Share
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Manage episode 515191305 series 2820603
Content provided by Juan Rodriguez - CompTIA Exam Prep Professor. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Juan Rodriguez - CompTIA Exam Prep Professor or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Preparing for your CompTIA Security Plus exam? In this episode of Technology Tap: CompTIA Study Guide, we dive into cybersecurity fundamentals by hunting weak spots in small business, nonprofit, and home networks. Whether it's an old router, a forgotten Windows box, or misconfigured settings, we explore real vulnerabilities you need to spot early. This tech exam prep episode offers a clear playbook to find and fix these security issues fast—without the need for an enterprise budget. Perfect for anyone looking to strengthen their IT skills development and deepen their technology education.
We start with the quiet culprits: end‑of‑life operating systems, abandoned firmware, and default passwords that ship on printers, cameras, and routers. You’ll hear why isolation, segmentation, and least privilege are lifesavers when replacement isn’t an option. From ransomware on aging desktops to misconfigured cloud shares that leak donor lists, we connect everyday scenarios to practical countermeasures like MFA, strong crypto, key rotation, and simple access reviews.
Then we go deeper into application and web risks—SQL injection, XSS, CSRF, race conditions, buffer overflows—and how attackers exploit timing and input validation gaps. We break down supply chain threats, where a compromised plugin server can Trojanize an entire customer base, and show how to vet vendors with a software bill of materials and clear service level terms. You’ll also get a workable monitoring routine: weekly vulnerability scans (credentialed and non‑credentialed), reputable threat feeds like IBM X‑Force and Abuse.ch, and dark web awareness for leaked credentials.
To round it out, we map a no‑nonsense remediation loop: discover, analyze, fix, verify, repeat. Learn to use CVE identifiers and CVSS scores to prioritize by risk and business impact, spot false positives and negatives, and handle patches that break production with rollbacks and compensating controls. Along the way, we share a memorable bug bounty story that proves anyone—even a kid—can help make the internet safer. Subscribe for more practical cybersecurity, share this with someone running on “set it and forget it,” and leave a review telling us the one update you’re making today.
Art By Sarah/Desmond
Music by Joakim Karud
Little chacha Productions
Juan Rodriguez can be reached at
TikTok @ProfessorJrod
[email protected]
@Prof_JRod
Instagram ProfessorJRod
Chapters
1. Cybersecurity Fundamentals: Hunting Weak Spots | CompTIA Study Guide Chapter 8 (00:00:00)
2. Welcome And Today’s Focus (00:00:27)
3. Defining Vulnerabilities With Real Examples (00:01:05)
4. Legacy And Firmware Risks (00:02:10)
5. Zero Days And Preparation (00:03:23)
6. Misconfigurations And Human Error (00:04:13)
7. App And Web Vulnerabilities (00:05:10)
8. Cloud Pitfalls And Supply Chain (00:06:09)
9. Scanning And Threat Intelligence (00:06:45)
10. Pen Testing, Bounties, And Audits (00:07:46)
11. Prioritizing Fixes With CVE And CVSS (00:08:48)
12. Quiz: Zero Day Fundamentals (00:10:05)
13. Quiz: False Positives Explained (00:12:02)
14. Quiz: Ranking Severity With CVSS (00:13:35)
15. Quiz: Least Privilege In The Cloud (00:14:23)
16. The FaceTime Bug Bounty Story (00:16:20)
17. Why Updates Matter Everywhere (00:19:25)
18. Culture, Backups, And Small Biz Reality (00:22:00)
19. Closing Thoughts And Contacts (00:23:02)
108 episodes
))
