Security Management Strategies for the CIO
-
Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on enterprise compliance, frameworks and standards for its Ask the Experts panel. He previously served as site expert on network security, is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
See below for Mike's archive of advice on both compliance and network security. To submit a question for Mike, click on the "Ask a Question" tab above.
-
Do you have a question for our experts?
Contributions from Mike Chapple, Enterprise Compliance
- Do split-tunneling features make a VPN vulnerable?
- Should a router be placed between the firewall and DMZ?
- Should a network be regularly checked for rogue access points?
- Buy vs. build: Choosing an enterprise intrusion detection system
- Will securing a wireless LAN make the data link layer vulnerable?
- Do WEP weaknesses call for an upgrade to WPA2 encryption?
- Will the PCI DSS require encryption over dedicated lines?
- What evaluation criteria should be used when buying a firewall?
- Are penetration tests essential for enterprise network security?
- Is SSL no longer useful?
- Can smurf attacks cause more than just a denial of service?
- What are the alternatives to RC4 and symmetric cryptography systems?
- Can a Web client not supporting SSL still connect to a secure server?
- Do P2P networks share the same risks as traditional ones?
- What is an Nmap Maimon scan?
- How to keep packet sniffers from collecting sensitive data
- How do a DMZ and VPN work together?
- Is a transition from IPv4 to IPv6 worth the effort?
- Are rogue DHCP servers a serious network risk?
- What to consider when deploying NAC products