Software Engineering Institute (SEI), 1984
Software Engineering Institute (SEI) was established in 1984 at Carnegie Mellon University as a federally funded research and development center (FFRDC) dedicated to advancing the practice of software engineering and improving the quality of systems that depend on software. (JUNE 21, 2000 • SEI PRESS RELEASE)Continue reading
The CISSP exam tests not only your technical foundation but also your management concepts. Many CISSP aspirants fail in Domain 1, 2, 6, or 7. It can be an indicator that they may not have connected the dots, e.g., information security governance, risk management, strategic management, project/program management, business continuity, etc.
My book, The Effective CISSP: Security and Risk Management, introduces those concepts that can help you build a solid foundation of information security from the perspective of information systems, business processes, and the organization.
If you have just started your CISSP or CISM (yes, CISM) journey, lost in the jungle of knowledge, or even failed in any of the domains mentioned above, The Effective CISSP: Security and Risk Management will make it straight.
Click the following book to get a copy to kill the beast!
(詩篇 Psalm 84:6)
“Security Modes” is a shorthand for Security Operating Modes or Security Modes of Operations. DoD Directive 5200.28 on Security Requirements for Automated Information Systems (AISs), published on March 21, 1988, defines Security Mode as follows:
E2.1.41. Security Mode. A mode of operation in which the DAA accredits an AIS to operate. Inherent with each of the four security modes (dedicated, system high, multilevel, and partitioned) are restrictions on the user clearance levels, formal access requirements, need-to-know requirements, and the range of sensitive information permitted on the AIS.
很多人考過CISSP後，不但沒有升官、也沒有加薪；甚至沒有得到公司應有的重視，反而平白增加不少資安相關的工作負擔，因此感嘆CISSP在台灣不被重視。想要換工作，卻發現雇主都是猴園主人，只拿得出香蕉。更傷人的是，沒有人知道什麼是CISSP! 回過頭，才驚覺CISSP只是自己跟資安圈內人自high的一場遊戲…Continue reading
This is how I prepared for the Cybersecurity certifications and developed my professional career.
- Determine the goal and develop a blueprint.
- Prepare budget and get materials ready.
- Study efficiently, effectively, and persistently.
A Wentz QOTD per day kills the beast right away.😀
(An apple a day keeps the doctor away.)