CISSP Certification: Competition time – Win a CISSP practice test! October 8th 2017

Competition time!

Enter to win a free CISSP Practice exam.

Rules:

To enter you must do these 2 to be eligible (+3 entries)

  1. Join the CISSP study group at https://www.facebook.com/groups/ThorTeaches/
  2. Like and comment on the competition post in the Facebook group.

Optional:

  1. Share this post on Facebook (+5 entries).

The Winner will be drawn at random after the competition is over and announced in the Facebook group!
If you already own all 4 practice tests, we can do an amazon gift card instead, but only available to people with all 4 tests ($10 value).
The competition ends October 14th at 12:00 HST (noon).

Continue Reading

New (ISC)² Community site is up!

Join the new (ISC)² Community today and earn your Early Adopter badge

(ISC)² is excited to announce the launch of its new online Community!

Created for cybersecurity and IT professionals, the (ISC)² Community allows you to connect, collaborate and share your

knowledge and experience with other pros – (ISC)² members and non-members alike!

(ISC)² Community

Source: community.isc2.org/

Continue Reading

IT Security: From Internet Society “Five Steps You Can Take Right Now to Increase Your Privacy”

Five Steps You Can Take Right Now to Increase Your Privacy | Internet Society

You should care about your privacy online even if you think you have nothing to hide. A key aspect of privacy is being able to choose what information you share publicly and what is private. Would you want your bank account balance displayed for anyone to see? What about your medical history? Encryption is a …

Source: www.internetsociety.org/blog/2017/09/five-steps-can-take-right-now-increase-privacy/

Continue Reading

IT Security – from CSO online: “Future cyber security threats and challenges: Are you ready for what’s coming?”

Future cyber security threats and challenges: Are you ready for what’s coming?

Among the the alarming trends highlighted in a new study from The Internet Society (ISOC) are the rise of state-sponsored cyber attacks as the internet is becoming increasingly intertwined with national security and the creation of “security divides” where some entities won’t be capable of dealing properly with threats.

Source: www.csoonline.com/article/3226392/security/future-cyber-security-threats-and-challenges-are-you-ready-for-whats-coming.html

Continue Reading

IT Security – from Internet Society “Evidence at the cost of trust: The trouble with the Department of Justice – DreamHost case”

Evidence at the cost of trust: The trouble with the Department of Justice – DreamHost case | Internet Society

The social and economic benefits of the Internet cannot be realized without users’ ability to communicate and organize privately, and, where appropriate, anonymously. Data collection warrants must strike a balance to protect these benefits without impeding law enforcement’s ability to enforce the law. In recent weeks, the United States Department of Justice’s (DoJ) conflict with DreamHost, …

Source: www.internetsociety.org/blog/2017/08/evidence-cost-trust-trouble-department-justice-dreamhost-case/

Continue Reading

CISSP Practice question #6

Why would we use a RTM in software testing?
A: To ensure we are secure.
B: To test for malformed input.
C: To map requirements to the testing plan.
D: To test the code while executing it.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: TM/RTM (Requirements Traceability Matrix): Normally a table, used to map customer requirements to the testing plan using a many-to-many relationship comparison. A requirements traceability matrix may be used to check if the current project requirements are being met, and to help in the creation of a request for proposal, software requirements specification, various deliverable documents, and project plan tasks.

show less

Continue Reading

IT Security – from Internet Society “Five Steps You Can Take Right Now to Increase Your Privacy”

Five Steps You Can Take Right Now to Increase Your Privacy | Internet Society

You should care about your privacy online even if you think you have nothing to hide. A key aspect of privacy is being able to choose what information you share publicly and what is private. Would you want your bank account balance displayed for anyone to see? What about your medical history? Encryption is a …

Source: www.internetsociety.org/blog/2017/09/five-steps-can-take-right-now-increase-privacy/

Continue Reading

CISSP Practice question #5

Who would perform a structured audit?
A: Senior management.
B: IT security staff.
C: External auditors.
D: Internal auditors.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: Structured audits (3rd party): External auditors there to validate compliance, they are experts and the audit adds credibility. Can also be a knowledge transfer for the organization, required annually in many organizations.

show less

Continue Reading

IT Security from CSOOnline: “Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021”

Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021

The cyber crime epidemic is expected to triple the number of open cybersecurity positions to 3.5 million over the next five years.

A new report out from Cybersecurity Ventures estimates there will be 3.5 million unfilled cybersecurity jobs by 2021, up from 1 million openings last year.

Employment figures from the U.S. and India highlight the cybersecurity labor crisis.

In 2017, the U.S. employs nearly 780,000 people in cybersecurity positions, with approximately 350,000 current cybersecurity openings, according to CyberSeek, a project supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology (NIST) in the U.S. Department of Commerce.

The current number of U.S. cybersecurity job openings is up from 209,000 in 2015. At that time, job postings were already up 74 percent over the previous five years, according to a Peninsula Press analysis of numbers from the Bureau of Labor Statistics.

At this rate, the U.S. is on pace to hit a half-million or more unfilled cybersecurity positions by 2021.

The National Association of Software and Services Companies (NASSCOM) recently estimated that India alone will need 1 million cybersecurity professionals by 2020 to meet the demands of its rapidly growing economy.

Demand for security professionals in India will increase in all sectors due to the unprecedented rise in the number of cyber attacks, according to NASSCOM. Despite having the largest information technology talent pool in the world, India is highly unlikely to produce an adequate number of professionals to close the cybersecurity skills gap.

Source: www.csoonline.com/article/3200024/security/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html

Continue Reading