CISSP Cyber Training Podcast - CISSP Training Program
Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 23-year background in cybersecurity shines through. With a rich history spannin...
CCT 212: Memory Protection and Virtualization Security for CISSP Success (Domain 3.4)
Send us a textUnlock the secrets to fortified cybersecurity with our latest episode, promising to equip you with the knowledge to safeguard your digital infrastructure. We explore the vital role memory protection plays in maintaining system stability and integrity, emphasizing the need to shield it from unauthorized access. Discover the strategies for defending against notorious vulnerabilities like Meltdown and Spectre and learn why it's crucial to address zero-day threats, such as those recently identified in Fortinet firewalls.Venture into the realm of virtualization with a comprehensive comparison of type one and type two hypervisors. Whether you're a large enterprise or a small business, understanding the nuances of these technologies is crucial for maximizing performance and security. We'll dissect memory isolation techniques and delve into potential threats, including VM escape and side-channel attacks. Our discussion extends to Trusted Platform Modules (TPMs) and their critical contribution to cryptographic security, navigating regulations across different regions.As we conclude, explore the importance of Trusted Platform Modules (TPMs) and Hardware Security Modules (HSMs) in forming robust cybersecurity strategies. We'll break down the types of TPM 2.0 and guide you in selecting the best fit for your organization's needs. Discover how to mitigate risks associated with direct memory access attacks and ensure fault tolerance through memory protection techniques. Finally, gain insights into crafting a successful path through the CISSP exam, and learn about the consulting resources available at reducecyberrisk.com to bolster your security posture.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every month for the next 12 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
--------
38:11
CCT 211: Practice CISSP Questions - Data Security Controls and Compliance Requirements (Domain 2.3)
Send us a textUnlock the secrets to acing your CISSP exam with insights that blend real-world cybersecurity wisdom and innovative study strategies. Ever wondered how a data breach, like the one at SuperDraft, can teach you crucial lessons about protecting your information? We'll explore how securing your data and freezing your credit are essential steps in the fight against password reuse risks. Join Sean Gerber as we unpack the vital role of asset owners in defining access control policies and delve into the challenges of managing virtual assets in cloud environments, where virtual machine sprawl poses significant threats. Plus, get excited about potential new tools and a gamified platform that could revolutionize your CISSP study experience.Prepare to navigate the complex realm of data security and asset management as we spotlight the critical need for security and compliance in handling both tangible and intangible assets. Discover the hidden risks of inadequate encryption and learn why regular audits of hardware and software inventories are non-negotiable. We’ll emphasize the importance of tagging cloud resources for cost management and explore the secure disposal of sensitive data. With discussions on data classification schemes, configuration management systems, and the dangers of shadow IT, you’ll gain the insights needed to maintain consistent configurations and ensure license compliance, all while reducing security vulnerabilities. Tune in to arm yourself with the knowledge that will propel your cybersecurity career forward.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every month for the next 12 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
--------
18:21
CCT 210: Data Security Controls and Compliance Requirements for the CISSP (Domain 2.3)
Send us a textUnlock the secrets of data security and asset management with Shon Gerber as your guide. Ever wondered how to navigate the intricate world of CISSP cyber training and protect your organization from data breaches? This episode promises to equip you with essential strategies to conduct security assessments, especially when third-party vendors like Gravy Analytics come into play. Learn why educating your employees on location tracking dangers is crucial and how mobile device control systems can fortify your data privacy defenses.Dive deep into the roles of information and asset owners within organizations, and discover how effective data classification and collaboration can safeguard your most sensitive information. Shon discusses the critical nature of aligning responsibilities and understanding data ownership for compliance with regulations such as GDPR and HIPAA. With a clear plan and defined roles, your organization will be better prepared for audits and risk management. Understand the distinction between data creation and usage responsibility, and transform your approach to asset lifecycle management.As we touch upon the challenges of managing virtual sprawl and cloud environments, Shon shares insights into tackling unchecked growth and escalating costs. Explore the nuances of cloud-based asset management across platforms like AWS, Azure, and Google Cloud. Learn the importance of resource visibility, cost management, and how to handle data residency and sovereignty issues. Finally, grasp the complexities of cloud environments, from encryption to rogue device identification, and forge a robust plan to mitigate vulnerabilities and compliance violations.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every month for the next 12 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
--------
41:02
CCT 209: Practice CISSP Questions - Digital Evidence, Forensics, and Investigation (Domain 1.6)
Send us a textUnlock the secrets to mastering cybersecurity and prepare yourself for the CISSP exam with our latest episode of the CISSP Cyber Training Podcast. Ever wondered how a simple API misstep could lead to a major breach? We dive into a recent incident involving the Department of Treasury and Beyond Trust, showcasing the critical importance of API security. As we navigate through domain 1.6, we promise to enhance your understanding of key concepts like the preponderance of evidence in civil investigations and the main objectives of regulatory probes. This episode is packed with insights that are not only essential for your exam preparation but also invaluable for your cybersecurity strategy.Join us as we unravel the complexities of legal and regulatory investigations. From understanding why reviewing an organization's policies is the cornerstone of internal administrative investigations to dissecting the GDPR framework for data protection, we cover it all. Learn the nuances between civil and criminal investigations and how insider trading is scrutinized by financial regulators while non-compete violations are typically handled administratively. Whether you're gearing up for the CISSP exam or looking to bolster your cybersecurity knowledge, this episode offers comprehensive insights that will certainly enrich your perspective and expertise.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every month for the next 12 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
--------
21:34
CCT 208: Navigating Digital Evidence, Forensics, and Investigation Types for CISSP Success (Domain 1.6)
Send us a textUnlock the secrets to mastering the CISSP exam with insights that could transform your cybersecurity career. Have you ever considered how failing to change a default router password could be your greatest vulnerability? Join me, Sean Gerber, as I guide you through the essential topics that every aspiring security professional needs to understand as we step into 2025. From administrative to regulatory investigations, this episode covers the diverse landscape of investigation types and underscores the importance of staying vigilant against cyber threats like man-in-the-middle attacks and DDoS attacks. In this episode, we unravel the complexities of digital evidence and the crucial role of e-discovery in legal proceedings. Learn about the Electronic Discovery Reference Model (EDRM) and how it serves as a cornerstone for managing electronic evidence. We dive into the nuances of maintaining evidence integrity, the legalities of digital forensics, and the critical importance of a robust data retention strategy. As we dissect computer crimes and their impacts, you'll gain a deeper appreciation for the challenges and intricacies involved in handling cybersecurity incidents.Concluding with a rich discussion on ethical and legal investigation procedures, we highlight key regulatory frameworks such as GDPR and CCPA. Understand the importance of obtaining consent for monitoring and maintaining a chain of custody for evidence. With practical tips and resources, including those from ReduceCyberRisk.com, this episode equips you with the knowledge to not only pass the CISSP exam but to thrive in an ever-evolving cybersecurity landscape. Whether you're a seasoned professional or new to the field, you'll find valuable insights to bolster your defense against the relentless advance of cyber threats.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every month for the next 12 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Sobre CISSP Cyber Training Podcast - CISSP Training Program
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 23-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable security strategies and tips that you can implement right away, giving you an edge in the cybersecurity realm. Tune in and take the reins of your cybersecurity journey—let’s ride into excellence together! 🚀