[Cisspstudy] cisspstudy Digest, Vol 12, Issue 6
Nimal Gunarathna
ng949 at yahoo.com
Thu Jun 11 10:57:19 EDT 2009
On review questions for Domain 10: Legal, Regulations, Compliance &
Investigation, question #1. Where does the greatest risk of cybercrime
come from? Both the Transcender CD and CBK have a) Outsiders while the
errata .pdf has it as c) Insiders. Which is which?
It is the 80/20 rule meaning 80% of risk comes from
privilege users or company employees.
--- On Wed, 6/10/09, cisspstudy-request at cccure.org <cisspstudy-request at cccure.org> wrote:
From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
Subject: cisspstudy Digest, Vol 12, Issue 6
To: cisspstudy at cccure.org
Date: Wednesday, June 10, 2009, 7:59 PM
Send cisspstudy mailing list submissions to
cisspstudy at cccure.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
cisspstudy-request at cccure.org
You can reach the person managing the list at
cisspstudy-owner at cccure.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisspstudy digest..."
Today's Topics:
1. Re: cisspstudy Digest, Vol 12, Issue 5 (An.Dang at do.treas.gov)
2. Matt GAUDION is out of the office. (Matt GAUDION)
3. cisspstudy Digest, Vol 12, Issue 5 (Mike Archuleta)
4. Re: cisspstudy Digest, Vol 12, Issue 5 (Lincoln)
5. Re: cisspstudy Digest, Vol 12, Issue 5 (Meena Bhayani)
6. Re: cisspstudy Digest, Vol 12, Issue 5 (Muhammad Malik)
----------------------------------------------------------------------
Message: 1
Date: Wed, 10 Jun 2009 12:46:56 -0400
From: An.Dang at do.treas.gov
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: cisspstudy at cccure.org
Message-ID:
<AE177CAE7814224ABE82FF33FC89523304A2A843 at D01EXC2P.do.treas.gov>
Content-Type: text/plain; charset=US-ASCII
On review questions for Domain 10: Legal, Regulations, Compliance &
Investigation, question #1. Where does the greatest risk of cybercrime
come from? Both the Transcender CD and CBK have a) Outsiders while the
errata .pdf has it as c) Insiders. Which is which?
Thanks for responding.
------------------------------
Message: 2
Date: Wed, 10 Jun 2009 17:50:49 +0100
From: Matt GAUDION <matt.gaudion at sghambros.com>
Subject: [Cisspstudy] Matt GAUDION is out of the office.
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID:
<OF299970D7.4FC26927-ON802575D1.005C8B4F-802575D1.005C8B4F at fr.world.socgen>
Content-Type: text/plain; charset="us-ascii"
I will be out of the office starting 10/06/2009 and will not return until
25/06/2009.
If your email is urgent, please contact:
Adam Currie
Network Services Manager
Email adam.currie at sghambros.com
Phone +44 1534 815627
*******************************************************************************************************************************************************************************************************************
The information in this email and any attachments is confidential and may be legally privileged or otherwise protected from disclosure. If you are not the named addressee, please notify the sender immediately by return email and delete this email and any attachments from your computer system. You must not read, copy, distribute, disclose or otherwise use the information contained in this e mail and must destroy any hard copies you have made.
Internet communications are not guaranteed to be secure or virus-free. The SG Hambros Group accepts no responsibility for any loss or damage arising in any way from unauthorised access to, or interference with, any internet communications by any third party or from the transmission of any viruses. The SG Hambros Group reserves the right and intends to intercept and monitor incoming and outgoing email correspondence for operational or business reasons.
Unless expressly stated, any opinions in this email are those of the sender and not of the SG Hambros Group. SG Hambros Bank Limited is registered in England and Wales under number 964058. The companys registered office and principal place of business is SG House, 41 Tower Hill, London, EC3N 4SG. Please refer to http://www.sghambros.com/important-information.html for further legal and regulatory information relating to the SG Hambros Group.
*******************************************************************************************************************************************************************************************************************
------------------------------
Message: 3
Date: Wed, 10 Jun 2009 10:59:00 -0600
From: Mike Archuleta <mlarchuleta at gmail.com>
Subject: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID:
<75c738b70906100959l743e4ac8k2762c2841cfc757f at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
It hard to answer your question unless you put all the option. Both answer
could be right depending on the items available to select from.
On Wed, Jun 10, 2009 at 10:46 AM, <An.Dang at do.treas.gov> wrote:
> On review questions for Domain 10: Legal, Regulations, Compliance &
> Investigation, question #1. Where does the greatest risk of cybercrime
> come from? Both the Transcender CD and CBK have a) Outsiders while the
> errata .pdf has it as c) Insiders. Which is which?
>
> Thanks for responding.
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090610/5f53d442/attachment-0001.html>
------------------------------
Message: 4
Date: Wed, 10 Jun 2009 19:17:45 -0500
From: Lincoln <lincoln.link1 at gmail.com>
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Cc: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID: <484EE143-6B4A-4F52-B31C-D3468E86422D at gmail.com>
Content-Type: text/plain; charset="us-ascii"; Format="flowed";
DelSp="yes"
Based from what u sent I would say outside being the inside would be
more of insider threat
Sent from my iPhone
On Jun 10, 2009, at 11:59 AM, Mike Archuleta <mlarchuleta at gmail.com>
wrote:
> It hard to answer your question unless you put all the option. Both
> answer could be right depending on the items available to select
> from.
>
> On Wed, Jun 10, 2009 at 10:46 AM, <An.Dang at do.treas.gov> wrote:
> On review questions for Domain 10: Legal, Regulations, Compliance &
> Investigation, question #1. Where does the greatest risk of
> cybercrime
> come from? Both the Transcender CD and CBK have a) Outsiders while
> the
> errata .pdf has it as c) Insiders. Which is which?
>
> Thanks for responding.
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090610/a19b9d80/attachment-0001.html>
------------------------------
Message: 5
Date: Wed, 10 Jun 2009 17:36:06 -0700 (PDT)
From: Meena Bhayani <mbhayani2000 at yahoo.com>
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID: <766304.68618.qm at web32401.mail.mud.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"
Hello,
Question #1. ?Where does the greatest risk of cybercrime come from?
My answer to the question would be Insider.? Event though, outsiders pose great
risk of cybercrime, and as a security professional, I have noticed that we tend to be more
concern about security parameters etc to protect our environment from
outsiders.?
In the process, we are less concern in securing our assets from people we know
(insiders) - partly, due to the trust issues etc.? Unfortunately, reality
of it is that security beaches are happening when someone is more familiar with
the environment, and the environment that is not secure enough!
Thanks.? Meena
--- On Wed, 6/10/09, Lincoln <lincoln.link1 at gmail.com> wrote:
From: Lincoln <lincoln.link1 at gmail.com>
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
Cc: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
Date: Wednesday, June 10, 2009, 5:17 PM
Based from what u sent I would say outside being the inside would be more of insider threat
Sent from my iPhone
On Jun 10, 2009, at 11:59 AM, Mike Archuleta <mlarchuleta at gmail.com> wrote:
It hard to answer your question unless you put all the option.? Both answer could be right depending on the items? available to select from.
On Wed, Jun 10, 2009 at 10:46 AM, <An.Dang at do.treas.gov> wrote:
On review questions for Domain 10: Legal, Regulations, Compliance &
Investigation, question #1. ?Where does the greatest risk of cybercrime
come from? ?Both the Transcender CD and CBK have a) Outsiders while the
errata .pdf has it as c) Insiders. ?Which is which?
Thanks for responding.
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-----Inline Attachment Follows-----
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090610/4bfc8c80/attachment-0001.html>
------------------------------
Message: 6
Date: Thu, 11 Jun 2009 10:59:43 +1000
From: Muhammad Malik <joyia88 at gmail.com>
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID:
<ab0176dd0906101759u5b505e11i42eb5b6b5863859f at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
Meena is right. The greatest risk comes from inside. On page 697 of the
Official (ISC)2 Guide to CISSP CBK, it states:
"The greatest risk of cybercrime comes from inside, namely, criminal
insiders [42-46]"
Regards,
Dr. Muhammad Malik
On Thu, Jun 11, 2009 at 10:36 AM, Meena Bhayani <mbhayani2000 at yahoo.com>wrote:
> Hello,
>
>
> Question #1. Where does the greatest risk of cybercrime come from?
>
> My answer to the question would be *Insider*. Event though, outsiders
> pose great risk of cybercrime, and as a security professional, I have
> noticed that we tend to be more concern about security parameters etc to
> protect our environment from outsiders.
>
> In the process, we are less concern in securing our assets from people we
> know (insiders) - partly, due to the trust issues etc. Unfortunately,
> reality of it is that security beaches are happening when someone is more
> familiar with the environment, and the environment that is not secure
> enough!
>
> Thanks. Meena
>
>
>
>
> --- On *Wed, 6/10/09, Lincoln <lincoln.link1 at gmail.com>* wrote:
>
>
> From: Lincoln <lincoln.link1 at gmail.com>
> Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 12, Issue 5
> To: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> Cc: "The CISSP Study Mailing list" <cisspstudy at cccure.org>
> Date: Wednesday, June 10, 2009, 5:17 PM
>
> Based from what u sent I would say outside being the inside would be more
> of insider threat
>
> Sent from my iPhone
>
> On Jun 10, 2009, at 11:59 AM, Mike Archuleta <mlarchuleta at gmail.com<http://mc/compose?to=mlarchuleta@gmail.com>>
> wrote:
>
> It hard to answer your question unless you put all the option. Both answer
> could be right depending on the items available to select from.
>
> On Wed, Jun 10, 2009 at 10:46 AM, <<http://mc/compose?to=An.Dang@do.treas.gov>
> An.Dang at do.treas.gov <http://mc/compose?to=An.Dang@do.treas.gov>> wrote:
>
>> On review questions for Domain 10: Legal, Regulations, Compliance &
>> Investigation, question #1. Where does the greatest risk of cybercrime
>> come from? Both the Transcender CD and CBK have a) Outsiders while the
>> errata .pdf has it as c) Insiders. Which is which?
>>
>> Thanks for responding.
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> <http://mc/compose?to=cisspstudy@cccure.org>cisspstudy at cccure.org<http://mc/compose?to=cisspstudy@cccure.org>
>> <http://cccure.org/mailman/listinfo/cisspstudy_cccure.org>
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org>
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
> -----Inline Attachment Follows-----
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org>
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090611/a87a76fb/attachment.html>
------------------------------
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
End of cisspstudy Digest, Vol 12, Issue 6
*****************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090611/f9cb9782/attachment-0001.html>
More information about the cisspstudy
mailing list