securityzed contains opinions and anecdotes about INFOSEC issues. Views expressed herein belong solely to the contributors. Not to be taken as professional advice, or internally.
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
CISSPs, please take part in giving your opinion on what the next iteration of the exam should look like; the refresh efforts are starting, and we can improve the content of the Exam Outline to better reflect the reality of the industry and practice of information security. This link contains instructions: https://blog.isc2.org/isc2_blog/2022/12/calling-all-cissps-help-shape-the-cissp-exam.html….and these are the suggestions I offered to the refresh team:
- remove reference to archaic security models (Biba, Bell-LaPadula, etc.)
- reduce, condense, or remove the detailed discussion of cryptanalytic attacks; that is far more granular than is necessary, and of almost no use to practitioners
- remove "evidence storage" and "media storage facilities"; these don't serve any purpose...in fact, it would be best to condense 3.9 into four bullet points: fire, protecting sensitive areas, HVAC, power
- the TCP/IP Model is not a useful concept; remove that
- remove SD-WAN
- remove cellular networks; practitioners can do basically nothing to secure these
- remove "NAC devices"
- remove bullet points/subTopics in 5.3
- in 5.4, we can remove the historical models of MAC, DAC, and the RBACs
- 6.1 and 6.5 seem the same...maybe combine/condense/clarify
- in 7.1, strike "artifacts"; evidence suffices in that Topic
- 3.1 and 7.4 overlap...remove repetition
- 7.5 and 3.9 overlap...remove repetition
- 7.7; change terms to "permissive/prohibitive"
- 7.12, remove "simulation" and "walkthrough"
- remove 7.14; physical security is addressed in Domain 3
- 7.15, remove duress
- remove maturity models (or, at the very least, the specificity of named models) and IPT
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
ISC2 is changing the name of the CAP cert to CGRC, which, honestly, makes a whole lot more sense. According to ISC2, nothing else is changing except the name. This will take effect in February, 2023. You can read more about it here: https://www.isc2.org/Certifications/CAP/CAP-to-CGRC-FAQ
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
This is WannaBeA's first Thanksgiving...so, to celebrate, I'm going to launch our first BF/CM sale...the live course (online) of WannaBeA CISSP...60% off.
Use discount code "GOBBLEGOBBLE22" during checkout, before midnight (my time) on Monday, 28 NOV. Only 20 seats available. See you in class!
https://www.wannabeasscp.com/courses/p/wannabea-cissp-prep-class
ISACA is offering 10% off the exam price for both the CISA and CISM: https://www.isaca.org/campaigns/cisa-cism-exam-discount
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io
Voting for changes to ISC2 bylaws opened yesterday. If you’re an ISC2 member, you can log into your ISC2 account portal and vote on the proposed changes (you should have received an email from ISC2 inviting you to vote).
The Securityzed perspective is that these changes, overwhelmingly, are awful, and we urge you to vote Against. (While there are elements that are sensible, the majority of the changes and terrible.)
The WannaBeA content: wannabeacissp.com
Many thanks to co-host Matt Snoddy! Go buy consulting services from him: http://www.networktherapists.com/
You can now sponsor The Sensuous Sounds Of INFOSEC! Buy us a gallon of gas here: https://www.buymeacoffee.com/securityzed
Visit our friend and co-host Raphty here: safing.io