Pablo Gallardo's Blog
My professional web log about IT, Project Management & SAP
 
Archive | Security RSS feed for this section

Security Information and Event Management

Security information and event management (SIEM) solutions are a combination of the formerly disparate product categories of: Security Information Management (SIM) Security Event Management (SEM) SIEM and CISM Certification SIEM is a concept that is covered in questions of CISM exams, but this topic it is only treated briefly in the definitions, in “CISM Review […]

Comments { 0 }

IS Disaster Recovery Objectives

This posts is to clarify the different terms related to Information System Disaster Recovery Objectives, and their differences. These terms appear on both Certified Information System Auditor (CISA) and Certified Information Security Manager (CISM) certifications, both issued by ISACA. Objective Definitions Recovery Time Objective (RTO) is the amount of time allowed for the recovery of […]

Comments { 0 }

How to prepare CISM Exam

CISM (Certified in Information Security Manager) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. Frequently Asked Questions about the exam How long do I need to prepare the exam? This answer […]

Comments { 0 }

Common Cybersecurity Attacks

Non-exhaustive list of common Cybersecurity Attacks: Brute-force Attack Cross-Site Request Forgery (XSRF) Cross-Site Scripting (XSS) Denial of Service (DoS) Man-in-the-middle Rogue access point Session hijacking Spoofing of data packets SQL Injection   Detailed List Brute-force Attack A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key ring, […]

Comments { 0 }

How to get CISM Certification

CISM is a certification issued by ISACA. Frequently Asked Questions What is the work experience required to get CISA certification? The applicant needs to demonstrate at least 5 years of experience in the 10 previous years of application in any of the following areas: Information systems (IS) Auditing IS Control IS Assurance IS Security More […]

Comments { 0 }

How to get CISA Certification

CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to explain the procedure for a candidate to get CISA certification, and related requirements. It is important to know two things about CISA Certification: CISA Certification is not obtained just by passing an exam; other […]

Comments { 0 }

How to prepare CISA Exam

CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. The purpose of this post is to provide information to future exam candidates about how to pass the exam, based on my own experience. I passed it on the first attempt on May 2020. Frequently Asked Questions about the exam How […]

Comments { 0 }

Updating TLS 1.0 Protocol

El 14 de octubre de 2014, el equipo de seguridad de Google identificó una vulnerabilidad en el protocolo de seguridad SSLv3, empleado en la protección de las conexiones conocida como “Poodle”. Esta vulnerabilidad permitiría a un atacante que realizara un ataque “Man-in-the-middle” obtener cookies HTTP, con las que podría robar información o tomar el control […]

Comments { 0 }
Política de privacidad