CSX-F, acronym for Cybersecurity Fundamentals, was a certificate issued by professional association ISACA that demonstrated knowledge on cybersecurity. It was the entry-level exam for ISACA’s Cybersecurity Nexus (CSX) certificate series. It was a completely theoretical exam, consisting entirely of multiple-choice…
There are a few cases where simply downloading a file without opening it could lead to execution of attacker controlled code from within the file. It usually involves exploiting a known vulnerability within a program which will handle the file…
Security information and event management (SIEM) solutions are a combination of the formerly disparate product categories of: Security Information Management (SIM) Security Event Management (SEM) SIEM and CISM Certification SIEM is a concept that is covered in questions of CISM…
This posts is to clarify the different terms related to Information System Disaster Recovery Objectives, and their differences. These terms appear on both Certified Information System Auditor (CISA) and Certified Information Security Manager (CISM) certifications, both issued by ISACA. Objective…
CISM (Certified in Information Security Manager) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. Frequently Asked…
Non-exhaustive list of common Cybersecurity Attacks: List of Common Cybersecurity Attacks Non-exhaustive list of common cybersecurity attacks: Brute-force Attack A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually…
CISM is a certification issued by ISACA. The purpose of this post is to explain the procedure for a candidate to get CISM certification, and related requirements. It is important to know two things about CISM Certification: CISM Certification is…
CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to explain the procedure for a candidate to get CISA certification, and related requirements. It is important to know two…
CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. I passed…
El 14 de octubre de 2014, el equipo de seguridad de Google identificó una vulnerabilidad en el protocolo de seguridad SSLv3, empleado en la protección de las conexiones conocida como “Poodle”. Esta vulnerabilidad permitiría a un atacante que realizara un…