Pablo Gallardo's Blog
My professional web log about IT, Project Management & SAP
 
pmgallardo

About pmgallardo

I studied Computer Science at University of Salamanca. Since then, I have been working first as developer and then as SAP consutant. This blog is about problems I dealt when using computers, and more important, the solutions I found. Whenever I am on an issue and suddenlly I have a flash that leads me to a solution, I document my discoveries in a post.
Author Archive | pmgallardo

ISACA Cybersecurity Nexus

Cybersecurity Nexus (CSX) is a training and credentialing program related to cybersecurity and develop by the professional association ISACA. It consists of a series of certificates: CSX Fundamentals (CSX-F) Certificate CSX Foundations Certificate, is awarded automatically when the candidate achieves: CSX Network Application and Configuration Certificate CSX Linux Application and Configuration Certificate CSX Packet Analysis […]

Comments { 0 }

How to pass Cybersecurity Fundamentals CSX-F Certificate

CSX-F, acronym of Cybersecurity Fundamentals, is a certificate issued by professional association ISACA that demonstrates knowledge on cybersecurity. Frequently Asked Questions about the exam Why CSX-F is a certificate and not a certification? What are the differences? According to ISACA’s criteria, certificate is a title that only requires the candidate to pass an exam once. […]

Comments { 0 }

Is safe to download a suspicious file from the internet without executing it?

There are a few cases where simply downloading a file without opening it could lead to execution of attacker controlled code from within the file. It usually involves exploiting a known vulnerability within a program which will handle the file in some way. Here are some examples, but other cases are sure to exist: The […]

Comments { 0 }

Security Information and Event Management

Security information and event management (SIEM) solutions are a combination of the formerly disparate product categories of: Security Information Management (SIM) Security Event Management (SEM) SIEM and CISM Certification SIEM is a concept that is covered in questions of CISM exams, but this topic it is only treated briefly in the definitions, in “CISM Review […]

Comments { 0 }

IS Disaster Recovery Objectives

This posts is to clarify the different terms related to Information System Disaster Recovery Objectives, and their differences. These terms appear on both Certified Information System Auditor (CISA) and Certified Information Security Manager (CISM) certifications, both issued by ISACA. Objective Definitions Recovery Time Objective (RTO) is the amount of time allowed for the recovery of […]

Comments { 0 }

Share books on the internet

Flipbook is an online book that can be flip from the web browsers.   List of webs Calaméo https://www.calameo.com No flipbook. Flipsnack Flipbook generator, it means, conversor from PDF to HTML5.   Google Books https://books.google.com No flipbook. Issuu  https://issuu.com/ One of the most popular.   Scribd https://scribd.com/ Pay-to-read.   Yumpu https://www.yumpu.com/   External references “34 […]

Comments { 0 }

SNMP

Simple Network Management Protocol One of the main problems with using SNMP v1 and v2 is the cleartext “community string”that it uses to authenticate. It is easy to sniff ansd resue. Most times, the SNMP community string is shared throughout the organization’s servers and routers, maing this authenticationproblem a serious threat to security. CISM Review […]

Comments { 0 }

How to prepare CISM Exam

CISM (Certified in Information Security Manager) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. Frequently Asked Questions about the exam How long do I need to prepare the exam? This answer […]

Comments { 0 }

Common Cybersecurity Attacks

Non-exhaustive list of common Cybersecurity Attacks: Brute-force Attack Cross-Site Request Forgery (XSRF) Cross-Site Scripting (XSS) Denial of Service (DoS) Man-in-the-middle Rogue access point Session hijacking Spoofing of data packets SQL Injection   Detailed List Brute-force Attack A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key ring, […]

Comments { 0 }

Removing Linux from a computer with Windows 10

Let’s say you have a computer that have Windows 10 as its default operating system (OS). Then you manage to install a Linux distribution (e.g., Ubuntu) alongside Windows 10. But then you change your mind and you want to restore the system as it was, only with Windows 10, removing Linux and the multi-OS selector […]

Comments { 0 }
Política de privacidad