I've decided to start studying for the CISSP exam. I've decided the first step will be to memorize the ten domains that comprise the Common Body of Knowledge as defined by International Information System Security Certification Consortium (ISC)^2 before I start reading some e-books on the subject. Here we go from memory using a new trick I learned today:
1) Access Control
2) Application Security
3) Business Continuity and Disaster Recover Planning
4) Cryptography
5) Information Security and Risk Management
6) Legal
7) Operations Security
8) Physical and Environmental Security
9) Security Architecture and Design
10) Telecommunications and Network Security
Amazingly I got them all correct in the right order just by studying for a about 5 minutes. I swear I didn't peek. What's funny is the words my brain was spitting out felt so wrong but they were precise (WTF is Operations Security??)
The trick is to say the first item in the list out loud, read the second item, say the first and second item out lound, read the third item... and so on.
I can't believe I just learned this trick today.
Thursday, June 21, 2007
Monday, June 18, 2007
Skills Assessment
The art of war teaches us to protect ourselves from all sides. And although I've produced brilliantly at the workplace by designing new tools that make our jobs easier, I haven't really learned any new skills. I've just further honed existing tools already in arsenal. With so much uncertainty in the near future it's in my best interest to add some new skills. This will be a long and comprehensive list in the end.
Business Processes
RFI
RFP
RFQ
Secure Protocols
Diffie-Hellman
IPsec
Kerberos
L2TP
PGP
PPTP
S/MIME
SET
S-HTTP
SOCKS
SSH
SSL/TLS
WEP
Networking
TCP/IP Model
OSPF
BGP
IGRP
EIGRP
MPLS
Windows
Samba
Network Management
NAGIOS
Database
SQL
Oracle
OCFS
Firewalls
CheckPoint
PIX
Programming
Python
C (need to master)
C++
Perl (need to master)
Expect
PHP
AJAX
RSS
XML
Fuzz Testing
Wireless
802.11i
RADIUS
Storage
LVM
SAN
GFS
Pen-Testing
Netstumbler
Wireshark (formerly Ethereal)
NMap
Nessus
Compliance
SOX
HIPAA
Virtualization
Xen
Reverse Engineering
IDA Pro
General Security
IDS
IPS
Business Processes
RFI
RFP
RFQ
Secure Protocols
Diffie-Hellman
IPsec
Kerberos
L2TP
PGP
PPTP
S/MIME
SET
S-HTTP
SOCKS
SSH
SSL/TLS
WEP
Networking
TCP/IP Model
OSPF
BGP
IGRP
EIGRP
MPLS
Windows
Samba
Network Management
NAGIOS
Database
SQL
Oracle
OCFS
Firewalls
CheckPoint
PIX
Programming
Python
C (need to master)
C++
Perl (need to master)
Expect
PHP
AJAX
RSS
XML
Fuzz Testing
Wireless
802.11i
RADIUS
Storage
LVM
SAN
GFS
Pen-Testing
Netstumbler
Wireshark (formerly Ethereal)
NMap
Nessus
Compliance
SOX
HIPAA
Virtualization
Xen
Reverse Engineering
IDA Pro
General Security
IDS
IPS
Subscribe to:
Posts (Atom)