Information Security Certification Guide

Friday, June 27, 2008 by Mistlee


Can't see any images? -Click To View!



Recent Articles

ISP Suggested As Certification Standard
By paying a few fees and sacrificing a handful of stamps, it's possible to get several degrees within a single month. Tell anybody about those degrees, though, and you'll hear laughter instead of congratulations.

The Technology Or The Presenter?
Another interesting presentation today at the iLinc Customer Summit came from Barb Nead-Nylander of the Dow Chemical Company. She talked about Dow's requirement for all of their online instructors (well over one hundred of them) to take an internal training...

Studying For Certification Exams
Well, I'd signed up to take the CompTIA A+ exam at the end of November but things got very out of control business-wise (one got busier, and the other got sold) so I hadn't done a lot in terms of getting ready.

Prince2 Practitioner New Exam Format
The new Prince2 Practitioner exam is in multiple choice format. Don't be fooled into thinking this is going to make it easier. It's still three hours long and now you are tested across nine topics rather than the original l three. These topics are: Processes. Business Case...


06.27.08

Information Security Certification Guide

By Dan Morrill

Information Security Certifications are part of the credentialing landscape for an information security professional, and in many ways, those just generally interested in the subject.

Search Security writers Ed Tittel and Kim Lindros have put together the definitive list of the top 50 information security certificates and certification paths for those who are serious about getting their information security certification.

In fact, the sheer number of credentials can make navigating the security certification landscape a dizzying experience. Simply identifying the vast array of offerings can be time consuming and overwhelming -- never mind determining which certification best fits your situation. Source: Search Security

There is always going to be concerns about the money, the time, and the value of a security certificate. The question comes in as to how much you want to have any hope at job security. There is job security in information security by keeping your skills up and adopting life long learning. That is a reality, even if you get canned from one company, having a string of letters after your name can help, as long as it is not too many. If you have a dozen use only the three latest ones on your title, while interesting, if you have a dozen, it looks like all you did was go to school.


The very good part about the Search Security article is that they really do cover the whole certificate landscape in line with what people might want to do. Do you want a generalist or a specialized certificate? One thing they do not do is go into the comparable wage process for each security certificate (you have to make sure there is a payoff for the certificate, if there is no bump in dollars for having it, then it is not worth getting because everyone else has it and the market is diluted).

This is one of those career planning articles that would do folks looking to start out, or those seasons veterans looking for something new, to plan and plot out their information security careers. The key here is to keep on learning, keep on being challenged, and keep on building your marketability always.

Comments


About the Author:
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.

About ITCertificationNews
A collection of resources designed to assist IT professionals evaluating various certification programs within the IT world. IT Certification Articles and UPdates

ITCertificationNews is brought to you by:

SecurityConfig.com NetworkingFiles.com
NetworkNewz.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
DevNewz.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com


-- ITCertificationNews is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2008 iEntry, Inc.  All Rights Reserved  Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article


Unsubscribe from ITCertificationNews.
To unsubscribe from ITCertificationNews or any other iEntry publication, simply send an email request to: support@ientry.com

IT Certification Articles and UPdates ITCertificationNews News Archives About Us Feedback ITCertificationNews Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact

Clipperz's Zero-Knowledge Web Application

Friday, June 20, 2008 by Mistlee

Clipperz's Zero-Knowledge Web Application

By Savio Rodrigues

I previously wrote about Clipperz because I really think Marco and team at Clipperz have a great idea. To summarize, Clipperz has technology for "zero-knowledge web applications" which they have applied to an online password manager as a proof of concept. Marco writes:

"We simply meant that Clipperz knows nothing about its users and their data!

As a consequence of the "learn nothing" mantra, every zero-knowledge application should be completely anonymous, or at least it should make it impossible to relate the real name or email of a user to his data"

It seems that Richard Stallman agrees that Clipperz technology could be very useful in the cloud-based computing world that awaits us.

The guys at Clipperz and RMS have been talking about how Clipperz's technology could provide freedom and privacy in the cloud. To that end, they suggest (summarized from here):

Choose AGPL: If your services are based on software with an AGPL license, you have to make the source code available to anyone that uses the service

Add zero-knowledge sauce: The server hosting the web app could know nothing of its users, not even their usernames

Build a smarter brower: We still need to provide users of web apps with an even more flexible and secure environment.


To expand on #3, Marco writes:

"Stallman suggests adding a feature to the browser allowing a user to say: "When you get URL X, use the Javascript from URL Y as if it came from URL X." If the user does invoke this feature, he can run his copy of the Javascript and still being able to exchange data with the server hosting the web application.

A browser with such capabilities could also easily verify if the Javascript from URL X is different from the alternative Javascript stored at URL Y. If the user trusts the present release of the Javascript code from URL X, he could make a copy of it at URL Y and be alerted if any change occurs.

This solution protects the user from malicious code that could be unknowingly executed by his browser, stealing his data and destroying the whole zero-knowledge architecture "

Personally, I think #2 and #3 are great ideas. I'm having trouble with #1, the AGPL requirement. From an academic standpoint, I can agree with it. But if we're asking Google, Amazon, Microsoft, IBM, Sun, HP, etc. to use AGPL'd code, it could become an uphill battle.

Using the AGPL'd widget (from Clipperz in this case) that enables a "zero knowledge web application" is not the problem. However, the viral nature of the AGPL would be a concern for any vendor who intends to drive revenue from their proprietary code/application delivered via a SaaS from a Cloud. I guess that these vendors could always license the Clipperz technology...
News Archives About Us Feedback WebDeveloperNews Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact

Developing Your Site's Search Engine

Wednesday, June 11, 2008 by Mistlee


Can't see any images? -!



Web News

Google tightens grip on UK search market
Google accounted for a whopping 87.3 per cent of all UK searches in May, further increasing its market dominance, according to the latest figures from Hitwise. Although very slightly down from the 87.69 per...

UK trailing in global broadband league
Representatives from the government, the regulator Ofcom and industry will hold a crisis summit today to discuss how to prevent the UK slipping down the global broadband league. The government's independent advisory body, the Broadband Stakeholders...

O2 releases iPhone 3G pricing for UK
O2, the operator with the exclusive UK distribution deal for the iPhone, has released tariff information for Apple's handset. O2 said it will be launching the iPhone 3G in the UK, as expected, on 11 July, with an...


NO RACK FEES for the first month of service

06.11.08

Developing Your Site's Search Engine

By Mike Moran

I'm old enough to remember when fathers and sons thought nothing of overhauling their own car engines-back before cars became little IT shops that need specialized equipment to repair.

As a certified girly-man, I cringe at even the thought of overhauling an engine, but I do know how to overhaul your site search engine. (You won't even get dirt under your fingernails.)

Search engines are complicated, which means that one size does not fit all. You need to be ready to customize the way your search engine operates so that it best fits your business and your customers.

Each search engine provides different dials to turn and levers to pull, but here are some of the most important:

Default Boolean operator. We'll forgive you if your first reaction is, "What the heck is a default Boolean operator?" Don't be intimidated by the terminology-the name refers to how the search engine treats multi-word queries. If a searchers enters digital cameras, does the search engine look for pages containing both "digital" AND "cameras"? Or pages containing either "digital" OR "cameras"? It's your search facility, so you get to decide. Defaulting to AND usually provides more precise results, but also more "not founds."

NO RACK FEES for the first month of service

Rank-factor boosting. Search engines use myriad factors to rank search results. When it's your site search engine, those factors are under your control. Don't be afraid to tweak the weighting of your ranking factors and test the results. Most site search facilities benefit from customizing ranking factors for improved relevance.

Linguistic and synonym dictionaries. To improve recall, you can request that your search engine expand its matching to include linguistic variants and synonyms of the keywords the searcher uses. Sometimes this kind of expansion can produce spurious results, but you can customize the dictionaries so that only the most helpful related terms are used.

Country and language filters. If your Web site sells to people of multiple countries or languages, you need to ensure that your search results are limited to the country/language combination they expect. Your conversion rates will skyrocket if you properly filter the right country results for the right person.

Expect your search engine to need some customization to provide optimal results. Now you at least know the basics to pay attention to.

Comments


About the Author:
Copyright Mike Moran

Mike Moran is an IBM Distinguished Engineer, expert on Internet marketing, and the author of Search Engine Marketing, Inc., the best-selling book on search marketing. Mike also writes the popular Biznology newsletter and blog.
About DevWebProUK
DevWebProUK is for professional developers ... those who build and manage applications and sophisticated websites. DevWebProUK delivers via news and expert advice New Strategies In Development.





DevWebProUK is brought to you by:

SecurityConfig.com NetworkingFiles.com
NetworkNewz.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
LinuxProNews.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com






-- DevWebProUK is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2008 iEntry, Inc.  All Rights Reserved  Privacy Policy  Legal 

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article

Unsubscribe from DevWebProUK.
To unsubscribe from DevWebProUK or any other iEntry publication, simply send an email request to: support@ientry.com

Delivering IT Solutions DevWebProUK News Archives About Us Feedback DevWebProCanada Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact

How To Monitor Customer Satisfaction

Tuesday, June 10, 2008 by Mistlee


Can't see any images? - !




Click to Play

Bet Your Mom Knows About Link...
SMX Advanced, as the title suggests, is not for ebusiness folks just now discovering how search engines work and why they matter to a website. SmallBusinessSEM .com's...

Recent Articles

Do You Have A Customer First Plan?
"We know more about our prospects (leads) than we know about our current customers" was shocking statement I heard from a client and it stuck with me. In fact, it's the impetus for this post. When you...

Effectively Communicate And Collaborate With...
Salesforce.com [NYSE: CRM], and Google [Nasdaq: GOOG] today expanded their global strategic alliance to make it easy for companies of all sizes to run their business in the cloud with Salesforce for Google...

Creating An Effective Budget For Customer...
I read a great post last week on the RKGblog on how to spend customer acquisition dollars wisely. Read it yourself, but remember that its audience is catalogers steeped in the world of direct marketers.

A Do It Wrong Quickly Approach To The Intranet
I gave a speech Monday in Oslo on Do It Wrong Quickly and, as usual, the best parts of the speech for me were the audience questions. One question in particular came up that I am asked frequently, so I thought you...



Recent WebProNews Articles

Waiting To Litigate: Viacom, Google, And YouTube
The ongoing dispute between Viacom and Google over the posting of copyrighted content on YouTube appears destined for the courtroom rather than the settlement table. As we dug a little more into the persistent...

Hulu Scores Colbert, Stewart Shows
Video site Hulu, jointly owned by NBC Universal and News Corp., will begin offering full episodes of Viacom's Comedy Central programs "The Daily Show with...

Twitter Survives Apple Conference
Fans and critics alike expected Twitter's new "status" blog to be a busy place yesterday, and in one sense, the company didn't disappoint. Posts mainly focused on preventative measures, however, and Twitter more....

Yahoo Lawsuit Wants Poison Pill Nullified
Shareholders filed suit against Yahoo, seeking the elimination of a severance plan the company adopted to keep it from being taken over by Microsoft. Following the call by corporate raider Carl Icahn to Yahoo...


06.10.08

How To Monitor Customer Satisfaction

By Craig Borysowich

To monitor how well a customer's expectations for quality service delivery are being met.

Method

Conduct periodic surveys of customer satisfaction levels. See also: Measuring Customer Satisfaction

Use group process techniques to involve senior members of the project team in reviewing the findings of such surveys, identifying opportunities for improvement, and updating the project strategies and plans, as appropriate. As well, solicit input from project team members, who can often be the most help in finding solutions to any problems identified. See also: Develop Strategies and Plans

Formally record and manage the action items that result from customer satisfaction surveys and track them through to closure. See also: Manage Action Items

GUIDELINES FOR A CUSTOMER SATISFACTION SURVEY

Define what you want the survey to accomplish. Typically this should be to measure the gap between a customer's expectations and his/her perceptions of the level of service being provided.

Keep it simple and focus on the essential information - there is no guarantee that a complex approach will give you any more useful information.

Focus on factors such as the following, which are generally recognized as areas of customer concern:

understanding the customer: the degree to which we know the customer and understand his or her needs,

technical competence: the degree to which we possess the required skills and knowledge to perform the service required,

reliability: the degree to which we perform as promised, dependably and accurately,

credibility: the degree to which we are perceived as trustworthy, believable, and accountable,

responsiveness: the degree to which we are willing and able to respond to problems and issues,

communication: the degree to which we listen to the customer, keep the customer informed, and support the customer through effective presentations,

courtesy: the level of politeness, respect, and friendliness of our people.

Call Today For a Free Domain Consultation

Make the survey form simple to complete.

Make sure that the time required to complete the survey is not more than 10 minutes.

Explain the objective of the survey, what the results will be used for, and that the individual responses will be kept confidential.

Start with simple questions (as you would in an interview) to develop a profile of the respondent and the extent of their involvement with the IS organization.

Where appropriate, use a simple scale for responses, such as the following:

• Poor
• Satisfactory
• Good
• Very Good
• Excellent

With this kind of scale, a reasonable target might be to achieve higher than 90 percent of very good or excellent ratings.

Include space for comments and prompt respondents to provide comments with a suitable leading question. Probe for further information when respondents are dissatisfied (for example, "If you were not satisfied, what was your expectation and to what extent was this not met?").

Take into consideration the fact that some expectations may be unrealistic. For example, many customers may not agree with the change request process which protects the IS organization against uncontrolled scope change. In these cases, consider focusing on specific elements. For example:

• To what extent was the change control process explained at project start-up?

• To what extent did the IS organization work with you to find mutually acceptable ways to accommodate controlled changes (for example by substituting functionality without increasing the overall scope)?

Pretest the survey questionnaire with a small number of representative customer contacts, and refine it as necessary.

Measure customer satisfaction regularly and keep track of the changes over time.

Comments

About the Author:
Craig Borysowich has over 18 years of Technology Consulting experience with both public and private sector clients, including ten years in Project Leadership roles. His extensive background in working with large scale, high-profile systems integration and development projects that span throughout a customer's organization allows him to help consulting organizations world-wide to deliver better quality projects more consistently.
About EnterpriseCustomer
News over the latest information about the enterprise customer





EnterpriseCustomer is brought to you by:

WebProNews.com Jayde.com
MarketingNewz.com SalesNewz.com
CareerNewz.com InvestNewz.com
eCommNewz.com WebsiteNotes.com
AdvertisingDay.com ManagerNewz.com
SoHoDay.com CRMNewz.com





EnterpriseCustomer Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact

-- EnterpriseCustomer is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2008 iEntry, Inc. All Rights Reserved Privacy Policy Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article


Unsubscribe from EnterpriseCustomer.
To unsubscribe from EnterpriseCustomer or any other iEntry publication, simply send an email request to: support@ientry.com

EnterpriseCustomer News Archives About Us Feedback

Some Difference Between Front-end And Back-end Developers

Thursday, June 5, 2008 by Mistlee


Can't see any images? - !




Click to Play

NoFollow Google Help Center
We have some breaking news to tell you! We’ve reported on nofollow on many occasions, but we are the first to tell you that Google has just launched NoFollow...

Web News

Friend-Tracker' Mobile Service Launches in UK
A mobile phone service that lets users track the location of friends and family is launching in the UK. The Sniff application sends users a message showing the position of the person they are trying to find - who must also have signed up to the service - and a map....

Going the Way of VHS: DVD Industry Braces Itself...
...for march of the download. First came mail-order rental services, now film downloads at the click of a button. DVD rental and retail stores are braced for a fresh onslaught of competition, this time in disc-less form. The DVD is only 10 years old and yet...

Movies on iTunes Come to the UK
More than 700 titles will be on offer from the launch date, 100 of which will be available in high-definition. Many of the titles on sale for downloading via iTunes will be going on sale on the same day they are released on DVD, said Apple. New releases cost £10.99 to...

UK Army to Trial Electronic Warfare System
The UK and Nato will trial an electronic warfare capability later this month. The system will be trialled at the Coalition Warrior Interoperability Demonstration – an annual global exercise that involves more than 26...



06.05.08

Some Difference Between Front-end And Back-end Developers

By Mads Kristensen

Jakob asked me a question this evening: What is the difference between front-end and back-end developers? Not long after I was on my way home and couldn't stop thinking about it.

I've never thought much about it before, yet I am convinced there is a difference. Also, I have a feeling that there must be a different answer for each developer in the world.

Let's start by looking at some stereotypical differences.

Front-end devs don't unit test

whereas back-end devs take pride in their unit tests and test environment. In my experience this is definitely true. Front-end code is very difficult to test and those tests are even worse to maintain. It's a fulltime job. However, you have always been able to separate most logic from code-behind files and other classes into libraries that are testable. Maybe front-end devs just don't care as much about testability or are they more realistic in how they spend their time?

Back-end devs are more low-level

Threading and memory pointers are not interesting for most front-end developer. Back-end devs on the other hand knows all about it and how to utilize it to create scalable solutions. Front-end devs don't like operating on such a low level of abstraction and feels the platform should take care of it, so they don't have to. Otherwise you'll never get anything done. Some are extraordinary productive on a low level and some are equally productive but higher on the stack. Does this separate front-end from back-end devs?


Front-end devs make more mistakes

Back-end devs don't just jump into development, but thoroughly sketch out every detail to avoid unforeseen scenarios. Front-end devs do just the opposite - they need to create and they need their endorphins fast. I've heard this many times before and I don't agree. There are just as many ugly pitfalls by rushing development in the front-end as in the back-end and front-end devs knows this. Still, they need their fast track to the endorphins, but does it collide with the quality?

Back-end devs hates the client-side

If there is one thing back-end devs hate more than Cirque du Soleil, it's JavaScript, stylesheets and HTML. Valid XHTML only makes sense to back-end devs if they have to parse it as XML. Front-end devs spend hours on end to perfect every pixel and even longer to validate their stylesheet and XHTML even though the average user wouldn't notice. Say cross-browser to a back-end dev and he shakes his head at the stupidity thinking that you could just have made a table design and there wouldn't be any problems. Is this a way of thinking about quality?

A likely answer

When I was hired by ZYB, my boss Ole Kristensen asked me if I considered myself as a front-end or a back-end developer. I answered that I thought of myself as a back-end dev but my heart was in the front-end. Maybe the answer has nothing to do with technicalities but is as simple as what you love the most.

Comments


About the Author:
Mads Kristensen currently works as a Senior Developer at Traceworks located in Copenhagen, Denmark. Mads graduated from Copenhagen Technical Academy with a multimedia degree in 2003, but has been a professional developer since 2000. His main focus is on ASP.NET but is responsible for Winforms, Windows- and web services in his daily work as well. A true .NET developer with great passion for the simple solution.
About DevWebProUK
DevWebProUK is for professional developers ... those who build and manage applications and sophisticated websites. DevWebProUK delivers via news and expert advice New Strategies In Development.





DevWebProUK is brought to you by:

SecurityConfig.com NetworkingFiles.com
NetworkNewz.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
LinuxProNews.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com






-- DevWebProUK is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2008 iEntry, Inc.  All Rights Reserved   Privacy Policy   Legal 

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article

Unsubscribe from DevWebProUK.
To unsubscribe from DevWebProUK or any other iEntry publication, simply send an email request to: support@ientry.com

Delivering IT Solutions DevWebProUK News Archives About Us Feedback DevWebProCanada Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact