Thanks Clement.<br><br>Coming back to the my original post I guess that one way to look at availability in the context of cryptography is "as a ramification" as opposed as a service.<br><br>At least I believe this is what the question I have mentioned in my post was trying to get out of the unlucky CISSP candidate. <br>
<br>Anyway for completeness'sake here is what page 226 of the ISC2 official giude to CBK states: <br><br>" Uses of cryptography<br><br>Availability. Cryptography supports all three of the core principles of information security. Many access control systems use cryptography to limit access to systems through the use pf passwords. Many token-based authentication systems use cryptography cased hash algorithm to compute one-time passwords.Denying unauthorized access prevents an attacker from entering and damaging the system or network, thereby denying access to authorized access<br>
<br>"<br><br>Any additional thoughts ?<br><br>Andrea<br><br><div class="gmail_quote">On Mon, Sep 21, 2009 at 6:32 PM, Clement Dupuis <span dir="ltr"><<a href="mailto:clement.dupuis@cccure.com" target="_blank">clement.dupuis@cccure.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">WOW, what a fantastic thread.<br><br>Let's face it, the official ISC2 book has a LARGE number of errors throughout the book. I am not talking about a few errors but dozens of errors.<br>
<br>The book was written by 13 different authors who have their own style of writing, they even contradict themselves like this thread about availability. There are availability related to cryptography such as loosing your private key with no key escrow, however encryption does not address availability.<br>
<br>I have errata for the ISC2 book on CCCure.Org, do a search for: errata using the search field at the top of the main page.<br><br>Do not take for granted that because it is the official book it is accurate. So far it seems to be to the contrary.<br>
<br>I would use Shon's books as my main study tool and the official book only as a checklist and reference.<br><br>This is only my opinion <br><br>Do take care<br><br>Clement<br><br><br clear="all">Clément Dupuis, CD<br>
CISSP, GCFW, GCIA, QEH, QSA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS, ACE<br>----------------------------------------------------------------------------------------------<br>In real life:<br>Senior Security Specialist and Instructor<br>
Security University<br>>> Call me to get the best CISSP training <<<br>----------------------------------------------------------------------------------------------<br>In Cyberspace:<br>President/Security Evangelist/Chief Learning Officer (CLO)<br>
The CCCure Family of Portals<br>----------------------------------------------------------------------------------------------<br>Business: 407 479 3903<br>Fax: 407 264 8396 <br><br>Maintainer of :<br>The CISSP and SSCP Open Study Guides Web Site<br>
<a href="http://www.cccure.org" target="_blank">http://www.cccure.org</a> <br><br>The Professional Security Testers Warehouse<br><a href="http://www.professionalsecuritytesters.org" target="_blank">http://www.professionalsecuritytesters.org</a> <br>
<br>Knowledge sharing and giving back to the community<div><div></div><div><br>
<br><br><div class="gmail_quote">On Mon, Sep 21, 2009 at 13:02, Sergio Pantoja <span dir="ltr"><<a href="mailto:spantoja@gmail.com" target="_blank">spantoja@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
IMHO, a exam may not lead to answer a question because they said so in a book, i hope the exam really test your experience in the field and your understanding of the security topics to help you have a broader/holistic approach.<div>
<div></div><div><br>
<br><div class="gmail_quote">On Mon, Sep 21, 2009 at 12:45 PM, () <span dir="ltr"><<a href="mailto:rlhj71@yahoo.com" target="_blank">rlhj71@yahoo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-size: inherit; line-height: inherit; font-size-adjust: inherit; font-stretch: inherit;" valign="top">
On page 219 of the ISC2 book, it states that "The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality, and authenticity. UNLIKE THE OTHER DOMAINS, CRYPTOGRAPHY DOES NOT SUPPORT THE STANDARD OF AVAILABILITY."<br>
<br>--- On <b>Mon, 9/21/09, <a href="mailto:cisspstudy-request@cccure.org" target="_blank">cisspstudy-request@cccure.org</a> <i><<a href="mailto:cisspstudy-request@cccure.org" target="_blank">cisspstudy-request@cccure.org</a>></i></b> wrote:<br>
<blockquote style="border-left: 2px solid rgb(16, 16, 255); padding-left: 5px; margin-left: 5px;"><br>From: <a href="mailto:cisspstudy-request@cccure.org" target="_blank">cisspstudy-request@cccure.org</a> <<a href="mailto:cisspstudy-request@cccure.org" target="_blank">cisspstudy-request@cccure.org</a>><br>
Subject: cisspstudy Digest, Vol 15, Issue 29<br>To: <a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>Date: Monday, September 21, 2009, 10:38 AM<br><br>
<div>Send cisspstudy mailing list submissions to<br> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br><br>To subscribe or unsubscribe via the World Wide Web, visit<div>
<br> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br></div>or, via email, send a message with subject or body 'help' to<br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-request@cccure.org" target="_blank">cisspstudy-request@cccure.org</a><br><br>You can reach the person managing the list at<br> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-owner@cccure.org" target="_blank">cisspstudy-owner@cccure.org</a><br>
<br>When
replying, please edit your Subject line so it is more specific<br>than "Re: Contents of cisspstudy digest..."<br><br><br>Today's Topics:<br><br> 1. Re: Databases and cryptography (Holland, Brandon)<br> 2. Re: Databases and cryptography (Andrea Gatta)<br>
<br><br>----------------------------------------------------------------------<br><br>Message: 1<br>Date: Mon, 21 Sep 2009 08:57:24 -0500<br>From: "Holland, Brandon" <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=hollandb@frmaint.com" target="_blank">hollandb@frmaint.com</a>><br>
To: "The CISSP Study Mailing list" <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><div><br>Subject: Re: [Cisspstudy] Databases and cryptography<br>
</div>Message-ID:<br> <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=58B3233454132D468C5F0D655003DA6411FDB100@MAIL.frmaint.com" target="_blank">58B3233454132D468C5F0D655003DA6411FDB100@MAIL.frmaint.com</a>><br>
Content-Type: text/plain; charset="us-ascii"<div><div></div><div><br><br>You're right, I can't seem to find anything anywhere in there as well.<br>I have been studying Shon Harris mainly, but did study some SANS CISSP<br>
course material as well. I remember having a conversation about<br>cryptography and availability with a CISSP (we have multiple) at work.<br>The conclusion was confidentiality hinders availability... but that<br>must've been wrong. (Or it definitely is for the test.)<br>
<br>It's plain as day in the official guide:<br>"Cryptography supports all three of the core principles of information<br>security." The concept being by limiting access to only authorized<br>individuals
you are somehow making the system more available since<br>unauthorized users can't get in to destroy the system.<br><br>I can see that to some extent... but do you REALLY have to be authorized<br>to break a system? Does a DOS require successful authentication - not<br>
normally.<br><br>I KNOW I read this somewhere with the opposite outcome as the answer but<br>not sure where it came from now.<br><br>At least all this talk about it will have me remembering this answer on<br>the test, even if I don't agree with it.<br>
<br>Thanks,<br>Brandon<br><br>-----Original Message-----<br>From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>[mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>] On Behalf Of Jordan, Lemuel
CTR<br>Sent: Monday, September 21, 2009 8:26 AM<br>To: The CISSP Study Mailing list<br>Subject: Re: [Cisspstudy] Databases and cryptography<br><br><br>I just scanned through chapter 8 of the Shon Harris Book, and did not<br>
find<br>any discussion on "availability". Do you happen to remember which area<br>of<br>the book you saw this about cryptography hurting availability. <br><br>I plan to take the test in Nov or Dec, things like this make me worry<br>
also.<br><br>Lem<br><br><br>-----Original Message-----<br>From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>[mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>]<br>
On Behalf Of Holland, Brandon<br>Sent: Monday, September 21, 2009 8:58 AM<br>To: The CISSP Study
Mailing list<br>Subject: Re: [Cisspstudy] Databases and cryptography<br><br>That worries me. I plan on taking the test Nov or Dec, and now am<br>wondering if I should effectively flush what I've learned from Shon<br>
Harris and read the ISC2 Official guide for those crazy "just for the<br>test" answers like that. I am too lazy to look right now, but am SURE<br>that the CISSP Shon Harris book I read says cryptography actually HURTS<br>
availability... because u are specifically limiting availability by<br>obscuring the data. It's like another "hoop" you have to go through<br>before having your data available. And if you can't get through it,<br>
your data is unavailable.<br><br>-----Original Message-----<br>From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>[mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>] On Behalf Of Andrea Gatta<br>
Sent: Saturday, September 19, 2009 7:27 PM<br>To: The CISSP Study Mailing list<br>Subject: Re: [Cisspstudy] Databases and cryptography<br><br>Well, that is true. But just based on the fact that ISC2 looks very much<br>concerned about keys get lost/corrupted. <br>
<br>On the other hand the last answer - which is sadly the one I picked up -<br>looks quite reasonable.<br><br>As a note - looking at the crypto chapter in the ISC2 book it looks<br>pretty clear that they consider availability as one one of the security<br>
services offered by cryptography (page 226). I am sure that availability<br>is not mentioned as a crypto sec service in any other book (but I will<br>look into it).<br><br>Andrea<br><br><br>On Sun, Sep 20, 2009 at 1:15 AM, Mike Archuleta <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
wrote:<br><br><br> Well if you follow the chain of thought from the last question.<br>If a digruntled employee has access. YES<br> <br> Sent from my iPhone<br><br> On Sep 19, 2009, at 6:01 PM, Andrea Gatta<br>
<<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br> <br> <br><br> Another thing I have noticed with cryptography is that<br>
ISC2 tends to riconduct all risks/downsides if cryptography not to<br>breach of disclosure as one would thing but instead to (again)<br>availability, this time in the technical sense (below one example but I<br>am sure I had
others):<br> <br> What is the primary risk of using cryptographic<br>protection for systems or data:<br> <br> - loss of the system means loss of all data<br> <br> - a hardware failure may lead to lost data or system<br>
integrity<br> <br> - a disgruntled user may lead to denial of service<br> <br> - an employee may may hide is activities from the<br>security department <br> <br> Obviously (now) the third aswer is the correct one<br>
<br>
Andrea<br> <br> <br> <br> <br> <br> <br> On Sun, Sep 20, 2009 at 12:51 AM, Mike Archuleta <<br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br>
<br><br> Oh yeah!!! The test really quizes you on subject<br>matter. Even though I passed on the first try I wasn't entirely happy<br>with the experience.<br>
<br> Sent from my iPhone<br><br> On Sep 19, 2009, at 5:41 PM, Andrea Gatta <<br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br>
<br> <br><br> So I guess I should actually watch out<br>for these sort of questions in the real exam...<br> <br>
Andrea<br> <br> <br> On Sun, Sep 20, 2009 at 12:28 AM, Mike<br>Archuleta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
<mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br>
<br><br>
I remember this question. It is<br>the most correct answer based on wording. After realizing that answer<br>included placed with autorized users. <br><br> I think I argued with myself for<br>five minutes. Who places a database near authorized users? I put a<br>
database in the data center with aal my servers and backup systems.<br> <br> Sent from my iPhone<br><br> On Sep 19, 2009, at 5:19 PM,<br>Andrea Gatta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>
<mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br>
<br> <br><br> Well, same here. <br> <br>
Unfortunately the<br>question is from the official ISC2 guide, page 747 ;-)<br> <br> Point is, any chance<br>they got it wrong ?<br> <br> Andrea<br>
<br> <br> On Sun, Sep
20, 2009 at<br>12:15 AM, Mike Archuleta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br> <br><br> I would think<br>niether
improve or reduce availability. I don't think if crypto as an<br>availability feature.<br> <br> Sent from my<br>iPhone<br><br><br> On Sep 19, 2009,<br>
at 5:06 PM, Andrea Gatta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br> <br> <br><br> Hi<br>
there,<br> I am<br>wondering if anyone could shed a light on the
following question (and<br>answer):<br> <br> In terms<br>of databases, cryptography can:<br> <br> - only<br>
restrict and reduce availability<br> <br>
-<br>improve availability by allowing data to be easily placed where<br>authorized users can access it<br> <br> -<br>improve availability by increasing the granularity of the access<br>
controls<br> <br> -<br>neither reduce or improve availability<br>
<br> <br> As far<br>as the author of the question is concerned the correct answer is:<br>"improve availability by allowing data to be easily placed where<br>
authorized users can access it"<br> <br> The only<br>reason I can think
of for the answer to have a sense is that<br>cryptography protects a resource from unauthorized users access through<br>the mean of concealing its content.<br> <br> With a<br>
very long shot one could say that the resource would be "available" just<br>to authorizaed users. Which means that this question uses "availability"<br>in a very extensive - and I would add divious - way.<br>
<br>
As far<br>as I am concerned encryption does provide confidentiality and integrity<br>as natural security services.<br> <br> Thoughts<br>?<br> <br>
Thanks<br>
Andrea<br> <br> <br>_______________________________________________<br> <br>cisspstudy mailing list<br> <br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
<mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
<<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br><br><br> <br>_______________________________________________<br>
cisspstudy<br>mailing list<br> <br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
<mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
<<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br><br><br> <br>_______________________________________________<br> cisspstudy mailing list<br> <br><mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br> <br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
<<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br><br><br>
<br>_______________________________________________<br> cisspstudy mailing list<br> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
<mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br> <br> <br><br><br> <br>_______________________________________________<br>
cisspstudy mailing list<br> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br><a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br><br><br> _______________________________________________<br> cisspstudy mailing list<br> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br> <br><<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br> <br> <br><br><br> _______________________________________________<br>
cisspstudy mailing list<br> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br> <br><br><br> _______________________________________________<br>
cisspstudy mailing list<br> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br> <br><br><br><br>_______________________________________________<br>cisspstudy mailing list<br><a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br><br>_______________________________________________<br>cisspstudy mailing list<br>
<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br><br><br></div></div>------------------------------<br><br>Message: 2<br>Date: Mon, 21 Sep 2009 15:37:50 +0100<br>From: Andrea Gatta <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>
To: The CISSP Study Mailing list <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><div><br>Subject: Re: [Cisspstudy] Databases and cryptography<br>
</div>Message-ID:<br> <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=89ab1b610909210737l59ac1349g7f8b6bb6c6076429@mail.gmail.com" target="_blank">89ab1b610909210737l59ac1349g7f8b6bb6c6076429@mail.gmail.com</a>><br>
Content-Type: text/plain; charset="iso-8859-1"<div><div></div><div><br><br>The SANS material seems to be more "inline" with the ISC2 way of thinking.<br>At least SANS does mention where you need to just "swollow the peel" and<br>
move on.<br><br>I have personally found a number of clear differences even when it comes to<br>things such as encryption methods, systems, types. I can't remember from the<br>top of my head but I bet I have found inconsistences between Shon Harris<br>
book and the ISC2 guide.<br><br>The point is, Shon Harris is very good when it
comes to drive the concept<br>home. Clearly the level of trickery of the CISSP exam - if it is true which<br>I don't know (yet) - might get in the way.<br><br>Andrea<br><br>On Mon, Sep 21, 2009 at 2:57 PM, Holland, Brandon <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=hollandb@frmaint.com" target="_blank">hollandb@frmaint.com</a>>wrote:<br>
<br>> You're right, I can't seem to find anything anywhere in there as well.<br>> I have been studying Shon Harris mainly, but did study some SANS CISSP<br>> course material as well. I remember having a conversation about<br>
> cryptography and availability with a CISSP (we have multiple) at work.<br>> The conclusion was confidentiality hinders availability... but that<br>> must've been wrong. (Or it definitely is for the test.)<br>
><br>> It's plain as day in the official guide:<br>> "Cryptography supports all three of the core principles of
information<br>> security." The concept being by limiting access to only authorized<br>> individuals you are somehow making the system more available since<br>> unauthorized users can't get in to destroy the system.<br>
><br>> I can see that to some extent... but do you REALLY have to be authorized<br>> to break a system? Does a DOS require successful authentication - not<br>> normally.<br>><br>> I KNOW I read this somewhere with the opposite outcome as the answer but<br>
> not sure where it came from now.<br>><br>> At least all this talk about it will have me remembering this answer on<br>> the test, even if I don't agree with it.<br>><br>> Thanks,<br>> Brandon<br>
><br>> -----Original Message-----<br>> From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>>
[mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>] On Behalf Of Jordan, Lemuel CTR<br>> Sent: Monday, September 21, 2009 8:26 AM<br>
> To: The CISSP Study Mailing list<br>> Subject: Re: [Cisspstudy] Databases and cryptography<br>><br>><br>> I just scanned through chapter 8 of the Shon Harris Book, and did not<br>> find<br>> any discussion on "availability". Do you happen to remember which area<br>
> of<br>> the book you saw this about cryptography hurting availability.<br>><br>> I plan to take the test in Nov or Dec, things like this make me worry<br>> also.<br>><br>> Lem<br>><br>><br>> -----Original Message-----<br>
> From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>> [mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>]<br>
> On Behalf Of Holland, Brandon<br>> Sent: Monday, September 21, 2009 8:58 AM<br>> To: The CISSP Study Mailing list<br>> Subject: Re: [Cisspstudy] Databases and cryptography<br>><br>> That worries me. I plan on taking the test Nov or Dec, and now am<br>
> wondering if I should effectively flush what I've learned from Shon<br>> Harris and read the ISC2 Official guide for those crazy "just for the<br>> test" answers like that. I am too lazy to look right now, but am SURE<br>
> that the CISSP Shon Harris book I read says cryptography actually HURTS<br>> availability... because u are specifically limiting availability by<br>> obscuring the
data. It's like another "hoop" you have to go through<br>> before having your data available. And if you can't get through it,<br>> your data is unavailable.<br>><br>> -----Original Message-----<br>
> From: <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a><br>> [mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>] On Behalf Of Andrea Gatta<br>
> Sent: Saturday, September 19, 2009 7:27 PM<br>> To: The CISSP Study Mailing list<br>> Subject: Re: [Cisspstudy] Databases and cryptography<br>><br>> Well, that is true. But just based on the fact that ISC2 looks very much<br>
> concerned about keys get lost/corrupted.<br>><br>> On the other hand the last answer - which is sadly
the one I picked up -<br>> looks quite reasonable.<br>><br>> As a note - looking at the crypto chapter in the ISC2 book it looks<br>> pretty clear that they consider availability as one one of the security<br>
> services offered by cryptography (page 226). I am sure that availability<br>> is not mentioned as a crypto sec service in any other book (but I will<br>> look into it).<br>><br>> Andrea<br>><br>><br>
> On Sun, Sep 20, 2009 at 1:15 AM, Mike Archuleta <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>> wrote:<br>><br>><br>> Well if you follow the chain of thought from the last question.<br>
> If a digruntled employee has access. YES<br>><br>> Sent from my iPhone<br>><br>> On Sep 19, 2009, at 6:01 PM, Andrea
Gatta<br>> <<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br>><br>><br>><br>> Another thing I have noticed with cryptography is that<br>
> ISC2 tends to riconduct all risks/downsides if cryptography not to<br>> breach of disclosure as one would thing but instead to (again)<br>> availability, this time in the technical sense (below one example but I<br>
> am sure I had others):<br>><br>> What is the primary risk of using cryptographic<br>> protection for systems or data:<br>><br>> - loss of the system means loss of all data<br>
><br>> - a hardware failure may lead to lost data or
system<br>> integrity<br>><br>> - a disgruntled user may lead to denial of service<br>><br>> - an employee may may hide is activities from the<br>> security department<br>
><br>> Obviously (now) the third aswer is the correct one<br>><br>> Andrea<br>><br>><br>><br>><br>><br>><br>> On Sun, Sep 20, 2009 at 12:51 AM, Mike Archuleta <<br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br>
><br>><br>> Oh yeah!!! The test really quizes you on subject<br>> matter. Even though I passed on the first try I wasn't entirely happy<br>> with the experience.<br>><br>> Sent from my iPhone<br>
><br>> On Sep 19, 2009, at 5:41 PM, Andrea Gatta <<br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>>
wrote:<br>><br>><br>><br>> So I guess I should actually watch out<br>> for these sort of questions in the real exam...<br>><br>> Andrea<br>
><br>><br>> On Sun, Sep 20, 2009 at 12:28 AM, Mike<br>> Archuleta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br>
><br>><br>> I remember this question. It is<br>> the most correct answer based on wording. After realizing that answer<br>> included placed with autorized users.<br>
><br>> I think I argued with myself for<br>> five minutes. Who places a database near authorized users? I put a<br>> database in the data center with aal my servers and backup systems.<br>
><br>>
Sent from my iPhone<br>><br>> On Sep 19, 2009, at 5:19 PM,<br>> Andrea Gatta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br>
><br>><br>><br>> Well, same
here.<br>><br>> Unfortunately the<br>> question is from the official ISC2 guide, page 747 ;-)<br>><br>> Point is, any chance<br>
> they got it wrong ?<br>><br>> Andrea<br>><br>><br>> On Sun, Sep 20, 2009 at<br>> 12:15 AM, Mike Archuleta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>><br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=mlarchuleta@gmail.com" target="_blank">mlarchuleta@gmail.com</a>> wrote:<br>><br>><br>> I would think<br>
> niether improve or reduce availability. I don't think if crypto as an<br>>
availability feature.<br>><br>> Sent from my<br>> iPhone<br>><br>><br>> On Sep 19, 2009,<br>
> at 5:06 PM, Andrea Gatta < <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>><br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=andrea.gatta@gmail.com" target="_blank">andrea.gatta@gmail.com</a>> wrote:<br>><br>><br>><br>> Hi<br>
> there,<br>> I am<br>> wondering if anyone could shed a light on the following question (and<br>> answer):<br>><br>>
In terms<br>> of databases, cryptography can:<br>><br>> - only<br>> restrict and reduce availability<br>><br>
> -<br>> improve availability by allowing data to be easily placed where<br>> authorized users can access it<br>><br>>
-<br>> improve availability by increasing the granularity of the access<br>> controls<br>><br>> -<br>> neither reduce or improve availability<br>
><br>><br>> As far<br>> as the author of the question is concerned the correct answer is:<br>> "improve availability by allowing data to be easily placed where<br>
> authorized users can access it"<br>><br>>
The only<br>> reason I can think of for the answer to have a sense is that<br>> cryptography protects a resource from unauthorized users access through<br>> the mean of concealing its content.<br>
><br>> With a<br>> very long shot one could say that the resource would be "available" just<br>> to authorizaed users. Which means that this question uses "availability"<br>
> in a very extensive - and I would add divious - way.<br>><br>>
As far<br>> as I am concerned encryption does provide confidentiality and integrity<br>> as natural security services.<br>><br>> Thoughts<br>
> ?<br>><br>> Thanks<br>>
Andrea<br>><br>><br>> _______________________________________________<br>><br>> cisspstudy mailing list<br>><br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
><br>><br>><br>><br>> _______________________________________________<br>> cisspstudy<br>> mailing list<br>><br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
><br>><br>><br>><br>> _______________________________________________<br>> cisspstudy mailing list<br>><br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
><br>><br>><br>><br>> _______________________________________________<br>> cisspstudy mailing list<br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br>><br>><br>><br>><br>> _______________________________________________<br>
>
cisspstudy mailing list<br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br>><br>><br>>
_______________________________________________<br>> cisspstudy mailing list<br>> <mailto:<a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>><br>> <<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a>><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br>><br>><br>><br>>
_______________________________________________<br>> cisspstudy mailing list<br>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br>><br>><br>> _______________________________________________<br>
> cisspstudy mailing list<br>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
><br>><br>><br>><br>><br>> _______________________________________________<br>> cisspstudy mailing list<br>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br>> _______________________________________________<br>> cisspstudy mailing list<br>
> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
><br>> _______________________________________________<br>> cisspstudy mailing list<br>> <a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>><br></div></div>-------------- next part --------------<br>An HTML attachment was scrubbed...<br>
URL: <<a href="http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090921/8d56f200/attachment.html" target="_blank">http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090921/8d56f200/attachment.html</a>><br>
<br>------------------------------<div><br><br>_______________________________________________<br>cisspstudy mailing list<br><a href="http://us.mc1102.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br><br><br></div>End of cisspstudy Digest, Vol 15, Issue 29<br>******************************************<br>
</div></blockquote></td></tr></tbody></table><br>
<br>_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br></blockquote></div><br><br clear="all"><br></div></div><font color="#888888">-- <br>Sergio Pantoja H.<br><a href="mailto:spantoja@gmail.com" target="_blank">spantoja@gmail.com</a><br>System, Network and Security Administrator<br>
Linux User register #239475<br>Mandrake Club Member<br>
</font><br>_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br></blockquote></div><br>
</div></div><br>_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br></blockquote></div><br>