CISSP Cyber Training Podcast - CISSP Training Program – Détails, épisodes et analyse

Send us Fan Mail

Ransomware doesn’t wait for your change window, and neither do we. This episode takes you inside the decisions that matter when privileged accounts start hopping across systems, Exchange servers attract fresh exploits, and the clock is running on recovery. We open with the newest CISA guidance on Microsoft Exchange and translate it into moves you can apply today: enforce least privilege with a real PAM, choose stronger MFA than SMS, disable basic auth, and lock in transport protections that withstand downgrade tricks.

From there, we get practical about TLS and HSTS. Rolling TLS everywhere sounds simple until certificates, ciphers, and legacy services push back. We map a staged path that starts with critical links, reduces misconfigurations, and grows coverage without breaking internal apps. HSTS then adds a policy backbone that reduces user error, blocks session hijacking, and tightens browser behavior, with clear notes on latency, preload lists, and subdomain scope.

When incidents hit, priorities flip. We break down the right call when lateral movement continues during a ransomware event: disable privileged accounts and switch to preapproved emergency access. On evidence handling, we reinforce the nonnegotiable step for integrity—cryptographic hashing before and after imaging—plus secondary measures for custody and confidentiality. Disaster recovery gets the same scrutiny: meeting RTO while missing RPO means your backup cadence or replication policy failed, not your failover drill. We also cover immutable logs with WORM storage to prevent admin tampering and why emergency patches should be followed by a retrospective CAB review to keep governance intact after the fire is out.

If you’re preparing for the CISSP or sharpening day-to-day security operations, this session delivers clear, actionable guidance you can put to work immediately. Subscribe, share with your team, and leave a review to help more practitioners find these practical playbooks. What’s the one control you’d implement tomorrow to cut lateral movement in half?

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

A single Windows shortcut can open the door to espionage—and that’s exactly where we begin. We break down a fresh LNK exploit campaign to show how hidden command execution and DLL sideloading slip past busy teams, then pivot into the core defense most organizations underuse: disciplined configuration management. From baselines and version control to change boards and rapid rollback, we map the habits and tools that turn chaos into control.

We walk through building secure, realistic baselines with CIS Benchmarks and NIST 800‑128, and why “simple and enforceable” beats “perfect and ignored.” You’ll hear how least privilege for change stops shadow tweaks, how EDR and application firewalls catch command and control, and how automation with Ansible, SCCM, and Terraform keeps fleets consistent. We spotlight the CMDB as a living source of truth—only valuable if you maintain ownership, automate updates, and report on drift so leadership and risk teams can act.

Change governance becomes your stabilizer. A change control board aligns IT, security, operations, risk, and compliance before big moves, while an emergency change advisory board authorizes fast action for zero‑days and incidents with a strict post‑implementation review. We break down the full change lifecycle—request, impact analysis, staging, implementation, verification, CMDB updates—and the common pitfalls to avoid, including undocumented changes, brittle rollbacks, and ignoring post‑change scan results. Expect practical guidance on when to auto‑patch Windows, how to iterate quarterly without overengineering, and what metrics prove progress.

If you’re aiming to master CISSP Domain 7 or just want fewer outages and faster recovery, this conversation gives you a clear blueprint to reduce attack surface and increase stability. If it helps, share it with a teammate, subscribe for more deep dives, and leave a quick review so we can keep improving for you.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

The fastest way to lose trust is to let AI adoption outrun your governance. We open with a blunt look at AI sprawl and shadow AI—how unsanctioned tools slip past weak policies, create data exposure, and strain legacy controls—then lay out a practical path for teams that don’t have a big‑tech budget: continuous discovery via proxies or CASB‑like tools, real‑time monitoring through a trusted partner, and risk assessments that focus on business impact, not buzzwords. The goal isn’t to slow innovation; it’s to make it safe and repeatable.

From there, we bring CISSP Domain 1.3 to life with five scenario‑based questions that mirror real leadership decisions. You’ll hear why federated governance outperforms heavy central mandates in multinationals, how defining risk appetite is the first step before any framework, and which metrics actually prove value to a board. We draw a clear line between due care (policies, accountability, legal alignment) and due diligence (testing, verification, audits), and we show why insurance can transfer residual risk but can never replace sound governance.

We also get specific about executive communication. A new CEO wants alignment, accountability, and outcomes—not weekly patch timelines. Learn how to map security objectives to corporate strategy, prioritize by business risk, and present measurable progress that earns budget and buy‑in. If you’re preparing for the CISSP or leading a program under pressure, these principles help you think like a strategist and act with confidence.

Want more? Explore the free resources and growing library at CISSP Cyber Training, and grab the 360 free CISSP practice questions. If this episode helps you think clearer about governance and AI, subscribe, share it with a teammate, and leave a quick review to help others find the show.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Unlock the secrets to mastering core networking concepts crucial for your CISSP exam and cybersecurity career with Sean Gerber on the CISSP Cyber Training Podcast. Ever wondered how the intricate dance between IPv4 and IPv6 affects your daily online interactions? Get ready to explore these foundational Internet protocols, their histories, and the innovative transition mechanisms bridging them. We kick off with a discussion on the eye-opening Mega Breach Database, spotlighting the staggering exposure of around 26 billion records. This breach serves as a cautionary tale of our digital age, underscoring the necessity for robust password management and multi-factor authentication.

Journey through the complex landscape of IP addressing as we untangle the web of IPv4 and IPv6 structures. We'll break down IPv4's network and host partitions, the role of TCP and UDP protocols, and the creative, albeit temporary, fix provided by NAT routing. With a shift towards IPv6, discover the implications of its advanced hexadecimal notation and the flexibility offered by CIDR in IP address allocation. If you're grappling with the divide between the old and new, Sean shares insights on key transition strategies, ensuring you comfortably adapt to the evolving technological environment.

Lastly, we tackle essential networking protocols like ICMP, IGMP, and ARP, which are indispensable for anyone eyeing the CISSP certification. Learn how to apply these concepts to real-world scenarios, such as identifying potential man-in-the-middle attacks. Whether you're a cybersecurity novice or a seasoned expert, our discussion will equip you with comprehensive knowledge and sharpen your skills, helping you excel in the CISSP exam and beyond. Join us for this enlightening episode, and walk away with the confidence to navigate the complex world of networking.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

What if quantum computing could unravel today's most secure encryption methods? Discover the potential future of cryptography on the CISSP Cyber Training Podcast, as we explore the profound impact of advanced quantum capabilities on public key systems like RSA and elliptic curve algorithms. This episode breaks down the "harvest now, decrypt later" strategy, revealing how adversaries might exploit encrypted data in the future. Cybersecurity professionals will gain essential insights into transforming their organization's cryptography practices to anticipate and counteract these emerging threats effectively. 

Our deep dive into cryptographic concepts and best practices offers a comprehensive Q&A session that highlights AES as the gold standard of symmetric encryption and examines the vulnerabilities of legacy algorithms like MD5. Get to grips with the advantages of ECC for devices with limited resources and unravel the complexities of asymmetric cryptography, from key exchanges to the power of digital signatures. We also unveil a tailored mentoring and coaching program, designed to guide you through passing the CISSP exam and mapping a successful career path in cybersecurity. Tune in for expert insights and strategies that equip you to excel in the ever-evolving world of cybersecurity.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Unlock the secrets of robust cybersecurity defenses as we navigate through the intricate landscape of the CISSP exam content, zeroing in on vulnerability mitigation within security architectures. Explore an eye-opening case study of the Russian GRU's audacious use of Wi-Fi networks for credential stuffing attacks, revealing the critical need for multi-factor authentication. As we dissect the complexities of these cyber-attacks, the episode promises to arm you with the knowledge to stay one step ahead of evolving threats.

Our journey takes a broader look at the myriad of cybersecurity threats lurking in the digital realm. Discover practical strategies to shield your organization from phishing, malware, and man-in-the-middle attacks. Learn about the vital role of password managers, regular system updates, and the implementation of sandboxing to protect against outdated applets. The episode provides actionable insights to fortify your security posture, ensuring sensitive data remains uncompromised.

Rounding out the discussion, we delve into the critical aspects of database security and the unique challenges faced by industrial control systems. Gain an understanding of database architecture, key security practices, and the significance of multi-level classification in military contexts. From access control to encryption and SQL injection prevention, we cover it all. Finally, we shine a spotlight on the mission of CISSP Cyber Training, highlighting how proceeds from the program support adoptive families through Shepherd's Hope, reinforcing the episode's commitment to making a positive impact beyond cybersecurity.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Ever wondered about the hidden dangers lurking in outdated systems? Join me, Sean Gerber, as we tackle the pressing issues surrounding end-of-life assets on the CISSP Cyber Training Podcast. This episode unpacks the critical risks of holding onto systems that no longer receive manufacturer support and the security implications that follow. We'll explore the fine balance between managing costs and ensuring compliance when extending the life of these aging systems, all through a risk-based approach. Discover why secure data disposal should be at the forefront of your strategy, and learn about the industry regulations that you must navigate to maintain a robust security posture.

Eager to expand your cybersecurity prowess? I invite you to explore cisspcybertraining.com, your go-to resource for preparing for the CISSP certification and enhancing your cybersecurity knowledge. This episode wraps up with a reminder of the importance of continuous learning and professional growth in this ever-evolving field. Tune in for insights that will not only bolster your understanding but also empower you to excel in your cybersecurity career.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Unlock the secrets to mastering cybersecurity management with insights from Sean Gerber. How can businesses effectively handle the risks of outdated technology and safeguard their assets? Join us as we explore Domain 2.5 of the CISSP exam and unravel the complexities behind end-of-life and end-of-support for assets, a critical area for anyone aiming for exam success. Drawing on expert guidance from leading organizations like NCSC, NIST, and CISA, this episode highlights the vulnerabilities of small and medium-sized businesses and offers strategies to fortify their defenses.

Navigate the treacherous waters of managing outdated software and hardware. Discover how these old systems can disrupt operations and what security professionals must communicate to leadership to prevent financial losses. We share actionable strategies for inventory management and risk assessment, helping organizations prioritize and mitigate challenges based on risk tolerance. Whether you're facing the end of support for a high-stakes asset or deciding to repurpose older equipment, this episode equips you with the knowledge to devise an effective asset retirement strategy.

Before you tackle the CISSP exam, arm yourself with the tools and resources to ensure a smooth journey. We discuss the importance of compliance, business continuity, and disaster recovery plans, alongside exploring third-party support and open-source alternatives. Don't miss out on the chance to enhance your preparation with the CISSP Cyber Training program, where my Blueprint sets a clear path to help you succeed on your first attempt. Get ready to embrace the wealth of information and prepare for the next chapter of your cybersecurity career.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Unlock the secrets of cybersecurity mastery as Sean Gerber unpacks the importance of CISSP certification amidst a looming gap of over 5 million unfilled cybersecurity positions by 2024. This episode promises to equip you with insights from the latest ISC² global workforce study, emphasizing the blend of technical prowess and essential soft skills employers crave, such as communication and critical thinking. Dive into expert advice on acing CISSP exam questions, especially those tricky legal scenarios involving data transfer you might face.

Explore comprehensive strategies for safeguarding data and ensuring compliance in today’s complex digital landscape. Sean discusses the implementation of data loss prevention solutions, the nuances of trans-border data flows, and the challenge of meeting GDPR requirements amidst data localization demands. Discover how endpoint encryption, data classification, and mobile app push notifications play pivotal roles in protecting intellectual property while maintaining user convenience. Learn why collaboration with vendors is critical when investigating potential data breaches.

Navigate the intricate world of global security compliance as we delve into the decision-making processes essential for managing international cybersecurity obligations. Sean highlights the necessity of consulting legal counsel and employing a risk-based approach to maintain a uniform security posture across diverse regions. Uncover strategies for addressing critical vulnerabilities and aligning security frameworks with new international data privacy treaties. This episode lays out a holistic security design, integrating every aspect of the CISSP domains to prepare you for a successful career in cybersecurity. Join us for this invaluable journey into the future of cybersecurity.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Send us Fan Mail

Check us out at:  https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouv

Is your organization equipped to combat the latest cybersecurity threats as we enter 2024? Join me, Sean Gerber, as we explore the critical cybersecurity issues affecting both local and international landscapes. We'll unpack the recent ransomware attacks that have disrupted essential services, ranging from the Kansas court system in the U.S. to sensitive children's court hearings in Australia. These incidents highlight the urgent need for enhanced security measures, especially as cybercriminals reportedly target vital infrastructure like U.S. wastewater treatment facilities.

The legal ramifications of cyber crimes are as complex as they are severe. In our discussion, we explore the intricacies of data breaches and transborder data flows, examining how different countries handle data flow regulations and the consequences for offenders—from hefty financial penalties to potential life imprisonment. Real-world examples, such as swatting incidents, illustrate the dual nature of legal liabilities that cybercriminals face. Our conversation aims to shed light on the multifaceted legal landscape, preparing cybersecurity professionals for the challenges ahead.

Understanding global breach notification regulations is crucial for any organization. We'll discuss the challenges of navigating different timelines, such as the EU's 72-hour requirement under GDPR, and the importance of having pre-defined protocols for incident management. We also emphasize the significance of international data privacy regulations, highlighting the need for data classification, encryption, and anonymization to protect sensitive information. Whether you're a seasoned security professional or just starting out, this episode offers invaluable insights to enhance your cybersecurity skills and readiness.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!