It is day 4 of 31 days to exam.  I am planning on sitting for Cisco’s Security Fundamentals Exam (e.g., SECFND  210-250 and SECOPS 210-255) at the end of the 31 days, which is overdue.  Two exams are required to achieve Cisco’s CCNA Cyber Ops Certification. For many -like myself- transitioning from content development to IT Security, cybersecurity certifications are deemed necessary.  Cisco’s Global Cybersecurity Scholarship Program had been a great tool in bridging the gap between hash algorithms, network applications and attack vectors. The challenges are few, yet they are not impossible to overcome.  Two challenges are expressed in this blog. The first challenge is choosing a play book or plan of action.  There are about 70 questions on the SECFND exam and the exam topics are known and weighted. While each exam topic is weighted, the best plan of action is to review topics extensively with the highest weights (i.e., attack methods -21%, security monitoring-19% and host-based analysis-19%). Or, higher weighted topics should produce the more questions.  Based on hypothetical conjecture, the three topics mentioned above will produce about 41.3 questions on the exam.  The extra effort produces hopefully a higher than average score.   Over several months, Ares Cyber Security blog-my blog-has uniquely researched cyberattacks to identify attack vectors, reveal detection time (i.e., dwell time) and threat actors.  The next challenge is recognizing an attack or a vulnerability when applicable. Some cyberattacks and data breaches are easier to identify than others.  An email data breach occurred after Paul H. Green Jr. was fired from Parker & Green, P.A according to Weiss.  Green, a Jacksonville Lawyer, had changed the password on the firm’s email accounts after termination, redirecting all emails to himself.  In exchange for restoring Green’s cellphone, the firm had negotiated the release of their email accounts. The negotiation was temporary after Green started redirecting emails again.  The Florida Bar had filed a complaint in the Supreme Court of Florida against Green on June 22, 2018.  Email data breaches are vulnerable due to the human error and unintentional according to Tim Sadler of Tessian.  Furthermore, Sadler’s article emphasizes the need for security awareness training.  Another potential email data breach occurred between September 30 and October 01, 2018.  The Girl Scouts of Orange County email accounts were breached, and a third party was authorized to access accounts.  The third party had authorization to use the email account to send messages according the Vice President of Mission Operations, Christina Salcido.  Finally, as a content developer for more than one year, there is an advantage that can be negotiated: writing IT security infrastructure documents.

^{Resources:
“250-210 SECFND.” Cisco.com, https//www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/secfnd.html. Accessed 15 October 2018.
GitHub Inc., https//github.com/vz-risk/VCDB/issues/12444. Accessed 29 October 2018.
GitHub Inc., https//github.com/vz-risk/VCDB/issues/12445. Accessed 29 October 2018.
Reyes-Velarde, A. “Data breach may have exposed personal information for thousands of Girl Scouts.” 25 October 2018, Latimes.com, http//www.latimes.com/local/lanow/la-me-ln-girl-scouts-data-breach-20181025-story.html. Accessed 29 October 2018.
Sadler, T. “2017: The Year of Email Data Breaches.” 23 January 2018, Infosecurity-magazine.com, https//www.infosecurity-magazine.com/opinions/2017-email-data-breaches/. Accessed 29 October 2018.
The Florida Bar v. Green Jr. 2018-00, 145 (4C). 2018-00, 215 (4C). Supreme Court of Florida (Before a Referee). 2018. E-Filed. https//efactssc-public.flcourts.org/CaseDocuments/2018/1004/2018-1004_Petition_70177_COMPLAINT.pdf. Accessed 29 October 2018.
The People Speak! Leaving a data trail. 14 March 2018. https//www.flickr.com/photos/saulalbert/40096158694/in/photostream/. Accessed 29 October 2018.
Weiss, Debra. C. “Lawyer begins 60-Day suspension for hijacking former firm’s email account, derogatory Facebook post.” 23 October 2018, AbaJournal.com, http//www.abajournal.com/news/article/lawyer_begins_60_day_suspension_for_hijacking_former_firms_email_account_de/?utm_source=maestro&utm_medium=email&utm_campaign=weekly_email. Accessed 29 October 2018.}