Posts

CISSP vs SSCP Certification

Image
                                      Basis CISSP SSCP Offered by ISC2 ISC2 Length of the exam 6 hours 3 hours Number of questions 250 125 Question Format Multiple choice + Drag & Drop + Hotspot Questions Multiple Choice Questions Passing Grade 700 out of 1000 700 out of 1000 Exam Availability English, French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean, Visually impaired English, Japanese, and Brazilian Portuguese Testing Center Pearson VUE Testing Center Pearson VUE Testing Center Number of Domains 8 7 Domains ( Weightage) 1. Security and Risk Management (16%) 2. Asset Security (10%) 3. Security Engineering (12%) 4. Communications and Network Security (12%) 5. Identity and Access Management (13%) 6. Security Assessment and Testing (11%) 7. Security Operations

[Opinion] Will Machine Learning in Cyber Security open a Pandora’s Box?

Image
Machine Learning is the buzz word nowadays. Huge numbers of courses on machine learning have mushroomed online and companies are running after professionals who are an expert in that. As per Udacity , which has developed a course on machine learning in collaboration with Google defines it as “Machine learning represents a key evolution in the fields of computer science, data analysis, software engineering, and artificial intelligence.” Wiki , however, explains it in a better manner rather than just throwing jargons. It says that machine learning gives "computers the ability to learn without being explicitly programmed.” Much understandable!! In simpler terms, computers start learning processes and develop a deduction capability rather than just perform what it is programmed to do. When such machines are made to learn to defend our networks and organizations from an information security point of view,  good and bad things will happen. Read on.... Acc

Quick Tips for SSCP Exam

Image
Let me say “All the best” to you, before I start giving you tips for the SSCP exam. These tips are not mandatory to follow, but will surely help you to manage and crack the exam. Systems Security Certified Practitioner (SSCP) is a three-hour long exam which contains 125 questions. You can call this as the younger brother of CISSP. I gave this exam in July 2014 and passed in the first attempt. You have to schedule an exam through (ISC) 2  website which further takes you to booking the exam at a Pearson Vue center. Reach the exam center approximately 45 minutes in advance before your scheduled time. This will help you to settle down. Start early so as to reach early rather than waiting on the way thinking whether you will reach on time or not. When you will reach the Pearson Vue center, you will be given a set of instructions to read. These instructions are different from the NDA to be signed for the SSCP exam. In case you have any queries regarding the instructions, f

What is CIA?

Image
The Three Pillars – CIA Anything in Information security ultimately boils down to ensuring that either or all of three pillars is ensured. These three pillars are – Confidentiality, Integrity, and Availability. It is thus extremely important that you understand the meaning of these terms. From an exam perspective, a lot many questions will be focused on identifying the following: Which of three pillars is violated? Which of the three pillars is ensured if a certain action is taken?   What will a certain control ensure to provide or protect? Even from an organizational perspective, all the policies, procedures, standards and guidelines are made to ensure that the three pillars of information security are catered for. So, let’s understand these concepts now. Before I begin, let’s be very clear that I’m not going to write down the definitions provided by any agency or organization. You can get them in any book and they are mostly as clear as mud. It

[Opinion] Its High Time ….

Image
The recent spate of cyber-attacks has served as an eye opener for many organizations and individuals. Organizations which were using unpatched software had no security teams, no incident response policy and procedures etc. clearly were the ones who had to bear the maximum brunt of such attacks. There were many who did not get affected as they took the right steps at the right time and gave due importance to security and security teams in their organization. Lots of points mentioned below have been long debated in organizations. But it’s high time that they are taken seriously and religiously implemented. CISO/CSO should be a part of Board Meetings In most organizations, security is still considered an IT job. The CSO reports to either the CIO or admin head or some senior business person. The organizations mostly appoint a CSO just to ensure that regulatory compliances (in some countries) are taken care of. They are really not interested in considering

How to Pass the CISSP Exam in First Attempt

Image
You may read multiple posts on the various blogs and websites where you are given tips as to how to pass the exam in the first go, refer which books and solve which questions. In this blog post I’m not going to bombard you with those details. Instead, I’m going to share my journey and experience from preparing till passing the CISSP exam in the first attempt. What is CISSP? CISSP stands for Certified Information Systems Security Professional. Congratulations and all the very best to you, if you have decided to opt for the Gold Standard Certification. The exam is offered by ISC2 and contains around 250 questions. You have to book an appointment for the CISSP exam through the ISC2 website where you then redirected to a Pearson Vue website when you register for the exam. The exam costs around 599USD. Phase 1: Deciding It is very important for you to finalize which certification you want to do. Try to research the pros and cons of a certification. Do

Quick Tips for CISSP Exam

Image
Let me say “All the best” to you, before I start giving you tips for the CISSP exam. These tips are not mandatory to follow, but will surely help you manage and crack the exam. CISSP is a six-hour long exam which contains 250 questions. The majority of these questions are multiple choice questions. There is a few drag and drop type and a few Hotspot questions asked in the exam. You have to schedule an exam through (ISC) 2  website which further takes you to booking the exam at the Pearson Vue website. Reach the exam center approximately 45 minutes in advance before your scheduled time. This will help you to settle down. Start early so as to reach early rather than waiting on the way and thinking whether you will reach on time or not. When you reach the Pearson Vue center, you will be given a set of instructions to read. These instructions are different from the NDA to be signed for the CISSP exam. In case you have any queries regarding the instructions, feel free