All posts tagged security

Blocking Countries on Nginx without the GeoIP Module


Sometimes blocking entire swathes of the world is the way to go if you truly want a defense in depth approach on your web apps, for instance do your administrators truly need to log on from every country on Earth?  As website administrators we get a feel for where our legitimate traffic is coming from and where we see nefarious connections from.

Continue reading →

ISC(2) CISSP Revision Notes – Study and Exam Tips


I’ve recently sat my CISSP exam and passed!  Very happy with the result, now all I need to do is sort out the paper work.  I present here some tips I learnt while studying for the CISSP, and present some observations from the exam.  I often liken the courses I do to an academic level, for those who know I’d class the CISSP as 60 points at a Post Graduate level.

Continue reading →

ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP


Some common and overarching themes within the CISSP CBK.  Collected here as an additional to revision.

Continue reading →

ISC(2) CISSP Revision Notes – Access Control


Access Control, one of the core and more important parts of the CISSP.

Continue reading →

ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning


Business Continuity and Disaster Planning, what do we do when it all doesn’t quite go to plan?

Continue reading →