This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
5. - Your questions answered: Read more in this section
- Mike Chapple, Enterprise Compliance
- Joseph Granneman, Security Management
Explore other sections in this guide:
Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on enterprise compliance, frameworks and standards for its Ask the Experts panel. He previously served as site expert on network security, is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
See below for Mike's archive of advice on both compliance and network security. To submit a question for Mike, click on the "Ask a Question" tab above.
Do you have a question for our experts?
Contributions from Mike Chapple, Enterprise Compliance
- Is it possible to identify a fake wireless access point?
- Should Apple iPhones automatically connect to Wi-Fi networks?
- Server considerations for internal network application setup
- What is the relationship between open port range and overall risk?
- Will iptables screen UDP traffic?
- Bringing the network perimeter back from the 'dead'
- Can reputation services be applied to network security?
- How expensive are IPsec VPN setup costs?
- What kinds of network packet data can be extracted from Snort IDS?
- Can Snort be configured with a FreeBSD router?
- Will deploying VoIP on an 802.1x network create security problems?
- Should a router be placed between the firewall and DMZ?
- How is internal mail channeled through an enterprise firewall?
- Do split-tunneling features make a VPN vulnerable?
- Should a network be regularly checked for rogue access points?
- Will securing a wireless LAN make the data link layer vulnerable?
- Buy vs. build: Choosing an enterprise intrusion detection system
- Do WEP weaknesses call for an upgrade to WPA2 encryption?
- Will the PCI DSS require encryption over dedicated lines?
- What evaluation criteria should be used when buying a firewall?