Well, my CPEs are due in two days; on October 31. Basically, until a couple of weeks ago, I had not earned any CPE credits. I need 20 to stay in good standing. Here's what I did, or am doing.
I did the OWASP top 10 training right from the ISC2 member home page; that got me 3 credits.
You can earn 2 credits per issue of ISC2's "Info Security Professional" magazine, by passing a quiz. I downloaded the PDFs for issues 19 (the latest) and 18. I submitted to receive the credits, but still need to actually read the issues and take the quizzes. So, that will get me 4 more credits; up to a total of 7 credits; 13 to go.
You can earn 5 credits per year for subscribing to an authorized magazine and passing a quiz. "Information Security" magazine was one of the authorized magazines that ISC2 listed. They didn't provide a link, so I did a search at bing.com and found http://searchsecurity.techtarget.com. Much to my delight, I found that subscribing to the "Information Security" magazine by registering as a user on their site was free. So, I signed up and then downloaded the latest issue: October 2012 Volume 14 No. 8. When I downloaded the issue, I had to provide info and was instructed that I would receive an email with instructions to take the quiz and receive CPE credits. I used my corporate email address. I checked several times within about an hour after downloading the issue, but still had not reveived the email. I need to double check later on this and follow through. Of course, I still need to read the issue too. That should earn me 5 more credits that will bring me up to 12 credits with 8 left to go.
While I was at http://searchsecurity.techtarget.com, I found that they had some courses, for free as well, that I could take (they were short, online, and self paced). ISC2 allows credit of 1 CPE for every hour spent on research. This applies to online study, webinars, podcasts, and classes. I selected lessons from the "Enterprise Cloud Security School"; class "Understanding Cloud Specific Security Technologies". There were three parts. 1: a webcast: Realizing the benefits if cloud specific security technologies, 2: Tip (article): Must have features of a cloud server security platform, 3: Podcast: Evolution of cloud specific security technologies. The webcast was 42 minutes and 14 seconds long. The podcast was 11 minutes and 59 seconds. The article was about a 20 minute read. Grand total of all three is about 74 minutes, so I'm not sure how many CPEs I will get. Since the site is an ISC2 partner, they submitted my successful passing of the quiz to ISC2. I was prompted to enter my member number. I imagine that I'll get 2 credits. That would bring me up to 14 credits with 6 to go.
Here's a screen shot of my passage of the quiz. 100%
After I clicked "Get Your CPE Credit", I entered in the prompted for info and then got this:
I plan to view a few webinars or webcasts to complete the last 6.
However, SearchSecurity.com had another educational course. I may look into that to knock off another 2. Then I can finish up the last 4 with webinars.
The next course in the Enterprise Cloud Security School is IAM Control in the Cloud. It has three parts, like the last lesson: a video, tip article, and audio podcast; then a quiz:
- VIDEO: SETTING THE GROUNDWORK FOR IAM IN THE CLOUD
- TIP: CLOUD IAM: CREATING CONNECTORS FOR DYNAMIC CLOUD PROVISIONING OF USERS
- COUNTDOWN PODCAST: TOP FIVE STRATEGIES FOR BUILDING A SUCCESSFUL CLOUD IAM ARCHITECTURE
- QUIZ: IDENTITY MANAGEMENT AND ACCESS CONTROL IN THE CLOUD
Here's a screenshot of the quiz; 80%:
After I clicked "Get Your CPE Credit", I entered in the prompted for info and then got the same resulting screen as shown above for the previous lesson. If this counts as 2 credits, then that'll bring my CPE credits up to 16 with 4 to go.
They had a third lesson, "Cloud application security best practices", so, why not complete that one too. It has three parts, like the last lesson: a video, tip article, and audio podcast; then a quiz:
Here's a screenshot of the quiz; 100%:
After I clicked "Get Your CPE Credit", I entered in the prompted for info and then got the same resulting screen as shown above for the previous lessons. If this counts as 2 credits, then that'll bring my CPE credits up to 18 with 2 to go.
Next, today, Tuesday, October 30, 2012, I participated in an ISC2 e-Symposium hosted/conducted by brighttalk.com.
Here's the info about it that I received in an email.
<start email>
The (ISC)2 e-Symposium, "Creating a Mindset and Culture of Risk Awareness", will start at 10:30am PDT / 1:30pm EDT / 5:30pm GMT today.
Please go to https://isc2.brighttalk.com/ click on the enter event button on your screen to launch the live event. If you hear music, the event hasn't started yet.
If you are not logged in already, you will be prompted to input your username and password under the 'Profile' area and hit submit.
Conference Speakers & Topics:
Please go to https://isc2.brighttalk.com/ click on the enter event button on your screen to launch the live event. If you hear music, the event hasn't started yet.
If you are not logged in already, you will be prompted to input your username and password under the 'Profile' area and hit submit.
Conference Speakers & Topics:
Brandon Dunlap, Managing Director, Research Brightfly
Opening Remarks - Moderator
Winn Schwartau, Chairman, Mobile Active Defense speaking on
"Still Clueless After All these Years"
Dr. Aury M. Curbelo, CEO, Digetech, Digetech.net speaking on
"Cyber Security Campaign for Teens in Puerto Rico"
Blair Campbell, Senior Manager, Privacy, Scotiabank speaking on
"(ISC)2 Safe and Secure Online Presentation for Parents and Teachers"
Angela Orebaugh, Senior Associate and Booz Allen Hamilton Fellow, Booz Allen Hamilton speaking on
"An Inside Look - Awareness Training"
This e-Symposium qualifies for 3 CPE points.
<end email>
It was three hours long and qualified for 3 CPE credits. On the event web page, there is a button to select to take the CPE quiz. They also provided the four slide presentations (PDF) available to be downloaded.
The first speaker was attending the Hacker Halted conference going on in Miami. http://www.hackerhalted.com/2012/
The second speaker presented her initiative about Techno Savvy in Puerto Rico. See http://www.technosavvypr.net. They joined forces with http://staysafeonline.org. They also setup videos on youtube. More about presenter at http://about.me/acurbelo
Fourth speaker; TFG Technology Focus Group has become COP Community of Practice.
Here's a screenshot of the prompt to take the CPE credit quiz:
Here's a screenshot of the page notifying me that I passed the quiz with a score of 80%, providing a link to download my certificate, and instructing me to manually record this at the isc2 site as it is no longer automatically recorded.
Here is a snapshot of my certificate. I downloaded the certificate (PDF) and printed off a hard copy.
This next year I won't wait until the last minute. I hope to be able to finally participate with the Safe and Secure Online program and deliver some presentations to some schools.
I made this entry for several reasons:
- For myself; as a record to refer back on
- For others; to refer others to, who may be in a similar predicament, needing to earn CPEs for CISSP
- For proof to ISC2 in the case they audit me
- SearchCloudSecurity.com: http://SearchCloudSecurity.com => http://searchcloudsecurity.techtarget.com/
- SearchCloudSecurity.com's Enterprise Cloud Security School: http://searchcloudsecurity.techtarget.com/guides/Cloud-Security-School
- SearchCloudSecurity.com's Enterprise Cloud Security School lesson, Understanding cloud-specific security technologies: http://searchcloudsecurity.techtarget.com/guide/Understanding-cloud-specific-security-technologies
- SearchSecurity.com: http://SearchSecurity.com => http://searchsecurity.techtarget.com/
- SearchSecurity.com's Security School course catalog: http://searchsecurity.techtarget.com/securityschool
- TechTarget.com: http://www.techtarget.com
- eGuide: Exploring cloud Security as a Service options: http://searchsecurity.bitpipe.com/detail/RES/1336577582_205.html
- BitPipe.com: http://www.bitpipe.com/
- SearchCloudSecurity.com's Enterprise Cloud Security School lesson, IAM In the Cloud: http://searchcloudsecurity.techtarget.com/guides/Identity-management-and-access-control-in-the-cloud
- SearchCloudSecurity.com's Enterprise Cloud Security School lesson, Cloud application security best practices: http://searchcloudsecurity.techtarget.com/guides/Cloud-application-security-best-practices
- Spear Phisching - U.S. Govt officials via Gmail ~ June 2011 - http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html
