“How To Revolutionize Your Personal Tech Development and Skyrocket Your IT Career! #ExpontentialGrowth” Disclaimer: Clickbait title is a red-herring. This post should actually be called something a little more modest and humdrum, like, “Learning Strategies”. The opinions contained herein are highly subjective, and may be of limited relevance to anyone who isn’t specifically me. Setup What are the most effective learning strategies for someone transitioning into the IT industry? How can one work-smarter-not-harder when it comes to developing their fundamental skills in…

VLANs and Subnetting

- 8 mins read
Setup Studying for the Network+ helped me build up a basic, conceptual understanding of subnets and VLANs. I might have even come away from the exam feeling like I was an expert…if I hadn’t had an infinite supply of confusing helpdesk tickets and unanswered questions to keep me humble. Working helpdesk tickets frequently means making an awkward entrance into the middle of a conversation: I didn’t design the network. I didn’t configure the network.
Setup I started on the CompTIA trifecta in mid 2022, got the A+ (220-1101 & 220-1102) in February 2023, Net+ (N10-008) in Sept 2023, and Sec+ (SY0-701) in April, 2024. I used a mixture of study resources for the exams, but relied heavily on Professor Messer’s great practice exams, YouTube lessons, study sessions, and Discord channel. This is a review of the Net+ exam material, with a focus on the CompTIA objectives that are most applicable to actual helpdesk tickets (IMO).
Issue How exactly does an attacker steal a user’s “session”? Stealing a username/password combo and using them to sign into someone else’s account is an intuitive process. But if the end user has MFA enabled on their account, signing into that account on a new device requires a code from an OTP app, alternate email, or text to their mobile phone. Assuming the attacker hasn’t ALSO breached their alternate email or executed a SIM Swap to get direct access to the victim’s MFA method, how are they able to bypass that additional layer of security?
Setup The first real, working development pipeline for this blog used the GitHub to FTP approach. Before that, I tried a somewhat convoluted version of the “Pull” approach the guide in the official cPanel docs, which outlines two basic options: Push Method Edit your website on your computer, push the changes to a single Git repo in cPanel, and it will automatically update Use cPanel’s Git Version Control tool to make an empty repository Clone that to your computer Use a .
Issue When you access another device via SSH, there is always the possibility of falling victim to an On-Path (Man-in-the-Middle) attack. For example, you could accidentally connect to an attacker’s server, and they’d capture your credentials when you tried to authenticate. We use PKI in the form of host keys to counter that vulnerability. When you SSH into a web server for the first time, you should see a message similar to this:
Setup Not actually a full-fledged CI/CD Pipeline at this point. And it goes without saying, but Git for a non-collaborative, personal, static website is overkill. But as long as I am creating a tech blog, it might as well include automatic deployments with version control for a bit of DevOps practice. Pushing website updates from GitHub to cPanel’s via FTP wasn’t my first approach. I’ll document the less successful process of connecting the GitHub repo to a redundant cPanel Git repo via SSH in a future post.