Chris Hare (13:55)

Foreign.

Dave Buettner (14:03)

Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Delete Me. I have to say, delete me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data privacy is protected. Deleteme's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com n2k and use promotional promo code n2k at checkout. The only way to get 20 off is to go to JoinDeleteMe.com N2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K in our recurring Certbytes segment, Chris Hare is joined by Steven Burnley to break down a question targeting the ISC2 SSCP system security certified Practitioner Exam.

Stephen Burnley (15:33)

Hi everyone, it's Chris. I'm a content developer and project management specialist here at N2K Networks. I'm also your host for this week's edition of certbyte where I share a practice test question from our suite of industry leading content and a study tip to help you achieve the professional certifications you need to fast track your career growth in IT, cybersecurity and project management. Today's question targets the ISE2 SSCP System Security Certified Practitioner exam which was updated on September 15, 2024. This exam is targeted for IT admins, directors, managers and network security professionals who have a hands on role in operational security. I've enlisted Steven once again to join us who is our resident ISC2 expert. Welcome Stephen. How are you today?

Chris Hare (16:24)

I'm doing great, Kris, thanks for having me.

Stephen Burnley (16:27)

Absolutely. So Stephen, I understand this cert requires only one year of work experience, so does that make this exam easier when compared to the CISSP and cc?

Chris Hare (16:38)

Well, I would say actually a better description would be that it fits in between those two exams. The CC exam is an attempt by ISC2 to certify almost a million IT professionals in cybersecurity and that's meant for students, industry professionals, executives, not as technical as the other two. The exam we're talking about today, the SSCP exam, will have more practical knowledge on it and the CISSP we all know is a big capstone part of any one certification path.

Stephen Burnley (17:10)

All right, great. Thank you for that. So we are going to be turning the tables again and Steven, you are asking me today's question. But first while I gather up some guts. I understand you have a 10 second study bit for this test. What do you have for us today?

Chris Hare (17:26)

Well, we just mentioned that this exam would have kind of a practical nature to it, which means it is going to have a lot of terminology and acronyms to remember. So one of the aspects of all of our study materials is a collection of flashcards. And flashcards are great for times where you need to take exams that have heavy terminology. You want to do memorization attempts on those. And also we allow you to eventually filter out the flashcards that you already know and just study the ones that are still giving you trouble. So most of our exams include over 150 flashcards.

Stephen Burnley (18:01)

Excellent. That's a really awesome tip. So, Steven, hit me with today's question.

Chris Hare (18:07)

All right, well, get ready. This is a long one. An IT security manager is struggling to keep the organization's computers in working order. He's testing updates, configuring them to be installed onto systems, and making tweaks to configuration settings to various systems as business tasks require. However, he often discovers systems which do not have the necessary updates or which are using out of date settings. This may be caused by systems being disconnected from the company network when taken into the field or used for special offline projects. Which technology should the IT security manager implement to help handle this complex issue? You don't have to have it memorized. There are four choices. Here you go. Here's your four choices.

Stephen Burnley (18:51)

Okay.

Chris Hare (18:51)

IEEE 802.1x NAC, NTP synchronization or OCSP.

Stephen Burnley (19:02)

Wow, Stephen, this is a toughie. But I do know that this is part of Understand network attacks and countermeasures. That falls under network and communications security objective, correct?

Chris Hare (19:16)

IT does. And I warned you about the acronym soup on this one. Now you wish you'd studied those flashcards.

Stephen Burnley (19:22)

Absolutely. Yes. This is going to be a challenge. So this is such a layered question with so many components. Is this typical of an SSCP question? Stephen? Do they all have this lengthy of a setup?

Chris Hare (19:36)

Yes, you can expect this type of scenario based question. It actually makes them more like real life scenarios.

Stephen Burnley (19:43)

All right, well, thank goodness you are here to help us through it today. Okay, so first it would help if I were familiar with these terms and I only have light familiarity, which means the likelihood of me getting this Wrong is almost 100%. Because this seems like a scenario based question, as you mentioned, which is simply more than just matching a term with its definition. Am I correct in assuming that, Steven?

Chris Hare (20:07)

Yes, exactly.

Stephen Burnley (20:08)

All right, so right off the bat, the often qualifier is throwing me off. Is it safe to say that there is potentially more than one correct answer out of your options, but one is the slightly better answer?

Chris Hare (20:23)

Well, all right, let me give you some hints. All the options are protocols, but three of them are security protocols. The IEEE has to do with user authentication and access. NAC is a broad security framework that includes quarantine features. NTP has to do with clock synchronization for audits and logging. And OCSP has to do with validating digital signatures. Maybe that'll help?

Stephen Burnley (20:50)

I think so. That's really good context and also a great way for a student to isolate their answer choices. So given what you said against the question which asks specifically about network systems being disconnected and not getting the necessary updates, I'm going to rule out ieee which is isolated to User Authentication and access. You said NAC is a broad security framework that includes quarantine features and I think you're trying to give me a hint there, so let's hold on to that one. NTP is regarding syncing clocks, which does not seem to be the issue here, and OSCP has to do with digital certs, which is not the situation that you're describing either. So I am going to go with bnac, am I right?

Chris Hare (21:39)

That is correct. Excellent work. The NAC the Network Access Control should be implemented in this scenario. When a system is determined by NAC to lack the specific configuration settings or missing a required update, the system will be quarantined. NAC quarantine is an isolation triggered by a system being out of compliance. It usually involves shifting IP address assignments to place the system in a quarantine subnet where that system is only able to access the remediation server. Quarantine remediation can be performed automatically or it may require an administrator to perform manual operations. Once the system is brought into compliance, then it's returned to the production network. This technology ensures not only will systems have the current configuration, but also the updates updates that they need to interact with the production environment. Now you're right about that. IEEE 8021X that is a port based network access control which is used to leverage authentication already present in the network to validate clients connecting over hardware devices such as wireless access points or VPN connectors. The purpose of the IEEE 8021X is to avoid the use of on device static password authentication, which is a very weak form of authentication. The 8021x standard allows existing multi factor or otherwise robust network authentication to be ported or proxied for use onto various hardware software connection options. Online Certification Status Protocol OCSP is a communication query system employed by modern certificate authorities to inform endpoints of the revocation status of digital certificates. OCSP enables endpoints to obtain real time revocation status without significant bandwidth consumption. OCSP replaced an older concept known as the certificate revocation list and the network time protocol. NTP synchronization is the means by which clocks on various systems are brought into alignment. It's essential that all internal systems have synchronized time. The synchronized time is typically synchronized to some sort of world time source. This helps to ensure that all logs and audit trails are in harmony in order to make investigations or historical research into a chronological order of events practical and easier.

Stephen Burnley (24:04)

Well, that is an awesome question, and thank you so much for that detailed explanation. One thing's for sure, I would have never gotten that one right without your help. So appreciate your being here today. Steven. Are there any upcoming ISE2 or other practice tests you'd like to promote here?

Dave Buettner (24:20)

Actually I do.

Chris Hare (24:22)

There is an update to the CISSP exam coming in early 2025 and we just updated the framework for the Cisco Certified Network Associate or CCNA EX just this past September. We're also creating a ton of more updates for Microsoft, Comptia and Amazon exams coming in the new year, so take a look at our website for those.

Stephen Burnley (24:45)

Great. Thank you so much, Stephen.

Chris Hare (24:47)

Well, thanks for having me, Chris, and.

Stephen Burnley (24:49)

Thank you for joining me for this week's CertFight. If you're actively studying for this certification and have any questions about study tips or even future certification questions you'd like to see, please feel free to email me at certbite2k.com that's C-E-R-T B Y T E n2k.com if you'd like to learn more about N2K's practice tests, visit our website at n2k.com certify for more resources, including our new N2K Pro offerings. Check out thecyberwire.com pro for sources and citations for this question. Please check out our show Notes Happy Certifying.

Dave Buettner (25:36)

And don't forget to check out N2K's system security certified Practitioner Practice Test on our website. Foreign and now a message from our sponsor, Zscaler, the leader in cloud security Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools, it's time to rethink your security. Zscaler Zero Trust AI stops attackers by hiding your attack surface making apps and IPs invisible eliminating lateral movement Connecting users only to specific apps, not the entire network Continuously verifying every request based on identity and context Simplifying security management with AI powered automation and detecting threats Using AI to analyze over 500 billion daily transactions hackers can't Attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@Zscaler.com Security.

Chris Hare (27:15)

This episode is brought to you by Nerds Gummy Clusters, the.

Stephen Burnley (27:17)

Sweet treat that always elevates the vibe.

Chris Hare (27:20)

With a sweet gummy surrounded with tangy, crunchy nerds. Every bite of Nerds Gummy Clusters brings.

Stephen Burnley (27:25)

You a whole new world of flavor.

Chris Hare (27:27)

Whether it's game night, on the way.

Stephen Burnley (27:28)

To a concert, or kicking back with your crew, unleash your senses with Nerds Gummy Clusters.

Dave Buettner (27:40)

And finally, Russia has unveiled sweeping cybercrime reforms aiming to crack down on hackers with harsher penalties, asset seizures, and even public trials. Under the new laws, hackers could face up to 15 years in prison, lose their crypto stashes, and be banned from IT jobs for a decade. Banks can freeze cybercriminals accounts instantly, and government agencies gain expanded surveillance powers to protect citizens. Totally not for spying, of course. The plan includes public trials, which officials claim will deter crime, though critics worry they could expose security weaknesses. Meanwhile, Russia is demanding faster extraditions, a move that might strain diplomatic ties with countries hesitant to send hackers back home. Whether these measures actually reduce cybercrime or just increase state control remains to be seen. But the world is watching, and that's the Cyberwire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester, with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.

Chris Hare (29:54)

Sa.