CISSP Cyber Training Podcast - CISSP Training Program

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/6a/9c/94/6a9c9407-325a-3fd2-5f58-a9de8ffd643c/mza_1645455800644216760.jpg/600x600bb.jpg

CISSP Cyber Training Podcast - CISSP Training Program

Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur

313 episodes

4 days ago

Send us a text A neighboring Wi‑Fi, a handful of stolen credentials, and a quiet leap into a high‑value network—the kind of pivot that sounds cinematic until you realize how practical it is. We unpack that playbook and turn it into concrete defenses you can deploy across your environment, from client endpoints and browsers to databases, servers, and industrial control systems. We start at the edge, where phishing, drive‑by downloads, and man‑in‑the‑middle still win far too often. You’ll get ...

Show more...

All content for CISSP Cyber Training Podcast - CISSP Training Program is the property of Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Send us a text A neighboring Wi‑Fi, a handful of stolen credentials, and a quiet leap into a high‑value network—the kind of pivot that sounds cinematic until you realize how practical it is. We unpack that playbook and turn it into concrete defenses you can deploy across your environment, from client endpoints and browsers to databases, servers, and industrial control systems. We start at the edge, where phishing, drive‑by downloads, and man‑in‑the‑middle still win far too often. You’ll get ...

Show more...

Episodes (20/313)

CISSP Cyber Training Podcast - CISSP Training Program

CCT 310: Wi-Fi Hopping And Database Defense - CISSP Training

Send us a text A neighboring Wi‑Fi, a handful of stolen credentials, and a quiet leap into a high‑value network—the kind of pivot that sounds cinematic until you realize how practical it is. We unpack that playbook and turn it into concrete defenses you can deploy across your environment, from client endpoints and browsers to databases, servers, and industrial control systems. We start at the edge, where phishing, drive‑by downloads, and man‑in‑the‑middle still win far too often. You’ll get ...

4 days ago

43 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 309: React-To-Shell and Practice CISSP Questions (Domain 7.6)

Send us a text One unauthenticated request should not be all it takes to compromise your app—but with React-To-Shell, that’s the reality many teams are facing. We unpack what this vulnerability hits across React server components and Next.js app router setups, why default configs can be enough to fall, and how active threat actors are already abusing it. From construction to entertainment to cloud-native platforms, the exposure is broad, the proofs are reliable and the window for safe procras...

1 week ago

27 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 308: Scripted Sparrow BEC and CISSP Incident Response - Domain 7.6

Send us a text A single convincing email can move real money. We break down how Scripted Sparrow and other BEC crews spoof reply chains, impersonate trusted service providers, and slip under approval thresholds to nudge finance teams into wiring funds. The threat isn’t flashy malware; it’s pressure, process gaps, and the illusion of internal approval. We talk through the red flags that matter, from sudden vendor banking changes to realistic W9 attachments and urgent payment timelines, and the...

1 week ago

46 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 307: Practice CISSP Questions - Security Policies and Procedures

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv Headlines say the talent shortage is easing, yet nearly half of UK businesses still lack basic cyber skills. That disconnect sets the stage for a frank, practical tour through what actually reduces risk...

2 weeks ago

20 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 306: CISSP Domain 1.5: Understanding Legal, Regulatory, and Compliance Requirements

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv What happens when cybersecurity meets the engine room of the business? We dig into the partnership between the CISO and COO and show how shared risk, clear language about money, and practical tabletop d...

2 weeks ago

51 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 305: Practice CISSP Questions - Chrome Zero Days And Domain Eight Deep Dive

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv Headlines about eight Chrome zero days aren’t just noise—they’re a prompt to act with precision. We open with the fastest, most reliable steps to reduce exposure: force updates with MDM, restart browser...

3 weeks ago

19 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 304: Software Development Security (CISSP Domain 8)

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv A single malicious insider flipped Disney menus to Wingdings and tampered with allergy labels—proof that weak offboarding and sloppy access can turn small privileges into big threats. We take that lesso...

3 weeks ago

45 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 303: Practice CISSP Questions - Domain 6 Deep Dive

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv A headline about hacked nanny cams is more than a cautionary tale—it’s a mirror for how easily convenience eclipses security. We start with the Korean IP camera case to highlight simple, high-impact ste...

4 weeks ago

25 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 302: Security Audits and the CISSP Exam

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv If audits feel like paperwork purgatory, this conversation will change your mind. We unpack Domain 6 with a clear, practical path: how to scope a security audit that executives will fund, teams will fol...

1 month ago

36 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 301: Practice CISSP Questions - Deep Dive - Zero Trust

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv Zero trust isn’t a checkbox or a buzzword; it’s a mindset shift that changes how we design networks, ship code, and protect data. We dig into what “never trust, always verify” actually looks like when y...

1 month ago

26 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 300: Failing Securely, Simply, Separation of Duties, KISS and Zero Trust (CISSP)

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv Security programs fail when they try to do everything at once. We walk through a clear three-phase plan that keeps you focused and effective: start with a real gap assessment anchored in leadership’s ri...

1 month ago

44 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 299: Practice CISSP Questions - Data Security Controls

Send us a text Words can trigger audits, budget panic, or calm execution, and few words carry more weight than “leak” and “breach.” We unpack the real differences, the legal and regulatory implications of each, and how precise language shapes incident response. From there, we get hands-on with CISSP-ready concepts—data states, DLP, CASB, DRM, minimization, sovereignty, and sensitivity labels—and translate them into moves you can make this week. We start by mapping data states—at rest, in tra...

1 month ago

19 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 298: Determining Data Controls - CISSP

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv A graphing calculator running ChatGPT might make headlines, but our real job is keeping sensitive data from walking out the door. We break down the data states that matter most—at rest, in transit, and ...

1 month ago

36 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 297: Practice CISSP Questions - Investigation Types (Domain 1.6)

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv A single compromised API key can undo months of hard work. We open with a clear-eyed look at a reported Treasury-related incident tied to a privileged access platform and use it to expose a bigger probl...

1 month ago

20 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 296: Compliance and Contractual Requirements (Domain 1.4)

Send us a text Check us out at: https://www.cisspcybertraining.com/ Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv A tiny payload hidden in a legitimate-looking NuGet package can sit inside an industrial network for years, then trigger cascading failures in minutes. That chilling scenario sets the stage for a hands-...

1 month ago

37 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 295: Practice CISSP Questions - Deep Dive (Domain 7)

Send us a text Ransomware doesn’t wait for your change window, and neither do we. This episode takes you inside the decisions that matter when privileged accounts start hopping across systems, Exchange servers attract fresh exploits, and the clock is running on recovery. We open with the newest CISA guidance on Microsoft Exchange and translate it into moves you can apply today: enforce least privilege with a real PAM, choose stronger MFA than SMS, disable basic auth, and lock in transport pro...

1 month ago

23 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 294: Config Management Essentials - CISSP Domain 7

Send us a text A single Windows shortcut can open the door to espionage—and that’s exactly where we begin. We break down a fresh LNK exploit campaign to show how hidden command execution and DLL sideloading slip past busy teams, then pivot into the core defense most organizations underuse: disciplined configuration management. From baselines and version control to change boards and rapid rollback, we map the habits and tools that turn chaos into control. We walk through building secure, real...

2 months ago

32 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 293: CISSP Rapid Review - Domain 8

Send us a text Quantum threats aren’t waiting politely on the horizon, and neither should we. We kick off with Signal’s bold move to deploy post-quantum encryption, unpacking the “belt and suspenders” approach that blends classical cryptography with quantum-resistant algorithms. No jargon traps—just clear takeaways on why this matters for privacy, resilience, and the pressure it puts on other messaging platforms to evolve. We point you to smart reads from Ars Technica and Bruce Schneier that ...

2 months ago

39 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 292: Analyze Test Output and Generate Reports (Domain 6.4)

Send us a text One DNS bug shouldn’t take your business offline—but it did for thousands. We open with the AWS East outage to show how a single point of failure in DNS can cascade through critical systems, then get tactical about building resilience that actually holds up under stress. From multi‑region architecture and failover planning to budget trade‑offs leaders often dodge, we make the case for redundancy you can defend to finance and prove with tests, not promises. From there, we trans...

2 months ago

33 minutes

CISSP Cyber Training Podcast - CISSP Training Program

CCT 291: CISSP Rapid Review Exam Prep (Domain 7) - Part #2

Send us a text You can harden your network and still miss the front door: aging edge devices with elevated access, thin logging, and long‑ignored firmware. We dig into the uncomfortable truth behind “set it and forget it” firewalls, VPNs, and gateways, then lay out a practical Domain 7 playbook that helps you detect faster, respond cleaner, and recover without chaos. We start with the incident management sequence that actually works under pressure—detection, response, mitigation, reporting, ...

2 months ago

43 minutes