0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

CISSP Study Guide: Alternative Methods for Testing Security
By: Cybrary
December 16, 2022

Alternative Testing Methods Application Security: This type of testing is for organizations that offer access to core business functionality through web-based applications. Application security testing examines and qualifies controls over the application and its process flow. Denial-of-Service (DoS): Examines a network’s vulnerability to DoS attacks. War Dialing: A systematic method that calls a range of telephone numbers ...

CISSP Study Guide: Employees and Operational Security
By: Cybrary
December 16, 2022

The operations security deals with the daily activities that are required to preserve the confidentiality, integrity and availability (CIA) of the system after it has been developed and executed. This involves using hardware controls, media controls, and subject controls that are designed to be safeguards against asset threats, as well as daily activities such as the handling of attacks and ...

CISSP Study Guide: Security Education, Training and Awareness (SETA)
By: Cybrary
December 16, 2022

Human error is often the weak link in security due to a lack of awareness on the employee’s part about the consequences of improper actions, and how that ultimately impacts the system as a whole. Security awareness is a critical component to reducing the incidents of security breaches or breakdowns, but is commonly overlooked. Security awareness programs effective strategy to ...

CISSP Study Guide: Environmental and Personnel Safety
By: Cybrary
December 16, 2022

Under all circumstances, the most important element of physical security is the safeguarding of human life. This is the main goal for all security methods. Flooding, fires, release of toxic materials, and natural disasters jeopardize human life as well as the stability of a facility. Preserving the environment of a facility is an integral function in upholding safety for personnel. ...

CISSP Study Guide: Trusted Facility Management
By: Cybrary
December 16, 2022

Trusted facility management is the selection of a specific user to administer the security functions of a system. This must adhere to requirements for B2 systems and B3 systems. The B2 systems require that the trusted computing base accommodate separate operator and administrator functions, while the B3 systems require that the functions the security administrator are responsible for are explicitly ...

CISSP Study Guide: Trusted Recovery, Failure Preparation and System Recovery
By: Cybrary
December 16, 2022

Trusted Recovery: A system failure is a serious security risk because the security controls might be overridden when the system is not functioning properly. Trusted recovery is designed to prevent this type of corruption in the event of such a system failure. It’s required for B3-level and A1-level systems and allows the system to be restarted without disrupting its required ...

CISSP Study Guide: Electromagnetic Interference (EMI) and Radio Frequency Interference (RFI)
By: Cybrary
December 16, 2022

Electromagnetic interference (EMI) can create disruptions in the functioning of electronic equipment and can affect the quality of communications, transmissions, and playback. It can also impact data transmission that depend on electromagnetic transport mechanisms, such as telephone, cellular, television, audio, radio, and network mechanisms. There are two types of EMI: common mode EMI, generated by the difference in power between ...

CISSP Study Guide: Database Recovery Definitions
By: Cybrary
December 16, 2022

For organizations that depend on databases as part of their business process, the DRP team should cover database recovery planning in the disaster recovery strategy. There are various methods that can be used to ensure protection of the database such as: electronic vaulting, remote journaling, and remote mirroring. Each technique has its own benefits and drawbacks, And the DRP team ...

CISSP Study Guide: HVAC, Water and Fire Detection in Electronic-Heavy Environments
By: Cybrary
December 16, 2022

Heating, Ventilating, and Air Conditioning (HVAC): Maintaining the environment involves maintenance of the heating, ventilating, and air conditioning (HVAC) mechanisms. This is vital in computer and server rooms, which should be kept to a temperature of 60 – 75 degrees Fahrenheit or 15 – 23 degrees Celsius, and the humidity should be sustained between 40 and 60 percent. The humidity ...

CISSP Study Guide: Using Fire Suppression Systems to Protect Electronics
By: Cybrary
December 16, 2022

There are different types of fire extinguishers that can handle the suppression of different types of fires. If an extinguisher is used improperly or the wrong type of fire extinguisher is used, the fire could escalate and intensify instead of being suppressed. Additionally, fire extinguishers are to be used only when a fire is still in the beginning stage. for ...