Download FREE CISSP Cheat Sheet PDF

Download the FREE Cheat Sheet - APPLICATION SECURITY - CISSP PREP Guide

Latest Posts from the Blog:

T9000: Skype User Beware

Not long ago we remember the top secret meetings happened only behind the doors. Now we can connect with people situation across the world for such meetings. Thanks to technology. We can talk to any one any where using Skype, Whatsapp and many more communication applications. However this area becoming very lucrative and targeted by hackers.  We also saw bugging in the cold wa [...]

Continue reading»

Security models – part 1

The security models demonstrate the theoretical application of security problems in a IT environment. Each model was developed as a solution to a security problem - integrity issues, confidentiality requirement or support for real world problems. Each model is based upon a mathematical formula. As a CISSP, you are NOT required to know the math, but it is good get familiar w [...]

Continue reading»

Security Governance Principles

ISO/IEC 27014 refers to information security governance as an integral part of the organization’s corporate governance with strong links to IT governance, but is arguably a bit vague on the details. The ISO/IEC 27014 follow the information security principles listed in ISO/IEC 38500:2008/2015 and defines a guidance on how to apply these principles to information security. [...]

Continue reading»

Security Architecture

Objectives of Enterprise Security Architecture Guidance Direction for key decision makers which enables the integration of security plans into the overall corporate architecture. Strategy The business and security decisions will be consistent across the enterprise, taking into account; geographically, corporate culture, governance, and structure of the organization. De [...]

Continue reading»

Our Most Popular Posts:

CISSP Preparation Access Control Notes

  Intrusion Detection & Prevention (IDS & IPS)   update the system frequently with expected profiles and new signatures of attacks.   intrusion detection is to monitor real-time traffic or audit trail and analyze events to detect potential intrusion attempts.   IDS can only alert sys mgmt to perceived attacks rather than actually preventing them.    Bene [...]

Continue reading»

CISSP Preparation Notes Information Security & Risk Management

Information Security Governance and Risk Management  Risk Management - identification, measurement, control, and minimization of loss associated with uncertain events or risks. It includes overall security review, risk analysis; selection and evaluation of safe guards, cost benefit analysis, management decision, safeguard implementation, and effectiveness review.  Gove [...]

Continue reading»

Symmetric Key Algorithms – Part1

Crypto Algorithms Algorithms are integral part of cryptography. With out them we can not define any cryptography at all. I divided the algorithm discussion into 2 major parts. Symmetric Key Algorithms Asymmetric Key Algorithms Due to the length and the details that need to be covered I divided the Symmetric Key Algorithm section into 3 parts. The first part covers [...]

Continue reading»

A Call from Above: Flight Attendants Ask TSA to Fully Implement CrewPass

The Association of Flight Attendants-CWA (AFA-CWA) has once again called for the Transportation Security Administration (TSA) to fully implement CrewPass, an identification credential for aviation workers that promotes expedited screening [...]

Continue reading»