Nach Genre filtern
CISSP Cyber Training Podcast - CISSP Training Program
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 22-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable security strategies and tips that you can implement right away, giving you an edge in the cybersecurity realm. Tune in and take the reins of your cybersecurity journey—let’s ride into excellence together! 🚀
- 189 - CCT 189: Practice CISSP Questions - Applying Various Resource Protections for the CISSP Exam (Domain 7.5)
Send us a textUnlock the keys to safeguarding the future of our global supply chains as we tackle the formidable intersection of IT and OT environments in cybersecurity. Imagine the chaos if operational technology systems on ships and cranes were compromised. Discover how the notorious Maersk hack serves as a cautionary tale illustrating the potential for worldwide disruption. We introduce PrivX OT Edition, a game-changing platform ensuring secure remote access to vital systems on container s...
Thu, 31 Oct 2024 - 188 - CCT 188: Applying Various Resource Protections for the CISSP Exam (Domain 7.5)
Send us a textReady to elevate your cybersecurity acumen and conquer the CISSP exam? Tune in to our latest episode, where we unravel the intricacies of a significant ransomware attack that exploited a supply chain vulnerability, impacting 60 US credit unions via the Citrix bleed vulnerability. This real-world scenario stresses the necessity of securing third-party relationships and maintaining a robust security posture. We shift gears to dissect Domain 7.5 of the CISSP, offering insights into...
Mon, 28 Oct 2024 - 187 - CCT 187: Cybersecurity Audits and Compliance - Mitigating AI and Hardware Vulnerabilities for a Robust Security Posture (Domain 6.5)
Send us a textCan cheaply made smart devices compromise your security? Uncover the hidden risks of AI and hardware hacking as we explore the vulnerabilities in these devices that make them prime targets for cybercriminals. Learn how secure coding practices and proper device isolation can serve as critical defenses, and consider the implications of AI misconfigurations that could lead to remote code execution. Through engaging discussions, we shed light on the growing threat landscape and the ...
Thu, 24 Oct 2024 - 186 - CCT 186: Security Audits and Assessments - From Real-World Applications to CISSP Exam Prep (Domain 6.5)
Send us a textUnlock the secrets to enhancing your organization's security posture by mastering the art of security audits. Tune in to discover how security audits play a pivotal role in both the CISSP exam and real-world scenarios. Through personal anecdotes and expert insights, we explore how conducting effective audits with departments like finance can transform your approach to cybersecurity. We also introduce Vuln Hunter, an innovative open-source tool showcased at the No Hat Security Co...
Mon, 21 Oct 2024 - 185 - CCT 185: Mastering Access Control Models - Discretionary to Hybrid for the CISSP (Domain 5.4)
Send us a textUnlock the secrets to mastering access control models essential for conquering the CISSP exam and advancing your cybersecurity expertise. Imagine having a comprehensive understanding of how discretionary, mandatory, role-based, risk-based, rule-based, attribute-based, and hybrid models function in various scenarios. This episode features Sean Gerber as he navigates the complex world of access control frameworks, offering insightful questions and real-world applications. Whether ...
Thu, 17 Oct 2024 - 184 - CCT 184: Cybersecurity Access Control - Discretionary to Adaptive Authentication for the CISSP
Send us a textUnlock the secrets of cybersecurity in our latest episode where we promise to transform your understanding of access control mechanisms. We kick things off by dissecting the discretionary access controls (DAC) and the power dynamics behind resource ownership. Discover why assigning ownership is crucial to sidestep security pitfalls and how to tackle the double-edged sword of permission propagation and creep. We also unveil strategies for seamless security management, including t...
Mon, 14 Oct 2024 - 183 - CCT 183: Understanding OSI and TCP/IP Models for the CISSP (Domain 4)
Send us a textUnlock the secrets of the OSI and TCP/IP models with Sean Gerber as your guide on the CISSP Cyber Training Podcast. Ever wondered how the presentation layer manages to format and translate data seamlessly for the application layer? Or how the network layer deftly routes packets across networks? Prepare to gain a comprehensive understanding of these essential concepts, crucial for acing the CISSP exam. Plus, dive into the intriguing details of the TCP/IP model's transport layer, ...
Thu, 10 Oct 2024 - 182 - CCT 182: Multilayer Protocols and Advanced Networking for the CISSP (Domain 4)
Send us a textUnlock the secrets of cybersecurity mastery with Sean Gerber as we embark on a journey through Domain 4 of the CISSP exam. Ever wondered how AI could transform the chaotic world of Security Operations Centers (SOCs)? Discover the potential of artificial intelligence to streamline alert management and enhance detection efficiency, a much-needed solution for the 60% of SOC professionals swamped by alert overload. Stay ahead of the curve by understanding the rapid rise of AI startu...
Mon, 07 Oct 2024 - 181 - CCT 181: Mastering Security Models - Bell-LaPadula, Biba, and Clark-Wilson for the CISSP (Domain 3)
Send us a textCrack the code of security architecture and engineering with this episode of the CISSP Cyber Training Podcast! Ever wondered how different security models apply to real-world scenarios? We'll give you the insights and knowledge you need to discuss these models confidently with senior leaders and implement robust security controls. We promise you'll walk away with a mastery of foundational models like Bell-LaPadula and Biba, essential for any cybersecurity professional.Join us as...
Thu, 03 Oct 2024 - 180 - CCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)
Send us a textWhat if your organization's security posture could withstand any cyber threat? This episode of the CISSP Cyber Training Podcast promises to equip you with actionable insights from CISSP Domain 3, emphasizing the critical principle of failing securely. We tackle the intricacies of separation of duties, zero trust, and the benefits of maintaining simplicity in your systems. Plus, I share my firsthand experience with virtual CISO roles, providing a roadmap for hiring a security pro...
Mon, 30 Sep 2024 - 179 - CCT 179: Practice CISSP Questions - Data Security Controls, Labeling, and Cloud Access Security (CISSP Domain 2.6)
Send us a textEver wondered about the real difference between a data leak and a data breach? Join me, Sean Gerber, on the latest episode of the CISSP Cyber Training Podcast as we unpack the nuances between these two critical cybersecurity concepts. Learn how data leaks often result from human mistakes like weak passwords, while data breaches involve deliberate cyber attacks. We'll walk through different types of sensitive data—including PII, financial information, PHI, and intellectual proper...
Thu, 26 Sep 2024 - 178 - CCT 178: Data Security Controls, Labeling, and Cloud Access Security (CISSP Domain 2.6)
Send us a textEver wondered how a TI-84 calculator can be transformed into a powerful tool for ChatGPT? Join me, Sean Gerber, on this thrilling episode of the CISSP Cyber Training Podcast as we uncover this fascinating tale and explore the evolving landscape of data security. We'll dissect the crucial elements of Domain 2.6 of the CISSP exam, from protecting data-at-rest to data-in-motion, and delve into the significance of Digital Rights Management (DRM) and Data Loss Prevention (DLP). This ...
Mon, 23 Sep 2024 - 177 - CCT 177: Practice CISSP Questions - Policies and Procedures - Candidate Screening, Employment Agreements (Domain 1.9.1-4)
Send us a textHow can we effectively bridge the cybersecurity skills gap and protect sensitive data in the cloud? In this action-packed episode of the CISSP Cyber Training Podcast, we kick things off by analyzing insights from a recent UK international cyber skills conference. We discuss the UK's innovative initiatives to enhance cybersecurity education and talent, including support schemes and competitions, and emphasize the importance of gaining practical experience, even through pro bono w...
Thu, 19 Sep 2024 - 176 - CCT 176: Policies and Procedures - Candidate Screening, Employment Agreements, and Background Checks for the CISSP (Domain 1.9.1-4)
Send us a textAre you ready to uncover the secrets behind successful candidate screening and robust employment agreements in cybersecurity? Join us on this episode of the CISSP Cyber Training Podcast, where we promise to equip you with essential techniques to vet the right candidates for sensitive security roles. From structured interviews to behavioral questions and technical assessments, we cover the full spectrum of best practices. Plus, we'll discuss the critical importance of maintaining...
Mon, 16 Sep 2024 - 175 - CCT 175: Practice CISSP Questions - API Security, Gateways, and Risk Reduction Partnerships for the CISSP (Domain 8.5)
Send us a textCan API gateways really be the ultimate shield against cyber threats? Prepare to uncover the secrets of API security as we dissect CISSP Domain 8.5 in this episode of the CISSP Cyber Training Podcast. We'll walk you through practice questions that decode the most common API vulnerabilities and why denial of service isn't always the primary threat. Discover how an API gateway centralizes security and learn about essential authentication mechanisms like OAuth for secure token-base...
Thu, 12 Sep 2024 - 174 - CCT 174: Exploring Application Programming Interfaces (APIs) and Security for the CISSP (Domain 8.5)
Send us a textWant to stay ahead in the rapidly evolving world of IT? Join Sean Gerber on the CISSP Cyber Training Podcast as he discusses the essential skills you need to thrive in this dynamic field. You'll get a personal peek into Sean's consulting career and his family business ventures before diving into the nuts and bolts of Domain 8.5 with a focus on Application Programming Interfaces (APIs). Learn how APIs serve as the backbone of modern software applications, facilitating seamless da...
Mon, 09 Sep 2024 - 173 - CCT 173: Practice CISSP Questions - Media Protection, Encryption, and Mobile Security for the CISSP (Domain 7.5)
Send us a textUnlock the secrets to safeguarding your organization's most sensitive data and enhance your cybersecurity acumen. Join us on the CISSP Cyber Training Podcast as I, Sean Gerber, break down the critical importance of managing secrets within popular collaboration tools like Slack, Jira, and Confluence. Discover practical methods such as real-time monitoring and swift remediation to secure API keys and encryption tokens. Learn how fostering a culture of security awareness through ed...
Thu, 05 Sep 2024 - 172 - CCT 172: Exploring Media Protection, Encryption, and Mobile Security for the CISSP (Domain 7.5)
Send us a textWhat if AI could be your company's best asset—and its biggest risk? Join me, Sean Gerber, on this enlightening episode of the CISSP Cyber Training Podcast, where we journey through the essentials of cybersecurity with a particular focus on media protection techniques from Domain 7.5 of the CISSP ISC² training manual. We’ll also navigate the secure-by-design principles crucial in the age of artificial intelligence. With AI transforming large enterprises, I’ll share eye-opening st...
Mon, 02 Sep 2024 - 171 - CCT 171: Practice CISSP Questions - Assessment, Compliance, for the CISSP (Domain 6.5)
Send us a textUnlock the secrets to mastering the CISSP exam and bolster your cybersecurity prowess with Sean Gerber in this action-packed episode of the CISSP Cyber Training Podcast! Ever wondered which assessment type is crucial for ensuring ISO 27001 compliance? Discover why internal audits are the gold standard. We'll also cover the key considerations for selecting the right security assessment for your organization, focusing on the pivotal role of aligning with your risk profile and avai...
Thu, 29 Aug 2024 - 170 - CCT 170: Assessment, Compliance, and Improvement Strategies for the CISSP Exam (Domain 6.5)
Send us a textEver wondered how to ensure your organization's cybersecurity measures meet international standards? Join us for an action-packed episode as we unpack Domain 6.5 of the CISSP exam, exploring crucial assessments, tests, and audit strategies every cybersecurity professional should master. Learn the importance of choosing a consistent framework like ISO 27001 or the NIST Cybersecurity Framework to steer your audit processes. We'll dive into internal and external audits and the pivo...
Mon, 26 Aug 2024 - 169 - CCT 169: Practice CISSP Questions - Understanding Role, Rule, Mandatory, and Attribute Based Controls (Domain 5.4)
Send us a textCan quantum computing break your encryption overnight? Discover the profound impact of this emerging technology on cybersecurity as we decode the recently introduced FIPS 203, 204, and 205 standards. Join me, Sean Gerber, on this week's electrifying episode of the CISSP Cyber Training Podcast to understand how the US government is preemptively tackling "harvest now, decrypt later" threats. Learn why these standards are crucial for federal entities and contractors and why mandato...
Thu, 22 Aug 2024 - 168 - CCT 168: Access Controls - Understanding Role, Rule, Mandatory, and Attribute Based Controls for the CISSP (Domain 5.4)
Send us a textWhat would you do if your social security number was compromised in a massive data breach affecting billions? In our latest episode of the CISSP Cyber Training Podcast, we unpack the alarming reality of a recent breach that exposed the personal records of 3 billion people. We provide critical advice on how to protect yourself using tools like "Have I Been Pwned," setting up credit freezes, and enabling multi-factor authentication. It's not just about safeguarding your data; it's...
Mon, 19 Aug 2024 - 167 - CCT 167: Practice CISSP Questions - Compliance and Vulnerability Management (Domain 4.5)
Send us a textHow would a massive data breach at a major corporation like Boeing affect the global cybersecurity landscape? Join us on this episode of the CISSP Cyber Training Podcast, where we dissect this alarming 50GB ransomware attack and its profound implications on the industry. Additionally, we unpack the serious data compromise in Maine due to the MoveIt file transfer tool hack, which impacted 1.3 million people, and explore Google's bold move to delete old, inactive account data to m...
Thu, 15 Aug 2024 - 166 - CCT 166: Balancing Automation and Customization in Security Operations, Vulnerability Management, CISSP Domain 4.5
Send us a textEver wondered why your SOC team spends so much time on routine tasks rather than addressing critical threats? Discover the 80-20 rule in security operations and see how automating 80% of routine tasks can free up your team to focus on the complex incidents that truly matter. In our latest episode, host Sean Gerber shares his firsthand experiences leading a SOC and provides actionable insights on how to balance automation and customization for an efficient and responsive security...
Mon, 12 Aug 2024 - 165 - CCT 165: Practice CISSP Exam Questions - Mastering Process States, Execution Types, and System Architectures (Domain 3)
Send us a textEver wondered how CPUs juggle multiple tasks seamlessly? On this week's CISSP Cyber Training Podcast, we decode the art of CPU processes and multi-threaded environments. I'm Sean Gerber, and together, we'll navigate the maze of system architectures, from the running state of a CPU process to the marvels of symmetric multiprocessing. Dive in as we unravel the complexities of computing, making even the most intricate concepts accessible and engaging. Whether you're prepping for yo...
Thu, 08 Aug 2024 - 164 - CCT 164: Mastering Process States, Execution Types, and System Architectures for the CISSP (Domain 3)
Send us a textEver wondered how mastering process states and system architecture can be as straightforward as organizing your child's toy box? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we unpack the complexities of these crucial concepts to help you ace the CISSP exam. Drawing from my personal journey and the hurdles I faced, I'll share practical tips and relatable analogies that make even the most daunting topics accessible. We start by breaking down the initiation of proc...
Mon, 05 Aug 2024 - 163 - CCT 163: Practice CISSP Questions - Data Roles and Regulations, Security Responsibilities (Domain 2)
Send us a textAre you ready to ace your CISSP exam and propel your cybersecurity career to new heights? This episode of the CISSP Cyber Training Podcast promises to equip you with critical insights on data roles and regulations. From demystifying the responsibilities of data processors under GDPR to unpacking the PCI DSS framework essential for the financial sector, we leave no stone unturned. We'll also clarify the distinctions between asset owners and data owners, and explain who holds acco...
Thu, 01 Aug 2024 - 162 - CCT 162: Decoding Data Roles in CISSP and Navigating NIST Guidelines for Cybersecurity Governance (Domain 2)
Send us a textUnlock the secrets to mastering Domain 2 of the CISSP exam and navigate the paradox of the booming yet financially strained cybersecurity field. Despite the staggering 4 million global job openings, recent budget cuts and layoffs are reshaping the landscape. Learn how economic challenges are clashing with the rising demand for cybersecurity skills, the increasing pressures of governmental regulations, especially in AI security, and combatting the burgeoning threat of insider att...
Mon, 29 Jul 2024 - 161 - CCT 161: Practice CISSP Questions - Understanding Key Cybersecurity Legislation and Career Coaching Insight
Send us a textEver wondered what the GDPR and the Economic Espionage Act of 1996 have in common? On this episode of CISSP Cyber Training Podcast, I break down the complexities of essential cybersecurity legislation, both in the U.S. and Europe. We'll uncover what you need to know about the Identity Theft and Assumption Deterrence Act, the Wiretap Act, and the UK Computer Misuse Act. Additionally, we'll discuss the intricacies of civil law, HIPAA, and the critical role of administrative law. F...
Thu, 25 Jul 2024 - 160 - CCT 160: Contractual Law, Cybersecurity Legislation, and Computer Crimes (CISSP Domain 1)
Send us a textHow does understanding the legal landscape in cybersecurity elevate your professional game? Join us on this episode of the CISSP Cyber Training Podcast as we unpack the complexities of civil, criminal, administrative, and contractual law. Learn how each legal category influences risk assessments, organizational policies, and legal prosecutions. We'll guide you through the nuances of civil law's role in resolving non-criminal disputes, the severe implications of criminal law, and...
Sun, 21 Jul 2024 - 159 - CCT 159: Practice CISSP Questions - Assess the Effectiveness of Software Security (Domain 8.3)
Send us a textReady to fortify your software development practices against security risks? Join us as we unearth critical strategies for mitigating vulnerabilities in your code. From the seamless integration of Static Application Security Testing (SAST) into your CI/CD pipelines to refactoring code to eliminate buffer overflow issues, this episode is packed with essential insights. Discover the must-have security controls for cloud-based SaaS platforms, such as robust access controls and code...
Thu, 18 Jul 2024 - 158 - CCT 158: Assess the Effectiveness of Software Security (CISSP Domain 8.3)
Send us a textEver wondered how a data breach could impact cloud security, or what measures you need to take to secure sensitive information? Join us in this episode of the CISSP Cyber Training Podcast as we break down the recent AT&T data breach and its implications on cloud environments like AWS and Snowflake. Discover how attackers gained access to critical phone records and network topology, and why staying up-to-date with cloud security is more critical than ever.We also cover the in...
Mon, 15 Jul 2024 - 157 - CCT 157: Practice CISSP Questions - AI in Cybersecurity and Digital Forensics (Domain 7)
Send us a textCan AI revolutionize your cybersecurity career? Join me, Sean Gerber, on today's thrilling episode of the CISSP Cyber Training Podcast as we uncover the transformative impact of artificial intelligence on cybersecurity jobs, based on a revealing article by Joe McKendrick from ZDNet. With 88% of cybersecurity professionals predicting AI will change their roles and 82% believing it will enhance efficiency, it's clear that adaptation is key. We'll also discuss the alarming report o...
Thu, 11 Jul 2024 - 156 - CCT 156: Security Configuration Management, Change and Communication Best Practices (Domain 7.3)
Send us a textIs a four-year college degree necessary to break into the world of cybersecurity? Discover why practical experience and industry certifications might just be your golden ticket to a thriving career in IT. In this episode of the CISSP Cyber Training Podcast, host Sean Gerber unpacks Domain 7.3 of the CISSP exam, emphasizing the significant shift in the job market. With over 7,500 new IT roles added in June alone, Sean discusses how transitioning from general IT to specialized cyb...
Mon, 08 Jul 2024 - 155 - CCT 155: Practice CISSP Questions - Security Assessments, Account Management, Backup Verification (Domain 6)
Send us a textEver wondered how to secure your SaaS environment while mastering essential security testing techniques? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we navigate the complexities of cybersecurity, starting off with some personal July 4th reflections and an insightful Forbes article on the pressing threats and strategies in the SaaS landscape. With a staggering 96.7% of organizations relying on SaaS applications, the stakes have never been higher. You'll learn abo...
Thu, 04 Jul 2024 - 154 - CCT 154: Security Assessments, Account Management, and Backup Verification (Domain 6.3.1-5)
Send us a textEver wondered how to fortify your organization against cyber threats? Join Sean Gerber as we uncover the essentials of Domain 6.3 of the CISSP exam, from security assessments to account management and backup verification. Learn about tools like Nessus and Qualys and the role of ethical hacking in identifying vulnerabilities. Discover the critical differences between authenticated and unauthenticated scanning, and how red teams elevate your security measures to the next level.Wha...
Mon, 01 Jul 2024 - 153 - CCT 153: CISSP Practice Questions - Ransomware Attacks and Understanding IoT Trustworthiness (Domain 5)
Send us a textCould a seemingly minor breach at a smaller bank signal bigger vulnerabilities in our financial system? On this episode of the CISSP Cyber Training Podcast, we deliver eye-opening insights on a recent cybersecurity incident involving the notorious ransomware group LockBit. While the U.S. Federal Reserve remained untouched, Evolve Bank and Trust became their latest target. We'll break down what happened, why it matters, and what it means for the cybersecurity landscape. But that'...
Thu, 27 Jun 2024 - 152 - CCT 152: Federated Identities and Credential Management for the CISSP Exam (Domain 5.3)
Send us a textWant to ensure your organization's sensitive data remains secure in today's mobile-centric world? Tune in to our latest CISSP Cyber Training Podcast episode, where we unravel the complexities of federated identities and robust credential management. Learn from the high-profile data breach involving Change Healthcare and discover how multi-factor authentication could have prevented such a disaster. We promise you'll gain essential insights into how federated identities streamline...
Mon, 24 Jun 2024 - 151 - CCT 151: CISSP Practice Questions - Unraveling Multi-Layer Protocols and Data Encapsulation (Domains 4.1.4 & 4.1.5)
Send us a textReady to conquer the CISSP exam? This episode promises to arm you with crucial insights into the OSI model and its real-world applications. We kick things off by unraveling the intricacies of VPN tunnels and the pivotal role the data link layer plays in encapsulating data packets for secure internet travel. Next, you'll grasp how a significant Border Gateway Protocol (BGP) security breach zeroes in on the network layer. We then dissect the limitations of firewalls at the transpo...
Thu, 20 Jun 2024 - 150 - CCT 150: Unraveling Multi-Layer Protocols and Data Encapsulation for the CISSP Exam (Domains 4.1.4 & 4.1.5)
Send us a textAre multi-layer protocols the key to safeguarding our digital world amidst the rising tide of cyberattacks? Join me, Sean Gerber, as I unravel the complexities of these protocols and their vital role in cybersecurity, drawing from the CISSP ISC² domains 4.1.4 and 4.1.5. By sharing my firsthand experiences and highlighting the alarming $22 million ransomware payout by Change Healthcare, I underscore the urgent need for redundancy in critical systems, especially within vulnerable ...
Mon, 17 Jun 2024 - 149 - CCT 149: Practice CISSP Questions - Threat Modeling & STRIDE for CISSP Exam Success (D3.1)
Send us a textReady to conquer the CISSP exam? Unlock the secrets of threat modeling with our latest episode! Join me, Sean Gerber, as we break down the STRIDE methodology—Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Learn how to decode these critical security concepts and master the art of eliminating wrong answers in multiple-choice questions. This episode is your ticket to not only understanding but excelling in one of the most vi...
Thu, 13 Jun 2024 - 148 - CCT 148: Understanding and Implementing Threat Modeling for the CISSP Exam (Domain 3.1)
Send us a textWhat if you could transform your cybersecurity skills and become an expert in threat modeling? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as I guide you through the critical elements of threat modeling, a key topic for any cybersecurity professional gearing up for the CISSP exam. We'll discuss why grasping the nuances of threats is essential to safeguarding your organization's data and systems. From system and threat identification to vulnerability assessments and...
Mon, 10 Jun 2024 - 147 - CCT 147: Practice CISSP Questions - Defense in Depth and Secure Defaults (D3.1.2-3)
Send us a textWhat if your organization's data could be breached through an exposed API in your modem? Join me, Sean Gerber, in this week's CISSP Cyber Training Podcast as we unravel the hidden dangers of API connections and dive into the latest security flaws found in Cox modems. We'll also kick off our thrilling CISSP Question Thursday, tackling complex queries from domains 3.1.2 and 3.1.3. Plus, discover why AES-256 stands as the gold standard for cloud data encryption and how implementing...
Thu, 06 Jun 2024 - 146 - CCT 146: Defense in Depth and Secure Defaults for the CISSP Exam (Domains 3.1.2 & 3.1.3)
Send us a textCurious about how to implement robust cybersecurity measures and avoid costly breaches? In our latest episode of the CISSP Cyber Training Podcast, we unravel the intricacies of defense in depth and secure defaults as outlined in domains 3.1.2 and 3.1.3 of the CISSP exam. Starting with a weather update from Kansas, we shift gears to dissect a critical incident at UnitedHealthcare, revealing the repercussions of appointing a CISO lacking specific security expertise. We emphasize t...
Mon, 03 Jun 2024 - 145 - CCT 145: Practice CISSP Questions - Data Classification and Protection for the Exam (Domain 2.1.1)
Send us a textEver wondered how to navigate the complexities of data classification within your organization? Get ready to sharpen your cybersecurity skills and elevate your knowledge as we dissect CISSP Question Thursday, focusing on domain 2.1.1. This week, we also bring you an intriguing piece of news about ARPA-H, a groundbreaking new agency inspired by DARPA but aimed at revolutionizing healthcare through cutting-edge technology. With a starting fund of $50 million, ARPA-H is set to tack...
Thu, 30 May 2024 - 144 - CCT 144: Data Classification and Protection for the CISSP Exam (Domain 2.1.1)
Send us a textAs we honor the memory of those who have served and sacrificed, we also acknowledge the ever-present battlefield of cybersecurity. Today, we dissect the essentials of data classification, an integral aspect of Domain 2 in the CISSP exam, while paying tribute to Memorial Day. Join me, Sean Gerber, for a candid conversation where we unwrap the layers of Microsoft Copilot's recall feature and its privacy concerns, and we address how these advanced AI technologies intersect with the...
Mon, 27 May 2024 - 143 - CCT 143: Practice CISSP Questions - All Domains
Send us a textUnlock the doors to a fortified cybersecurity career with me, Sean Gerber, as we navigate the complex landscape of CISSP concepts tailored for those aspiring to conquer the CISSP exam. We're not just scratching the surface; we're burrowing into the depths of what it takes to understand and tackle real-world security challenges. From the perils of unprotected customer data on cloud servers to the intricacies of managing employees who sidestep DRM for convenience, this podcast equ...
Thu, 23 May 2024 - 142 - CCT 142: Navigating Contractual Law, Cybersecurity Legislation, and Computer Crime Acts (D1)
Send us a textDive deep into the legal intricacies of cybersecurity with me, Sean Gerber, as I guide you through the maze of laws and scams impacting our digital world. Prepare to arm yourself with knowledge that stretches far beyond the CISSP exam, as we tackle the multi-million-dollar repercussions of cybercrimes and the collaborative global efforts to combat them. This episode lays down the framework of civil, criminal, administrative, and contractual law, providing a comprehensive underst...
Mon, 20 May 2024 - 141 - CCT 141: Practice CISSP Questions - Business Impact Analysis (D1.8.1)
Send us a textFend off cyber extortionists with cutting-edge insights from our latest cyber training podcast, where Sean Gerber and I dissect the sophisticated methods to recover data from ransomware's icy grip. Inspired by a Sophos News article, we navigate through six data retrieval strategies that could save your business in a pinch, emphasizing that while there's no magic bullet, prioritizing certain file types could make all the difference in your recovery efforts. And because we know yo...
Thu, 16 May 2024 - 140 - CCT 140: Business Impact Analysis and the CISSP Exam (D1.8.1)
Send us a textUnlock the mysteries of cybersecurity and business continuity with me, Sean Gerber, as we navigate the treacherous waters of cyber threats, including the dark reality of ransomware's impact on our critical infrastructure. Tune in for an intricate look at the geopolitical cyber chessboard, where nations could be gearing up for digital warfare. We'll assess the fine line between cyber vandalism and an act of war, and explore how to arm yourself with knowledge and strategies to pro...
Mon, 13 May 2024 - 139 - CCT 139: Practice CISSP Questions (All 8 Domains)
Send us a textCybersecurity isn't just about the tech; it's about making tough calls under pressure, and this episode is your field guide to navigating those high-stakes scenarios. I'm Sean Gerber, and today we dissect not only the ins and outs of crucial security measures like multi-factor authentication—underscored by the UnitedHealthcare ransomware fiasco—but also the contentious debate surrounding ransom payments during cyber-attacks. Get ready to gain managerial insight that could be the...
Thu, 09 May 2024 - 138 - CCT 138: CISSP Cybersecurity Journey - Education to Operational Technology Defense (DRAGOS)
Send us a textEmbark on a transformative journey into the world of cybersecurity with me, Sean Gerber, as your guide. Discover how to fortify your career foundations and traverse the evolving landscape of digital protection. Our latest episode delves into the crucial timelines for mastering cybersecurity, with a special look at Dragos' role in safeguarding operational technology—think electricity and water, the lifeblood of our community.Navigating the educational routes towards a cybersecuri...
Mon, 06 May 2024 - 137 - CCT 137: Practice CISSP Questions (All Domains)
Send us a textUnlock the vault of cybersecurity wisdom and ace the CISSP exam with the guidance of Sean Gerber on the CISSP Cyber Training Podcast. Prepare to transform your approach to cyber studies as we emphasize understanding over rote memorization, with a treasure trove of 3,000 to 5,000 practice questions to arm you for battle. We'll tackle the complexities of integrating Multi-Factor Authentication seamlessly into current systems, and when facing the specter of data exfiltration, we'll...
Thu, 02 May 2024 - 136 - CCT 136: Mapping Your Path to the CISSP - Certifications and Preparation Strategies
Send us a textEmbark on a journey through the intricate world of cybersecurity certifications with me, Sean Gerber, and discover how to transition from tech enthusiast to CISSP-ready specialist. If you're looking to solidify your place in the cybersecurity realm, this episode is the map you need to navigate the terrain of essential certifications. We begin with the cornerstone certifications like CompTIA's A+ and Network+, examining their price tags, the time commitment for study, and the exp...
Mon, 29 Apr 2024 - 135 - CCT 135: Practice CISSP Questions - SDLC and Design to Deployment (Domain 8)
Send us a textReady to conquer the CISSP exam with flying colors? This week, we've zeroed in on Domain 8 – the soul of software development security! I'm Sean Gerber, your cybersecurity compatriot, and I'm here to guide you through the labyrinth of securing software right from its architectural blueprint to its final lines of code. We kick things off with a bang, dissecting the crucial role of design and architecture in embedding security into your SDLC. It's not just about building software;...
Thu, 25 Apr 2024 - 134 - CCT 134: CISSP Insights into Software Development Life Cycle (SDLC)
Send us a textUnlock the secrets of weaving impenetrable security into the fabric of software development, as we dissect the Software Development Life Cycle and its crucial role in cybersecurity. We're not just coding; we're crafting digital fortresses that stand resilient against the onslaught of cyber threats. From the strategic implementation of least privilege to the complexity of secure code repositories, this episode is your masterclass in transforming functional software into fortified...
Mon, 22 Apr 2024 - 133 - CCT 133: Practice CISSP Questions – Firewalls, NGFWs, Static Packet Filtering and More (D7.7.1)
Send us a textUnlock the secrets of cutting-edge cybersecurity as we navigate the revolutionary impact of drone technology in the insurance industry and delve into the critical components of network security essential for CISSP certification. Sean Gerber here, and I'm eager to guide you through the complex landscape of firewalls, from the fundamentals to next-generation marvels. We'll dissect packet filtering and the indispensable roles these digital gatekeepers play in safeguarding our netwo...
Thu, 18 Apr 2024 - 132 - CCT 132: Firewalls, NGFW, Static Packet Filtering, Application, Circuit Level, Proxy's, URL Filtering (D7.7.1)
Send us a textDive into the digital trenches with me, Sean Gerber, and ward off cyber threats as we dissect the intricate design of firewalls. Cybersecurity isn't just tech jargon; it's a barricade guarding our financial fortresses from trillion-dollar breaches. In this comprehensive session, we don't just skim through firewall types and setups; we equip you for the frontlines of data protection and cybersecurity leadership. Whether you're a CISSP candidate or a seasoned pro looking to sharpe...
Mon, 15 Apr 2024 - 131 - CCT 131: Practice CISSP Questions - Mastering Vulnerability Assessments and Network Scanning (D6.2.1)
Send us a textCybersecurity's battleground is evolving with AI and quantum computing at the forefront. Are you prepared for the oncoming digital storm? Join me, Shon Gerber, as we reinforce crucial skills for vulnerability assessments and network scanning, and delve into the promising yet perilous world where artificial intelligence meets digital defense. With insights gleaned from a recent Google survey, we discuss the bright future of AI in enhancing security protocols and its darker potent...
Thu, 11 Apr 2024 - 130 - CCT 130: Securing the Digital Frontier - Mastering Vulnerability Assessments and Network Scanning (D6.2.1)
Send us a textJoin me, Shon Gerber, on a journey that cuts through the complex undergrowth of cybersecurity's vulnerability assessments. This week's episode is a treasure trove for CISSP exam candidates and professionals alike, as we unpack the intricate details of CVEs, CVSS scores, and the acronyms that are the bread and butter of our industry. Discover how the technical handshake of a TCP connection can reveal your system's soft spots and why a recent ransomware attack in Missouri is a sta...
Mon, 08 Apr 2024 - 129 - CCT 129: Practice CISSP Questions – Deprovisioning and Role Definitions (D5.5.2-3)
Send us a textCybersecurity isn't just a buzzword—it's the fortress between your data and a barrage of cyber threats. I'm Sean Gerber, and in this deep-dive session, we confront the stark reality of a world where ransomware attacks have soared, as per a Scottish non-profit's alarming statistics. Doubling down on the urgency for cyber resilience, we underscore the critical need for skilled professionals in this high-stakes domain. Prepare to navigate through the gritty nuances of user account ...
Thu, 04 Apr 2024 - 128 - CCT 128: CISSP Mastery - Deprovisioning and Role Definitions (D5.5.2-3)
Send us a textCould your company's board benefit from cybersecurity expertise? Discover the untold impact security professionals can make in risk mitigation and financial stability. This week on the CISSP Cyber Training Podcast, I, Sean Gerber, navigate the critical intersection of cybersecurity and corporate governance, underscoring a need for expertise that's often overlooked. We dissect the lifecycle of role management, from the precise art of onboarding to the essential processes of depro...
Mon, 01 Apr 2024 - 127 - CCT 127: Practice CISSP Questions – Secure Communication Protocols (D4.1.3)
Send us a textEmbark on an exciting foray into the ever-evolving world of cybersecurity with me, Sean Gerber, as I chart a new course into independent consultancy. The waters are rough, with the UK's critical infrastructure facing an unprecedented OT threat landscape, exacerbated by global geopolitical unrest. Uncover how seemingly secure supply chains and legacy OT systems can become a playground for cyber adversaries, and why protecting energy and utilities has never been more vital. Gain i...
Thu, 28 Mar 2024 - 126 - CCT 126: CISSP Expertise Unveiled - Secure Communication Protocols and Defense Strategies in Cybersecurity (D4.1.3)
Send us a textEmbark on a cybersecurity odyssey with Sean Gerber as he reveals his leap into the consultancy realm, navigating the precarious balance between the thrill of independence and the stark realities of forging a new path. This episode offers an insider's perspective on secure communication protocols, a fundamental aspect of the CISSP exam, and a critical component of any robust cybersecurity defense. As we dissect the repercussions of the United Health Care hack and its jaw-dropping...
Mon, 25 Mar 2024 - 125 - CCT 125: Practice CISSP Questions - Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6)
Send us a textEmbark on a transformative journey with me, Sean Gerber, as I share the pivotal moment of venturing into full-time cybersecurity consulting after a significant chapter of my career. It's a time of change and opportunity, not just for me but for the entire cybersecurity landscape, as we witness the shockwaves of a ransomware attack on Change Healthcare and its repercussions on entities like UnitedHealthcare. In this episode, we peel back the layers of this incident to reveal the ...
Thu, 21 Mar 2024 - 124 - CCT 124: Integrity Unhashed through Ensuring Message Authenticity with the CISSP (D3.6)
Send us a textCould your passwords withstand a cyber siege by expert Russian hackers? My latest podcast episode serves as a wakeup call to the cyber threats looming over us, showcasing the recent breach of Microsoft's test environment. As Sean Gerber, I dissect the pivotal missteps in password management and underscore the lifesaving grace of multi-factor authentication. We then shift gears to the bedrock of cyber training, examining message authenticity and integrity controls. By unpacking t...
Mon, 18 Mar 2024 - 123 - CCT 123: Practice CISSP Questions – Data Security Controls and Compliance Requirements (D2.6)
Send us a textConfront the cyber siege that has the healthcare industry on high alert; this episode sees me, Sean Gerber, dissecting the harrowing United Healthcare ransomware crisis that's rocked our nation. We're not just crunching numbers here—$22 million in ransom to Black Cat hackers signifies more than a hefty payout, it's a stark reminder of our critical infrastructure's fragility in the face of cyber threats. The recent episodes have armed us with knowledge, and now, it's time to put ...
Thu, 14 Mar 2024 - 122 - CCT 122: CISSP Deep Dive: Uncovering Data Encryption, Loss Prevention, and Code Obfuscation Strategies (D2.6)
Send us a textEmbarking on a new chapter in my cybersecurity journey, I can't wait to share the depth of insights that come with stepping into the consulting realm. The world of cybersecurity is ever-evolving, and I'm here to navigate this complex landscape with you, offering the expertise you need to protect your data in today's digital battleground. From deciphering the states of data to unveiling the encryption methods that keep your information safe, this episode is a goldmine for anyone ...
Mon, 11 Mar 2024 - 121 - CCT 121: Practice CISSP Questions - Navigating Security Policies and BIA Basics (Domain 1)
Send us a textImagine your Ubiquiti router as an open treasure chest amidst cyber pirates—how long before it's plundered? This episode throws you a lifeline, urging IoT and critical infrastructure pros to safeguard their digital booty by updating those default credentials, stat! But it's not all about fending off Russian cyber threats; we also turn the tables with CISSP Question Thursday, sharpening your cybersecurity smarts. We dissect the anatomy of a bulletproof security policy, navigate t...
Thu, 07 Mar 2024 - 120 - CCT 120: CISSP Essentials: Navigating Security Policies and BIA Basics (Domain 1)
Send us a textGet ready to fortify your cybersecurity knowledge base, as I, Sean Gerber, guide you through the labyrinth of security policies and the pivotal Business Impact Analysis (BIA). Our latest CISSP Cyber Training Podcast episode is a treasure trove of insights, where we unravel how security policies aren't just documentation—they're the shields guarding your organization's data. With the revolution of AI, crafting these crucial policies has become more intuitive, ensuring that roles,...
Mon, 04 Mar 2024 - 119 - CCT 119: Practice CISSP Questions – Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5)
Send us a textUnlock the secrets to crafting impenetrable software as we delve into Domain 8 of the CISSP exam, where design and architecture reign supreme in the security integration battle. Prepare to have your coding paradigms shifted and your architectural blueprints fortified in this episode, which is nothing short of a cyber-fortification masterclass. We tackle the most critical phase of the SDLC and reveal how a well-laid foundation can make or break your software's defensive capabilit...
Thu, 29 Feb 2024 - 118 - CCT 118: Integrated Product Team (IPT) and Waterfall, Spiral, Agile, Scrum Development (D8.1.2-8.1.5)
Send us a textAre you prepared to navigate the intricate maze of software development and cybersecurity? This week's episode guarantees to arm you with the expertise to conquer the CISSP exam and apply these vital skills in the real world. We delve into the structures and strategies that define successful software projects, comparing the precision of the waterfall model to the flexibility of agile, scrum, and the hybrid vigor of the spiral approach. Our foray into recent cyberattacks on US ph...
Mon, 26 Feb 2024 - 117 - CCT 117: CISSP Practice Questions - Navigating the CISSP Incident Management Maze (D7)
Send us a textUnlock the secrets to expert incident response with me, Sean Gerber, in this week’s CISSP Cyber Training Podcast. We're crunching down on the essential steps to effectively detect, respond to, mitigate, and recover from cybersecurity incidents. If you're serious about acing the CISSP exam and expanding your cybersecurity acumen, this episode is your study hall. We'll sift through real-world scenarios, dissecting the types of technologies that keep a vigilant eye on your network'...
Thu, 22 Feb 2024 - 116 - CCT 116: Incident Resilience - Navigating the CISSP Incident Management Maze (D7)
Send us a textPrepare to elevate your cybersecurity savvy to new heights! Join Sean Gerber as we dissect the nuts and bolts of the incident response process, an indispensable asset for acing the CISSP exam and bolstering your organization's digital defense. This episode is a treasure trove of strategies, focusing on crafting top-notch incident response plans and fostering a security culture that can withstand the toughest cyber challenges. Whether you're a part of a burgeoning small business ...
Mon, 19 Feb 2024 - 115 - CCT 115: Practice CISSP Questions - Security Assessments and Testing (D6)
Send us a textEmbark on a journey to cybersecurity mastery as I, Sean Gerber, unveil the intricacies of security assessments and testing in the realm of CISSP. Guaranteeing a deeper comprehension of domain six, this episode meticulously dissects the objectives of evaluations, zeroing in on vulnerability detection and the verification of security measures. Imagine possessing the acumen to craft test data with utmost confidentiality, navigating the nuances of the audit process, and understandin...
Thu, 15 Feb 2024 - 114 - CCT 114: Security Assessments and Audits - Unveiling Bulletproof Strategies for Cyber Defense (D6)
Send us a textAre your organization's cybersecurity measures battle-tested against real threats? Let's unravel the complex tapestry of security assessments and audits together. As your host, Sean Gerber, I bring my red team experience to the forefront, dissecting the various layers of security evaluations that go far beyond simple box-ticking exercises. In this week's CISSP Cyber Training Podcast, we focus on the importance of rigorous, unbiased evaluations, not only to adhere to industry sta...
Mon, 12 Feb 2024 - 113 - CCT 113: Practice CISSP Questions - Understanding Account Provisioning and Maintenance Mastery (D5.5.1)
Send us a textUnlock the secrets of effective account provisioning and maintenance with us, as we ensure you're equipped to face the cyber battleground head-on. This episode, tailored for aspiring CISSP aces and cybersecurity aficionados alike, promises a treasure trove of actionable insights on user authorization, a cornerstone of securing your digital realm. Sean Gerber leads the charge in this week's CISSP Cyber Training Podcast, dissecting the intricacies of account provisioning—because w...
Thu, 08 Feb 2024 - 112 - CCT 112: Understanding Account Provisioning and Maintenance Mastery (D5.5.1)
Send us a textPrepare to be armed with the knowledge to secure your digital fortress as we confront the ATLASEN Confluence Data Center and Server Template injection bug, a critical vulnerability that could undermine your cybersecurity defenses. With a severity level that's maxed out the scale, I'm here, Sean Gerber, to ensure you're not left exposed to CVE 2023 22527. Transitioning from defense to offense, we'll unpack CISSP's domain 5.5.1, delivering best practices for onboarding systems and...
Mon, 05 Feb 2024 - 111 - CCT 111: Practice CISSP Questions - IPv4, IPv6, IP Classes, ICMP, IGMP, and ARP for Cybersecurity Success (D4.1.2)
Send us a textGet ready to fortify your cyber defenses and unwrap the complexities of internet protocols with me, Sean Gerber, in a week charged with cybersecurity insights. We’re dissecting the digital fabric of IPv4 and IPv6, from the nuances of subnetting to the stealthy signals of ICMP, ensuring you walk away with a fortified understanding of the cyber terrain. Don't miss the pivotal segment where I unravel the CIDR notation—a cornerstone concept for network professionals—and how recogniz...
Thu, 01 Feb 2024 - 110 - CCT 110: Networking Essentials Unveiled - IPv4, IPv6, IP Classes, ICMP, IGMP, and ARP for Cybersecurity Success (D4.1.2)
Send us a textEver wondered how the invisible threads of the internet hold together the vast tapestry of global communication? Join me, Sean Gerber, as we unravel the mystique behind internet protocols, where the transition from IPv4's limited landscape to IPv6's boundless horizons marks a revolution in digital connectivity. Illuminating the depths of IP classes, address schemes, and the critical importance of understanding these concepts, we equip you with the essential know-how to navigate ...
Mon, 29 Jan 2024 - 109 - CCT 109: Practice CISSP Questions - Essential Cryptography Algorithms and Concepts (Domain 3.5)
Send us a textUnlock the mysteries of modern cryptography and quantum computing's future impact on security protocols with your guide, Sean Gerber. Our CISSP Cyber Training Podcast takes you through an intricate journey, ensuring you're armed with the expertise needed to conquer the CISSP exam and remain ahead in the ever-evolving landscape of cybersecurity. We promise to transform your understanding of cryptographic concepts, from the supremacy of AES in symmetric encryption to the vulnerabi...
Thu, 25 Jan 2024 - 108 - CCT 108: CISSP Cryptography Crash Course - Essential Algorithms and Concepts (Domain 3.5)
Send us a textUnlock the latest CISSP exam insights and elevate your grasp on the cryptographic landscape with your host, Sean Gerber. Wichita's thawing frost mirrors the CISSP exam's refreshing changes, and we've got the scoop you need to stay on track. Rob Witcher joins in to dissect domain weight adjustments and new focal points in risk management and security architecture. With an eye towards the updated exam format, we assure you that these shifts are no cause for alarm but rather an opp...
Mon, 22 Jan 2024 - 107 - CCT 107: Practice CISSP Questions - EOL/EOS Maze and the CISSP Exam (Domain 2.5)
Send us a textIs your organization's cybersecurity teetering on the edge with outdated technology? Find out how to fortify your defenses as I, Sean Gerber, navigate the treacherous landscape of end-of-life (EOL) and end-of-service (EOS) assets in the latest CISSP Cyber Training Podcast episode. We explore the harsh realities of increased vulnerabilities and compliance challenges that come with clinging to aging systems. Say goodbye to the misplaced hope of squeezing performance from obsolete ...
Thu, 18 Jan 2024 - 106 - CCT 106: Sunset for Your Systems - Navigating the EOL/EOS Maze and the CISSP Exam (Domain 2.5)
Send us a textReady to bulletproof your business against cyber threats that never take a day off? This week, Sean Gerber steers you through the murky waters of cybersecurity for small and medium-sized businesses, with a treasure trove of wisdom on asset management and the art of gracefully retiring your tech relics. We're not just talking about keeping the digital lights on—we're talking full-fledged, fail-proof fortresses.Ever wondered what happens when the 'Billy Bobs' maintaining our legac...
Mon, 15 Jan 2024 - 105 - CCT 105: Practice CISSP Questions - Transborder Data Flows in Cybersecurity and the CISSP (Domain 1.5)
Send us a textAre cyber attacks and data breaches keeping you up at night? You're not alone, and today's episode is your ally in conquering the CISSP exam and upping your cybersecurity game. Sean Gerber is here to dissect the looming shortage of cybersecurity professionals and the power of soft skills that go beyond the technical expertise. With an anticipated gap of 5.5 million roles by 2024, Sean discusses the necessity of growing our cybersecurity workforce and the critical role certificat...
Thu, 11 Jan 2024 - 104 - CCT 104: Navigating Transborder Data Flows in Cybersecurity and the CISSP (Domain 1.5)
Send us a textCybersecurity isn't just about technology; it's a battleground where legal expertise and international laws become as crucial as firewalls and encryption. Brace yourself as we navigate the tumultuous waters of cyber attacks, from the shocking breaches in Kansas and Australia to the alarming targeting of US infrastructure by Iranian hackers. Our conversation isn't just a rundown of threats; it's an essential guide through the labyrinth of legal consequences for those at the keybo...
Mon, 08 Jan 2024 - 103 - CCT 103: CISSP Practice Questions - Domain 1-8
Send us a textUnlock the secrets to conquering the CISSP exam as I, Sean Gerber, take you by the hand in our powerhouse 102nd episode, guiding you through the labyrinth of cybersecurity knowledge. Imagine stepping into the exam room equipped with the ultimate blueprint, the same one that has become the hallmark of success for our students. It’s holiday season and we’re serving up a festive feast of CISSP insights, sprinkled with a preview of the upcoming changes to the CISSP exam slated for A...
Thu, 04 Jan 2024 - 102 - CCT 102: CISSP Salary to Testing Setting Expectations
Send us a textEver wondered if those hefty CISSP certification costs could actually catapult your cybersecurity career to new financial heights? We crack the code on how balancing certification with real-world experience and the right job role can significantly impact your earning potential. Our latest conversation takes a deep dive into the geographical salary differences for security professionals, shedding light on the variance between regions like the Asia Pacific and North America. But d...
Mon, 01 Jan 2024 - 101 - CCT 101: CISSP Practice Questions - Domain 1-8
Send us a textAre you prepared to level up your cybersecurity expertise and ace the CISSP exam? That's exactly what we're here for! I'm Sean Gerber, and this episode of the CISSP Cyber Training Podcast is a treasure trove of knowledge, from unraveling the intricacies of the STRIDE methodology to understanding the subtleties of 'repudiation' versus 'replication'. Get ready to delve into the depths of the Mandatory Access Control model and discover why 'Top Secret' isn't just a phrase out of a ...
Thu, 28 Dec 2023 - 100 - CCT 100: CISSP Certification's Impact on Cybersecurity Salaries and Career Advancement
Send us a textUnlock the true potential of your cybersecurity career with insights on how CISSP certification can amplify your earning power—beyond just a fancy title. As your guide, Sean Gerber, I'm taking you through a deep dive into the world of cybersecurity salaries, where your locale plays as big a role as your skills. From the bustling markets of Asia Pacific to the economic hubs in North America, we're mapping out the financial landscape and the real impact of cost of living on what y...
Mon, 25 Dec 2023 - 99 - CCT 099: CISSP Practice Questions - Understanding APIs and the Security Principles (CISSP Domain 8.5)
Send us a textAre you prepared to crack the code on API security and sail through your CISSP exam? If yes, then embark on this enlightening journey with me, Sean Gerber, as we decipher the intricacies of API and REST API security. We’ll tackle questions about securing API keys, delve into the pivotal function of an API gateway, and demystify common API security threats. You’ll also get a grip on the role of OAuth 2.0 and input validation in protecting APIs. Hold on to your seats as we tr...
Thu, 21 Dec 2023 - 98 - CCT 098: Understanding APIs and the Security Principles Associated for the CISSP Exam (CISSP Domain 8.5)
Send us a textAre you ready to unlock the secrets of API security? Prepare to be enlightened, as we tackle the burning issue of cybersecurity, with a special focus on recent hacker attacks targeting US water treatment facilities. Join us in a critical dialogue on fortifying our defenses and the role of cybersecurity education in our communities. Learn how to navigate the complexities of API security, from managing authentication to role-based access and the handling of tokens and API keys.&nb...
Mon, 18 Dec 2023 - 97 - CCT 097: CISSP Practice Questions - Applying Resource Protections for the CISSP Exam (CISSP Domain 7.5)
Send us a textReady to become a CISSP expert? With this episode, we're going to decode the complex subject of CISSP domain 7.5 - protection of media types, as we sail through its tricky waters. A special highlight of this week's episode is the CISSP Question Thursday segment, featuring targeted questions designed to sharpen your skills and make your CISSP exam prep a walk in the park. You'll also get an insider's view of how a study blueprint can be your compass, guiding you towards your CISS...
Thu, 14 Dec 2023 - 96 - CCT 096: Applying Resource Protections for the CISSP Exam (CISSP Domain 7.5)
Send us a textYou know how critical resource management is to protect your organization's media, but do you fully understand how to implement it effectively? We're here to ensure you do. In our latest CISSP Cyber Training Podcast episode, we shine a light on the recent ransomware attack that hit 60 US credit unions, exposing severe vulnerabilities in the supply chain. We discuss the significance of physical security measures, especially during investigations, and various forms of physical med...
Mon, 11 Dec 2023 - 95 - CCT 095: CISSP Practice Questions - Assessment, Compliance, and Improvement Strategies (Domain 6)
Send us a textReady to unlock the secrets of cybersecurity and ace that CISSP exam? Strap in as we delve into the intriguing realm of ISO 27001 standards, exploring their critical role in safeguarding key infrastructure such as our municipal water facilities. Learn how to assess, comply with, and improve upon these standards, and get a sneak peak at potential exam questions you'll find on our website.But it doesn't stop there. We're pushing the envelope further by integrating cloud security a...
Thu, 07 Dec 2023 - 94 - CCT 094: Assessment, Compliance, and Improvement Strategies (CISSP Domain 6.5)
Send us a textEver wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent ...
Mon, 04 Dec 2023 - 93 - CCT 093: Practice CISSP Questions - Authorization Mechanisms and Access Control Models (Domain 5)
Send us a textEver wondered how to build a fortress around your digital estate? Well, you're about to add a host of techniques to your arsenal. I, Sean Gerber, will take you through an enlightening exploration of access control models, examining prominent types including discretionary, mandatory, role-based, and risk-based models. We'll unlock the secret behind hybrid access controls and their role in reinforcing security layers. Plus, we won't skip the practical side of things, we’ll dive de...
Thu, 30 Nov 2023 - 92 - CCT 092: A Deep Dive into Authorization Mechanisms and Access Control Models for the CISSP Exam (CISSP Domain 5.4)
Send us a textWhat happens when ransomware strikes a big corporation like Clorox? Imagine the chaos and the panic that ensues - not to mention, the significant impact on revenue and leadership. That’s where we kick off our conversation with Sean Gerber, who delves deep into the Clorox ransomware attack and why having a strong resiliency plan is imperative. We also shed light on the importance of authorization and discretionary access controls in maintaining organizational security.We navigate...
Mon, 27 Nov 2023 - 91 - CCT 091: Practice CISSP Questions for Compliance and Vulnerability Management (Domain 4)
Send us a textAre you armed with the right strategies to handle a business-altering ransomware attack? How would you navigate the evolving landscape of cyber threats like the recent Boeing lock bit ransomware incident or the Maine move it debacle? Prepare to sink your teeth into these juicy cybersecurity happenings while also getting a breakdown of Google's new strategy on deleting files from inactive accounts. Join us as we shift gears, focusing on CISSP exam questions, particularly the...
Thu, 23 Nov 2023 - 90 - CCT 090: Navigating Security Compliance and Vulnerability Management (CISSP Domain 4.5)
Send us a textReady to elevate your cybersecurity knowledge? Buckle up as we, your hosts, dig deep into the realm of security operations, focusing on the time-saving 80-20 rule. We're discussing how automation can handle 80% of benign events, leaving your SOC teams to tackle the crucial 20%. We also delve into the intriguing concept of detection as a code and the role of scalable business context in data ingestion.How about understanding the essence of penetration testing and vulnerability sc...
Mon, 20 Nov 2023
Podcasts ähnlich wie CISSP Cyber Training Podcast - CISSP Training Program
- Global News Podcast BBC World Service
- El Partidazo de COPE COPE
- Herrera en COPE COPE
- Tiempo de Juego COPE
- The Dan Bongino Show Cumulus Podcast Network | Dan Bongino
- Es la Mañana de Federico esRadio
- La Noche de Dieter esRadio
- Hondelatte Raconte - Christophe Hondelatte Europe 1
- La rosa de los vientos OndaCero
- Más de uno OndaCero
- La Zanzara Radio 24
- Espacio en blanco Radio Nacional
- Les Grosses Têtes RTL
- L'Heure Du Crime RTL
- El Larguero SER Podcast
- Nadie Sabe Nada SER Podcast
- SER Historia SER Podcast
- Todo Concostrina SER Podcast
- 安住紳一郎の日曜天国 TBS RADIO
- TED Talks Daily TED
- The Tucker Carlson Show Tucker Carlson Network
- 辛坊治郎 ズーム そこまで言うか! ニッポン放送
- 飯田浩司のOK! Cozy up! Podcast ニッポン放送
- 武田鉄矢・今朝の三枚おろし 文化放送PodcastQR