How to create an Image File from an Optical Disk
An ISO file is a standard file format to store the content of a drive within a file. This post explains how to create an ISO file from an optical drive (such as CD, DVD or BD) using Windows 10…
Category IT
IT Security Regulations
This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. To read a more general post about compliance on general IT security regulations, visit this post. If you want to know regulations…
How to get the Microsoft Certified: Azure Security Engineer Associate Certification
Microsoft Certified: Azure Security Engineer Associate (from now on, MCASEA) is a certification issued by Microsoft. It is an associate certification (level 2 out of 3) within the Microsoft certification scale. This certification was available from at least 2022, and…
Cyber Resilience Act (CRA)
Cyber Resilience Act (CRA) is a European Union (EU) regulation proposal. This post explains some aspects of CRA. Description of CRA CRA was proposed as a regulation by the European Commission in 2022. CRA is called in Spanish as Propuesta…
Infrastructure as Code
Infrastructure as Code (IaC) is the process of managing and provisioning computer data center resources through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. IaC is a technology that is related to configuration management. You can…
How to get the Microsoft Certified: Azure Fundamentals Certification
Microsoft Certified: Azure Fundamentals (from now on, MCAF) is a certification issued by Microsoft. It is a fundamentals certification (level 1 out of 3) within the Microsoft certification scale. This certification was available from at least 2022, and its current…
Digital Operational Resilience Act (DORA)
Digital Operational Resilience Act (DORA) is an European Union regulation. This post is an introduction to DORA. Introduction to DORA Its full title is “Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on…
IT Supplier Risk Management
This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). This post can be considered part of the series about supply chain IT security. Related terms are provider management and IT…
Critical Entities Resilience (CER)
Critical Entities Resilience (CER) is an European Union (EU) directive. This post is an introduction to this directive. Introduction to CER CER was promulgated on 14 December 2022, along with NIS2 and DORA. Its full title is “Directive (EU) 2022/2557…
IT Vulnerability Scoring Systems
This post features scoring systems for IT vulnerabilities. List of Vulnerability Scoring Systems These are the resources for vulnerability scoring systems: The most popular is CVSS. CVSS Common Vulnerability Scoring System (CVSS) is an open standard that provides an open…