By Kathryn M. Daily, CISSP BAI Information Security In this issue we will shine the spotlight on the Awareness and Training (AT) family of security controls. We’ll show you how the controls dictate the types and frequencies of training that organizations must provide. You’ll also learn about the extent to which existing DoD publications provide…
By Lon J. Berman, CISSP BAI Information Security Supporting documentation (aka. artifacts) is key to providing evidence of compliance with security controls. Previously in this Newsletter we have spent some time describing the three fundamental classes of RMF documentation, to wit: Policy. Policy documents describe what the organization does to provide for confidentiality, integrity and…
My time in the IT world is closer to three decades than two. And anyone else who has been around half as long can testify to the amount of change that has occurred. It’s more than impressive; it’s a shock. Across the years I have more than once likened keeping up with technology to treading…
Note: This post is about the Routing and Switching CCNA exam, not the other specializations. The first time I ever took the CCNA exam was somewhere during the year 2000. That’s bordering on seventeen years ago. Not sure when I got so old… I often tell my students that the CCNA exam back in those…
In my moderately cynical view, vendor certification exists for one reason: To enable vendors to sell more stuff. Cisco, Microsoft, Amazon and VMWare (and all vendors, really) need people to be certified in the use of their products because it enables their salespeople to be able to come into a prospective customer’s office and say,…