A new beginning!

Welcome to the refreshed cybersecurity blog! After five incredible years, I'm thrilled to unveil a brand-new platform that enhances your reader experience and introduces valuable new features. The revamped website aims to simplify complex concepts and demystify cybersecurity jargon, making it accessible to all.

One of the most exciting additions is the availability of cybersecurity courses, tailored to beginners and experienced professionals. The new platform fosters interactive community engagement, allowing you to leave comments, engage in discussions, and share insights.

This is just the beginning; I plan to expand course offerings, collaborate with industry experts, and introduce more interactive features. Let's embark on this journey together, empowering ourselves and securing our digital world.

So let's learn together and stay secure!

What's new?

The Blog Archive Page is now ready for you to glance over. All the blog posts have been clubbed into various categories. New blog posts will also be available going forward. This will act as a ready reckoner if you want to focus on specific topics.
New Course - CISSP Domain 4 Practice Questions has been added. Check out 125 questions carefully curated with the latest exam material. Detailed explanations have been added to help you understand why is a particular choice correct or incorrect.
25 Free Practice Questions for each published exam. This will help you gauge the kind of practice questions you will encounter when buying the course.

Latest Courses ( More Coming Soon)

ComptiA Security+ Practice Exam 1

$19.99

CC Practice Exam

$9.99

CISSP Domain 4 : Communications and Network Security Practice Questions

$14.99

CISSP Domain 3 : Security Architecture and Engineering Practice Questions

$14.99

CISSP Domain 2 : Asset Security Practice Questions

$14.99

SSCP Practice Exam 2

$19.99

View All

What people are saying

Yes, it reflects the real exam And it really helps your level of understanding of each concept. And the scenario-based questions are also very helpful. I really understood the importance of the practice tests after attending these kinds of tests.

— Akila A

Great question with multiple interpretation answers.

Totally worth it !!

— Andreas S

About Me

Welcome to my blog! My name is Mayur, and I have dedicated the past 11 years of my professional life to the field of information security. As an experienced information security professional, I hold several certifications, including CISSP, SSCP, ISO 27001 Lead Auditor, and CPISI.

The inception of this blog stems from my passion for simplifying complex security concepts. I recognized that many individuals struggle to grasp technical terms and find it challenging to navigate the world of information security. Therefore, I decided to bridge this gap by providing clear and straightforward explanations.

I firmly believe that understanding and appreciating the importance of information security should not be limited to a select few.

Thank you for visiting, and I encourage you to engage, ask questions, and contribute to the ongoing conversation. Let's embark on this journey of knowledge together!

Recent Blogposts

May 26, 2023 Mayur Pahwa

My Cybersecurity Blog: Unveiling a Refreshed Platform with New Features

IntroductionWelcome, readers! Today marks an exciting milestone in my journey as a cybersecurity blogger. As we enter the sixth year of this incredible venture, I am thrilled to announce the soft launch of my refreshed blog on a brand-new platform. T...

May 20, 2023 Mayur Pahwa

Demystifying Risk Management in Cybersecurity: Safeguarding Your Digital Assets ( Part 1)

In today's interconnected digital world, where cyber threats lurk around every corner, risk management has become a crucial aspect of cybersecurity. Whether you are a student, a cybersecurity beginner, or an experienced professional, understandi...

May 20, 2023 Mayur Pahwa

SSCP vs. Security+ - Which Certification Reigns Supreme?

So, you're looking to kickstart your cybersecurity career and wondering which certification to pursue? Well, you're in luck because today we have an exciting face-off between two popular certifications: the Systems Security Certified Practi...

May 17, 2023 Mayur Pahwa

How a Free Gift Caused $40,000 Loss and Nearly Ruined a Company?

Anjali was sitting and surfing the internet on the computer at her desk when the phone rang. Startled, she picked it up and heard a rough voice on the other side. “Is this Miss Anjali?” asked the rough voice. “Yes, this is” answered Anjali. “There is...

May 17, 2023 Mayur Pahwa

Unbelievable Plot Twist: Fake Website Scam Swindles Lakhs in Cyber Fiction

Varun was excited about the new phone which he had ordered yesterday. He couldn’t believe his luck when he got that message yesterday. Excited, he immediately forwarded the message to his friends. Varun was imagining how would he showcase his new iPh...

May 17, 2023 Mayur Pahwa

The Shocking Tale of Corporate Espionage and Cybersecurity Vulnerabilities!

Manish is invited to a conference as a chief guest to speak about his industry experience in the field of pharmaceuticals. Having worked in the industry for around 25+ years, Manish is a big name in this field. He is currently the Vice President ...

May 17, 2023 Mayur Pahwa

[Cyber-security Awareness Series] The Magic Card

Ramnath was quite happy when he received the “card” from the bank. This was no ordinary “card” given to him. He could withdraw money from his account at any point in time by using this card and could also swipe it at any shop to buy goods for his fam...

May 17, 2023 Mayur Pahwa

[Cyber-Security Awareness Series] Your Credentials , Your Identity

Mark was the head of the Marketing Department in the company “IloveITSolutions”. He had spent 25 long years in this organization. He was working on a marketing plan for an upcoming product launch. He had communicated his requirement of two interns fo...

May 17, 2023 Mayur Pahwa

[Cyber-Security Awareness Series] The Delay

YourDomain.com was a big name in the domain management of various Fortune 500 companies. Whenever a person or an organization wanted to buy or renew a domain name, “yourdomain.com” was the place to be for everyone. In a way, it was the market leader ...

May 17, 2023 Mayur Pahwa

[CyberSecurity Awareness Series] I Will Always Remember You

Have you ever longed for a friend or a partner who remembers you always? Even though you forget him/her, he/she always remembers you. If yes, this story is surely worth your time.Well, this is a story of two individuals where one never forgets the ot...

May 17, 2023 Mayur Pahwa

[Cyber-Security Awareness Series] The Fault In Our Code

Today was no different. Malvika got up in the morning, as usual, took a bath, got ready for the office, packed her lunch, and stepped out. However, Malvika had never imagined that her life would completely change when she stepped out of her home toda...

May 17, 2023 Mayur Pahwa

[CyberSecurity Awareness Series] The Whistle Man

It was as if a shadow was moving around trying to slip inside. It was early morning and the person knew that this was the right time to sneak inside as if he was aware that the whistle man would not have arrived by that time. The person had a mission...

May 15, 2023 Mayur Pahwa

[CyberSecurity Awareness Series] The Other Side

The body did not move when touched. The police carefully placed the body on the floor after it was found hanging from the fan. There was a suicide note which gave detailed reasons as to why Siddharth (popularly known as Sid) had to take this extreme ...

May 15, 2023 Mayur Pahwa

Understanding Vulnerability, Threat & Risk

Consider the following two examples:There is an office building where there are no physical security controls. There is no perimeter wall to surround the building. On entry, you do not find any identification proofs being asked. There is no baggage s...

May 15, 2023 Mayur Pahwa

Understanding Control Types & Functionality

A safeguard or a control or a countermeasure is implemented to reduce the risk an organization faces. Let’s understand it through some examples.1. A company puts in antivirus solutions to reduce the potential danger from malware.2. Citizens put ...

May 15, 2023 Mayur Pahwa

Demystifying Risk Management

When you speak to security professionals or the management in many organizations, most of them are of the opinion that security risk management is all about deploying the latest security tools available in the market with a focus on applications, hac...

May 15, 2023 Mayur Pahwa

Understanding Risk Assessment

Risk Assessment is a part of the Risk Management process. It is a method of identifying the vulnerabilities and threats and their impact in case the threat agent exploits the vulnerability to suggest security controls. There are a lot of Ri...

May 15, 2023 Mayur Pahwa

Risk Assessment Methodology

Having understood Risk Management & Risk Assessment in earlier blog posts, it is time for us to understand the various methodologies of risk assessment. The industry has different standardized methodologies when it comes to ca...

May 15, 2023 Mayur Pahwa

Risk Analysis Approaches

Which color do you like? Choose one – Red, Amber, or Green. Let’s try another one – How much would you like your company’s risk to cost – 10,000 $, 20,000 $ or 50,000? Choose one again. Confused? Don’t be. After all, risk analysis is about analyzing ...

May 15, 2023 Mayur Pahwa

Security Risk Assessment in The Internet of Things

Internet of Things henceforth referred to as IoT in the article refers to all the devices connected to the internet which “talk” to each other. This means if your washing machine is connected to the Internet and it talks to a cloud server giving its ...

May 15, 2023 Mayur Pahwa

Identification, Authentication, Authorization, and Accountability

The 4 steps to complete access management are identification, authentication, authorization, and accountability. Many get confused or consider that identification and authentication are the same, while some forget or give the least importance to audi...

May 15, 2023 Mayur Pahwa

Access Control and Mark Up Languages

Just like humans use language to talk to each other, we use language to talk to computers as well. For identity management and access control purposes, we are going to learn about some specific languages, but before that, it is important to understan...

May 15, 2023 Mayur Pahwa

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

Identity and Access Management is an extremely vital part of information security. An access control model is a framework that helps to manage identity and access management in the organization. There are 5 main types of access control models: discre...

May 15, 2023 Mayur Pahwa

Single Sign On & Kerberos

Imagine Susie wants to log on to a company database, her own system, a web server, her webmail, and other multitudes of applications. Since she needs to access so many resources, it is extremely important to have a set of credentials for accessing ea...

May 15, 2023 Mayur Pahwa

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Imagine a system that processes information. This information is classified in nature. When we say, it's classified, it means that the information has been labeled according to the data classification scheme finalized by the organization. This scheme...

View All

Get Regular Updates

Get notified of new products and promotions in your inbox and the latest blog posts.