Category Archives: Technology

Agility

Posted on by
1

Bruce Passed EC-Council CEH v10 Exam on 9th October

Posted on by
Reply

maxresdefault[1]

I enrolled in the EC-Council iClass Self-Paced CEH v10 Course on 25th June, 2018 and passed the CEH (Certified Ethical Hacker) exam today. I would recommend the official courses from EC-Council as the CEH v10 course ware (2294 pages) is informative and well-organized. The iLabs lab modules are fantastic; it saves you huge time to set up your own labs. (I also attended the official iWeek online live class for ECSA v10. It’s helpful and effective as well.)

The CEH v10 exam itself is straightforward, but it does take a lot of time for me to get insights to or review the technical details, say, the TCP 3-way handshaking and flags. There are a lot of commands, tools and related arguments to memorize and exercise.

Besides the official course ware, I used the following as supplements:

My milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
    • 2018/09/25 CISSP-ISSEP (bonus)
  • Milestone #4: EC-Council
    • 2018/10/09 CEH (originally scheduled on 2018/10/15)
    • 2018/10/29 ECSA

My DESK for the certifications:

  • Discipline: goals and commitments
  • English: critical to the non-native speaker as I am
  • Study: the room/environment for study and the methodology
  • Keeping going: persistence and lifelong learning

 

 

Governance, Risk, and Compliance

Posted on by
Reply

cissp-logo_400x400

An enterprise is an entity doing business to deliver value that satisfies a customer’s needs so as to survive and grow. Doing business is executing a collection of processes with resources to create value which is usually quantitatively evaluated by monetary vehicle. A customer pays for the value to meet his or her needs. Simply put, an enterprise exists for customer’s needs and makes profit to survive and grow.

An enterprise is governed by the leadership team, the board of directors and senior management or executives. Customer’s needs are the origin of an enterprise’s mission and vision. A strategy is the means for the leadership team to fulfill the mission and vision and is usually broken down to goals and objectives that are met by implementation of plans.

An enterprise explores opportunities to make profit and takes risks associated with them. Governance is the collective processes and behaviors for the leadership team to direct the enterprise. That is, the leadership team governs for the performance to make profit, makes informed decisions to take risks, and obeys the laws and regulations to be compliant.

Bruce Passed ISC2 CISSP-ISSEP Exam on 25th September

Posted on by
7

IMAG3392

After studying for 42 hours in 12 days (from 2018/09/14 to 2018/09/25), I cleared the ISC2 CISSP-ISSEP exam this afternoon and it’s really lucky for me, probably, to be the first exam taker who passed this exam in Taiwan.

The following is what I used to prepare for this exam:

  1. Official (ISC) 2® Guide to the CISSP®-ISSEP® CBK® ((ISC) 2 Press) 1st Edition
  2. Systems Engineering Fundamentals Kindle Edition
  3. Official (ISC)² Guide to the CSSLP, Second Edition
  4. Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press) 4th Edition
  5. Official (ISC)2 Guide to the CISSP-ISSMP CBK ((ISC)2 Press) 2nd Edition
  6. Official (ISC)2 Guide to the ISSAP CBK ((ISC)2 Press) 2nd Edition
  7. The Official (ISC)2 Guide to the CCSP CBK 2nd Edition
  8. Official (ISC)2® Guide to the CAP® CBK® ((ISC)2 Press) 2nd Edition
  9. IATF Release 3.1
  10. FEA Consolidated Reference Model Document Version 2.3
  11. FEA Practice Guide
  12. ISO 27001
  13. ISO 27005
  14. ISO 21827
  15. PMBOK® Guide – Sixth Edition
  16. NIST Special Publications
    • 800-12
    • 800-100
    • 800-64 Rev 2
    • 800-18 Rev 1
    • 800-34 Rev 1
    • 800-39
    • 800-30 Rev 1
    • 800-27 Rev A
    • 800-37
    • 800-37 Rev 2
    • 800-160 (vol1 & vol2)
    • 800-55
    • 800-50
    • 800-53
    • 800-53A
    • 800-60 (vol1 & vol2)
    • 800-86
    • 800-61
      800-40 Rev 3
    • 800-128
    • 800-137
    • 800-115
    • 800-92
    • 800-88

My exam preparation is completely directed by the ISC2 CISSP-ISSEP exam outline. The most common references used for the ISSEP by domain from ToniHardy and the ISC2 official references are quite helpful. Having passed CSSLP exam helps as well.

The milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
    • 2018/09/25 CISSP-ISSEP (bonus)
  • Milestone #4: EC-Council
    • 2018/10/15 CEH
    • 2018/10/29 ECSA

Moving forward is the best strategy of retreat! I’ll keep moving.

Bruce Passed ISC2 CSSLP Exam on 13th September

Posted on by
1

CSSLP Logo

After studying for 36 hours in 6 days (from 2018/09/08 to 2018/09/13), I cleared the ISC2 CSSLP exam this afternoon. The following is what I used to prepare for this exam:

The ISC2 official Guide to the CSSLP helps. The exam is not so challenging for an experienced developer with CISSP qualification.

The milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
  • Milestone #4: EC-Council
    • 2018/10/15 CEH
    • 2018/10/29 ECSA

What a relief! Keep moving!