Planting Seeds of Success
The CompTIA Advanced Security Practitioner (CASP) certification is a newer certification from CompTIA that is starting to get more attention. It was recently approved as one of the certifications by Department of Defense (DoD) and is listed on the same level as the CISSP certification in some categories. I have written about the (CASP) certification in the past [...]
If you’re planning on taking the Security+, SSCP, or CISSP exam you should understand the common risk management methods used by security professionals. As an example, Objective 2.1 “Explain risk related concepts” for the CompTIA Security+ exam lists risk-avoidance, transference, acceptance, mitigation, and deterrence. Risk management is the practice of identifying, monitoring, and limiting risks to a manageable level. It [...]
If you’re planning on taking the Security+, SSCP, or CISSP exam you should know about many of the attack types such as the smurf attack. As an example, Objective “3.2 Analyze and differentiate among types of attacks” for the CompTIA Security+ exam lists several common types of attacks including the smurf attack. A smurf attack spoofs [...]
If you’re seeking a security certification such as the Security+, SSCP, CISSP, or even one of the Microsoft certifications, you’ll be glad to hear that your expertise is needed. If you’re seeking one of these certifications, check out this page for some study resources. The GBS Group is Hiring Brian Trees at The GBS Group [...]
If you’re preparing for the Security+ SY0-301 exam, you should have a basic understanding of a certificate, a certificate revocation list (CRL) and a certificate authority (CA). A reader recently sent me a query on these. I answered him directly but expanded my answer here to provide a little more detail. Certificate A certificate is [...]
I’ve been busy with several projects recently, including putting together the Darril Gibson website so I haven’t been able to post as often as I would have liked. However, on this Memorial Day I thought I’d jot down a few notes letting people know what I’ve been up to. CISSP: Certified Information Systems Security Professional [...]
If you’ve been studying for the SSCP exam, you may be looking for a good source of SSCP practice test questions. You’ll find that the SSCP Systems Security Certified Practitioner All-in-One Exam Guide covers the content in the exam but I’m hearing that test questions from the studISCope test banks are the most helpful. (ISC)2 [...]
If you’re preparing for the Security+ or SSCP exams, you’ll need to know a few of the protocol IDs used by TCP/IP. The protocol ID is a number embedded in the header of the packet to identify the protocol. It is used for many protocols that are not identified with a port number. I recently [...]
Ports for Network+, Security+, and SSCP Exams If you’re planning on taking a certification exam such as CompTIA Security+, CompTIA Network+, or SSCP you should have many of the well-known ports memorized. The objectives for the CompTIA Network+ exam lists many of the protocols and the ports spelling out exactly what you need to know. [...]
If you’re studying for one of the security certifications like CISSP, SSCP, or Security+ you’ll come across intrusion detection systems and intrusion prevention systems. An intrusion detection system can detect and alert on potential intrusions, and an intrusion prevention system goes a step further and can block an attack. There’s a lot of depth to [...]
