CISSP.com, the web portal for the certified information systems security professionals

The CISSP exam was a challenge --  but the hard part is what remains to be done.  Work that most clearly qualifies me is work I did before 1992.  Like many engineers who earned their degree when writing in machine code was part of earning the degree, I'm looking for a way to meet (ISC)2 audit requirements.  A job description didn't exist. If it did, I didn't know it.  

My name appears in two RTCA documents as a member of each Special Committee.  RTCA, Inc. and EUROCAE publish guidelines used by their respective aviation regulatory authority, to certify all software and to test all devices, that are airborne.  (The document pertaining to software is in its 20th year).  Each of the two documents corresponds to at least two of the required domains.  But each costs several hundred dollars. My LinkedIn account has recommendations from two people I worked with. 

Restated: LinkedIn shows the work experience and two people who can verify it.  As well it shows all three of us worked for that employer.  The only thing that remains is calling the company to verify this. But the (ISC)2 form asks for something that didn't exist so what could be produced wouldn't meet what seems to be intended by having a job description from that work.

This reminded me of product-specific security discussion, comparing iPhone with Android.

http://www.voiceofgreyhat.com/2012/01/national-security-agency-nsa-released.html

NIST has a wiki and internal document about Cloud Security. They're asking the Cloud Security Working Group for comments until the end of this month.  Join the group and lend your expertise.

The name of the document we are submitting comments about until the end of the month is, "NIST Cloud Computing Challenging Security Requirements for USG Adoption of Cloud Computing").  We also write for the wiki. The wiki has two document lists and a section with information about how to join the biweekly meetings.  (Next meeting is two weeks from Dec 21).  Of the two document lists (Working Documents and Artifacts) lists current documents. The other (Attachments) is more substantial than the name conveys.

Participation is an opportunity to look at the cloud from as far above the landscape as can be.  When we see something that needs to change it needs to be articulated to people we don't know.  What's your comfort zone?  NIST doesn't legislate -- but legislators look to NIST for guidance.

If you've read the latest hype from media sites about Microsoft's plan to silently push updates for IE, or if you use Google Chrome and allow silent updates, you might want to reconsider your objectives.  According to NIST and DISA checklists, automated updates are not acceptable. 

Allowing any automated activity warrants consideration of what Microsoft calls "automated".   Nothing distorts language like "marketing spin".  For example, "automated" updates in XP mean that you also allow non-essential changes to take place.  Allowing new software to be installed when it isn't essential violates the common-sense approach we know as "if it ain't broke, don't fix it". 

Doing manual updates to Windows installations can be a pain -- if you don't plan ahead for the time required to do so.  But doing the planning gets around the lack of transparency.  I'd rather plan to take the additional time required to manually update an XP installation and know that other software doesn't "magically" get installed.

I Am Bharanidharan from india

i have been completed certifications such as 

CEH V7 from EC Council

AFCEH V5 from AnkitFadia

and i really have an thirst of knowledge in this field..

i'm ready to improve the growth of the organisation by my steady progress in this information security field.

What is the estimate of  IT security spending versus the overall IT budget of an average company or some companies you know?

Arnold M was kind to engage me in a conversation, I can see a great depth of knowledge and look forward to understanding the dynamics and norms of this site.

I look forward to meeting more people and hopefully I can be of assistance to someone at some point.

:)

I'm leaning that is takes a lot of study time and being consumed by the material.

You have to live it each day.  Crack the BOOKS!  No Boot Camp will help if you have not put the time into Study.

AT&T iPhones may have connectivity issues, but test outcomes show that iPhones on AT&T's 3G network have quicker connections than Verizon iPhones. AT&T iPhones were twice as fast as Verizon iPhones when speeds were measured on their respective 3G networks. Verizon iPhones may be much slower than iPhones on AT&T's 3G network, but with regards to dependability, AT&T iPhones dropped calls during the tests, just as people expected they would. Resource for this article - Choosing an iPhone - AT and T beats Verizon in 3G network speed test by MoneyBlogNewz.


Pick AT&T over Verizon for the iPhone



Dropped calls have become AT&T’s iPhone hallmark, however iPhone users who place a premium on network speed ought to think twice before switching to Verizon. The creators of the speedtest.net broadband test app are Ookla. It tested both the AT&T And Verizon iPhones. AT&T iPhone transfer rates came in at about two times faster than those calibrated for Verizon iPhones. There were 42,000 AT&T iPhones and 14,000 Verizon iPhones around the United States in the Ookla speed results. Most iPhone users ran the Speedtest.net app several times to total 106,000 AT&T iPhone tests and 40,000 Verizon iPhone tests.



The test the Verizon iPhone went through


Speed tests outcomes for AT&T iPhone downloads averaged 1,769 kbps and uploads averaged 730 kbps. The Verizon iPhone averaged 846 kbps for downloads and 606 kbps for uploads. AT&T iPhones might have the speed advantage, however Verizon iPhones were much more reliable. It was reported that several AT&T iPhones didn’t even finish the test. This was as the connection was dropped. The iPhone at Verizon was slower for sure. Still, the connection was maintained in all tests done. The corporations both know each others’ weaknesses. This is shown in the advertising wars. AT&T touts “the nation’s fastest 3G network.” Verizon advertises “America’s Largest and Most Reliable Wireless Network.”


The best iPhone for your needs



Think about how you will use your device the most before selecting between AT&T and Verizon for your iPhone. You'll want AT&T if you're planning to consume media mostly. Be sure you go with Verizon if you mostly want reliability. The Speedtest.net app is the easiest and best way to test an iPhone’s 3G network speed. At the Apple App Store, the Speedtest.net app is there for free for the iPhone.



Articles cited

Wired

wired.com/gadgetlab/2011/02/iphone-speedtest/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed: wired/index (Wired: Index 3 (Top Stories 2))&utm_content=Google Reader

NPR

npr.org/blogs/thetwo-way/2011/02/17/133849171/on-the-iphone-at-t-network-is-faster-than-verizons

MSNBC

msnbc.msn.com/id/41485079/ns/technology_and_science-wireless/