The CISSP exam is not the only ISC2 exam due to be updated in 2012. The SSCP certification will also undergo some changes. Some topics have changed. The 2012 SSCP 2012 domains are:
- Access Controls
- Security Operations and Administration
- Monitoring and Analysis
- Risk Response and Recovery
- Networks and Communications
- Malicious Code and Activity
While the SSCP may not be quite as popular as the CISSP certification, it is a great certification for beginners and anyone working towards a position such as Network Security Engineers, Security Systems Analysts, or Security Administrators. Check out the ISC2 website for more details.
The CASP exam has gone live and is now available for those interested in the certification. I would rate this as a somewhat difficult test. CompTIA is looking for ten years experience in network administration including at least five years of hands-on IT security experience. This certification really raises the bar on technical exams and offers those with a Security+ certification an upward path to a higher technical certification.
The CAS-001 certification exam has 70 questions. Exam candidates will be given 150 minutes for the test and the results are listed as pass/fail only. No scaled score is returned and is somewhat similar to the scoring used for the CISSP exam.
We are currently finishing up the official Sybex CASP Study Guide and plan to have a CASP Training Course available by the end of this year. The certification will test candidates on a wide range of security tools such as packet sniffers, vulnerable web applications, vulnerability assessment tools, port scanners, threat modeling tools, IPS, and live CDs such as Helix and Backtrack. We are excited about this training class as it offers cyber security professionals an upward path from many of the entry level certifications. Stay tuned for more!
Posted in IT and Computer Security, Security Certification, Uncategorized
Tagged CASP, certification, CISSP, CompTIA, Cyber Security, Cyber Security Expert, Security+, sniffing, Training, Wireshark
While it may seem far fetched to some, security researchers at Black Hat recently demonstrated how cars can be hacked via war texting. Most remote control automotive systems use a cellular connection embedded in cars to provide these services. The connection is made by a propriety protocol. If the attacker understands the protocols and can intercept and spoof the proper information, it’s possible to control items like brakes or door locks.
While not trivial, the attack is made possible by setting up a GSM network and intercepting password authentication messages sent between the remote server and the automobile; this cell phone like attack, exploits the vehicle’s remote control system such as the ones used by General Motors, BMW, Mercedes, and others for unlocking and remotely starting cars.
To date, automotive systems have not been widely targeted, primarily because attackers like to go where there is access to money or sensitive data. There’s no big monetary prize in attacking cars and trucks; however, many of these products are relying on security by obscurity and that’s never good.
If past cyber crime history is any guide to the future, then sufficient controls may not be added until something bad happens or there is a major security breach. Automobile manufacturers can use more sophisticated parts to prevent these types of attacks; however, there’s the tradeoff of increased costs.
Are you looking for that extra edge to get ready for the CISSP exam? Superior Solutions will be offering a one day CISSP exam prep class to help you prepare for the CISSP certification on Saturday, July 30th, 2011 from 8:00 am to 5:00 pm.
This fast-paced review of final tips is designed to give you insight in to what you need to guarantee success and pass the CISSP® exam. This one day boot camp will review the ten domains, discuss question types, and exam format. This course will improve your chances of passing the exam on the first try by focusing on the key areas of the exam. The topics will include:
Access Control, Application Security, Business Continuity and Disaster Recovery Planning, Cryptography, Information Security and Risk Management, Legal, Regulations, Compliance and Investigation, Operations Security, Physical (Environmental) Security, Security Architecture and Design, and Telecommunications and Network Security.
This high-energy seminar covers key terms and concepts that will help round out your knowledge of the (ISC)² common body of knowledge. This special one day review course for the ISC2 CISSP Certification will be presented by Michael Gregg, author of “CISSP Exam Cram 2nd Edition.”
- Anyone preparing for the CISSP exam
- Professionals in related fields:
- System Administrators (counts toward MCSE + Security Elective)
- IT Audit
- Business Continuity Planning / Disaster Recovery Planning
- Information Systems
- High-Tech Crime
- Physical Security
- IT security professionals, IT students, and those new to IT / IT security / audit.
Signup at: http://www.acteva.com/booking.cfm?bevaID=221384
If you have been working toward your CISSP certification you will want to note that the CISSP exam will be revised on January 1st 2012 and the SSCP exam will be revised February 1st 2012. There will still be ten domains but some of the names will change and the content has been modified. The 2012 CISSP domains include:
- Access Control
- Telecommunications and Network Security
- Information Security and Governance and Risk Management
- Software Development Security
- Security Architecture and Design
- Security Operations
- Business Continuity and Disaster Recovery Planning
- Legal Regulations Investigations and Compliance
- Physical (environmental) Security
If you are attempting the CISSP exam next year I would suggest you go the ISC2 (www.isc2.org) website and review the Candidate Information Bulletin to gain a better understanding of the pending changes.
CompTIA has wrapped up the beta exam for the Advanced Security Practitioner (CASP). The beta was 92 questions and test candidates were given 135 minutes to complete it which works out to about 1 ½ minutes per question. This may seem like a lot of time, but these were not basic Security+ questions. CompTIA is including multiple question types such as question/answer, drag and drop, and simulations.
While the test was not easy, I liked it. I found it challenging and unlike anything else that currently in the market. It seems to offer a mix and has some similarities to CISSP. However, this is not the CISSP exam. It’s a much more hands-on and not designed for a security manager; the CASP tests a range of hands-on security skills. CompTIA has stated that they are looking for people with ten years experience and I would say that is about right. You will need cyber security skills, networking skills, OS skills, firewall skills, router skills, and also understand application development. If you are considering this exam a study guide or security training class can help you prepare.
Individuals that attempted the beta exam do not yet know if they have passed. It will be up to CompTIA to determine this during the beta exam review. Results will be available in the fourth quarter of this year.
Will this certification be a hit? Only time will tell. However, my opinion is that it fills a gap not currently covered by other exams such as CISSP, SSCP, CISA, Security+, etc. If you have completed your Security+, this may be your next logical step. It’s going to be interesting to see how the marketplace sees this certification and how quickly it catches on.
Three years after a devastating breach of U.S. military networks new versions of the malware, known as agent.btz, is still considered a threat. While it’s widely believed that the Russians or Chinese may have created this worm to spy on U.S. military operations, its true origins are unknown to the general public.
What is known is that is continues to morph and reappear in government and non-government systems. These threats are hard to eradicate as the change over time into different forms of malware. For more information check out: http://www.huffingtonpost.com/2011/06/17/agentbtz-worm-attack-military_n_878880.html
Posted in Ethical Hacking, Hacking, IT and Computer Security, rogueware
Tagged Assessment, Cyber Security, Hackers, Hacking, malware, rogueware, threat, worm
Hacking social network sites is nothing new, yet political junkies have been Tweeting over an odd story about New York Congressman Anthony Weiner. It goes something like this: Over the weekend, Weiner’s Twitter account posted a photo addressed to a young woman in Seattle. The picture was quickly deleted, but not before it was seen and re-posted. The explanation from the Congressman: his account had been hacked; he’d never met the gal in Seattle; and he would never send out such a photo.
Michael Gregg was interviewed by National Public Radio (NPR) on the technical aspects of this story and how such a twitter hack could potentially occur. Listen to the complete NPR interview with Michael Gregg here: http://media.scpr.org/audio/airtalk/20110602_airtalk.mp3
While ethical hacking is widely seen as a useful technique to test the security controls of an approving company or client, some in Australia disagree. Police there have spoken out strongly against ethical hacking in the wake of some of the presentations and demos by speakers at the BSides Australia conference held in conjunction with AusCERT 2011. One of the reporters covering the event was detained by the authorities and had his iPad seized. Some worry that such moves are similar to the update of the German criminal code outlawing so called “hacking tools.” Coming down against ethical hacking will do nothing to prevent computer crime and is at best counterproductive. In much the same way that the German hacking law blocks legitimate security researchers from installing or distributing hacking tools. What are your thoughts? You can read more at: www.zdnet.com.au/qld-cops-denounce-ethical-hacking-339315264.htm
CompTIA has updated the requirements for the CASP exam. They have added some equipment and vendor specific products. The CASP exam is going to cover a lot of advanced security topics. Exam candidates will need to have basic knowledge of vendor specific tools and technologies as well as common protocols which includes IPv4, IPv6, and TCP.
Security professionals will need to know about TCP flags. The TCP flags occupy a one-byte field in the 20-byte TCP header. There are at least six flags you should have a basic understanding of for the exam; these include URG, ACK, PUSH, RST, SYN, FIN. A basic definition of the flags are listed here:
URG – Used when the Urgent pointer field is significant
ACK – Indicates that the Acknowledgment field is significant
PSH – Push function
RST – Reset the connection
SYN – Synchronize sequence numbers
FIN – Completion of the session
This knowledge may be required for the CompTIA CASP Certification Exam and will be helpful for CEHv7. One way to remember these flags is the easy mnemonic below:
Unskilled – URG
Attackers – ACK
Pester – PSH
Real – RST
Security – SYN
Folks – FIN
Understanding the function of each TCP flag is an essential skill for security professionals. Knowledge of the flags is useful for analyzing performance problems and for techniques such as port scanning. I hope this small tip helps you as you move toward your next certification.