A cloud computing-related Security+ question

Last Updated on August 12, 2018 by Dave Farquhar

Someone tossed a Security+ study question my way this week. This is an example of Security+ trying to be CISSP Lite, but it’s still a valid question–probably for either test, and for SSCP and CISM too.

A small not-for-profit organization needs to invest in a new expensive database. There is no budget for additional servers or personnel. Which of the following solutions would allow it to save money by avoiding hiring additional personnel and minimize the footprint in their current datacenter?

A. Linux
B. Software as a Service (SaaS)
C. Infrastructure as a Service (IaaS)
D. Platform as a Service (PaaS)

Let’s take it one at a time.

Read more

Living with a past-its-prime computer

Last Updated on July 15, 2017 by Dave Farquhar

I’m playing catch-up a bit. This weekend, Lifehacker ran a guide about living with a computer that’s past its prime.

I’ve made a career of that. One of my desktop PCs at work (arguably the more important one) is old enough that I ought to be preparing to send it off to second grade. And for a few years I administered a server farm that was in a similar state. They finally started upgrading the hardware as I was walking out the door. (I might have stayed longer if they’d done that sooner.) And at home, I ran with out-of-date computer equipment for about a decade, just this summer buying something current. Buying something current is very nice, but not always practical.

So of course I’ll comment on a few of Lifehacker’s points.

Read more

Kids these days, not knowing the name Grace Hopper

The guys at Hackaday dug up a video of the late Commodore Grace Hopper (the rank is now called Rear Admiral, but the rank of Commodore just seems appropriate for a computer science pioneer) and the poster admitted he’d never heard of her before. The resulting discussion was rather… interesting.

Read more

Why can’t St. Louis repurpose buildings like Baltimore does?

I had the opportunity to visit Savage Mill, near Baltimore, recently. Savage Mill is an old textile mill dating to the 1820s that fell into disuse in the 1940s. Today, the complex houses a variety of businesses. While the place has vacancies–the economy is still struggling, after all–it’s crowded, and it’s a great reuse.

It makes me wonder why we can’t do the same thing in St. Louis.
Read more

How to pass CISSP: Test taking strategies

Last Updated on September 28, 2016 by Dave Farquhar

The CISSP is a 250-question, multiple-choice test. You have six hours to complete it. It’s not like any college final I ever took, though cramming all of finals week into a six-hour session is almost a fair comparison. If you’re wondering how to pass CISSP, I can’t guarantee my method, but I’m glad to share what worked for me.

Read more

How to study for CISSP

How to study for CISSP

Last Updated on August 6, 2018 by Dave Farquhar

I got the letter this week. The one from (ISC)². If the first word is “congratulations,” it means you passed. But if the first two words are “thank you,” you didn’t. If you want the letter that says “congratulations” in your future, it helps to know how to study for CISSP. Here’s how I studied for mine. Hopefully it will help you. It’s a long road. But it’s doable.

Read more

And on a personal note, I passed the CISSP

I can’t believe I forgot to post this, but yesterday I got word that I passed the CISSP. So, after a vetting process that can take up to six weeks, I’ll be able to sign off with a “, CISSP” after my name.

Now that I can give advice on taking the test without being presumptuous, I’ll write about that this weekend.

The future of flash memory might not be so bleak after all, either

PC Perspective’s Allyn Malventano stopped in earlier this week and sent me a link to his take on the bleak future of SSDs and flash memory: http://www.pcper.com/reviews/Editorial/NAND-Flash-Memory-Future-Not-So-Bleak-After-All

He didn’t agree with me entirely–he argued that the problems outlined in the study in question are solvable.

Read more

Handling data recovery

I took a strange phone call from the field today, asking for advice about creating policies and procedures on data recovery.

There’s no easy answer.
Read more

Libre Office grows up some more

Libre Office 3.5 is out. I need to look at it. My big beef with Open Office all along was that it made current hardware, whatever it was, feel like Office 97 running on a 486. Or perhaps a Pentium-75.

They’re saying all the right things now. Lots of new eyes looking at the code, reviewing the code, dropping obsolete code, streamlining it and making general improvements. Netscape 4.5 was a bloated mess too, but once the Mozilla team got some fresh eyes looking at it, the situation improved. Eventually they had to break the browser out into what became Firefox, but they had the freedom to do that.

And in the meantime, I suppose if it’s too slow, you could throw hardware at the problem. 8 GB of RAM costs $40 or less right now. Carve out a ramdisk of 1-2 GB and install Libre Office in that, and it’ll load pretty fast. It’ll eliminate any I/O-bound bottlenecks.