CISSP
Shon Harris
Certified Information Systems Security Professional
Certified Information Systems Security Professional
Resources > White Papers
Shon Harris CISSP
CISSP Training
Shon Harris Resources

Shon, and the Logical Security team, continually monitor the environment and the industry and develop programs to assist companies in achieving real security and measurable results. The Logical Security white papers provide organizations with the knowledge and strategies vital to managing and maximizing an enterprise's security.

Standardizing Security Skills
The information security industry has been evolving over the past 10 years, but is still a volatile, confusing, and non-standardized trade and profession. Organizations have continually become more and more dependent upon technology and business processes that leave them vulnerable to compromises.

Download White Paper



A Taxonomy of Malicious Software
Malicious software, often abbreviated with the term “malware”, is software designed to infiltrate or damage a computer system without the owner's informed consent. It can therefore penetrate the system evading controls. The term refers generally to intentional attacks, even if unintentionally faulty code can sometimes cause the same or similar effects.

Download White Paper



History of Cryptography
This article is dedicated to a short history of cryptography, from ancient times to our days, without the ambition of being complete and exhaustive.

Download White Paper

A Guide for Small-Medium Businesses by Jim Hietala
The objective of this paper is to educate both IT staff and senior management for small-medium sized businesses (SMB’s) as to the network security threats that exist. The paper presents a digest of industry best practices for network security, which will hopefully assist SMB’s in setting priorities for securing the perimeter of a typical SMB network.

Download White Paper

Passing the Audit by George Lekatis
Many IT managers and professionals strongly believe that although Sarbanes-Oxley
compliance places a heavy and ongoing burden on IT operations, it also leads to better IT
governance and more effective information security. Unfortunately, this is not true for the
following reasons.

Download White Paper



Federal Communications Commission
Information Security Environment by Marc Noble
COLLEGE POSITION STATEMENT ON ACADEMIC INTEGRITY The College expects all requirements submitted by each student to be original work, produced by the student for the first time while a student at the IRM College.

Download White Paper



 DIACAP Workflow Map
Initiate and Plan IA C&A

Download White Paper



FISMA Scoring and How to Make the Grade by Marc Noble
Like any test in school, if you have the answers, you can pass the test. FISMA is not quite that simple but essentially, no one should be getting an ―F‖ or even a ―D‖ for that matter but I will go into some of the insights that I have on why agencies receive grades that they sometimes do not deserve.

Download White Paper


All-in-One CISSP Certification by Shon Harris
Download a free chapter of the new 4th edition of Shon Harris' "All-in-One CISSP Certification" book.

Download White Paper

Attaining True Security - The 360 Model by Shon Harris
Learn to simplify information security and make it achievable in any environment. Download this white paper for practical, step by step guidance in the planning, execution and optimization of role activities. Learn to integrate security seamlessly into business processes and move forward toward optimal security in a coordinated way.

Download White Paper

Vulnerability Management - Let's Do It Right This Time! by Shon Harris
Most articles and security professionals talk about the life cycle of vulnerability management. While that is important, it is almost a waste of time until the right foundation and processes are laid out first. This paper discusses vulnerability management from A-Z with extensive tips and recommendations.

Download White Paper

Self Defending Networks - The New Generation of Protection by Shon Harris
Vendors are now building the intelligence of vulnerability detection and correction directly into the fabric of the network. The next generation of networks will be the self defending networks, which will work much more quickly and effectively than our current model of requiring humans to correct the detected vulnerabilities.

Download White Paper

What is the Difference Between Imported Steel and Imported Program Code
Norm Beznoska [nbeznoska@myisg.com], Director of Enterprise Security for Infiniti Systems Group discusses the security risks assoicated with sending computer programming tasks off-shore.

Download White Paper

IEEE P1074 - Standard for Developing Project Life Cycle Processes
An organization is at no greater risk than when its technology infrastructure, systems or software are undergoing change. Technology projects are the means by which organizations manage infrastructure and software change. There is a dizzying array of security standards available, but until now, none of them has provided practical guidance in how to integrate security into existing project processes in a way that effectively addressed compelling security concerns.

IEEE P1074-Standard for Developing Project Life Cycle Processes, has been revised to include key information assurance guidance that fills this critical gap. It provides simple, clear and actionable guidance that ensures the proper security activities take place on projects to ensure the appropriate level of security is built into infrastructures, systems and software products.

Download White Paper

802.11i - Has Security Arrived for WiFi? by Dave Odom, CISSP
Dave Odom discusses 802.11i and how it affects security in WLANs.

Download White Paper

© 2007 Logical Security, Inc.  
Certified