![CarmeloWalsh[.]com](https://www.carmelowalsh.com/wp-content/themes/twentyten/images/headers/sunset.jpg)
November 2024 S M T W T F S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 Blog Stats
- 75,642 hits
Search Results for: social engineering
Goodwill/C&K Systems
Back when I posted about the 868,000 Payment Cards, 330 Stores, it was recently revealed that the exposure was due to C&K Systems. All 20 previously affected Goodwill members have stopped using C&K Systems to process customers’ payment cards… Earlier … Continue reading
Posted in Security Blog
Tagged 2014, breach, credit card, cybercrime, goodwill, hacked, Information Technology Security Awareness, phishing, Security Awareness, stores
Comments Off on Goodwill/C&K Systems
The Best Defense
The best defense a company can have against cyber and social engineering attacks is have educated people. People who know how to manage systems, people who know how to be cautious, people who know when they need to escalate and … Continue reading
Posted in Security Blog
Tagged 2014, Information Technology Security Awareness, NIST 800-50, Security Awareness
Comments Off on The Best Defense
What’s the Risk?
When asked, what’s the risk? I find great pleasure in flexing my ability to break down potential loss in either qualitative or quantitative methods. The FAIR Quantitative Risk Model was taught to me by Jack Jones, the creator. I also … Continue reading
Posted in Security Blog
Tagged 2014, analysis, basel categories, example, fair, isra, qualitative, quantitative, risk analysis
Comments Off on What’s the Risk?
8. Exam Essentials for Malicious Code and Application Attacks
Understand the propagation techniques used by viruses. File Inflection, service injection, boot sector infection, macro infection. Most antivirus programs use signature-based detection algorithms to look for telltale patterns of known viruses. It’s essential to update virus definition files in order … Continue reading
Posted in CISSP-Study
Tagged 2013, CISSP Study Requirements, Malicious Code and Application Attacks
Comments Off on 8. Exam Essentials for Malicious Code and Application Attacks
4. Exam Essentials for Secure Communications and Network Attacks
Remote access security management requires that security system designers address the hardware and software components of an implementation along with issues related to policy, work tasks, and encryption. Protocols & mechanisms that may be used on LANS and WANS are: … Continue reading
Posted in CISSP-Study
Tagged 2013, CISSP Study Requirements, Secure Communications and Network Attacks
Comments Off on 4. Exam Essentials for Secure Communications and Network Attacks
2. Exam Essentials for Access Control Attacks and Monitoring
Understand basic risk elements Risk is the likelihood that a threat can exploit a vulnerability and cause damage to assets. Asset valuation identifies the value of assets Threat modeling identifies threats against these assets Vulnerability analysis identifies weaknesses in an … Continue reading
Posted in CISSP-Study
Tagged 2013, Access Control Attacks and Monitoring, CISSP Study Requirements
Comments Off on 2. Exam Essentials for Access Control Attacks and Monitoring
Top 20 Critical Security Controls
You know, I really dig SANS for putting things together. On their page called Critical Security Controls for Effective Cyber Defense, they list the top 20 critical security controls. I’m actually amazed at how quite a few companies do not … Continue reading
Posted in Security Blog
Tagged 2014, critical security controls, diagram, implementation, maintenance, sans, top 20
Comments Off on Top 20 Critical Security Controls
