Learning Security with Mayur

With effect from 1st November 2018, (ISC)2 would be doing a domain refresh in the course content of SSCP certification. This is in line with a refresh cycle of 3 years for every certification which (ISC)2 offers. In this post, we look at changes which will take place in this refresh. We will look at it from a perspective of what will remain the same for an exam giver and what would change. Question 1. Have the domains changed completely? No, the weight of the domains has changed. There are minor changes. So if “Security Operations & Administration” had a weight of 17% in the earlier exam (2015), it has been reduced to 15% in the new exam outline. Question 2. Would the changes affect my already bought course material? No, the course content broadly remains the same. The course content does not change. Your old books or exam material will remain fully valid.  Question 3. Is there a change in the exam format too just like CISSP? Absolutely No. The f

Imagine Susie wants to log on to a company database, her own system, a web server, her webmail and other multitudes of applications. Since she needs to access so many resources, it is extremely important to have a set of credentials for accessing each of this resource. This means Susie must remember an approximate dozen passwords in order to access these resources. Susie finds a solution to this problem. She writes down every single username and password to access them. Clearly, Susie is not alone in doing so. You may also be doing the same. Clearly, from an information security point of view, this is not a great solution. It may sound that different ids and passwords would provide more security, it ultimately ends up in more work for the administrator since there are more requests of password reset or greater chances of a breach if that notebook gets in the wrong hands. So what needs to be done? Well, as usual, the intelligent minds gathered together and found a solution