CISSP Cyber Training Podcast - CISSP Training Program

• CCT 222: TP-Link Router Risks and Software Development Security for CISSP (D8.2)

  Send us a textUnlock the secrets to fortifying your software development practices with expert insights from Shon Gerber. As we navigate the complex landscape of cybersecurity, we delve deep into the urgent risks posed by TP-Link routers, used by a staggering portion of U.S. households. Discover practical strategies for protecting your network, like firmware updates and firewall configurations, and learn how potential geopolitical threats could reshape your tech choices. This episode arms you with the knowledge to safeguard your digital ecosystem against looming threats and prepares you for possible shifts in government regulations.Venture into the vibrant world of programming languages and development environments, tracing their evolution from archaic beginnings with BASIC and C# to today's dynamic platforms like Python and Ruby on Rails. Shon unravels the intricacies of runtime environments and libraries, emphasizing why sourcing trusted libraries is non-negotiable in preventing security breaches. For those new to programming, we demystify Integrated Development Environments (IDEs) and offer insights into why securing these tools is paramount, especially as AI makes coding more accessible than ever before.As we wrap up, Shon guides you through best practices for securing both your development and runtime environments. From addressing vulnerabilities inherent in IDEs to ensuring robust CI/CD pipeline security, we cover it all. Learn about the pivotal role Dynamic Application Security Testing (DAST) plays and how to seamlessly integrate it within your development processes. This episode is a trove of actionable advice, aimed at equipping you with the skills and foresight needed to enhance your cybersecurity strategies and development protocols. Don’t miss this comprehensive guide to making informed decisions and fortifying your software’s security posture.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  --------  

  41:21
• CCT 221: Malicious QR Codes and Advanced Digital Forensics Techniques for CISSP (D7.1)

  Send us a textCurious about the latest tactics cybercriminals are using to exploit vulnerabilities in messaging apps? Join me, Shon Gerber, on the CISSP Cyber Training Podcast as we unravel how Russian hackers are leveraging malicious QR codes to breach platforms like Signal, Telegram, and WhatsApp. We'll dissect this alarming trend that targets high-profile individuals including politicians and journalists, and underscore the importance of staying vigilant when interacting with QR codes. Despite fighting off a cold, I share a heartening story of collaboration with a student who helped correct errors in our study materials, reminding us all of the power of continuous learning and positive contributions to the cybersecurity community.Ever wondered how digital forensics can help you get ahead of potential cybersecurity incidents? Discover essential techniques for conducting thorough investigations as we unpack the art of digital forensics and incident response. From using static analysis to safely examine suspicious files, crafting incident reports with precision, to tackling insider threats with comprehensive artifact collection, this episode covers it all. Learn about the role of tools like Cellebrite in mobile device analysis and the critical importance of maintaining a chain of custody to safeguard evidence integrity. We also highlight root cause analysis as a key strategy for dissecting malware outbreaks and fortifying your organization’s defenses.Looking to deepen your cybersecurity expertise? We’ve got you covered with a treasure trove of resources, including video content on our CISSP Cyber Training blog and consulting services through partnerships like NextPeak. Whether you’re a seasoned expert or just beginning your journey, these tools are designed to enhance your skills and provide specialized guidance. Explore how anomaly-based detection aids in spotting malicious network activity and why clear, jargon-free reporting is crucial in post-incident reviews. This episode promises to equip you with the insights needed to navigate the evolving landscape of cybersecurity challenges and opportunities.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  --------  

  25:48
• CCT 220: Firewall and Advanced Cybersecurity Techniques for CISSP (Domain 7.1)

  Send us a textUncover the secrets to mastering firewalls and advancing your cybersecurity career with insights from the CISSP Cyber Training Podcast. Ever wondered how a simple firewall can be your strongest ally against a $12 billion threat that financial firms have faced over the past two decades? Join me, Sean Gerber, as we navigate the indispensable role of firewalls within cybersecurity, especially for those gearing up for the CISSP exam. This episode promises an enriched understanding of firewalls, from regulatory compliance to integrating next-generation firewalls in cloud environments like Azure and AWS.The discussion extends beyond technicalities, emphasizing the importance of understanding the entire security chain for effective implementation and maintenance of firewalls. By exploring real-world scenarios, such as the implementation of government-mandated firewalls in Sri Lanka, we highlight how robust logging systems and regulatory compliance are vital in shaping a secure network architecture. The complexities of handling advanced intrusion attempts with next-generation firewalls are unraveled, showcasing their application-layer protection and their importance in achieving a resilient security posture.Engage with practical advice on marketing your cybersecurity expertise within your organization and strategies for transitioning into security roles. We also touch on key managerial concepts essential for conquering the CISSP exam. From tackling practice questions to understanding the nuances of firewall architecture, this episode serves as a comprehensive guide to excel in your cybersecurity journey. With a focus on balancing innovative technology with organizational needs, listeners are encouraged to think beyond binary solutions and embrace a managerial mindset in their path to becoming cybersecurity leaders.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  --------  

  42:31
• CCT 219: Practice CISSP Questions - Mastering Vulnerability Assessments and Network Scanning for the CISSP (D6.2.1)

  Send us a textGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  --------  

  20:12
• CCT 218: Design and validate assessment, test, and audit strategies for the CISSP (Domain 6.1)

  Send us a textUnlock the secrets to safeguarding your cloud storage from becoming a cyber attack vector in our latest episode of the CISSP Cyber Training Podcast with Shon Gerber. Discover how neglected AWS S3 buckets can pose significant threats akin to the notorious SolarWinds attack. Shon breaks down the importance of auditing and access controls while providing strategic guidance aligned with domain 6.1 of the CISSP to fortify your knowledge for the exam. This episode promises to equip you with the essential tools to protect your cloud infrastructure and maintain robust security practices.Transitioning to security testing, we explore various methodologies and the vital role they play in incident readiness and data integrity. From vulnerability assessments to penetration testing and the collaborative efforts of red, blue, and purple teams, Shon sheds light on the automation of these processes to enhance efficacy. We also demystify SOC 1 and SOC 2 reports and discuss their criticality in vendor risk management and regulatory compliance. With insights into audit standards like ISO 27001 and PCI DSS, this episode is your comprehensive guide to understanding and applying security measures across diverse sectors.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  --------  

  34:43

More Technology podcasts

Trending Technology podcasts

About CISSP Cyber Training Podcast - CISSP Training Program