professional-education – Page 12

Security Engineers – What Do They Do?

Posted on January 18, 2012 by MGZero

I’m starting my MS in Computer Science (I hold a BS currently) soon and I’m considering specializing in cyber security. I’ll be taking courses such as cryptography, biometrics, network security, computer architecture, and information and … Continue reading Security Engineers – What Do They Do?→

How to improve as a security expert

Posted on September 29, 2011 by KLE

I’m a professional software developer with a high interest in web application security. I’d say that I probably have a better understanding of the security of web applications than the average developer. My problem is, that m… Continue reading How to improve as a security expert→

CEH or GIAC – Which one should I pursue? [on hold]

Posted on May 12, 2011 by Karthik

After a lot of Google and forum searches, I found out CISSP is one of the few valuable certs. Unfortunately, I only have 2 years of experience and don’t have any specific experience in security testing. Which should I pursue,… Continue reading CEH or GIAC – Which one should I pursue? [on hold]→

How would you reason with and work with the security paranoiac on your team?

Posted on May 11, 2011 by user185

The question of how to balance pragmatism with an absolutist view of security has been discussed here already. But I need the answer to a concrete variant of that question.

You’re the security expert hired to help an application team with… Continue reading How would you reason with and work with the security paranoiac on your team?→

Firewall demo – iptables

Posted on April 29, 2011 by GorillaApe

I have to make a demonstration about firewalls in my class as a student(university).
It should be implemented using iptables on Linux. I am reading all the theories around them but I can’t figure out a good use case to presen… Continue reading Firewall demo – iptables→

The valid role of obscurity

Posted on March 6, 2011 by Bell

That security through obscurity is A Bad Thing is received wisdom and dogma in information security. Telling people why something is to be avoided can be considerably more difficult when there is no line delineating what you … Continue reading The valid role of obscurity→

CEH resources for exam prep

Posted on February 8, 2011 by iivel

For an upcoming contract I’m required to have the CEH certification (even though there won’t be much PenTesting) so I’m working through that now. I’ve gone through all of the reccomended EC Council books but they seem light o… Continue reading CEH resources for exam prep→

What is a "pre-play" attack?

Posted on December 10, 2010 by user643

I understand what a replay attack is, but I keep reading about a pre-play attack. What is it? Is it when someone intercepts an unused message and blocks the sender so they can’t finish using it, and then the interceptor tries… Continue reading What is a "pre-play" attack?→

What personal traits and characteristics do you look for in a IT Security pro? [on hold]

Posted on December 1, 2010 by LamonteCristo

IT Security Pros are very smart people who need to give your environment with the respect and care that the business requires.

Part 1

What are the traits you look for in an employee before approving them for sensitive acc… Continue reading What personal traits and characteristics do you look for in a IT Security pro? [on hold]→

How to keep an eye on upgrades, patches and security issues for used open-source libraries?

Posted on November 26, 2010 by Eldros

For a project with many open-source libraries as a part of it, I began to search for information source concerning all upgrades and security issues. The kind of sources I gathered are either announcement list or issue/bug tra… Continue reading How to keep an eye on upgrades, patches and security issues for used open-source libraries?→