PinnedHow I Passed CISSP — Strategy, Tactics, Materials and CreativityI failed the first CISSP attempt on 26th October 2022. After more than a year of preparation, I had no determination to face the exam again. But the report card forced me to look at the shiny side. The exam summary indicated I have passed four domains and require proficiency…Cissp8 min readCissp8 min read
Pinned10 Japanese Concepts That Will Fire Your Self-Motivation For Certification StudyWhen the student is ready the teacher appears. When the student is truly ready the teacher disappears. — Lao Tzu What’s Lao trying to convey? You are a student. You are also a teacher. Learning new skills and acquiring appropriate cybersecurity domain knowledge is not limited to cracking an interview…Cybersecurity9 min readCybersecurity9 min read
PinnedUnderstanding Risk Responses With Redback SpiderCore CISSP Exam Concept — Risk is everywhere. Being single is a risk of loneliness and depression. Being in a live-in relationship is a risk of an uncertain future. Being married is a risk of missing bachelorhood. You can never eliminate the risk. You can reduce it to the accepted level. Australia is the most…Cissp5 min readCissp5 min read
PinnedThe Beauty Of Incompleteness — CISSP Is For Slow ReadersEither read ten books by skimming and skipping or read one book from the first to the last page. I read every word of the (ISC)2 Sybex Official CISSP study guide from the first to the last page. I read it three times. However, the experience wasn’t the same. 1st…Cissp4 min readCissp4 min read
PinnedMulti-Love Factor Authentication — CybersketchThe 3rd principle of Zero Trust Security is verifying explicitly. It’s not about providing one-off access anymore based on just passwords. Multi-factor authentication has become the norm, but few understand its true meaning. The multi-love factor authentication may look like the one below. Using passwords with PIN does not provide multi-factor authentication as they belong to the same category, which is “something you know”.Multifactorauthentication1 min readMultifactorauthentication1 min read
Sep 21Cryptographic Salt Is HealthyOvereating salt leads to frequent visits to the restroom, dizziness or fluctuating blood pressure. However, salt is healthy in the world of cryptography. It’s easy for attackers to crack your passwords even with hash values. Consider salt as a random number that blends your password to a one-way cryptography hash function like SHA256. It’s crucial not to reuse the same salt to avoid the same bland recipe.Cryptography1 min readCryptography1 min read
Jun 28Cybersecurity With Mulla Nasiruddin — Backdoor AttackStory One day, Mulla announces him to be the most hospitable man at the Teahouse: he invites a bunch of people for lunch at his home—the crowd and Mulla march towards the house. “Just wait here. I will let my wife know.” Mulla said. The hopeful crowd waits outside the house. …Cybersecurity3 min readCybersecurity3 min read
Jun 15Mulla Nasiruddin’s Cybersecurity Wisdom — Wool Is Not SaltStory One day, Mulla took his donkey with loaded salt to the market. They pass through the river, and salt melts! The donkey was happy, but Mulla had to bear the loss. After a few days, Mulla and the donkey had to pass through the same stream. However, this time, the…Cybersecurity2 min readCybersecurity2 min read
Dec 25, 2022Security Incident Vs Breach — Stealing The Golden AppleImagine you have a golden apple behind the secure door, and somebody breaks in. Is it an incident or a security breach? An intruder either steals the golden apple, replaces it with copper, or destroys the artefact. All of these events or kinds of attacks result in a security incident. In other words, a security incident is when a company’s confidentiality, integrity and availability are compromised.Security Incident1 min readSecurity Incident1 min read
Dec 24, 2022Cybersecurity Optimism Vs Pessimism — CybersketchOptimistic sees a vulnerability between a security patch, and pessimistic sees a security patch between a vulnerability. Which one are you? Well, you need to have both. I don’t like to see things as binary. Our world and decisions are driven by “yes” or “no”. Sometimes, you need to hop between them. The two perspectives are opposite, but they complement each other. They are different and still two sides of one coin.Cybersecurity1 min readCybersecurity1 min read