CISA test over – Now the wait begins…
After a month or two of pretty regular study I finally got my Certified Information Systems Auditor (CISA) test done a week ago and then promptly took a much-deserved week off for vacation. Now comes the 10-week wait for the results. You would think in this day and age they could get you the results a little faster, but such is life I guess. 
The test itself was one of the more difficult ones I've taken due to the subjectivity of the questions. There were too many questions where you had to make a decision on the "most right" answer, and it seemed to me like it tests your ability to decide what ISACA wants you to say more than your actual knowledge of the material. I've yet to fail a cert test, but I'm really unsure as to my success on this one.
As an FYI, I used the Sybex CISA Study guide and found it to be an excellent guide of the material. I also used the official ISACA CISA Test Question CD for review.
Forensics gets more difficult
The world of forensics has been getting more difficult over the past year or so. There has been a rash of new antiforensic tools that are so easy to use that my 9-year old could run them. And it's getting worse. Scott Berinato has an excellent article on www.cio.com detailing how the ease of use and increased effectiveness of antiforensic tools is making forensic tools obsolete.
Five years ago, you could count on one hand the number of people who could do a lot of these things," says one investigator. "Now it's hobby level.
It's gotten to the point that hackers are no longer worried about covering their tracks.
Researcher Bryan Sartin of Cybertrust says antiforensic tools have gotten so easy to use that recently he’s noticed the hacks themselves are barely disguised. “I can pick up a network diagram and see where the breach occurred in a second,” says Sartin. “That’s the boring part of my job now. They’ll use FTP and they don’t care if it logs the transfer, because they know I have no idea who they are or how they got there.” Veteran forensic investigator Paul Henry, who works for a vendor called Secure Computing, says, “We’ve got ourselves in a bit of a fix. From a purely forensic standpoint, it’s real ugly out there.” Vincent Liu, partner at Stach & Liu, has developed antiforensic tools. But he stopped because “the evidence exists that we can’t rely on forensic tools anymore. It was no longer necessary to drive the point home. There was no point rubbing salt in the wound,” he says.
As with all things security, it's always easier for the blackhat to figure out how to get around one weakness then it is for the whitehat to figure out how to cover all the bases, and I don't see that changing anytime soon.
TwitterStream
- Energizer Jolts PCs With Malware http://shar.es/mHZhX
- Server build day! Multiple nix boxes, a firewall, switch configs. In other words, it's a geekout day. =)
Blogroll
- Backtrack
- BoldTech Solutions
- In The Trenches
- Network Security Blog
- PaulDotCom
- Security Catalyst
- The Honeystick Project
Archives
- October 2009
- September 2009
- March 2009
- February 2009
- December 2008
- March 2008
- February 2008
- January 2008
- September 2007
- August 2007
- June 2007
- May 2007
Meta
