security Archives

Home » security » Page 21

How to destroy a computer hard drive

Dave Farquhar security December 1, 2016December 1, 2016degreaser, vinegar

When you get rid of a computer hard drive, it’s important to get rid of it properly. Your hard drive probably contains a lot of sensitive information on it, like tax returns or loan applications. Here’s how to destroy a computer hard drive when you need to.

Let’s set some expectations here. Making the data impossible to recover isn’t something you can do without a drive shredder. But you can make it so difficult and expensive to recover that nobody will bother. That’s good enough. If it costs $10,000 to recover the data from your drive, a thief isn’t going to do it, due to the risk that you don’t have $10,000 to steal.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

What is a router DMZ? Is it safe to use?

Dave Farquhar security November 29, 2016March 21, 2021dell, firewall

Most consumer routers have a feature they call a DMZ, or demilitarized zone. You may hear networking types talk about the DMZ at work. So what is a router DMZ, exactly?

Dave Farquhar

dfarq.homeip.net

Can I use a CISSP book to study for SSCP?

Dave Farquhar security November 27, 2016August 1, 2017cissp, malicious code, SSCP

Can I use a CISSP book to study for SSCP? That’s a good question, and a good idea, but I don’t recommend it anymore.

Dave Farquhar

dfarq.homeip.net

When you vote, use a paper ballot

Dave Farquhar security November 7, 2016August 14, 2016

I don't mean this image figuratively. Fill out a paper ballot and drop it in the box. — I don’t mean this image figuratively. Fill out a paper ballot and drop it in the box.

Tomorrow is election day. When you vote, use a paper ballot. Paper ballots aren’t flawless either, but they are the less flawed of the two options we have.

So remember two things tomorrow. Go vote. And ask for paper.

Dave Farquhar

dfarq.homeip.net

Is CISSP worth it?

Dave Farquhar security October 24, 2016April 22, 2017cissp, CPE, LinkedIn

Once people finish asking me how hard CISSP is, they often follow up with another question: Is CISSP worth it? As long as you have something to back it up with, I think the answer is a resounding yes.

Dave Farquhar

dfarq.homeip.net

How DDoS attacks work

Dave Farquhar security October 22, 2016April 3, 2021Bill Gates, denial of service, malware, netflix, Windows XP

Yesterday, half the Internet was broken. I knew something was wrong when I couldn’t get into Salesforce to check on a support ticket for my biggest customer. Another member of my team sent us a warning that a big DDoS attack was happening, and not to count on being able to issue very many quotes today. So what, exactly, is a DDoS attack and how do DDoS attacks work?

I suppose there’s another question to ask too: What can you do to avoid being part of the problem? We’ll save that for the end.

Dave Farquhar

dfarq.homeip.net

How hard is CISSP?

Dave Farquhar security October 18, 2016October 16, 2016cissp, Liquid Matrix, vulnerability

CISSP difficulty is one of the most frequent questions I get once someone finds out I have it. “How hard is CISSP?” or “Could you pass CISSP again?” are two questions I get a lot.

They’re fair questions, and the answer is, it depends. But I can help you figure out the answer for yourself.

Dave Farquhar

dfarq.homeip.net

Cordless phone frequencies

Dave Farquhar security October 17, 2016April 19, 2023

If you are wondering about cordless phone frequencies, there are seven bands that have been in use since the 1980s. You can still buy phones for four of those frequencies.

There are two reasons to be concerned about a cordless phone’s frequency. The first is interference. Some phones interfere with other devices, such as wi-fi. The other reason is security.

Dave Farquhar

dfarq.homeip.net

CISSP continuing education

Dave Farquhar security October 12, 2016November 24, 2018cissp, CPE, isc, podcast

Besides work experience, I probably get more questions about CISSP continuing education than anything else CISSP-related. Fortunately, keeping your CISSP can be a lot cheaper and easier than getting it in the first place was.

CISSP continuing education is measured in CPEs. You get one CPE per hour of “study.” Study is a pretty loose term. If you’re learning about security, you can probably find a way to make it count. You need to get 40 CPEs per year.

Dave Farquhar

dfarq.homeip.net

Security+ vs CISSP

Dave Farquhar security September 27, 2016October 10, 2017buffer overflow, certifications, cissp, cissp exam

Someone asked me to compare Security+ vs CISSP, particularly the difficulty. I’m glad to oblige. I have both certifications.

Let’s start by looking at a couple of hypothetical questions. Don’t expect to see either of these on the test; I’m making them up as I go. But don’t be surprised if you see something similar.

Dave Farquhar

dfarq.homeip.net