January 28, 2018

Video and Notes on Transport Layer Security

  • Technical preventative control

  • TLS is just one of those things that is going to be on the exam, there is no way to avoid it.  Mainly because TLS is heavily emphasized in all your books.  Especially when they mention encrypting web traffic.

  • Involves a TLS handshake AFTER the TCP Handshake. 


January 22, 2018

To watch more CISSP videos like this,

become a member:

January 1, 2018

A brief real life demonstration of a covert timing channel:  

To watch the whole video on both covert storage/covert timing channels and other CISSP videos, become a member here:

November 30, 2017

Become a member to view the rest of the video:

Hard Token Implementation

Look Up Secret Token

  • Consists of a claimant and a verifier 

  • Uses grid-cards which consists of rows and columns

  • Both the claimant and the verifier have the same grid-card

  • How it works: 

    • Claimant wants to access a remot...

November 24, 2017

The CISSP Computerized Adaptive Testing is going to be here starting December 18, 2017! 

It totally caught me off-guard, there really was no confirmation or a prior announcement.  If there was an announcement, the (ISC)² only told a select few at private conferences.  We had at least 6 months notice before The Great CBK Change of 2015!

Either way,...

August 7, 2017

The OSI Model is used to describe how data moves from your networked computer to an application in another network.  Instead of trying to memorize all the layers, the protocols, and what device belongs in which layer, it is better to just know the concepts.    

Here is an excerpt from the OSI Model video from the members section of the site.  


June 18, 2017

Defense in depth is the use of multiple security controls to protect a single of group of assets. 


This video is from the Software Development Life Cycle CISSP series.  

Become a member to view the rest of the video:

April 11, 2017


Click Here to Download The PDF "Responsibilities in the Cloud"

I've seen that there has always been some confusion or difference of opinion when it comes to who has what responsibility in the cloud.  

I'm not here to state anything official, but to just go through what I've observed while studying, and helping others study for the CISSP.

It doesn't matter...

April 4, 2017

Digital signatures should be one of your most favorite things to study for the CISSP exam.

By knowing the concept of digital signatures, you also get to know about these 4 other things: 

  • Hashing

  • Nonrepudiation

  • Encryption

  • Authentication

All 4 of the terms above go into making digital signatures possible.  If you were ever confused about...

Please reload

© 2013 Study Notes and Theory
Terms and Conditions/Privacy Policy

Proudly created to make you

a better security professional.