IT Blog

  • altruism_small

    The Altruism of IPv6

    Disclosure:  I am one of the world’s biggest fans of, and greatest advocates for, IPv6.  In the words of rapper 50 Cent, “I love it like a fat kid loves cake.”  Anyone I have ever been able to corner in a room knows this to be true.  That being said… I just finished reading [yet […]

  • Glitter Glue Pine Cone

    You Geek? I Geek.

    When is the last time you sat down at your desk and really went full-geek on something just because you found it fascinating? No, not because you needed to know it for work or because you wanted to build up your skill set for some future position; I’m talking about full-on burial in a topic […]

  • password entropy

    A Somewhat Brief Explanation of Password Entropy

    Before we start, please be sure to download ITdojo’s password entropy worksheet (MS Excel, OS X Numbers, LibreOffice Calc compatible).  It’s a nice companion to this post and a useful tool later down the road.  Password Entropy Calculator It’s mandated by policy.  It’s a best practice for sure.  And it’s nothing new to virtually all […]

  • RMF training in Norfolk

    RMF for DoD IT Course in Virginia Beach February 16

    There has been a lot of interest in our upcoming RMF for DoD IT Training course that is running February 16 – 18, 2016 in Virginia Beach, VA. If you are about to start or are in the middle of your transition from DIACAP to RMF, this is the course for you.  Our RMF experts deliver […]

  • small_stig_viewer

    What is STIG Viewer (and why are there two answers)?

    By Kathryn M. Farrish, CISSP Security Technical Implementation Guides (STIGs) are published periodically by the Defense Information Systems Agency (DISA). STIGs contain very detailed lists of security settings for commonly used IT system components, such as operating systems, database management systems, web servers, network devices, etc. Compliance with applicable STIGs is one of the key […]

  • stig_small

    The Top Ten STIGs

    Article by Annette Leonard The Defense Information Systems Agency (DISA) is responsible for developing security guidance for configuring DoD information systems. An extensive collection of Security Technical Implementation Guides (STIGs) is published at http:// STIGs contain detailed configuration guidance (settings) for commonly-used software products and other system components. Most of these documents are updated […]

  • spotlight_small

    Security Control Spotlight: A Little Good News?

    Article by Kathryn Farrish, CISSP Imagine this dialog between Edward, a System Owner, and Christine, his Information System Security Manager (ISSM): Edward (System Owner):“Now that we’ve completed our System Categorization, have you built the Security Control Baseline for our system?” Christine (ISSM): “Yes, sir, I have. Our system has been categorized as “Moderate -Moderate-Moderate (M-M-M)”. […]

  • rmf_system_categorization

    RMF’s System Categorization: Step by Step

    In this blog post Lon Berman, CISSP talks about the sub-steps of the first RMF step, System Categorization. Step 1: Identify Information Types The first and perhaps most important step in the system categorization process is the determination of the “information types” that are stored and processed by the system. So what exactly is an […]


    The Best CBK Domain. And Why.

    As I grow in years the amount of time that passes is more difficult to perceive. The fact that I have been a CISSP for 13 years (October 2002) is cool but it also makes me realize, once again, that I’m no longer a spring chicken. It also puts me on high-alert because the older […]

  • discounted

    Discounted CompTIA Exam Vouchers

    We are pleased to announce that we are able to now offer our clients discounted exam vouchers for CompTIA exams.  The discounts are anywhere from 8 – 12% off of retail pricing. We can save you money on A+, Network+, Security+, CASP, Server+, Storage+, Project+, Linux+, Mobility+, CDIA+, CTT+, Cloud Essentials, Cloud+, Healthcare IT, and […]

  • brennan

    John Brennan, AOL, and Bruce Schneier Driving Hard Left

    I just finished reading Bruce Schneier’s blog entry, titled “The Doxing Trend”. Let me start by writing that I am usually a big fan of Mr. Schneier. I look forward to his newsletter and I have tremendous respect for his technical intelligence. But as I read his doxing article I couldn’t help but wonder what […]