IT Security from arstechnica.com “DOJ tries to rebrand weakened encryption as “responsible encryption””

Trump’s DOJ tries to rebrand weakened encryption as “responsible encryption”

A high-ranking Department of Justice official took aim at encryption of consumer products today, saying that encryption creates “law-free zones” and should be scaled back by Apple and other tech companies. Instead of encryption that can’t be broken, tech companies should implement “responsible encryption” that allows law enforcement to access data, he said.

Source: arstechnica.com/tech-policy/2017/10/trumps-doj-tries-to-rebrand-weakened-encryption-as-responsible-encryption/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #10

These can all be used in IPSec except which concept?
A: AH.
B: ESP.
C: SA.
D: DR.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


D: IPSEC (Internet Protocol Security): Set of protocols that provide a cryptographic layer to IP traffic (IPv4 and IPv6). It uses AH (Authentication Header) to provide authentication and integrity for each packet. ESP (Encapsulation Security Payload) which provides confidentiality and SA (Security Association) which is a simplex one-way communication (Like a walkie talkie).Can be used to negotiate ESP or AH parameters.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security – from Software Developer India “What is the Internet of Things (IoT)?”

For the last few years, the Internet of Things (IoT) has been getting a lot of hype even though the concept has not been a new one. In fact IoT has been around for a long time, but in subtler way. IoT has revolutionized several industries including the IT industry, marketing, health care, education, agriculture and plenty more. IoT is not a complicated thing at all – it means conne…

Source: www.software-developer-india.com/what-is-the-internet-of-things-iot/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security from The Telegraph: “GCHQ is coming out of the shadows to protect Britain’s economy from cyber-criminals”

GCHQ is coming out of the shadows to protect Britain’s economy from cyber-criminals

I have spent my whole career, in MI5 and now as head of GCHQ, working to counter the most serious threats to our national security.

If I’ve learned one thing it’s that our adversaries are quick to spot new ways of doing us harm.

We see that in the way terrorists are constantly changing their weapons or states are using their full range of tools to steal secrets, gain influence and attack our economy.

Source: www.telegraph.co.uk/news/2017/10/08/gchq-coming-shadows-protect-britains-economy-cyber-criminals/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #9

Which type of access control model would we use if integrity is most important?
A: DAC.
B: RBAC.
C: MAC.
D: RUBAC.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


B: RBAC (Role Based Access Control): Often used when Integrity is most important. Policy neutral access control mechanism defined around roles and privileges. A role is assigned permissions, and subjects in that role are added to the group, if they move to another position they are moved to the permissions group for that position.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security: From Internet Society “NDSS Highlights the Best in Internet Security Research”

NDSS Highlights the Best in Internet Security Research | Internet Society

The nonstop news about Internet security vulnerabilities and incidents could lead one to despair for the future of the Internet. However, what often does not make the news is all the quality research that contributes ultimately to a more secure, private, and trustworthy Internet. Quality academic research that is open and easily accessible is one …

Source: www.internetsociety.org/blog/2017/08/ndss-highlights-the-best-in-internet-security-research/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #8

Jane is tasked with looking at FIDM, which of these would she not consider.
A: Security tokens.
B: Microsoft Azure cloud.
C: RFID.
D: Windows identity foundation.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


C: RFID (Radio Frequency Identification) is used a variety of things including smart cards and not FIDM (Federated Identity Management).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Certification: Competition time – Win a CISSP practice test! October 8th 2017

Competition time!

Enter to win a free CISSP Practice exam.

Rules:

To enter you must do these 2 to be eligible (+3 entries)

  1. Join the CISSP study group at https://www.facebook.com/groups/ThorTeaches/
  2. Like and comment on the competition post in the Facebook group.

Optional:

  1. Share this post on Facebook (+5 entries).

The Winner will be drawn at random after the competition is over and announced in the Facebook group!
If you already own all 4 practice tests, we can do an amazon gift card instead, but only available to people with all 4 tests ($10 value).
The competition ends October 14th at 12:00 HST (noon).

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

New (ISC)² Community site is up!

Join the new (ISC)² Community today and earn your Early Adopter badge

(ISC)² is excited to announce the launch of its new online Community!

Created for cybersecurity and IT professionals, the (ISC)² Community allows you to connect, collaborate and share your

knowledge and experience with other pros – (ISC)² members and non-members alike!

(ISC)² Community

Source: community.isc2.org/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

IT Security: From Internet Society “Five Steps You Can Take Right Now to Increase Your Privacy”

Five Steps You Can Take Right Now to Increase Your Privacy | Internet Society

You should care about your privacy online even if you think you have nothing to hide. A key aspect of privacy is being able to choose what information you share publicly and what is private. Would you want your bank account balance displayed for anyone to see? What about your medical history? Encryption is a …

Source: www.internetsociety.org/blog/2017/09/five-steps-can-take-right-now-increase-privacy/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading