use. 

These D DoS attack applications, such as WebHive LOIC, originated as tools for cybersecurity professionals to perform “stresser” testing on websites. In standalone instances, they are not capable of carrying out a serious DDoS attack. However when multiple stresser applications are coordinated together, whether through a botnet or via cloud service, these attack tools can take large commercial websites offline for extended periods.

More Info: how do you ddos

WordPress DDoS protection methods.

DDoS attacks are much more frequent than you might think. In the first half of 2019, DDoS attacks increased by 39 percent in comparison to 2018, which itself saw millions of attacks. Their potency is also increasing dramatically, with attacks of over 500 gigabytes per second (Gbps) becoming more and more common.

Attackers use malware or unpatched vulnerabilities to install Command and Control (C2) software on user’s systems to create a botnet. DDoS attacks rely on a high number of computers in the botnet to achieve the desired effect, and the easiest and cheapest way to get control of that many machines is by leveraging exploits.

The DYNDNS attack exploited WIFI cameras with default passwords to create a huge botnet. Once they have the botnet ready, the attackers send the start command to all of their botnet nodes, and the botnets will then send their programmed requests to the target server. If the attack makes it past the outer defenses, it quickly overwhelms most systems, causes service outages, and in some cases, crashes the server. The end-result of a DDoS attack is primarily lost productivity or service interruption – customers can’t see a website.

The targets for these attacks aren’t only large websites. Even smaller sites can be affected by attackers seeking to collect a ransom. This makes WordPress DDoS protection almost a necessity, more than a precaution.

More Info: how do you ddos

require a DDoS mitigation strategy?

Some industries, most notably the financial sector, already established formal requirements for DDoS mitigation. The Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Handbook on Business Continuity Planning outlines six steps they expect member institutions to take to proactively address DDoS risks.

While there is no standard way to classify DDoS attacks, one of the systems in use divides them into volumetric, protocol, and application attacks.

Volumetric attacks, which are believed to comprise more than 50 percent of attacks launched, are focused on filling up a victim's network bandwidth. Among the most common volumetric attacks are User Datagram Protocol (UDP) flood attacks, where an attacker sends a large number of UDP packets to random ports on a remote host. UDP floods accounted for approximately 75 percent of DDoS attacks in the last quarter of 2015, according to the Versign DDoS Trends Report.

Even if your industry or organization doesn’t require a DDoS mitigation plan, it certainly won’t be long before requirements are defined. It can’t hurt to investigate these burgeoning requirements in advance, as compliance regulations are both time-consuming and technically dense.

More Info: ddos attack meaning

DDoS how does it work?

The phenomenon amplified terribly over the last few years. With attacks more and more numerous and traffic volumes that become more and more massive (for those concerning the network), the traffic of the attacks reaches several hundred Gigabits per second. These attacks can touch any service: emails, SSH, Web, etc… But the Web is most targeted. For instance, the famous attacks against Cloudflare and Spamhaus perfectly illustrate the acceleration of this tendency.

The paid DDoS service is currently offering HTTP (GET, POST), Download, ICMP, UDP, and SYN flooding features, using what they’re pitching as private tools operated by expert staff members. Before a potential customer is interested in purchasing a DDoS attack for hire, the service if offering a 15 minute test to the customer in order to prove its effectiveness.

How much do these DDoS for Hire services cost?
The price for 1 hour or DDoS attack is $5
The price for 24 hours of DDoS attack is $40
The price for 1 week of persistent DDoS attack is $260
The price for 1 month of persistent DDoS attack is $900

On the victim’s side, Neustar report shows that the estimated cost of a DDoS was in average, between 7.000 and 40.000 € per hour, or even more for the big sites. The attacks became a weapon of unfair competition, a method to obtain a ransom, a gag on the newspapers that bother a hacker, and globally a method of online nuisance almost intractable. In 99% of cases, the origin of a DDoS is never known and its author never sued.


More Info: types of ddos attacks

types of DDoS attacks

As the name implies, a denial-of-service attack is an attempt by attackers to keep users from accessing a networked system, service, website, application, or other resource. The attack typically makes a system slow to respond, or it can disable the system entirely.

An attack that originates from a single source is called simply a denial-of-service (DoS) attack. However, far more common today are distributed denial-of-service (DDoS) attacks, which are launched at a target from multiple sources but coordinated from a central point. Distributed attacks are larger, potentially more devastating, and in some cases more difficult for the victim to detect and stop.

There are three primary classes of DDoS attacks:

• Volume-based attacks use massive amounts of bogus traffic to overwhelm a resource such as a website or server. They include ICMP, UDP and spoofed-packet flood attacks. The size of a volume-based attack is measured in bits per second (bps).
• Protocol or network-layer DDoS attacks send large numbers of packets to targeted network infrastructures and infrastructure management tools. These protocol attacks include SYN floods and Smurf DDoS, among others, and their size is measured in packets per second (PPS).
• Application-layer attacks are conducted by flooding applications with maliciously crafted requests. The size of application-layer attacks is measured in requests per second (RPS).

More Info: how do ddos attacks work