Who's Online
There are currently, 97 guest(s) and 30 member(s) that are online.
You are Anonymous user. You can register for free by clicking here
Training Classes Calendar
|  |
TIPS and TRICKS to pass the exam and to start your study on the right foot
Posted by boss on Friday, 14 May 2010 @ 08:52:20 EDT (1771 reads)
Topic CISSP OSG INFO
cdupuis writes "Greetings from Clement,
I would like to share with you some tips and tricks that I have collected over time.
To ensure success with your exam, you have to be reading and preparing from the moment you have read this message. This message is to ensure your success on your CISSP exam..
BELOW YOU HAVE IMPORTANT TIPS AND TRICKS REGARDING THE CISSP EXAM -- PLEASE READ AND FOLLOW THOSE INSTRUCTIONS
STEP 1: BECOME A MEMBER OF CCCURE.ORG
Get familiar with the www.cccure.org web site at http://www.cccure.org
To get started create an account at:
http://www.cccure.org/modules.php?name=Your_Account&op=new_user
As you will see the site offers forums, web links, downloads, tutorials, quizzes, and tons of information related to becoming a CISSP.
STEP 2: WATCH OUR FLASH BASED PRESENTATION ON HOW TO BECOME A CISSP
If you have not done so, listen to the CISSP Exam overview at:
http://www.cccure.org/modules.php?name=Web_Links&l_op=viewlink&cid=167
See comments from previous students who have watched the presentation:
Wow, this is great. I wouldn't change a thing. I just wish I'd have seen this earlier than my 2.5 weeks before the exam. :-( Anyway, well done and thank you. It looks like you put a lot of work into this, and it is greatly appreciated.`
Viewing this Flash presentation is an absolute must for anyone considering pursuing the CISSP. Thanks Clement...
WOW! This site has been a wealth of information! I started self-study with Shon Harris' "ALL IN ONE" CISSP Exam Guide and after a few months I became discouraged. Ccure.org and most importantly Clement's flash tutorial for the introduction and overview of the CISSP exam has been a big encouragement. There was so much information with better outline and emphasis from the flash tutorial that I've revised my entire study plan and definitely concentrated my focus on key areas. Clement, thanks a bunch!
STEP 3: QUIZ, QUIZ, and more QUIZZES
A link to our QUIZ engine can be found on the main menu bar of the www.cccure.org website or you can visit:
http://www.cccure.org/modules.php?name=Web_Links&l_op=viewlink&cid=168
A FREE account gives you access to up to 1000 questions. If you wish to get access to all of the questions you must register with a PAID account. Our fees for a paid account is only $39.99 which is a fraction of the price you will pay on any other quiz. We have the largest amount of questions for the CISSP exam that you will find anywhere.
Ensure you take quizzes from the CCCure quiz engine as you complete the reading of each of the domains within the study book that you have bought. The more quizzes you take the better you will do on the exam.
Within the quiz setting do use PRO level questions, closely related, and take at least 50 questions tests, and take multiple tests on each of the domains. You should aim for 80% or above to feel good about passing the real exam. As you will see the Common Body of Knowledge (CBK) is VERY wide (20 miles wide, one inch deep) and it will require a serious investment in time to reach this mark for all of the domains.
The quiz will help you two ways: First by identifying things you DO NOT know and finding your weak domains. Second it will help you memorize topics of the CBK.
I strongly recommend that you search the web or your study book for any questions that you have missed, this is how you will improve your knowledge and remember the key topics. Every time you miss a question, do a cut and paste of the question into a word document. This word document will become your OWN customize quiz containing question you did not know. Later on in your studies you attempt those questions again and you ensure that you can answer them correctly.
Time permitting we will perform a quiz before each domain, then we will perform two at the end of the domains (one by yourself and one as a group).
STEP 4: BECOME A BOOK RAT
If you have not bought a good study book yet, today is the time to do it. Do not procrastinate, get your study book right now.
There are many books available, some are better than others, you can see a short list of recommended books at:
http://www.cccure.org/modules.php?name=News&new_topic=76
Many people who have many years of experience prefer short and concise books such as the CISSP for Dummies. Do not get thrown off by the title, it is a VERY good book.
STEP 5: SUBSCRIBE TO OUR CISSP STUDENT INFO MAILING LIST
This mailing list is a series of auto responders that will send you about one message a day for about 10 days.
The messages contain tips and trick to pass your exam and general information about how to become a CISSP.
You can subscribe at: http://www.cccure.info/subscription.html
STEP 6: SUBSCRIBE TO OUR TWO WAY DISCUSSION LIST
This mailing list is a two way discussion list where you can post messages and get help from others who are studying for the CISSP exam. The mailing list is moderated by our instructor Clement Dupuis and it is very well maintained. Clement will quickly filter any message that are not CISSP related.
Subscribe at: http://www.cccure.org/modules.php?name=News&file=article&sid=431
STEP 7: VISIT THE CCCURE.ORG FORUMS FOR THE CISSP
The CCCure forums are one of the most dynamic community when it comes to getting answers to your questions quickly or finding more information about the CBK.
It is really worth a visit, you will find the forums at:
http://www.cccure.org/modules.php?name=Forums&file=index&c=2
STEP 8: VISIT THE CCCURE WEB STORE FOR SUPPLEMENTARY RESOURCES
Our webstore has grat resources that can assist you in passing the exam on the first try.
Some people learn best with Video Turorials, some prefer MP3 files, others prefer reading. The website has resources for all learning abilities.
Visit the CISSP Section at: https://www.cccure.com/cart/categories/CISSP/
MAIN CAUSE OF EXAM FAILURE
Over the years we have identified some of the main reason WHY people fail their exam. You have a list of the most common reasons below:
1. They do not do any study seriously prior to taking their exam or attending a class
2. They spend time answering emails or texting on their phone instead of studying seriously or listening to the instructor
3. They spend time outside the class talking on their cell phone or attending conference calls
4. They are doing remote administration or job related activities through a remote connection
5. They underestimate the difficulty of the exam
6. They study while watching the game or doing other activities
To ensure your success, you should not partake in any of the above activities which are detrimental to your ability of studying seriously while absorbin and remembering the key topics.
IMPORTANT: Last but not least
Tel your boss, peers, and anyone close to you that you will be ignoring them for a week before taking your exam as you are studying to pass the exam. Make sure they understand that you ARE NOT available for any of the normal company activities. Your study week will require concentration throughout the day and even working at night as well. Your spouse will become a CISSP widow for one week. THIS IS YOUR PRIORITY and you must take it VERY SERIOUSLY.
Best regards
Clement
Site Owner and Maintainer
Clément Dupuis, CD
CISSP, GCFW, GCIA, QEH, QSA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS, + dozen of others
"
SpywareAnalytics a forum for home user security
Posted by boss on Thursday, 18 March 2010 @ 10:34:18 EDT (646 reads)
Topic CISSP OSG INFO
cdupuis writes "SpywareAnalytics.com is a home user forum portal to help you fight with malware.
We have a specialized team of analysts, engineers and other researchers, who are focused in helping you round the clock to resolve your issues by helping you to:
* fix your systems
* detect & remove malware
* analyze & research on malware
* Update & Patch process
* Installation questions
and much more...
Check out http://www.SpywareAnalytics.com when you get a chance. Thank you for your time!
Kind Regards,
EF "
Twitter announce a new service to protect their users
Posted by boss on Monday, 15 March 2010 @ 10:20:43 EDT (553 reads)
Topic CISSP OSG INFO
cdupuis writes "NOTE FROM CLEMENT:
Interesting posting seen on the HSecurity web site. Lots of people considers social network as an acceptable risk, which is really being foolish. Most social networks are a great place to get malware, malicious links, or simple social engineering attacks. If they were safe they would not bother adding security. See more info below:
10 March 2010, 13:49
Twitter to detect, intercept and prevent bad links
Twitter[1] has announced[2] that it is launching a new service to protect its users against phishing and other attacks by attempting to detect, intercept and prevent "bad links" before a user clicks on them. The popular microblogging company says that, from now on, it will be routing all links submitted to Twitter through a new service, allowing the company to block bad links even after they've already been sent out in an email notification.
According to Del Harvey[3], Director of Twitter's Trust and Safety team, as these type of attacks often occur in email notifications and Direct Messages, this is where the company will focus their "initial efforts". Harvey says that, for the most part, users will not even notice the feature as it will be working behind the scenes. Users may, however, notice that links have been shortened to "twt.tl[4]" links in Direct Messages and email notifications.
See also:
- Twitter resets user passwords[5], a report from The H.
- Cracking attack on Twitter[6], a report from The H.
- Shutting Twitter backdoors[7], a report from The H.
URL of this Article:
http://www.h-online.com/security/news/item/Twitter-to-detect-intercept-and-prevent-bad-links-950750.html
Links in this Article:
[1] http://twitter.com/
[2] http://blog.twitter.com/2010/03/trust-and-safety.html
[3] http://twitter.com/delbius
[4] http://twt.tl
[5] http://www.h-online.com/news/item/Twitter-resets-user-passwords-921235.html
[6] http://www.h-online.com/news/item/Cracking-attack-on-Twitter-889425.html
[7] http://www.h-online.com/news/item/Shutting-Twitter-backdoors-850717.html "
The Rugged Software Manifesto
Posted by boss on Wednesday, 10 February 2010 @ 07:43:31 EST (681 reads)
Topic CISSP OSG INFO
cdupuis writes "The three authors of the manifesto are Josh Corman, an analyst with The 451 Group; David Rice, formerly with the National Security Agency and author of Geekonomics, a book about the real cost of insecure software; and Jeff Williams, the chairman of OWASP, an organization focused on Web application security. The trio announced the project at the SANS Institure AppSec Conferenc in San Francisco Monday.
The Rugged Software Manifesto
- I am rugged... and more importantly, my code is rugged.
- I recognize that software has become a foundation of our modern world.
- I recognize the awesome responsibility that comes with this foundational role.
- I recognize that my code will be used in ways I cannot anticipate, in ways it was not designed, and for longer than it was ever intended.
- I recognize that my code will be attacked by talented and persistent adversaries who threaten our physical, economic, and national security.
- I recognize these things - and I choose to be rugged.
- I am rugged because I refuse to be a source of vulnerability or weakness.
- I am rugged because I assure my code will support its mission.
- I am rugged because my code can face these challenges and persist in spite of them.
- I am rugged, not because it is easy, but because it is necessary... and I am up for the challenge.
Official Announcement Document - 
If you want Rugged Software, join us and help define the principles, and technologies that will help others become Rugged too. Our first project is to define how people and organizations can know if they are Rugged.
Visit their website at: http://www.ruggedsoftware.org/ "
Stupid rebates for Stupid Clients
Posted by boss on Tuesday, 09 February 2010 @ 09:17:22 EST (694 reads)
Topic CISSP OSG INFO
cdupuis writes "Rebates, Rebates, and Rebates.
Are they all great and fantastic for you as a customer? Not always for sure. I have received another one in my mailbox today and as I was reading it I asked myself: Do they really think that people are that stupid?
When I see advertising where they offer a FREE laptop, a free Kindle, rebate of $500 to the person you refer, or a gift card for referral I am always asking myself how can they offer such freebies? Then my brain come to it's senses and the response is: THERE IS NO FREEBIES -- YOU ARE PAYING FOR IT YOURSELF
You the customer have to pay for those freebies. If you look at the price of the classes associated with those freebies you will quickly realize that many vendors think that you are stupid and you cannot add 1 + 1. They are simply overcharging you and then they give you a gift to make it look OK.
If I overcharge you for my classes then I can offer freebies as well. However, I think this would be against my ethics. A company should simply give the best price they can while delivering quality training. If the only reason people attend such class is to get a freebie instead of getting great content and outstanding skills and knowledge it means your class does not have much to offer in the first place.
When classes are overpriced, you are the person who pays for those freebies that's for sure. Do look at the price before the freebie is being offered, the price is so outrageous that they can offer freebies and still charge you more and make more money than most vendors out there. You will quickly notice that there is no free lunch, you are the one that is paying for the freebie because the class price is way too high in the first place. There is no SPECIAL at all.
At Security University we currently have an offer for a two for one, our normal class price is already heavily discounted but if you come to the same class with one of your colleague you can split the cost of the class in two. This gives you an amazing class for a very low price. Do check it out, you will see that we do not use complicated scheme, we like to keep thing easy and straight forward. Simply come with a friend of a colleague and you pay half of the normal price which is already lower than most vendors out there. Check it out and you will not be disappointed. This is about $1300 per person which is a great deal considering that our faculty has only Security Instructors that are well known and that have dozens of years of experience on average. We don't hire people who reads slide to you. We hire the best and only the best. If your are really found on having a freebie, we can sell the class to you at $2695 and give you a kindle or a $100 gift card. :-(
At Security University we also believe in being a responsible community player as well. Over the next three CISSP classes we will deliver we have 16 student who had paid for classes with Vigilar Intense School but their money was lost due to the closing of Vigilar Intense School. We have offered free seats to those students to help them offset the losses they have suffered. This is what responsible organizations do to help the community. Ask the freebie givers out there how many seats they have given for free?
In closing, I just want to say: Do not be stupid and don't get lured into freebies that you pay yourself. Who cares about a Kindle that cost you three times the prices when you look at the price fo the class compared with what others are charging. Get your money worth, train more people, use your training budget adequately. This is what this is all about. Not about overprice classes with so called freebies.
Best regards to all
Clement Dupuis
Senior Security Instructor and Evangelist at Security University
(Very tired of vendors who thinks we are all stupid and hope we will fall pray of stupid rebates) "
New logo for the CCCure Family of Portals
Posted by boss on Friday, 29 January 2010 @ 22:15:05 EST (721 reads)
Topic CISSP OSG INFO
cdupuis writes "Today I am happy to present our new logo:
Our new logo represent very well the mission of CCCure and it's family of portals.
It shows that our mission is Education, Information System Security, helping people worldwide.
Every month we have people from more than 125 countries that are making use of our portals. That's over 100,000 unique visitors overall. We are proud today to show our new identity, the next time you see it you will know it is not a clone, a rogue, or a fake. It is the real thing.
Thanks to all who supported us over the past ten years.
Best regards
Clement, Nathalie, and Alain
Site Owners and Maintainers
"
CPE = CONTINUOUS PAYMENT EXPECTED
Posted by boss on Thursday, 21 January 2010 @ 19:45:21 EST (1257 reads)
Topic CISSP OSG INFO
cdupuis writes "NOTE FROM CLEMENT:
CompTIA has joined the rank of certification body who will require CPE's to keep our A+, Network+, and Security+ certification current as well as imposing an expiry date or renewal cycle every 3 years like other certification body are doing.
If the whole CPE things was done properly it would be great. However in most case this is use as a way of making more money by offering seminars and other cheesy training to make CPE's. When will people get serious about providing skills and knowledge as a priority.
See the announcement below from CompTIA:
CompTIA Certification Renewal Policy
CompTIA A+, CompTIA Network+ or CompTIA Security+ certifications are now valid for three years from the date the candidate is certified. The change brings the CompTIA certifications in line with the practice of other major providers of certifications for IT professionals, such as Cisco, Microsoft and Oracle.
The renewal policy also is required for these three certifications to maintain their accreditation and compliance with internationally accepted standards for assessing personnel certification programs (ANSI/ISO/IEC 17024). CompTIA A+, CompTIA Network+ and CompTIA Security+ certifications earned the ISO 17024 accreditation from the International Organization for Standardization (ISO) in 2008. ISO requires that individuals have a way to renew the currency of their certification on a regular basis. In CompTIA’s case, renewal will occur every three years.
The new certification renewal policy is applicable to all individuals who hold CompTIA A+, CompTIA Network+ or CompTIA Security+ certifications, regardless of the date they were certified. Other CompTIA certifications are not affected at this time.
Beginning January 1, 2010, a “Valid Through” date appears on all certificates and certificate holder ID cards for individuals who earn CompTIA A+, CompTIA Network+ or CompTIA Security+. The date is three years from the date of certification.
Certification renewal will ensure that individuals have the most up-to-date skills and knowledge to deal with the fast-changing IT environment.
In conjunction, CompTIA is introducing a continuing education program for individuals with multiple ways to earn continuing education credits to maintain their active certifications.
Among activities that will qualify for continuing education credits are passing a “bridge” exam or the most current exam for their CompTIA certification; teaching, lecturing or presenting on relevant industry topics; participating in non-degree courses or computer-based training; attending relevant industry conferences and events; participating in a CompTIA exam development workshop; publishing articles, whitepapers, blogs or books on relevant topics; obtaining other industry certifications; or completing industry-related college courses from degree-granting institutions.
Enrollment in the certification renewal program is expected to be available in mid-2010. "
Info for students that lost money due to Vigilar Intense School closing doors
Posted by boss on Thursday, 14 January 2010 @ 17:26:37 EST (744 reads)
Topic CISSP OSG INFO
cdupuis writes "Hi Everyone,
Today is an exceptionally great day for your clients and students that paid Intense School pre-paid fees for classes.
I have contacted SCHEV (State Council of Higher Education for Virginia) in VA - the licensing board in the State of VA and they said students can get a portion of their money refunded.
Linda Woodley is the SCHEV Director and has confirmed Intense School class fees may be refunded to the students. Below is Linda Woodley's contact information to send/email about refunding class fees.
Intense School told SCHEV no student was going to lose class fees from Intense School closing. She has been advised differently.
Your all welcome to contact Linda and I hope this helps.
Pls let me know how Security University can assist you. You have my contact info below.
'good luck with working with Linda as she really knows her stuff. ttys SJS:)
Linda H. Woodley, M.Ed.
Director, Private & Out-of-State Postsecondary Education
State Council of Higher Education for Virginia
James Monroe Building
101 N. 14th Street, 9th Floor
Richmond, VA 23219
Office phone: 804-371-2938
Fax phone: 804-786-2027 or 804-225-2604
E-mail: lindawoodley@schev.edu
Website: www.schev.edu
This information was provided by Sondra at Security University. Sondra has been a sponsor of CCCure for a long time and this is where you can get CISSP classes delivered by Clement Dupuis the owner of the CCCure Family of Portals. See Sondra's contact info below. Give her a call to book a seat on one of the many top notch qualified security classes or the world's best CISSP class.
--
Qualified Training for Qualified Results!
Sondra J. Schneider
Founder & CEO, Security University
109 Weed Ave
Stamford CT 06902
work 203.357.7744
cell 203.249.8364
www.securityuniversity.net "
Information Security Management Maturity Model (ISM3) update
Posted by boss on Thursday, 02 April 2009 @ 17:16:13 EDT (1667 reads)
Topic CISSP OSG INFO
cdupuis writes "Forwarded from:
STANDARD FOR INFORMATION SECURITY MANAGEMENT UPDATED
April the 2nd 2009, Madrid
Following a series of important updates to the Information Security Management Maturity Model, the ISM3 Consortium, with members from the US, Spain, India and Colombia, today announced the worldwide launch of version 2.3 of this advanced information security management standard.
Today, the ISM3 Consortium published the print version of Information Security Management Maturity Model (ISM3) v2.3. The method has been updated with security management metrics proven in the field, and a new approach that defines security maturity objectively as a direct result of the metrics used to manage information security processes.
ISM3 focuses on “Achievable Security” rather than “Absolute Security”. Achievable security is a trade-off between absolute security and business requirements. The traditional view that “Information Security
should prevent all attacks” is not realistic for most organizations.
ISM3 achieves its balance by mapping an organization’s business objectives (such as product delivery and profitability) directly against security objectives (such as ensuring data access only to authorized users).
ISM3 builds on successful principles from the field of quality management (Six Sigma, ISO9001), and applies these ideas to the field of information security, providing an opportunity for organizations of all
types and sizes to enhance their ISM systems and align them with their business needs. Implementations of ISM3 are compatible with ISO27001, which establishes control objectives for each process.
Implementations use management responsibilities framework similar to the IT Governance Institute's CobIT framework model, which describes best practices in the parent field of IT service management. ITIL users can use ISM3 process orientation to seamlessly strengthen ITIL security process. Using ISM3
style metrics, objectives, and targets it is possible to create measurable Service Level Agreements for outsourced security processes.
The significant features of ISM3 are:
* Metrics for Information Security – “What you can’t measure, you can’t manage, and what you can’t manage, you can’t improve” – ISM3 v2.3 is probably the first information security standard to make information security a measurable process by using metrics for every process. This allows continuous improvement, as the standard defines criteria to measure efficiency and performance.
* Capability Levels – ISM3 is the first standard that defines capability in terms of metrics, a leap that makes ISM3 orientation to continuous improvement unique.
* Maturity Levels – ISM3 comes in five different sizes, or maturity levels. This makes it suitable for a wide range of organizations, from the very large to the very small. Each maturity level is tailored to the security objectives of the target organization.
* Process Based – ISM3 v2.3 is process based, which makes it specially suited to organizations familiar with ISO9001 and those that use ITIL as the IT management model. It also works well for outsourced services
as it provides a common language for collaboration between information security clients and providers.
* Adopts best practices – implementation of ISM3 is facilitated by its extensive cross-references to other established standards. The IT governance model reflects best practices by clearly distributing responsibility for information security processes between strategic, tactical and operational levels of management.
* Accreditation – ISM systems based on ISM3 can be certified under ISO9001 or ISO27001 systems, and ISM3 can be used as a tool to implement an ISO27001 ISM system. This should increase its attractiveness to organizations that already hold quality certification or have experience with ISO9001.
About the ISM3 Consortium
The ISM3 Consortium represents the ISM3 business community. The Consortium develops ISM3 and promotes and protects the ISM3 brand.
Learn more about the Consortium at http://tinyurl.com/ism3consortium
Learn more about ISM3 at http://tinyurl.com/ism3about
Steven McElwee on ISM3 at http://tinyurl.com/ism3others
Purchase the method from http://tinyurl.com/ism3v23
###
Media Contact
ISM3 Consortium
Vicente Aceituno
C. Olimpico Francisco Fernández Ochoa 9, 28923 Alcorcón, Madrid, Spain
0034696470328 - Available 8-5 Monday to Friday, Western European Time
consortium (at) ism3.com
www.ism3.com "
(IN)SECURE magazine issue 18 has been released
Posted by boss on Thursday, 25 September 2008 @ 23:56:49 EDT (1369 reads)
Topic CISSP OSG INFO
cdupuis writes "(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. Issue 18 has just been released. Download it from: http://www.insecuremag.comThe covered topics include:- Security standpoint by Sandro Gauci: Closing a can of worms - Network and information security in Europe today - Browser security: bolt it on, then build it in - Passive network security analysis with NetworkMiner - Lynis - an introduction to UNIX system auditing - Windows driver vulnerabilities: the METHOD_NEITHER odyssey - Removing software armoring from executables - Insecurities in privacy protection software - A proactive approach to data breaches - Compliance does not equal security but it's a good start - Secure web application development - Avoiding a "keys to the kingdom" attack without compromising security - The insider threat - Web application security: risky business? - Enterprise application security: how to balance the use of code reviews and web application firewalls for PCI compliance Visit the (IN)SECURE Magazine web site at: http://www.insecuremag.comSubscribe to our RSS feed at: http://feeds.feedburner.com/insecuremagazineContact: - For information on contributing to (IN)SECURE Magazine, please contact Chief Editor Mirko Zorz at editor( at )insecuremag.com - For marketing inquiries do contact Marketing Director Berislav Kucan at marketing (at) insecuremag.com
OSG NEWS: The CCCure Family of Portals Usage Agreement
Posted by boss on Saturday, 30 August 2008 @ 19:11:06 EDT (1309 reads)
Topic CISSP OSG INFO
cdupuis writes "IMPORTANT: USAGE AGREEMENT PLEASE DO READ BEFORE JOINING
This CCCure Family of Portals is offering free security education resources, forums, links, study guides, and a lot more to help you expand your knowledge and skills, further your career, discuss with other who have the same goals as you do, and of course help you reach your certification goals.
As an anonymous user on our web sites you have very limited access. Registration will give you lots of extra benefits and also allow you to access content such as our huge download section, our study guides, our quiz engine, our tutorials, our exam crams, our web links, and participation within our forums to name only a few of the benefits you will get.
Leechers are definitively NOT welcome
In computing and specifically on this portal, being a leech or leecher refers to the practice of benefiting, usually deliberately, from others' information or effort but not offering anything in return, or only token offerings in an attempt to avoid being called a leech. Do take the time to contribute articles, powerpoint slide show, study guides, videos, quiz questions, news, downloads, links, forum posting, etc... If worst come to the worst and you do not have any free time to contribute, a donation is always appreciated as our operational expenses need to be paid on a monthly basis and money allow us to hire people to review and develop new content for you the visitors.
Usage Agreement (Please read, if you do not agree, do not join)
By registering on this web site you give implicit permission and you authorize CCCure to send you advertising messages from our sponsors. The messages sent are for products or services that are security oriented. We will NOT send messages about male enhancement product or other types of get rich/bigger scams or similar products and services. The messages from our sponsors are sent only a few times a month and your email address is NEVER given or resold to anyone else. We will pass the message on behalf of our sponsors but they never get access to your email address.
The web site is self supported strictly through
donations and advertising from our sponsors
Advertisement and distribution of our sponsors messages through our mailing list is needed for our survival. Donations alone are totally ineffective and our yearly donations are very very minimal at this point. The totality of our donations usually pays for about 2 to 3 months of hosting and this is all. We must completely rely on our sponsors to survive. This is why we have such a policy above in place. The final benefit to you the members and visitors of the web site is always: FREE ACCESS
Forcing registration also ensures that we minimize the amount of junk that unscrupulous users attempt to post within our message area, comments areas, web links, download areas, forums, or any other place where they can post their unsolicited and unwanted messages. The greatest benefit of all is the fact that registration helps us in maintaining the quality of the content overall.
Once you are registered and logged in, you will no longer see this message and new menus and options will be available to you as a registered member.
If you do not agree with the policy above, please do not register
By registering you implicitly consent to our usage policy as stated above.
I wish you all best of luck in your studies!
Best regards
Clement, Nathalie, and Alain
Site Maintainers "
Our latest site administrator, meet my brother Alain:
Posted by boss on Thursday, 28 August 2008 @ 10:32:32 EDT (1349 reads)
Topic CISSP OSG INFO
cdupuis writes "As you have experience yourself, all of our portals have been growing at frantic speed.
I was totally overwhelmed by the massive amount of emails and maintenance tasks that me and Nathalie had to cater to on a daily basis. I have asked my brother to get out of retirement (nice of me) to help me with the maintenance of our portals. He agreed and I was very happy he did. Below you have a short biography of my brother Alain who also believes in sharing and giving back to the community:
My brother Alain has recently retired from the Canadian Navy after more than 34 years of Service. During his career, he has worked primarily in the information technology field as an electronic technician, computer and communications technologist, combat system engineer, and software analyst. He has held various positions such as Chief Technical Officer in charge of maintaining a mainframe computer centre and Quality Assurance Officer during the construction of the Canadian Patrol Frigates. For his last 7 years of Service in the Navy, he has worked as a programmer and software analyst for the Combat System software used on the Canadian Frigates. He has specialized in large-scale, multi-million dollars software projects.
For the past 20 years, he has assisted his wife, Lynette, in her activities with the Block Parent Program in Ottawa, Victoria, and Halifax. His family received their first Block Parent window sign in Gloucester, Ontario. In 2002, the BPLink project asked Alain to join their team as a technical advisor. Because of his technical background, Alain was well suited for the job. Shortly after, he accepted the position of Project Manager on a voluntary basis, a job that he still performs today.
We are extremely glad to have Alain onboard and it will help GREATLY to maintain proper quality of service and prompt response to your queries.
Thanks Bro!
Clement "
Why Leaders Should Care About Security (podcast)
Posted by boss on Friday, 08 August 2008 @ 10:07:36 EDT (1465 reads)
Topic CISSP OSG INFO
cdupuis writes "NOTE FROM CLEMENT:
The message above was posted on my friend Dan Swanson on his mailing list. If you wish to subscribe simply click on the subscribe link: Subscribe
Under the URL http://www.cert.org/podcast/ you will find a large collection of podcast that are extremely interesting. Do take a look and start racking up some CPE's. All of this is available for FREE, that the price I wish to pay for my CPE's.
Here is the message:
This podcast is intended to motivate leaders to pay attention to enterprise and information security, and the risks of not doing so. It introduces two landmark examples of organizations that did not treat adequate security as a high priority. It places security in a governance context and introduces how security can be viewed as a competitive advantage.
It discusses creating a culture of security, demonstrating duty of care, and determining who is ultimately responsible for security. It provides some next steps for taking action.
http://www.cert.org/podcast/show/leaders.html
Enjoy
Dan
"
Randy Pausch, Known for his "Last Lecture," Dies
Posted by boss on Friday, 25 July 2008 @ 20:41:24 EDT (1591 reads)
Topic CISSP OSG INFO
cdupuis writes "
NOTE FROM CLEMENT: I usually do not write articles that are out of topics. But his story and the presentation of Mr. Paush has really touched me in a very special way. His presentation was so full of truth about our values and life that I listened to it a few times. If you have NOT listened to it, I would recommend very strongly you do so. The lecture is at: http://www.youtube.com/watch?v=ji5_MqicxSoBELOW YOU HAVE THE SAD NEWS THAT HE PASSED AWAY: Top News July 25, 2008, 1:30PM EST Randy Pausch, Known for his "Last Lecture," Dies Randy Pausch's final talk at Carnegie Mellon, in which he celebrates having fulfilled his childhood dreams, was an international sensation By RAMIT PLUSHNICK-MASTI Associated Press Writer PITTSBURGH (AP) - Randy Pausch, the Carnegie Mellon University computer scientist whose "last lecture" about facing terminal cancer became an Internet sensation and the basis of a best-selling book, died Friday. He was 47. Pausch died at his home in Chesapeake, Va., said Jeffrey Zaslow, a Wall Street Journal writer who co-wrote Pausch's book. Pausch and his family had moved there last fall to be closer to his wife's relatives. Pausch was diagnosed with incurable pancreatic cancer in September 2006. His popular last lecture at Carnegie Mellon in September 2007 garnered international attention and was viewed by millions on the Internet. In it, Pausch celebrated living the life he had always dreamed of instead of concentrating on his impending death. See full article at: http://www.businessweek.com/print/bwdaily/dnflash/content/jul2008/db20080725_243087.htm
Problem with access to the Quiz Engine
Posted by boss on Thursday, 26 June 2008 @ 11:01:42 EDT (1139 reads)
Topic CISSP OSG INFO
cdupuis writes "Good day to all,
We are very sorry for the problems you had accessing the Quiz Engine.
There was a DNS issue the prevented people to access the quiz using the URL.
This should resolve itself over the next 24 hours as DNS are being updated.
In the meantime you can use:
http://207.45.179.106/~freeprac/quiz/home.php
The URL above will take you directly to the quiz engine.
Thanks to all for your patience
Clement and nathalie "
|
|
Login here
Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.
Past Articles
| Tuesday, June 17 | | · | Biometric Systems study Information produced by Shon Harris |
| Saturday, May 24 | | · | The BIG and FAT IT employee |
| Friday, May 02 | | · | SecurAnchor Newsletter by Eric Cole |
| Friday, April 25 | | · | The Academy April 2008 Contest |
| · | Great mailing lists maintained by Dan Swanson |
| · | Information Technology Investment Management from the GOA |
| Thursday, April 03 | | · | IT Compliance and Controls - Best Practices for Implementation |
| Tuesday, April 01 | | · | Centre for Internet Security Roadmap |
| Sunday, March 09 | | · | SecureAnchor great newsletter by Eric Cole |
| Friday, March 07 | | · | SecureAnchor Newsletter March 2008 |
| · | Disaster Planning Guide for Small Business owner |
| Sunday, February 03 | | · | Who is Responsible for Information Security? |
| Thursday, January 24 | | · | SecureAnchor latest newsletter by Eric Cole has been released |
| Saturday, November 03 | | · | Get the latest information on IT security in Canada |
| Saturday, October 13 | | · | IT Security Essential Body of Knowledge (EBK) |
| Wednesday, October 10 | | · | The CCCure Web Store is now OPEN |
| Friday, July 20 | | · | Secure Anchor newsletter |
| Tuesday, March 13 | | · | EDPACS: The EDP Audit, Control, and Security Newsletter |
| Monday, February 12 | | · | New Security Professionals Networking site |
| Saturday, February 03 | | · | CISSP study group forum in Plano, TX |
Older Articles
|
Main Library Area 
COBIT© Standard 
Change Control Process
