Posts

Security Risk Management is the first domain of the CISSP. These are some notes highlighting areas of study for this domain and are by no means a comprehensive set of materials for preparing for this certification. The content below is what I have used to better prepare for this domain. Before reviewing this section, if you haven’t already taken Kelly Handerhan’s CISSP course, I would highly recommend spending some time going through it. It is by far the most engaging and relevant video series I’ve seen for CISSP study prep. In the first domain she covers a slide called the tenants of secure design, which is also very relevant here. At a minimum, make sure you are familiar with concepts she covers here including risk analysis, defense in depth, fail safe, KISS (Keep it Simple Stupid), completeness of design, open design, redundancy, separation of duties, mandatory vacations, job rotation, and others. ...

If you’re 40 years old or older, you might have learned how to use a computer on an old Commodore 64, Apple II or another computer about the same age. One of the things you probably learned about was the BASIC programming language. Maybe you were lucky enough to have a computer at home. One thing you probably learned was that if you wanted to play games, one way was to buy computer magazines at the bookstore and type in published source code. If you’re like some people, you learned a few things about programming from typing in those games, and went on to write your own. ...

There are two main philosophies that have become prominent over the past several decades with information management pioneered by Bill Inmon and Ralph Kimball. Nagesh & Cody (2005) provide an overview of these contrasting approaches, which are vastly different with their own merits and downsides. Inmon believes in building a large centralized enterprise-wide data warehouse using a relational database. Kimball on the other hand recommends starting by defining data marts (subsets of data around a specific domain, or use case) within a star schema. In order to understand these approaches, it is essential to understand the main differences between a relational model and a star model. ...

AWS offers an immense array of features for deploying and managing complex sites. There are however a lot of use cases where you want to quickly setup an easy to use pipeline for deploying static websites (without a build process). I am going to cover how to get started using AWS to setup a basic no-frills web server using an easy-to-use deployment setup via AWS code repository and deployment services. ...

We are going to cover some of the most commonly used properties and methods in JavaScript, for working with arrays. There are a lot of other methods which are not covered here, including newer ES6 methods. The goal here is to get you started working with arrays and gaining an understanding of the fundamental ways we can access and manipulate data. The table below summarizes the various methods we will cover in this lesson: ...

Earlier we looked at datatypes and variables. Arrays take the concept of a variable or binding one step further and allow us to form groups of values within a data structure, which we can then manage in our code. A good use for an array is a list of data. Arrays not only let you group data, but they offer a range of tools or methods to update and manipulate their contents. They are used commonly across different programming languages and have become a routine way of passing around data within applications. ...

Scope determines what variables or bindings are available to JavaScript within its current context. For example, if a variable is defined outside of any functions within your code (often referred to as the main call stack), these variables are available to all other code embedded within other blocks and functions. Variables defined in main are often referred to as ‘Global Variables’ because they are globally available throughout your application. But what about those variables that are defined within functions? ...

In earlier lessons, we wrote code without using any functions. Now that you have been introduced to the various ways we can organize our code within function declarations and expressions, it is helpful to step back for a moment to understand the flow of execution within our code. JavaScript uses a call stack to in order to manage this flow, which is essentially a data structure (or to-do list) that keeps track of function calls using a Last In First Out (LIFO) ordering system. Let’s take a look at an example to help explain this concept. ...

Functions are repeatable blocks of code. They are fundamental to most programming languages and allow you to build applications with reusable code that can be called with different arguments. The best way to explain functions is through an example. Suppose you wanted a quick way to calculate how much your bill would be with tip (assume for this example the bill amount includes tax). → Try it out Create two files called index.html and script.js and enter the code below into each. Alternatively, if you followed along in the previous lesson, use the existing script.js file and replace its content with code below. ...

Often in programming, we need to carry out similar instructions a number of different times. Loops help reduce redundant code and let you quickly offload repetitive tasks to the computer. In JavaScript there are several types of loops. In this lesson we are going to examine while, do while, and for loops. While and Do While loops As their names suggest, while and do while loops carry out a number of tasks ‘while’ a certain condition is true. Take for example the need to display a series of numbers each incrementing by 1 until it we reach a certain limit (10). This could be carried out by writing the following code: ...