|
|
|||
|
|
|
|||
Shon Harris TrainingShon's CornerGreat Resources from Shon Harris Library of Documents Main Library Area  COBIT© Standard Governance ISO Standard 27001/17799/BS7799 Security Awareness Security Policies SSE-CMM© *Quality versus Quantity* Forum Postings Exam on December 21 in New York City Need advise Dec. 13, 2008 Results help me CISSP---GROUP FOR DUBAI--March 2009 RBAC or RBAC??? Dreamed you fail the CISSP exam? Confused over the 'krutz' book many ppl have mentioned ... Does anyone know when the next AIO shon harris book is out ? Realistic date for sitting the exam - 2 choicesRecommended PodcastsCISSP's BlogsHere is a list of Blogs maintained by CISSP's. - Allen Baranov LEGAL INFO - Cyber Law Update ISO 17799/ISO 27001SurveysSecurity BooksTop10 Downloads· 1: Domain 1.zip
· 2: CRAM Study guide on the 10 domains of the CBK · 3: Study Guide for Domain 1 - Access control Systems and Methodologies · 4: Access Control Presentation · 5: Great Document on Security Models · 6: Overly Updated.pdf.zip · 7: Intro1.zip · 8: Domain 3.zip · 9: Domain 7.zip · 10: Cram Study Guide for Domain 1 - Access control Systems and Methodologies Top10 Links· 1: CISA et CISSP Quizzes
· 2: Exam Introduction and overview · 3: Ben Rothke's Web Site · 4: Resume of the 10 domains of the CBK · 5: Erik Chang, CISSP Study Resources · 6: 1. Information Security and Risks Management CBK Tutorial · 7: China CISSP Study Group · 8: International Information Systems Security Certifications Consortium Inc. · 9: Rob Slade's CISSP Books reviews · 10: Review of CISSP Training Material Who's OnlineThere are currently, 65 guest(s) and 24 member(s) that are online. You are Anonymous user. You can register for free by clicking here |  |
CCCure/OISSG CISSP Workshops -- Middle East, Egypt, and India Grand Tour
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CISSP Workshops in Middle East, India, and Egypt
(comments? | Score: 0)
Detecting Rootkits with Rkhunter
Posted by boss on Tuesday, 02 December 2008 @ 14:44:21 EST (423 reads)
Topic Training News
The Academy has decided to change the rotation of our videos. Instead of users having to wait to see a handful of videos on a weekly basis, we will be posting a 'video of the day' from Monday to Friday. We begin the video of the day with installing, updating and running rkhunter. Rkunter is a free rootkit detection utility that will check a local system for rootkits, backdoors and exploits by comparing SHA-1 hashes to an online database of known good hashes.
The Rkhunter video, along with every video of the day, 
will be posted to the 'Featured Videos' section of the website on a weekly basis. They will be moved to the 'Directory' at the end of the week to make room for the following week.
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
(comments? | Score: 0)
Earn CPE credits by viewing videos on The Academy
Posted by boss on Thursday, 20 November 2008 @ 19:02:52 EST (558 reads)
Topic Training News
With this update we're first demonstrating Astaro's content filtering and anti-portscan abilities. We continue by introducing our first Tenable Security Center videos. These are just the start of some very cool videos for this product. Wrapping things up for this update is a video on how you can use Tor to surf anonymously. I actually made a video about Tor for SearchSecurity a couple of months ago, but I had some users request that I include a Tor video on The Academy. Enjoy!
Just a quick reminder to any CISSP or SSCP certification holders - you can submit CPE credits for the videos that you view on The Academy.
New videos:
Configuring & testing Astaro's IPS Anti-Portscan
Content filtering with Astaro's Security Gateway
Generating PDF reports with Tenable Security Center 3
Performing a scheduled credential scan with Tenable Security Center 3 & Nessus
Performing a network process audit scan with Tenable Security Center 3 & Nessus
Surfing anonymously using Tor
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(Read More... | 1 comment | Score: 0)
The Academy Video Update
Posted by boss on Monday, 10 November 2008 @ 14:11:06 EST (465 reads)
Topic Training News
Seven new videos for you this week. We start off with the conclusion to the popular video series 'Writing effective Snort rules,' and continue with the demonstration of backup and restore tools for Check Point. Disk mirroring for Nokia and the installation of McAfee HIPS in a stand-alone environment wrap things up for this video update.
Don't forget about our Hackers for Charity campaign. The Academy will donate $1 to Hackers for Charity for every user that registers for a free account on www.theacademy.ca. Please forward this message to anybody interested in The Academy so that a substantial donation can be made this month. Thanks!
I would like to welcome Jay Zorzi to the list contributors. Jay has assisted with video creation over the last few months and his contribution is much appreciated. We look forward to working with him.
New videos:
Enabling disk mirroring on a Nokia IP Security device
Backing up Check Point with upgrade_export
Restoring Check Point with upgrade_import
Stand-alone McAfee HIPS Installation
Writing effective Snort rules IV
Writing effective Snort rules V
Writing effective Snort rules VI
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(comments? | Score: 0)
Beware of Testking, Actualtests, and the like
Posted by boss on Friday, 07 November 2008 @ 15:54:14 EST (782 reads)
Topic Training News
Good day to all,
Over the past year I have been receiving many emails from people who unfortunately were attracted by very catchy publicity and promises of pass guaranteed and they decided to buy some of the online study guides such as preparation tests and other items that garantees you will pass for sure.
I have spent a bit of money with a few friends and we bought copies of those tools ourselves.
I was completely amazed to see the practice test from actualtests.com and testking.com had the EXACT SAME questions and choices presented as the real exams. Word for word except one thing, they attempted to answer the questions themselves and they are recommending the wrong answers to the people who buys their products. Some of the recommended answers are plain hilarious at best. If you follow their recommendations you will fail for sure.
If you have done your homework and you have prepared yourself properly for your upcoming exam you will see that the value of these so called real exam test questions is extremely limited, you should be able to pick those mistakes from a mile away.
Once again I strongly recommend that you do the ethical and correct thing: Prepare properly and pass the exam on your own. Avoid those unethical website and save yourself some money and ambarrassment later on when you get to your first job interview and they realize you are only a paper person with no skills or practical knowledge.
Best regards
Clement
"(Read More... | 3 comments | Score: 0)
Register for Charity
Posted by boss on Friday, 31 October 2008 @ 14:19:40 EDT (530 reads)
Topic Training News
What is Hackers for Charity?
Hackers for Charity helps non-malicious hackers gain valuable job experience by putting them to work on projects for charity. They also build computer classrooms to help children and adults break the cycle of poverty through empowerment training, and feed children with funds raised by sales of Johnny Long's books.
This month, I thought that it would be fun to partner up with Hackers for Charity in order to raise money for the people of Uganda. The Academy has offered to donate $1 to Hackers for Charity for every user that registers for a free account at www.theacademy.ca for the entire month of November. If you’re a registered user already please forward this email or post it on a blog. Anything you can do to spread the word would be greatly appreciated. Let’s try to make a substantial donation to charity this month. Thanks everybody!
Peter Giannoulis
The Academy
www.theacademy.ca
(Read More... | 1 comment | Score: 0)
Webcast Series - Endpoint Security
Posted by boss on Tuesday, 28 October 2008 @ 16:00:12 EDT (528 reads)
Topic Training News
Compliance at the Endpoint - Is 'Out of Sight, Out of Mind' a Risky Security Strategy
Endpoint Compliance is a tricky process. While gateways are a cost effective solution, they don't see all the traffic, especially from mobile users. For increasingly diverse users and their devices, endpoint security struggles to address state, federal, international, and industry regulations, internal policies (acceptable use and intellectual property protection), malicious code protection, data leakage, and unauthorized applications execution. Endpoint security solutions need sensitivity relative to client resource consumption, administrative overhead, new client technologies, and changing compliance regulations. Click here to register.
Thursday, November 06, 2008
11:00am (PST) / 1:00pm (CST) / 2:00pm (EST)
Who Should Attend:
CSO, Security VP/Director within desktop admin groups
CIO, VP/Director/Manager of IT, IS, MIS, Desktop, and Network groups
What You Will Learn:
The importance of an endpoint compliance strategy
Internal acceptable use policies
Possible solutions for Endpoint Security compliance
Protecting Sensitive and Confidential Information with Endpoint Security
The risk of information exposure is well known today, but have we really understood the lessons taught? We all too often approach Information Security from the bowels of technology, forgetting the first word was information. To understand what were trying to protect is paramount in this game of ever changing threats. Just a short time ago, the process of protecting classified documents was easily managed by locking them in the safe before leaving the office. The challenge was knowing if you had all the documents back before the safe was locked. Today’s challenge isn’t much different. We are faced with increasing amounts of data, overwhelming storage methods, and new changing methods of corporate data access. Whether we are focused on protecting classified government document, corporate secrets, or sensitive personal information about employees, partners, or customers, we face new hurdles and every day. Click here to register.
Thursday, November 20, 2008
11:00am (PST) / 1:00pm (CST) / 2:00pm (EST)
Who will benefit?
CSO, Security VP/Director within desktop admin groups
CIO, VP/Director/Manager of IT, IS, MIS, Desktop, and Network groups
What will you learn?
How to overcome Endpoint Security challenges
Hear about "real-life" implementation from industry expert
Learn how to protect your data where it’s most vulnerable
(comments? | Score: 0)
HISP course offered in Athens, Greece
Posted by boss on Sunday, 26 October 2008 @ 21:39:50 EDT (533 reads)
Topic Training News
An HISP (Holistic Information Security Practitioner) Certification Training Course will take place at:
Location: Royal Olympic Hotel
City: Athens
Country: Greece
Dates: 10-14th of November 2008
For more information visit the HISP web site at http://www.hispcertification.com/
(comments? | Score: 0)
The Academy
Posted by boss on Saturday, 25 October 2008 @ 14:32:25 EDT (465 reads)
Topic Training News
Once again, we're ending the week with additional resources for you to soak up. This week we have posted papers that cover SQL injection, load balancing, application firewalls and application delivery security. All relevant topics considering the threats we face on the Internet today. I hope you enjoy them!
New resources:
SQL Injection Evasion Detection
Load Balancing 101: Nuts & Bolts
Application Firewalls
Application Delivery Security
TMOS: Secure Development & Implementation
Acceleration 102
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(comments? | Score: 0)
The Academy Video Update
Posted by boss on Friday, 24 October 2008 @ 09:42:58 EDT (446 reads)
Topic Training News
I hope everybody is doing well this week. It has certainly been busy for us. We are currently working on some new initiatives for the website and will announce them as soon as we can. This week we have created some additional Nessus videos which present some really cool features of the product. Don't forget to check out the Hping tutorial as well.
New videos:
Demonstration of the Nessus VM Appliance
Demonstration of Nessus Credential-based Port Scanning
Demonstration of calling Nikto from Nessus
Hping Tutorial
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(comments? | Score: 0)
Microsoft Blue Hat Hackers Headline Chicago Security Con
Posted by boss on Monday, 20 October 2008 @ 22:29:39 EDT (547 reads)
Topic Training News
Microsoft pen testers AKA ethical hackers, Billy Rios and John Walton, headline an impressive list of presentations by security researchers, practitioners and executives on Oct 31 & Nov 1, 2008 for the fall edition of ChicagoCon. For only $100 including food and swag, it's a steal. And without an exhibit hall full of sales pitches, you're free to learn from the pros, network with peers and advance your career.
Presented by The Ethical Hacker Network Online Magazine
Ethical Hacking Conference
Friday Oct 31 - Saturday Nov 2
In a plush auditorium, ChicagoCon features hourly presentations similar to what you would find at Black Hat starting on Friday afternoon at 2:00 PM and continue throughout the entire day on Saturday. We will also have breakout sessions in adjoining classrooms on Saturday for more extensive treatment of certain topics. For only $100, you get an entire day and a half of cutting-edge security talks, book giveaways, free magazines, Pizza Party on Friday, lunch on Saturday, attendee bag with t-shirts and much more.
The Ethical Hacking Conference will have as it's opening keynote presentation, Billy Rios and John Walton, members of Microsoft's own pen testing team AKA Blue Hats:
Mischievous Eyes and Malicious Mindsets
The browser is our window to your secrets... and we've got mischievous eyes. As organizations push to increase the "richness" of online user experiences, they are also unwittingly increasing attack surface for organizations and their users. Join two of the best looking security researchers in the world as we dissect the current state of client side and web application security. We'll dive into the gory details and demonstrate the impact of client side vulnerabilities, blended threats, and targeted attacks. We'll cover everything from benign application vulnerabilities that gave college hopefuls a sneak peak on their admissions status, all the way to vulnerabilities used to steal your data and compromise your machine.
Other speakers during this conference dedicated to the legitimate profession of hacking include:
- Karsten Abata (Halock Security Labs) on "Nailing the Insider"
- Michael A. Davis (CEO of Savid Technologies) sheds light on the new focus of organized crime in "Modernization of Malware Factories"
- Donald C. Donzal (Founder of ChicagoCon) brings you "DIY Career in Ethical Hacking"
- Michael Gregg (Author, Superior Solutions, Inc.) on "Malware - The Continuing Evolving Threat"
- Daniel V. Hoffman (SMobile Systems) enlightens with "Smartphones Aren't Currently Being Exploited - And the Titantic is Unsinkable"
- Ryan Linn (SAS) helps you get the most from your security investment with "Pen Testing ROI"
- Brian Wilson (Cisco) offer up his mastery of network security in "Layer 2 Tai Sigung"
- and many others.
Get details on the entire conference at http://www.chicagocon.com/content/view/103/51/.
(Read More... | 4 comments | Score: 5)
The Academy Video Update
Posted by boss on Thursday, 16 October 2008 @ 19:56:00 EDT (481 reads)
Topic Training News
If you're wondering why there's another video update a couple of days after the last one, it's simple, Tenable Network Security offered up some great videos on how to effectively use Nessus and we didn't want to wait any longer before posting them. The videos are presented by Mr. Ron Gula, CEO of Tenable Network Security, and I'm sure you'll enjoy them.
New videos:
Using Nessus 3 to perform a Federal desktop Core Configuration Audit
Introduction to Nessus 3 with Ron Gula
Using Nessus 3 to perform a SANS Top 20 Vulnerability Audit
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(comments? | Score: 0)
The Academy Video Update
Posted by boss on Wednesday, 15 October 2008 @ 18:14:39 EDT (497 reads)
Topic Training News
Last week we attended SecTor 2008 and it was a blast. We received a ton of new registered users and had the opportunity to catch a few sessions as well. I must say that SecTor is the most organized security conference I have attended in the last few years. Congrats to the entire team who put the conference together!
I really enjoyed the Johnny Long 'No-tech hacking' keynote. Johnny also had the opportunity to introduce his 'Hackers for Charity' initiative. I urge all of you to check it out and get involved with the project. Any donations you can make to the cause would be much appreciated.
New videos:
Adding a device to Astaro's Command center (ACC)
Configuring Astaro SSL VPN
Installing PTK for The Sleuth Kit
Using Shavlik's NetChk Protect Machine-Centric View
Installing Check Point's Provider-1 with SecurePlatform (SPLAT)
Adding a customer to Check Point's Provider-1
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1 and OSSEC.
"(comments? | Score: 0)
The Academy - Security Webcasts with Ed Skoudis & Eric Cole
Posted by boss on Tuesday, 07 October 2008 @ 09:29:37 EDT (563 reads)
Topic Training News
As a security pro, it’s important to periodically stop, take a break, and refuel your brain. Once per month, Core Security Technologies does the same thing and invites industry thought leaders to share their insights through educational webcasts offering security testing tips, tricks and strategies.
We’d like to share some of our favorite on-demand Core Security webcasts with you. The downloads are available on Core Security’s website:
-----------------------------------
About “Hacking for Managers”
-----------------------------------
Eric Cole discusses how techniques traditionally used by attackers can be used to safely and regularly evaluate your organization’s security posture. This webcast is ideal for IT leaders interested in the management implications of penetration testing – as well as for experienced IS professionals who need to promote the value of penetration testing to their colleagues.
Click here to access “Hacking for Managers”: http://www.coresecurity.com/Form/generic/campaign/emailblast
-------------------------------------------------------
About “Penetration Testing Ninjitsu Parts I-III”
--------------------------------------------------------
These in-depth, technical presentations by Ed Skoudis look at the art and science of using penetration testing to gain visibility into your organization’s security posture.
Part I: A brief introduction to the value of penetration testing + an overview of pen testing techniques using the Windows command shell.
Part II: An introduction to techniques for performing the functions of Netcat - such as moving files, scanning ports and creating backdoors - without using Netcat.
Part III: This installment explores what can happen after the initial vulnerability is compromised and a threat becomes truly invasive – and how to proactively assess your systems against such attacks.
Click here to access the “Penetration Testing Ninjitsu” series: http://www.coresecurity.com/Form/generic/campaign/emailblast
Core Security provides comprehensive security testing software solutions based on independent, trusted vulnerability research and leading-edge threat expertise. Unlike many vendor webcasts, these are focused on educating the security community rather than selling a specific product.
(comments? | Score: 0)
The Academy Video Update
Posted by boss on Friday, 03 October 2008 @ 18:49:42 EDT (595 reads)
Topic Training News
Hey everybody,
There's only a few days left before SecTor 2008, the best security conference that Toronto, Canada has to offer. If you're interested you can still register at www.sector.ca. Many of us will be busy at the conference next week, so I figured that I would release some videos for you at this time. I hope you enjoy! PS - If you're at SecTor next week don't forget to drop by The Academy display for some free swag.
New videos:
Installing Ubuntu 8.04 Desktop Edition
Obtaining root access on Ubuntu 8.04 Desktop Edition
Installing The Sleuth Kit & Autopsy Forensic Browser
Metagoofil Tutorial
Thank you all for your on-going support and recommendations.
Peter Giannoulis
The Academy
www.theacademy.ca
This update has been brought to you by Check Point Software Technologies, Sourcefire, Peer1
and OSSEC.
(comments? | Score: 0)
Login here
Our Sponsors
CCCure Supporters
Random Headlines
Today's Big Story
Past Articles
Older Articles
Recommended
Most Active Members
Total points: 10900
· 2: Lopezco
Total points: 8443
· 3: cissp_newbie
Total points: 7586
· 4: cdupuis
Total points: 5596
· 5: mikeyoung_fla
Total points: 5301
· 6: Vladimir
Total points: 4605
· 7: MMM
Total points: 2969
· 8: vijayu
Total points: 1859
· 9: Deepakseth
Total points: 1714
· 10: educk
Total points: 1311
The comments are property of their posters, all the rest © 2007 by CCCure.Org, and the site maintainers Clement Dupuis and Nathalie Lambert. Reuse is strictly prohibited without written permission of CCCure.Org or it's maintainers.
This web site is not associated directly or indirectly with ISC2, the SANS Institute, ISACA, or other certification authority. The GCFW, CISSP, SSCP, ISSEP, ISSMP, CISA, and CISM are all the property of their respecful owners. The content of this site is provided to you freely due to the generosity of our sponsors.
- Home Page
- Start Here
- Contribute
- Quizzes
- CISSP Quizzes
- CISA Quizzes
- Contributed Quizzes
- CISSP
- Coming Soon
- CISSP
- Forums
- Mailing Lists
- Contact Us
- Certifications
- ISC2 Certifications
- CISSP
- CISSP CBT By Shon Harris
- CISSP Total Learning Package
- CISSP Documents
- CISSP FAQ
- CISSP in the news
- CISSP Quizzes
- CISSP Study Books
- Official ISC2 Book Errata
- CISSP Study Forums
- CISSP Study Guides
- CISSP Study Group HOWTO
- CISSP Study Links
- CISSP Study Mailing List
- CISSP Study Tips
- CISSP Training
- SearchSecurity CISSP Webcasts
- ISC2 Official Webstore
- How to get CPE's
- LinkedIn for CISSP
- SSCP
- ISC2 CAP
- ISC2 ISSEP
- ISC2 Information
- CISSP
- ISACA
- SANS GIAC
- GCFW Certification
- ISC2 Certifications
- Tutorials
- Contributed
- CCCure Flash Tutorials
- Training
- Career
- Magazines
- EDPACS
- Hackin9
- Information Security Magazine
- Information System Management Magazine
- The official journal of ISC2
- InfoSecurity Magazine UK Version
- InfoSecurity Magazine US Version
- Journal of Digital Forensics
- Journal of OC and Electronic Commerce
- Conferences
- Study Books
Page Generation: 0.84 Seconds