Forwarded from Get Public Link Bot
Got File,
💾 CompTIA_CySA__Study_Guide.pdf
📥 16.29 MB
📥 Instant Download
ℹ️
@GetPublicLinkBot
💾 CompTIA_CySA__Study_Guide.pdf
📥 16.29 MB
📥 Instant Download
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
🔥 DownLoad ✅ Tg Cloud Manager App For UnLimited Cloud Storage and instant DownloadsForwarded from Files To Links Pro
Link to download file👇
https://is.gd/9pV6wa
Faster link generating other bots
@filestolinkbot
@highspeedlinksbot
Join our channel : @filestolink
https://is.gd/9pV6wa
Faster link generating other bots
@filestolinkbot
@highspeedlinksbot
Join our channel : @filestolink
Forwarded from Get Public Link Bot
Got File,
💾 casp_comptia_advanced_security_practitioner.pdf
📥 22.64 MB
📥 Open in Tg Cloud Manager App
🚀 Generate Resumable Link
ℹ️
@GetPublicLinkBot
💾 casp_comptia_advanced_security_practitioner.pdf
📥 22.64 MB
📥 Open in Tg Cloud Manager App
🚀 Generate Resumable Link
ℹ️
Use Instant Download Links for Small Files! @GetPublicLinkBot
🔥 DownLoad ✅ Tg Cloud Manager App For UnLimited Cloud Storage and instant DownloadsForwarded from Files To Link Premium
Link to download file👇
https://is.gd/FcS1IO
Faster link generating other bots
@filestolinksbot
@filestolinkbot
Join our channel: @filestolink
https://is.gd/FcS1IO
Faster link generating other bots
@filestolinksbot
@filestolinkbot
Join our channel: @filestolink
CISSP Exam - Cracked 😅by My Students😇
“Failure is the biggest motivation on the road to success”
I passed CISSP exam and I can have my life back. My journey for CISSP originally began in the start of 2016 when I was new to InfoSec world.
I tried giving a shot but failed. Many advised that I should re-try in 30 days time as I know the material. Two reasons I didn’t go for second attempt as I had some personal deliverables at that point. Secondly I felt that I lack a lot of practical experience to take that exam. The journey continued and in 2018 I came to know that ISC2 has restructured their content and created 8 domains from what it was, 10. I thought that was a moral boost for me as 2 domains were lessened ;) Yeah! That’s how I always fool my brain in getting things done.
I get Sybex Official book 7th Edition(from My mentor - alireza ghahrod)as I read a lot about this book. I started reading but I was not able to grab the momentum. Time flew and I moved to a newjob where I had a colleague who was preparing for CISSP.
Man! That was the turning point. I decided to join him as it’s very important to have a person with you with same goal as yours. This makes the journey very comfortable. I started doing the domains which were short length or I had good hands on exposure (Fooling my brain again ;)). I completed reading Sybex book and simultaneously I was making my hand written notes. Once I was done with these things, I revised the book once again and rewrote another set of notes which only contained key points (11th hour sort of). All these took me 3 months.
After that I started taking practice questions from multiple sources for next 2 months. I practiced ~9000 question. Yes, this figure itself gave me a lot of idea about how we need to answer the questions in the real exam.
Month before I contacted alireza ghahrood in linkedin and sought his help in getting website’s member subscription. Mr alireza is an amazing person. He will selflessly guide you with any problem you have. I used to ping him quite often and ask for things like “Hey man, do you think I am ready?”. Later I used to laugh as how he would know if I am ready or not. He was very patient with all my questions and doubts. I got a lot of help from his class. They are too good. He will make you relate with his real life experiences which you will understand and not forget ever. Questions that he creates are HARD! But, they will give you a great understanding of the concepts.
I joined the Telegram group as well. I took this point last as I had a lot to say about this group. This group doesn’t prepare CISSP. This group, eat, drink, sleep, and breathe CISSP. It’s a non-ending learning with amazing minds around. This group is an addiction and thanks to alireza ghahrood maintaining this platform so well. Be it 6 AM my time or 3 AM, you will see people around. You leave the group for 10 mins, you will have 100+ pings. This was a roller coaster ride for me. I got a lot of inspiration from this group. Folks are amazingly awesome. They showed so much confidence in me who made me realize that I should go ahead and book the exam.
Below are the preparation materials I used with my personal opinion on how they were for me.
***Study Materials***
ISC2 Official study Guide – Sybex (7th Edition) – 10/10 - This was my primary resource for my preparation. This book is easy to understand and won’t leave you high and dry. I think this is must for creating your foundation.
AIO – Shon Harris – 6th and 7th Edition – 9/10 – I used this book just for my reference and topics like BCP, SDLC and Security Modes. This book is very close to what happens in real world.
Sun Flower Notes – 8/10 – Good for day revision. I tried but was not able to complete all the domains
Eric Conrad 11th Hour – 8/10 – Similar to Sunflower notes. This book has a lot of terms you won’t find in AIO or Sybex. Don’t panic. They are just meant be there. They won’t harm ;)
***Audio and Video***
“Failure is the biggest motivation on the road to success”
I passed CISSP exam and I can have my life back. My journey for CISSP originally began in the start of 2016 when I was new to InfoSec world.
I tried giving a shot but failed. Many advised that I should re-try in 30 days time as I know the material. Two reasons I didn’t go for second attempt as I had some personal deliverables at that point. Secondly I felt that I lack a lot of practical experience to take that exam. The journey continued and in 2018 I came to know that ISC2 has restructured their content and created 8 domains from what it was, 10. I thought that was a moral boost for me as 2 domains were lessened ;) Yeah! That’s how I always fool my brain in getting things done.
I get Sybex Official book 7th Edition(from My mentor - alireza ghahrod)as I read a lot about this book. I started reading but I was not able to grab the momentum. Time flew and I moved to a newjob where I had a colleague who was preparing for CISSP.
Man! That was the turning point. I decided to join him as it’s very important to have a person with you with same goal as yours. This makes the journey very comfortable. I started doing the domains which were short length or I had good hands on exposure (Fooling my brain again ;)). I completed reading Sybex book and simultaneously I was making my hand written notes. Once I was done with these things, I revised the book once again and rewrote another set of notes which only contained key points (11th hour sort of). All these took me 3 months.
After that I started taking practice questions from multiple sources for next 2 months. I practiced ~9000 question. Yes, this figure itself gave me a lot of idea about how we need to answer the questions in the real exam.
Month before I contacted alireza ghahrood in linkedin and sought his help in getting website’s member subscription. Mr alireza is an amazing person. He will selflessly guide you with any problem you have. I used to ping him quite often and ask for things like “Hey man, do you think I am ready?”. Later I used to laugh as how he would know if I am ready or not. He was very patient with all my questions and doubts. I got a lot of help from his class. They are too good. He will make you relate with his real life experiences which you will understand and not forget ever. Questions that he creates are HARD! But, they will give you a great understanding of the concepts.
I joined the Telegram group as well. I took this point last as I had a lot to say about this group. This group doesn’t prepare CISSP. This group, eat, drink, sleep, and breathe CISSP. It’s a non-ending learning with amazing minds around. This group is an addiction and thanks to alireza ghahrood maintaining this platform so well. Be it 6 AM my time or 3 AM, you will see people around. You leave the group for 10 mins, you will have 100+ pings. This was a roller coaster ride for me. I got a lot of inspiration from this group. Folks are amazingly awesome. They showed so much confidence in me who made me realize that I should go ahead and book the exam.
Below are the preparation materials I used with my personal opinion on how they were for me.
***Study Materials***
ISC2 Official study Guide – Sybex (7th Edition) – 10/10 - This was my primary resource for my preparation. This book is easy to understand and won’t leave you high and dry. I think this is must for creating your foundation.
AIO – Shon Harris – 6th and 7th Edition – 9/10 – I used this book just for my reference and topics like BCP, SDLC and Security Modes. This book is very close to what happens in real world.
Sun Flower Notes – 8/10 – Good for day revision. I tried but was not able to complete all the domains
Eric Conrad 11th Hour – 8/10 – Similar to Sunflower notes. This book has a lot of terms you won’t find in AIO or Sybex. Don’t panic. They are just meant be there. They won’t harm ;)
***Audio and Video***
Shon Harris MP3 – 10/10 – This was my daily activity while travelling to work. This is an amazing resource. It helped me a lot in clearing a lot of my concepts
Cybrary – Kelly Handerhan – 10/10 – I can’t appreciate enough the work she has done. These videos are amazing. I used to watch each domain them before reading the book
***Practice test***
McGraw hill professional resources – 10/10 – These questions are free and they are amazing. It tests your concept and provides great justifications for the answers.
Total Tester 7th Edition – 9/10 – This simulator contains ~1700 questions which you can take either on practice mode or exam mode. Questions are technical but great in having the concepts clear
AIO Exam prep 4th Edition – 9/10 – This was similar to total tester with ~1000 questions.
ISC2 Official test bank (Sybex) – 10/10 – This book comes with 100 questions for each domain and 2 full length tests. These questions were closest to the real exam. I highly recommend this before taking actual exam.
Wiley publication (Came along with Sybex text book) – 9/10 – It has 4 full length exams with 360 mins timer running. Good to check the track of time!
I also did questions at the back of each domain from AIO 7th Edition, CBK 4th Edition, Sybex 7th Edition.
***EXAM Day!***
I reached the centre very early in an assumption that I might get traffic or a flat tyre on my way. I even reached before the centre was open :D. I waited for the centre to open and was done with formalities. The person asked me to wait for my scheduled time as it would be too early. I started my exam 15 mins before the scheduled time and I was nervous as hell while reading the NDA.
I quickly started the exam and came the first question. Honestly questions were not technical. They were asked in a way where you had to suggest a best solution keeping security and cost in mind. I flagged almost 100 questions as I was not sure on my choices. But when I reviewed, I only changed answers for 5 or 6 questions which I felt I missed some key points. I finished my exam in 3 hours and reviewed my flagged questions twice just to be extra sure. I took 4 short breaks in between.
While I was submitting the exam, I was shivering as did not want to go back to all those sleepless nights again. But the moment I saw “Congratulations!...” I had tears of joy in my eyes. All those hard work and efforts have finally paid off.
On my final note, journey to become CISSP is not only about getting the certification or passing the exam. For me, it was a transformation. I have become really focused and disciplined towards my goals. In this journey, it’s not only your sacrifices that matters. Your family makes equal sacrifices with you. It’s all about how bad you want to do this. What are the forces behind you who won’t see you fail. For me, I had a lot of people behind me making their sacrifices on their own way. But in the end, it’s all worth.
“Fruit that has suffered the most, eventually becomes the sweetest”
Wish you all a very best! If I can do this, this can be done
Cybrary – Kelly Handerhan – 10/10 – I can’t appreciate enough the work she has done. These videos are amazing. I used to watch each domain them before reading the book
***Practice test***
McGraw hill professional resources – 10/10 – These questions are free and they are amazing. It tests your concept and provides great justifications for the answers.
Total Tester 7th Edition – 9/10 – This simulator contains ~1700 questions which you can take either on practice mode or exam mode. Questions are technical but great in having the concepts clear
AIO Exam prep 4th Edition – 9/10 – This was similar to total tester with ~1000 questions.
ISC2 Official test bank (Sybex) – 10/10 – This book comes with 100 questions for each domain and 2 full length tests. These questions were closest to the real exam. I highly recommend this before taking actual exam.
Wiley publication (Came along with Sybex text book) – 9/10 – It has 4 full length exams with 360 mins timer running. Good to check the track of time!
I also did questions at the back of each domain from AIO 7th Edition, CBK 4th Edition, Sybex 7th Edition.
***EXAM Day!***
I reached the centre very early in an assumption that I might get traffic or a flat tyre on my way. I even reached before the centre was open :D. I waited for the centre to open and was done with formalities. The person asked me to wait for my scheduled time as it would be too early. I started my exam 15 mins before the scheduled time and I was nervous as hell while reading the NDA.
I quickly started the exam and came the first question. Honestly questions were not technical. They were asked in a way where you had to suggest a best solution keeping security and cost in mind. I flagged almost 100 questions as I was not sure on my choices. But when I reviewed, I only changed answers for 5 or 6 questions which I felt I missed some key points. I finished my exam in 3 hours and reviewed my flagged questions twice just to be extra sure. I took 4 short breaks in between.
While I was submitting the exam, I was shivering as did not want to go back to all those sleepless nights again. But the moment I saw “Congratulations!...” I had tears of joy in my eyes. All those hard work and efforts have finally paid off.
On my final note, journey to become CISSP is not only about getting the certification or passing the exam. For me, it was a transformation. I have become really focused and disciplined towards my goals. In this journey, it’s not only your sacrifices that matters. Your family makes equal sacrifices with you. It’s all about how bad you want to do this. What are the forces behind you who won’t see you fail. For me, I had a lot of people behind me making their sacrifices on their own way. But in the end, it’s all worth.
“Fruit that has suffered the most, eventually becomes the sweetest”
Wish you all a very best! If I can do this, this can be done
program called GARD:
We are awash with fake news, and it is adversely impacting elections and people ranging from politicians to executives, to everyday people. But the growing concern is what it will do to our increasing population of ever more capable artificial intelligence deployments.
Because these AIs are increasingly controlling the world around us. And while humans make bad decisions at a relatively glacial pace compared to computers, AIs make decisions at machine speeds. This creates the opportunity for future cascading catastrophes directly related to bad information but intentional (as in an attack) and unintentional (because they are people sourced and people are flawed).
Looking back, Computer Science wasn't great, everything was batch, turn around was glacial, and by the time you got an answer to a math problem, you could have worked it out yourself by hand, not even needing a calculator, in less time. But they could handle what seemed then to be massive amounts of data and provide at least some insight into what the data was telling you.
But if the data was corrupted, so was the answer. One field mistake could have you arguing that that women were huge football fans, and men were Oprah’s largest dedicated audience. Just one binary mistake that switched the sexes, and suddenly you are in front of executives looking like an idiot.
What happened to me was that I worked for a multi-national in Internal Audit and it made no sense that we had to, at year-end, guess how much annual sales was going to be because, at the time we made the announcement, the company knew the exact answer we just hadn’t processed the data yet.
The practice was to uplift the actual numbers we had calculated by around 20%. So a bunch of us worked to fix the timing problem, and that year the internal report that had always been about 20% low was accurate, only to have a Controller then uplift that number, making us 20% over and costing the CFO his job.
Now we have been aggressively moving to replace people with AIs, particularly in areas like accounting. Still, if those AIs get bad information, a bad directive, or are intentionally messed with, we are going to be in a world of hurt and not just financially. Jobs, corporate performance, lives (thinking about the current Pandemic and logistics issues), and even national defense will increasingly depend on AIs getting the accurate information they need so that we can trust both the advice they provide and the decisions they make.
But we not only have issues that people can make coding and data entry mistakes, but we also have hostile players from criminals to disgruntled employees to hostile governments actively trying to mess things up. We need to get in front of this because, if we fall behind, we are pretty much screwed as AIs scale.
The GARD Initiative
GARD (Guaranteeing Artificial Intelligence Robustness against Deception) is a government-driven education and industry leadership 😇program under the DARPA (Defense Advanced Research Projects Agency) umbrella to do precisely that. Get ahead of this problem and crafting robust defense against those that want to compromise our data and put our jobs and lives at risk.
It will focus on both ensuring data integrity and any adversarial attempt to alter or corrupt the algorithms that are used to interpret that data. Granted, it doesn’t address the corruption of the individual interpreting the result, but that has been a known problem that predates computers and policies going back decades exist to address corrupted officers, executives, and other employees.
People haven’t been sitting idly by, but the defenses currently in existence are designed to address pre-defined adversarial attacks but can’t adjust to attacks beyond the designed parameters. This shortfall means an attacker either using a unique attack or designing an attack to circumvent a known defense could still do substantial damage.
We are awash with fake news, and it is adversely impacting elections and people ranging from politicians to executives, to everyday people. But the growing concern is what it will do to our increasing population of ever more capable artificial intelligence deployments.
Because these AIs are increasingly controlling the world around us. And while humans make bad decisions at a relatively glacial pace compared to computers, AIs make decisions at machine speeds. This creates the opportunity for future cascading catastrophes directly related to bad information but intentional (as in an attack) and unintentional (because they are people sourced and people are flawed).
Looking back, Computer Science wasn't great, everything was batch, turn around was glacial, and by the time you got an answer to a math problem, you could have worked it out yourself by hand, not even needing a calculator, in less time. But they could handle what seemed then to be massive amounts of data and provide at least some insight into what the data was telling you.
But if the data was corrupted, so was the answer. One field mistake could have you arguing that that women were huge football fans, and men were Oprah’s largest dedicated audience. Just one binary mistake that switched the sexes, and suddenly you are in front of executives looking like an idiot.
What happened to me was that I worked for a multi-national in Internal Audit and it made no sense that we had to, at year-end, guess how much annual sales was going to be because, at the time we made the announcement, the company knew the exact answer we just hadn’t processed the data yet.
The practice was to uplift the actual numbers we had calculated by around 20%. So a bunch of us worked to fix the timing problem, and that year the internal report that had always been about 20% low was accurate, only to have a Controller then uplift that number, making us 20% over and costing the CFO his job.
Now we have been aggressively moving to replace people with AIs, particularly in areas like accounting. Still, if those AIs get bad information, a bad directive, or are intentionally messed with, we are going to be in a world of hurt and not just financially. Jobs, corporate performance, lives (thinking about the current Pandemic and logistics issues), and even national defense will increasingly depend on AIs getting the accurate information they need so that we can trust both the advice they provide and the decisions they make.
But we not only have issues that people can make coding and data entry mistakes, but we also have hostile players from criminals to disgruntled employees to hostile governments actively trying to mess things up. We need to get in front of this because, if we fall behind, we are pretty much screwed as AIs scale.
The GARD Initiative
GARD (Guaranteeing Artificial Intelligence Robustness against Deception) is a government-driven education and industry leadership 😇program under the DARPA (Defense Advanced Research Projects Agency) umbrella to do precisely that. Get ahead of this problem and crafting robust defense against those that want to compromise our data and put our jobs and lives at risk.
It will focus on both ensuring data integrity and any adversarial attempt to alter or corrupt the algorithms that are used to interpret that data. Granted, it doesn’t address the corruption of the individual interpreting the result, but that has been a known problem that predates computers and policies going back decades exist to address corrupted officers, executives, and other employees.
People haven’t been sitting idly by, but the defenses currently in existence are designed to address pre-defined adversarial attacks but can’t adjust to attacks beyond the designed parameters. This shortfall means an attacker either using a unique attack or designing an attack to circumvent a known defense could still do substantial damage.
GARD will be designed to approach this problem differently using a far broader approach to attack types and be far more agile in its ability to both identify and respond to an attack.
I see this as an AI-driven defense against an AI targeted threat and critical to the growing potential for an AI-driven attack that could circumvent existing defenses.
Wrapping Up: GARD Is Critical
We are entering a new age, but we already see huge problems with the massive proliferation of false information and equally massive attempts to corrupt information gathering systems with this false data. To combat this, DARPA has defined a program called GARD, and both Intel and Georgia Tech have stepped up to help make us safe. Here is hoping that this effort is successful because if it isn’t, the outcome could be extremely dire.
I see this as an AI-driven defense against an AI targeted threat and critical to the growing potential for an AI-driven attack that could circumvent existing defenses.
Wrapping Up: GARD Is Critical
We are entering a new age, but we already see huge problems with the massive proliferation of false information and equally massive attempts to corrupt information gathering systems with this false data. To combat this, DARPA has defined a program called GARD, and both Intel and Georgia Tech have stepped up to help make us safe. Here is hoping that this effort is successful because if it isn’t, the outcome could be extremely dire.
On March 31, network security provider Palo Alto Networks (PAN) announced its intent to acquire software-defined wide-area network (SD-WAN) pioneer CloudGenix for about $420 million in cash. This is a healthy, albeit fair, premium for a company that has an estimated revenue of $45 million with about 250 customers.
For context, VMware paid roughly the same for VeloCloud in 2017. The CloudGenix customer base comprises many Fortune 1000 companies with strengths in health care, retail, manufacturing, finance, tech and hospitality.
The addition of CloudGenix brings SD-WAN into the PAN portfolio. security is shifting away from point products to platforms, and PAN has one of the best platform stories in the industry
For context, VMware paid roughly the same for VeloCloud in 2017. The CloudGenix customer base comprises many Fortune 1000 companies with strengths in health care, retail, manufacturing, finance, tech and hospitality.
The addition of CloudGenix brings SD-WAN into the PAN portfolio. security is shifting away from point products to platforms, and PAN has one of the best platform stories in the industry