CISSP certification: Thor Pedersen’s answer to “What is the best method to study for the CISSP?” – Quora

When I did mine I watched videos, read book, re-watched videos and took a full practice test (250 questions), then when I knew my weak areas I read the book (Shon Harris) and re-watched those videos, then another practice test and so on.
I would also visit a lot of forums, read on related topics and fill the holes I had in my knowledge (had a networking ITSec background).

Realize this is a management exam, think like management, not like a techie (that was my hardest challenge).

 Continue reading: www.quora.com/What-is-the-best-method-to-study-for-the-CISSP/answer/Thor-Pedersen-4

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security – from hackster.io New Backscatter Sensors Operate Over Long Ranges with Very Little Power

New Backscatter Sensors Operate Over Long Ranges with Very Little Power

The Holy Grail of connected sensors and devices is to be able to transmit data over long distances without consuming much power.
By using chirp spread spectrum modulation with their backscatter system, the team was able to transmit data up to 2.8 kilometers. The sensors themselves could run on mere microwatts, so they only require very small batteries and could potentially even run from harvested ambient energy. Even more promising is the cost — at bulk pricing the team believes individual sensors would cost just 10 to 20 cents per unit.

Source: blog.hackster.io/new-backscatter-sensors-operate-over-long-ranges-with-very-little-power-ae36f3a5e5fd

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP certification: Rules, laws and regulations (the Wassenaar Arrangement).

Wassenaar Arrangement – Export/Import controls for Conventional Arms and Dual-Use Goods and Technologies.

  • 41 countries are a part of the arrangement.
  • Cryptography is considered “Dual-Use”.
    • Iran, Iraq, China, Russia and others have import restrictions on strong cryptography.
    • If it is too strong it can not be broken, they want to be able to spy on their citizens.
    • Companies have to make “Country Specific” products with different encryption standards.
  • The arrangement is used both to limit what countries want to export and to what some want to import.
  • It is the responsibility of the organization to know what is permitted to import/export from and to a certain country.
  • The Arrangement covers 10 Categories:
    • 1. Special Materials and Related Equipment,
    • 2. Materials Processing,
    • 3. Electronics,
    • 4. Computers,
    • 5.1– Telecommunications,
    • 5.2 “Information Security“,
    • 6. Sensors and “Lasers“,
    • 7. Navigation and Avionics,
    • 8. Marine,
    • 9. Aerospace and Propulsion.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security – from Forbes: “Utilities Will Spend Billions On Cybersecurity As Threat Grows”

Utilities Will Spend Billions On Cybersecurity As Threat Grows

The electric grid is vital infrastructure, but it looks way too vulnerable to hackers.

The National Institute of Standards and Technology released a report in May identifying products available to enhance the electric grid’s cybersecurity. New technologies employed onto the grid are multiplying the number of access points for cyber threats.

An actual cyberattack on an electric grid occurred in December 2015 when Ukraine’s electricity was interrupted. A third party, widely suspected to be operating from Russia, conducted the attack — which resulted in 225,000 customers losing power.

Source: www.forbes.com/sites/constancedouris/2017/09/21/utilities-will-spend-billions-on-cybersecurity-as-threat-grows/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP certification: Thor Pedersen’s answer to “What is Step For Certified Information Systems Security Professional (CISSP)?” – Quora

#1 Study, #2 pass, #3 eat cake!

When I did my certifications I was from a techie background and I did complimenting certificates for that.

I already had my CCENT, CCNA and CCNP certifications.

When I did mine I did it as part of a IT security group of certificates, I took about 6 months, but it was part time (evenings/weekends), and I did a few in that time frame.
Since curriculum overlaps a lot I figured I would take 4 certifications with little extra effort.

Continue reading:  www.quora.com/What-is-Step-For-Certified-Information-Systems-Security-Professional-CISSP/answer/Thor-Pedersen-4

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP certification: Rules, laws and regulations (EU).

  • EU Data Protection Directive
    • Very aggressive pro-privacy law.
    • Organizations must notify individuals of how their data is gathered and used.
    • Organizations must allow for opt-out for sharing with 3rd parties.
    • Opt-in is required for sharing “most” sensitive data.
    • No transmission out of EU unless the receiving country is perceived to have adequate (equal) privacy protections; the US does NOT meet this standard. EU-US Safe Harbor, optional between organization and EU.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security from Reuters: “Hack of Wall St. regulator rattles investors, lawmakers”

Hack of Wall St. regulator rattles investors, lawmakers

Wall Street’s top regulator came under fire on Thursday about its cyber security and disclosure practices after admitting hackers had breached its database of corporate announcements in 2016 and may have used it for insider trading.

Source: www.reuters.com/article/us-sec-cyber/hack-of-wall-st-regulator-rattles-investors-lawmakers-idUSKCN1BW25J

From the U.S. Securities and Exchange Commission Chairman Jay Clayton:
https://www.sec.gov/news/public-statement/statement-clayton-2017-09-20

 

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Certification: Exam prices going up October 1st 2017

CISSP exam prices going up to USD 699 / EUR 650 / GBP 560 on October 1st 2017.

Exams paid for prior to October 1st will be at the old price ($599), even if your exam date is months in the future.

Fee Schedule:
Rescheduling Exam: 50USD/35£/40€
Cancelling Exam: 100USD/70£/80€

https://www.isc2.org/-/media/ISC2/Exam-Pricing/2017-Examination-Pricing.ashx

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security – from David Shearer, CISSP, CEO (ISC)² “Natural Disasters Put the “A” in the CIA Triad to Test”

Natural Disasters Put the “A” in the CIA Triad to Test

By David Shearer, CISSP, CEO (ISC)² Let’s face it, there’s still a fair amount of fear when it comes to the cloud, and I know firsthand people in Texas and Florida recently experienced some devastating weather that tests individuals’ and organizations’ resiliency. Natural disasters like Hurricane Harvey, Irma and others around the world can serve as a reminder that cybersecurity, IT/ICT and OT for that matter, need to work in complementary ways to ensure not only cybersecurity resiliency but business and mission fulfillment resiliency (i.e. Continuity of Operations). I break these areas out, because I frequently hear them discussed in…

Source: blog.isc2.org/isc2_blog/2017/09/natural-disasters-put-the-a-in-the-cia-triad-to-test.html

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Certification: Thor Pedersen’s answer to “Which is easy: CISM or CISSP?” – Quora

TL;DR Neither is easy.

If question is which is easier, again I think the answer would be neither is easier, it depends on where you are coming from experience wise. They are about equal in how difficult they are.
CISSP is a little more technical (not very deep, but concepts).
CISM is also very management focused, but less technical.

They compliment each other well, a good deal of materials are overlapping so it could be a CISSP AND CISM choice.

When I did my certifications I was from a techie background and I did complimenting certificates for that.

Continue reading: www.quora.com/Which-is-easy-CISM-or-CISSP/answer/Thor-Pedersen-4

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading