DLL Side-loading Attack
This post explains what is a DLL side-loading attack in the context of IT security. What is a DLL Side-loading Attack? A Dynamic Linked Library (DLL) is a file that is used on Windows systems to group functions. By…
Tag security
ISO/IEC 27001 Lead Implementer Certifications
ISO/IEC 27001 is an international standard to implement an ISMS in an organizations. It is issued jointly by International Organization for Standarization (ISO) and International Electrotechnical Commission (IEC). Professionals that want to get the knowledge to implement ISO/IEC 27001 and be…
IT Security Frameworks for Organizations
This post lists some of the most popular IT frameworks that can be used by an organization to implement their information security. You can read about related information security architecture frameworks on this post. List of IT Security Frameworks List…
How to design a Software Development Environment
When designing a collaborative software development environment where different people are going to work together, we need to set up a system that allow us to ease their work. This post include a list of functional elements that should be…
How to prepare CISSP Exam
CISSP (Certified Information Systems Security Professional) is a certification granted by the organization ISC2 (International Information System Security Certification Consortium). This post explains how you can prepare the exam to apply for CISSP certification. To find more information about the…
Digital Certificates
Digital certificates, also known as public key certificates or identity certificate, . When I explain what a digital certificate to someone without a strong IT background I like to compare it with a seal ring, like the ones used in…
How to get CISSP Certification
CISSP (Certified Information Systems Security Professional) is an information security certification granted by organization (ISC)2. This post explains the procedure to get CISSP certification through a series of frequently asked questions (FAQs) that are set in logical order. All questions…
How to maintain CISA Certification
Information Systems Audit and Control Association (ISACA) is an association of professionals for auditing and ensuring IT security on IT systems. There are different certifications issued by professional association ISACA. These certification has a limited validity period that, nevertheless, can…
Hardware Security Module (HSM)
A hardware security module (HSM) is a physical device that provides extra security for sensitive data. It is a removable or external device that can generate, store, and manage RSA keys used in asymmetric encryption A trusted platform module (TPM) is…
How to get OSCP Certification
OSCP (standing from Offensive Security Certified Practitioner) is a certificate issued by American company Offensive Security. It is focused on penetration testing using Linux-based operating system Kali Linux, that is maintained also by Offensive Security. The purpose of this post…