March 27, 2019
Testing Center Tips at Intellectual Point!
Be sure to watch our Study Tip videos for helpful information. We are proud to help you get ready for the test. Once you are ready here are some helpful check-in tips:
  • You will be required to check in at the reception desk where you will present your two (2) forms of valid, original identification 

  • The testing center staff will verify your appointment time, identity, take your photo, and collect your signature on an electronic signature pad.

  • The Testing Center Administrator will provide you with a locker and key to store all of your personal belongings after check in. You may not bring any personal belongings into the testing room.

  • This includes, but is not limited to the following:
  1. Mobile telephones
  2. Blue Tooth headphones
  3. PDAs
  4. Handbags
  5. Books
  6. Paper
  7. Drinks and food of any kind
  8. Medicines
  9. Pens, pencils, markers

  • Once check in is complete you will either be asked to wait in the reception area or you will be escorted into the testing room.

  • You will be admitted into the test room and assigned a testing station with a computer, mouse and keyboard. The Testing Center Proctor will log you into the testing station and you will be ready to start the exam
  1. No additional material such as handheld calculators, pen and paper will be provided.
  2. The exam will have an onscreen standard function calculator available for use.
  • Breaks are permitted during the exam. However, the exam will not be stopped during the break and the exam time will continue count down and the time lost cannot be made up.

  • Once you have completed the exam, you will be escorted out of the testing room and taken to the Reception desk to be checked out of the Testing Center.
  1. The testing center proctor will give you a printed Score Report that indicates whether you have passed or failed the exam.
  2. Your exam results will also be sent automatically to the Department of Health (DOH).
CompTIA Study Tips
AWS Study Tips
April 9th at 6pm
University of North America
4 375 Fair Lakes Court, Fairfax, VA
April 17th at 6pm
Reston Community Center
2310 Colts Neck Road, Reston, VA
Review Course for Certified in Risk and Information Systems Control TM (CRISC TM ) Spring 2019 Exam
Certified in Risk and Information Systems Control (CRISC) recognizes IT professionals who are responsible for an organization's risk management program. CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management and positions them to become strategic partners to the enterprise

March 28 -30

We are so proud to say "Congrats" to the following people who have passed their exams...
  • David Prieto - Security+
  • Sean Gallagher - CEH
  • LeFang Lan - Security+
  • Michael Guerrero - Security+
  • Mason Emrie - Security+
FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors
The contractor with whom it shared the data has a vulnerable, unpatched network.

The Federal Emergency Management Agency exposed the personal identifiable information of 2.3 million survivors of Hurricanes Harvey, Irma and Maria and the California wildfires in 2017, by oversharing survivor data with a contractor when it wasn’t necessary.

Worse, the contractor’s networks have unpatched vulnerabilities that would allow an adversary access to that information.

Through the TSA program, The Federal Emergency Management Agency (FEMA) provides transitional sheltering in hotels to disaster survivors displaced by emergencies. It also hires local contractors to administer the program and verify that the applications for those shelter services are approved when victims show up to check into their accommodations.

“FEMA should only provide [the contractor] with limited information needed to verify disaster survivors’ eligibility for the TSA program,” according to a recently published alert from the Office of the Inspector General (OIG) at the Department of Homeland Security.

However, FEMA overshared – releasing to the contractor not just necessary info such as applicant names, birth dates, eligibility dates, number of people in the household and various FEMA-specific authorization/registration numbers, but also more than 20 unnecessary data fields. Out of those 20, FEMA said that six contained personal identifiable information (PII), including applicants’ physical addresses, bank names, electronic funds transfer numbers and bank transit numbers.

Further, the contractor (the name is redacted in the alert) didn’t notify FEMA that it was receiving more information than what was specified in the data transfer agreement it had with the agency.

“FEMA headquarters officials told us it may be feasible to change the data-transfer script to remove the unnecessary PII, but such change would need to be coordinated with the Individual Assistance and Mass Care program offices, which may be time consuming,” said the OIG. It added, “FEMA stated it had implemented immediate measures to discontinue sharing the unnecessary data and had begun an on-site assessment of [the contractor’s] network.”

The agency said that it has taken action to destroy the previously shared PII and “sanitize” the contractor’s systems.

The estimated completion date for total remediation of the issue is June 30, 2020. Read More
What Meetup Topics Do You Want To Learn About?
Uses of Artificial Intelligence and Machine Learning
Women in Tech & Cyber Security
Building a Solid Linkedin Profile & Resume for IT Jobs
Breaking into Cloud Computing and DevOps
White Hat Security and Next-Genn Cyber Attacks Demo
NextGen IoT (Internet of Things) Attacks and Securing IoT Edge Devices
What you need to know to pass the
CompTIA Security+ Exam
April 13, 14 & 20, 27
Saturday and Sunday
Before you take the exam be sure to fully understand these objectives:
  • Identifying network attack strategies and defenses
  • Understand the principles of organizational security & the elements of effective security policies
  • Know the technologies and uses of cryptographic standards and products
  • Identify network and host-based security technologies and practices
  • Describe how wireless and remote access security are enforced
  • Describe the standards and products used to enforce security on the Web and in communication technologies
  • Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery
Be sure to understand all of the concepts and main objectives before you sit for the exam. Also, be sure to know the keyword abbreviations, such as: MAC (mandatory access control, FTP ( File Transfer Protocol), SFTP ( Secure File Transfer Protocol), etc.