Thursday, February 18, 2010

NEOISF Presentation February

On Wednesday I presented "Don't Get Caught with Your Layers Down" along with my intern Bryan on securing Layers 2 and 3 of your network. As I promised the Northeast Ohio Information Security Forum, the presentation is now available for download.

I hope everyone enjoyed the presentation and found value in discussing security issues about the lower layers. Even though these topics are older, we believe they still hold value. Bryan and I developed this presentation after discussing that everyone is currently focused on the protecting the upper layers of the stack. We are starting to neglect the lower layers again.

There are a lot of easy Layer 2 and 3 restrictions that can be implemented on your network that will not cost you anything extra. Your infrastructure vendors should be implementing most of these options in their products.
Posted by at 1:19 PM 0 comments
Labels: , , ,

Tuesday, August 4, 2009

Passed GCFA

Well I passed by GCFA exam. It was challenging. It took about 2 hours out of the 4 hours you are given. I did submit a response for one of the questions that I disagreed with. I think that was the first time I did that on an exam. I would recommend taking a break halfway through the exam. I took 5 minutes of the 15 that is offered. Now, it's time for me to master my new skills.
Posted by at 9:00 PM 1 comments

Sunday, August 2, 2009

I am actually updating my blog. Not because I want to, but because I am avoiding studying for my GCFA exam (http://www.giac.org/certifications/security/gcfa.php) this Tuesday. I have found the coursework for the GCFA to be very rigorous. I took the class via SANS on Demand (http://www.sans.org/ondemand/). I am glad I did because if you have taken a SANS class you know how much information they throw at you. I have reviewed the material multiples times and pick up some detail I missed every time. Some new skills I have learned are imaging machines that are forensically sound, data carving, restoring deleted data, incident response techniques, and some law. I am looking forward to putting together my forensic workstation and master the new skills I have learned. Also, check out the SANS forensics blog at (https://blogs.sans.org/computer-forensics/). I will try to check back in Tuesday. Back to studying.
Posted by at 9:33 PM 1 comments

Saturday, March 7, 2009

Breaking In

Welcome to my new blog breakingintosecurity. I am a new security guy working my way through the exiting world of information security. The goal of my blog is to post the knowledge I gain with examples, presentations, papers, etc. My first focus will be on network related security issues. I encourage you to follow other Cleveland area security bloggers at http://clevelandsecuritybloggers.com/.
Posted by at 5:21 PM 0 comments
Labels:
Subscribe to: Posts (Atom)