ISO/IEC 27001 is an international standard to implement an ISMS in an organizations. It is issued jointly by International Organization for Standarization (ISO) and International Electrotechnical Commission (IEC). Professionals that want to get the knowledge to implement ISO/IEC 27001 and be…
This post lists some professional certifications for administration of Windows operating systems. List of certifications for Windows administration: Microsoft Certified: Security Operations Analyst GIAC’s GCWN Microsoft 365 Certified: Security Administrator Associate Microsoft 365 Certified: Modern Desktop Administration Associate List of…
CISSP-ISSAP (Information Systems Security Architecture Professional) is a certification issued by (ISC)2. CISSP (Certified Information Systems Security Professional) is another certification issued by (ISC)2 that is a pre-requirement for CISSP-ISSAP. A certification that requires CISSP as a pre-requirement is called…
GIAC Defensible Security Architecture (GDSA) is an IT certification provided by Global Information Assurance Certification (GIAC), that is linked to training courses provided by SANS. This certificate was first issued in May 2019. The news about the launch can be…
GIAC Information Security Professional (GISP) is an IT certification provided by Global Information Assurance Certification (GIAC), that is linked to training courses provided by SANS. Do not confuse GIAC’s GISP with another certification related to GIS that shares the same…
When a wireless device has default settings from manufacturer, some info can be inferred from it. From a security point of view this is a weakness, because malicious users can leverage this data to identify quicker the possible vulnerabilities linked…
Wi-Fi Protected Access 2 (WPA2) is one of the most widespread security standards for wireless networks. It has been replaced by more recent WPA3, but as of 2021 WPA2 is still more spread. This post explains briefly what is WPA2,…
This post lists some of the most popular IT frameworks that can be used by an organization to implement their information security. You can read about related information security architecture frameworks on this post. List of IT Security Frameworks List…
Password hashing algorithms: List of Password Hashing Algorithms PBKDF1 Deprecated. PBKDF2 Supersedes PBKDF1. Use key stretching to increase the difficulty of attack. bcrypt Use key stretching to increase the difficulty of attack. scrypt Use key stretching to increase the difficulty…
Block ciphers are cryptographic algorithms that encrypt fixed-size blocks of data A cryptographic mode of operation for a block cipher describes the different ways that cryptographic algorithm may transform data to achieve sufficient complexity that offer protection against attacks. This…