Passing the (ISC)2 CISSP Exam

Preparation: I don’t study well. I prefer to measure my current understanding then fill in the gaps; which I wasn’t able to really do until the past week or so; I got a good grasp when attending a training course that I understood most of the content fairly well, especially in the technical sections. Booked …

#LinkedInMusings: Infrastructure as code

If you’re building “secure” cloud solutions, you MUST be deploying infrastructure as code (Azure ARM / AWS CloudFormation / Terraform). If you’re not, why not? What are your organisation’s barriers to making it happen? # This was a LinkedIn musing I thought was worth capturing.

iPhone Lock Screen Security Flaw

wired.com posted an article moments ago with a funny little flaw, allowing you to bypass the “lock code” configured on an iPhone. The discovery by some Brazilian dude (read the article here – http://www.wired.com/threatlevel/2010/10/iphone-snoop/), notes the following procedure: 1. Press the emergency call buton 2. Dial ### 3. Push the call button, and immediately hit …

Windows 2003 / 2008 event logging to Syslog

I stumbled on a seemingly unique requirement this week to log file access for a Windows network share. Of importance, was the logging of object deletions, and writes. For most Windows admins, this probably sounds like a simple task of setting up group policies or local security policies to audit object access, and the required …