PPTP Tunnel Data Frame Format (Credit: Adrian Graur) Tunneling refers to the “technology enabling one network to send its data via another network’s connections. Tunneling works by encapsulating a network protocol within packets carried by the second network.” (CNSSI 4009-2015) For example, the tunneling protocol, PPTP, employs GRE to encapsulate payload protocols (e.g., IP, IPX, NetBEUI) and transmit payloads through the delivery protocol, IP. Full and Split Tunneling Full and Split Tunneling NIST SP 800-113 defines full and split tunneling as follows: Full tunneling is “a method that causes ..read more

Wentz’s Risk Model NIST SP 800-53 and ISO/IEC TR 19791:2010 are known as “Security and Privacy Controls for Information Systems and Organizations” and “Information technology — Security techniques — Security assessment of operational systems,” respectively. NIST SP 800-53 and ISO/IEC TR 19791:2010 define the terms “Security Controls,” “Management Controls,” “Operational Controls,” and “Technical Controls” as follows: Security Controls management, operational and technical controls (i.e. safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integri ..read more

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals. Information Security Security refers to the process of and the state reached by protecting something from danger or threat. Information security is a discipline of protecting information assets from threats through security controls to achieve the security objectives of confidentia ..read more

Scrum is one of the most popular Agile approaches. Your company established a Scrum team to develop the E-Commerce website. Which of the following is correct? (Wentz QOTD) A. The Project manager, as a servant leader, leads the Scrum team. B. Daily Scrum can be finished in 5 minutes but never exceed15 minutes. C. Scrum emphasizes prototyping to optimize predictability and control risk. D. The Scrum Master is accountable for maximizing the value of the product. Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer ..read more