Location: India

Comments

Post a Comment

Popular posts from this blog

AWS Interview Questions?

AWS Well-Architecture Framework 1. Operational Excellence OPS 1: What factors drive your operational priorities? OPS 2: How do you design your workload to enable operability? OPS 3: How do you know that you are ready to support a workload? OPS 4: What factors drive your understanding of operational health? OPS 5: How do you manage operational events? OPS 6: How do you evolve operations? 2. Security SEC 1: How do you manage credentials for your workload? SEC 2: How do you control human access to services? SEC 3: How do you control programmatic access to services? SEC 4: How are you aware of security events in your workload? SEC 5: How do you protect your networks? SEC 6: How do you stay up to date with AWS security features and industry security threats? SEC 7: How do you protect your compute resources? SEC 8: How do you classify your data? SEC 9: How do you manage data protection mechanisms? SEC 10: How do you protect your data at rest? SEC 11: How do you pr...
Read more
CISSP The Easy Way: A 30 Day Plan Like many of my InfoSec brethren, I am bored to tears with news of the “IT security skills gap.” There are far too many intelligent and hardworking people left on the sidelines because they don’t have the exact right mix of certifications, education, and experience for us to be talking about a skills gap. But I’m not one to complain. Like it or not, InfoSec hiring managers, recruiters, and HR professionals love certifications. So I’m going to show you how to get them! This study guide is the first in a series of guides I plan to write about how to prepare for information security exams. I’m starting with the Certified Information Systems Security Professional (CISSP) study guide since it is the most recognized Information security exam. This exam prep guide consists of four phases: plan, review, practice, test. In the following sections, I’ll provide a brief overview of what’s done in each phase. This guide is aimed primarily at...
Read more
      Domain 1 Emphasize Ethics Emphasize authenticity and nonrepudiation (properties of Integrity) Change “ global ” context to “ holistic ” context (legal and regulatory requirements) Move Investigation types here from Domain 7 Change SCA to Control assessments (security and privacy) Remove Asset valuation from risk management Mention Risk maturity modeling Use the term, Supply Chain Risk Management (SCRM) Mention social engineering, phishing, security champions , and gamification Domain 2 Use the term, asset handling requirements Move Provision resources securely here from Domain 7 Specify data lifecycle Emphasize asset retention (EOL, EOS) Identify Data protection methods Move Digital Rights Management (DRM) here from Domani 3 Domain 3 Specify secure design principles Identify 15 (add 7 more) vulnerabilities of architectures, designs, and solution elements. ( Microservices , Containerization , Serverless , High-Performance Computing systems , Edge computing s...
Read more