Exam Code: DCA Practice exam 2023 by Killexams.com team
DCA Docker Certified Associate

Exam ID : DCA
Exam Title : Docker Certified Associate
Questions : 55
Duration : 90 minutes
Exam Type : multiple choice

Recognition for your Docker skills with an official Docker credential
Digital certificate and use of the Docker Certified Associate logo
Online verification of Docker Certified status by potential employers
Exclusive access to the Docker Certified professional network on LinkedIn and invites to certified-only events

55 multiple choice questions in 90 minutes
Designed to validate professionals with a minimum of 6 to 12 months of Docker experience
Remotely proctored on your Windows or Mac computer
Available globally in English
Results delivered immediately

This examination is based upon critical job activities a Docker Certified Associate performs. The skills and knowledge certified by this examination represent a level of expertise where a certified Docker Associate can:
● Run containerized applications from pre-existing images stored in a centralized registry
● Deploy images across the cluster
● Triage and resolve issue reports from stakeholders and resolve
● Standup up on Enterprise clusters with one UCP manager, one DTR replica, and one worker node
● Migrate traditional applications to containers
● Configure and troubleshoot Docker engine
● Perform general maintenance and configuration
Candidates for this certification should have at least six months to one year of experience with Docker, including exposure to the Docker Enterprise Edition. The knowledge, skills and experience required at this level should also include:
● container security
● experience with at least one cloud provider
● configuration management tools
● Linux and/or Windows Server

Orchestration 25%
Image Creation, Management, and Registry 20%
Installation and Configuration 15%
Networking 15%
Security 15%
Storage and Volumes 10%

Domain 1: Orchestration (25% of exam)
Content may include the following:
● Complete the setup of a swarm mode cluster, with managers and worker nodes
● Describe and demonstrate how to extend the instructions to run individual containers into running services under swarm.
● Describe the importance of quorum in a swarm cluster.
● Describe the difference between running a container and running a service.
● Interpret the output of “docker inspect” commands.
● Convert an application deployment into a stack file using a YAML compose file with "docker stack deploy"
● Manipulate a running stack of services.
● Describe and demonstrate orchestration activities.
● Increase the number of replicas.
● Add networks, publish ports.
● Mount volumes.
● Describe and demonstrate how to run replicated and global services.
● Apply node labels to demonstrate placement of tasks.
● Describe and demonstrate how to use templates with “docker service create”.
● Identify the steps needed to troubleshoot a service not deploying.
● Describe how a Dockerized application communicates with legacy systems.
● Describe how to deploy containerized workloads as Kubernetes pods and deployments.
● Describe how to provide configuration to Kubernetes pods using configMaps and secrets.

Domain 2: Image Creation, Management, and Registry (20% of exam)
Content may include the following:
● Describe the use of Dockerfile.
● Describe options, such as add, copy, volumes, expose, entry point.
● Identify and display the main parts of a Dockerfile.
● Describe and demonstrate how to create an efficient image via a Dockerfile.
● Describe and demonstrate how to use CLI commands to manage images, such as list, delete, prune, rmi.
● Describe and demonstrate how to inspect images and report specific attributes using filter and format
● Describe and demonstrate how to tag an image.
● Describe and demonstrate how to apply a file to create a Docker image.
● Describe and demonstrate how to display layers of a Docker image
● Describe and demonstrate how to modify an image to a single layer.
● Describe and demonstrate registry functions.
● Deploy a registry.
● Log into a registry.
● Utilize search in a registry.
● Push an image to a registry.
● Sign an image in a registry.
● Pull and delete images from a registry.

Domain 3: Installation and Configuration (15% of exam)
Content may include the following:
● Describe sizing requirements for installation.
● Describe and demonstrate the setup of repo, selection of a storage driver, and installation of the Docker engine on multiple platforms.
● Describe and demonstrate configuration of logging drivers (splunk, journald, etc.).
● Describe and demonstrate how to set up swarm, configure managers, add nodes, and setup the backup schedule.
● Describe and demonstrate how to create and manage user and teams.
● Describe and demonstrate how to configure the Docker daemon to start on boot.
● Describe and demonstrate how to use certificate-based client-server authentication to ensure a Docker daemon has the rights to access images on a registry.
● Describe the use of namespaces, cgroups, and certificate configuration.
● Describe and interpret errors to troubleshoot installation issues without assistance.
● Describe and demonstrate the steps to deploy the Docker engine, UCP, and DTR on AWS and on-premises in an HA configuration. ● Describe and demonstrate how to configure backups for UCP and DTR.

Domain 4: Networking (15% of exam)
Content may include the following:
● Describe the Container Network Model and how it interfaces with the Docker engine and network and IPAM drivers.
● Describe the different types and use cases for the built-in network drivers.
● Describe the types of traffic that flow between the Docker engine, registry and UCP controllers.
● Describe and demonstrate how to create a Docker bridge network for developers to use for their containers.
● Describe and demonstrate how to publish a port so that an application is accessible externally.
● Identify which IP and port a container is externally accessible on.
● Compare and contrast “host” and “ingress” publishing modes.
● Describe and demonstrate how to configure Docker to use external DNS.
● Describe and demonstrate how to use Docker to load balance HTTP/HTTPs traffic to an application (Configure L7 load balancing with Docker EE).
● Understand and describe the types of traffic that flow between the Docker engine, registry, and UCP controllers
● Describe and demonstrate how to deploy a service on a Docker overlay network.
● Describe and demonstrate how to troubleshoot container and engine logs to resolve connectivity issues between containers.
● Describe how to route traffic to Kubernetes pods using ClusterIP and NodePort services.
● Describe the Kubertnetes container network model.

Domain 5: Security (15% of exam)
Content may include the following:
● Describe security administration and tasks.
● Describe the process of signing an image.
● Describe default engine security.
● Describe swarm default security.
● Describe MTLS.
● Describe identity roles.
● Compare and contrast UCP workers and managers.
● Describe the process to use external certificates with UCP and DTR.
● Describe and demonstrate that an image passes a security scan.
● Describe and demonstrate how to enable Docker Content Trust.
● Describe and demonstrate how to configure RBAC with UCP.
● Describe and demonstrate how to integrate UCP with LDAP/AD.
● Describe and demonstrate how to create UCP client bundles.

Domain 6: Storage and Volumes (10% of exam)
Content may include the following:
● Identify the correct graph drivers to uses with various operating systems.
● Describe and demonstrate how to configure devicemapper.
● Compare and contrast object and block storage and when they should be used.
● Describe how an application is composed of layers and where these layers reside on the filesystem.
● Describe the use of volumes are used with Docker for persistent storage.
● Identify the steps to take to clean up unused images on a filesystem and DTR.
● Describe and demonstrate how storage can be used across cluster nodes.
● Describe how to provision persistent storage to a Kubernetes pod using persistentVolumes.
● Describe the relationship between container storage interface drivers, storageClass, persistentVolumeClaim and volume objects in Kubernetes.

Docker Certified Associate
Misc Certified information
Killexams : Misc Certified information - BingNews https://killexams.com/pass4sure/exam-detail/DCA Search results Killexams : Misc Certified information - BingNews https://killexams.com/pass4sure/exam-detail/DCA https://killexams.com/exam_list/Misc Killexams : All 21 Types of 1099 Tax Forms, Explained

This story is part of Taxes 2023, CNET's coverage of the best tax software, tax tips and everything else you need to file your return and track your refund.

As tax time rapidly draws near, it's also when you need to watch the mail for envelopes arriving marked "tax information." Among the many things they may contain are a variety of different types of 1099 tax forms. But what are they for and why do you need them? Let's break them down.

A 1099 form is used to document income received outside of a permanent salaried job. There are many different types of 1099 forms. Any organization or individual you received a payment from is required to distribute this tax form to you by Jan. 31 each year (an employer is also required to distribute a W-2 form by this deadline). 

tax tips badge art
Robert Rodriguez/CNET

It might be tempting to not report this money on your tax return, especially if the amounts are small. But remember that these businesses also send a copy of your 1099 forms to the IRS. The tax return you submit will be compared to what's on file to see if there are any discrepancies.

The issue of earnings from 1099s has been in the news recently after the IRS said it would require reporting transactions over $600 made through third-party payment apps. The tax agency subsequently delayed its requirement for this tax year, but it's still important to keep in mind. 

Here's what to know about the different types of 1099 tax forms, how to confirm you've received all your paperwork and tips for an easier filing season.

What should I do with my 1099s?

A 1099 form shows the income you earned outside of being an employee. Employees receive a W-2, whereas independent contractors, freelancers and gig workers receive a 1099. Any taxpayer can create a free ID.me account to see what forms they should expect to receive this year, since anyone issuing a W-2 or 1099 will also issue a copy to the IRS.

For some taxpayers, the majority (or even all) of the earnings they make in a given year is nonemployee, or 1099, income. An increasing number of people rely on side hustles and additional streams of income to make ends meet: Four in 10 Americans have a side hustle, each making an average of $12,689 extra per year, according to a Harris poll of 2,032 respondents commissioned by Zapier, a marketing automation company. Because additional income streams can mean additional tax forms, some might receive multiple types of 1099s.

If you received one or more 1099s over the last few weeks, the first thing to do is create an account with the IRS and review the tax records associated with your Social Security number. Since the entity issuing your 1099 also has to issue it to the tax agency, you'll be able to make sure you haven't missed anything, according to Christina Taylor, Cash App Tax expert and head of eFile operations for Cash App. "I always recommend you pull your wage and income transcript [on ID.me] from the IRS first," Taylor said. 

Read more: CNET's review of Cash App Tax to file your taxes online

Once you have all your documents, decide if you plan to work with a tax professional this year to file. Filing early in the season could result in quicker turnaround time -- which could result in a faster refund if you're owed one, according to Krystal Pino, certified public accountant and founder of Nomad Tax, a tax consultancy for digital nomads. "I tell people every day that we tax accountants are a lot less busy in February than we are in March and April," Pino said. 

The most common types of 1099s

There are several types of 1099 tax forms, and many of them relate to quite specific financial situations. If you made money outside your permanent job, you'll likely encounter one or more of the following forms.


Form 1099-INT documents interest you earned on savings. For example, if you have a high-yield savings account, and the interest on that account came out to $50 this year, both you and the bank are required to report that money as income, and you'll owe taxes on it.

Banks are diligent about sending out 1099-INT forms in a timely manner. If you only receive paperless statements, you'll likely receive this form electronically.


Form 1099-DIV documents income earned from investment dividends and distributions. If you have a brokerage account that holds stocks or mutual funds, and these investments paid out dividends, that counts as income. This dividend income does not apply to dividends accrued in tax-sheltered retirement accounts, such as a 401(k) or IRA.


Form 1099-MISC documents miscellaneous income. If you received a payout of over $600 in a given year from a business, you should have received a 1099-MISC. Types of income include prize money, gross proceeds payments to attorneys and rental payments for space or equipment. Form 1099-MISC was previously also used to document nonemployee compensation, but this was discontinued in 2020 when Form 1099-NEC was reintroduced.

Because the MISC has turned into an real miscellaneous category now and no longer includes compensation, "there's not much that goes into that category anymore," said Pino. Purchasing a house is now the most common reason for receiving a 1099-MISC, according to Pino, since you'll have one-time property tax and mortgage-interest deductions.


Form 1099-NEC documents nonemployee compensation. You'll receive this form if you were self-employed (gig worker, freelancer) or did independent contractor work amounting to over $600 last year. 

As mentioned above, this income used to be reported on the 1099-MISC until 2020. If you've been freelancing for years and no longer receive a 1099-MISC form but receive this one instead, that's why.

If you're on contract with a company but not a full-time employee, and you're being paid based on contract terms, you should expect a 1099-NEC, according to Taylor. 

If you receive independent contractor income, the IRS will classify you as a sole proprietor, even if you don't have a formal business entity, and you may owe self-employment taxes on the income.


Form 1099-K documents income you received via third-party payment processing platform. It's similar to nonemployee compensation, but it means you received payment through PayPal, Venmo or Cash App instead of directly from the business. 

Previously, payment processing companies only had to distribute a 1099-K if you had over 200 transactions that together amounted to $20,000 or more in income during a given year. The threshold was lowered to $600 a year, and the new rule was supposed to be implemented this tax season. But since the reporting change would overwhelm taxpayers and clog systems, the IRS announced a plan to delay the implementation of the changes until 2024. 

When the new threshold does go into effect next year, tax experts say it'll be a bumpy ride at first, particularly because some taxpayers might get a 1099-NEC and a 1099-K for the same income. "Don't report both, or you'll be double taxed," said Taylor. 

It's important to note that a 1099-K form reports gross income. Since you likely paid fees to the payment processing platform in order to use their service, be sure to include these expenses in your deductions.


Form 1099-B documents income from the sale of securities at a brokerage or barter exchange. If you sold stock last year, the gain or loss will be reported on a 1099-B. Even if you sold at a loss, be diligent about filing this form. You may be able to carry over some of your losses to the following year, offsetting tax potentially owed on future gains. 

Other types of 1099s you might encounter

Though the six 1099s above are the most common, you may also receive one or more of the following.


Form 1099-A documents "acquisition or abandonment of secured property." If you lost a property to foreclosure, your lender will send you this form so you can document capital losses. Over 300,000 properties had foreclosure filings in 2022, according to a report from ATTOM, a real estate data company.

If your foreclosure price didn't cover the remaining balance of your mortgage, and your lender determines that you can't pay it, they may forgive your debt. If this happens, also expect to receive Form 1099-C, since canceled debt is considered income.


Form 1099-C documents the cancellation of debt. If your debt was forgiven, your lender will send that documentation to both you and the IRS. Your debt is considered taxable income in the year that it's forgiven. Examples of canceled debt include property foreclosure or a charge-off on a credit card.

Form 1099-C does not apply to most debts discharged from bankruptcy.


Form 1099-CAP documents "changes in corporate control and capital structure." If you owned stock in a company, and the company was acquired or underwent a substantial change in capital structure, you may have to report any cash, stock and/or property that was gained as a result of this change.


Form 1099-G is used to report unemployment compensation or other certain government payments, such as refunds on state or local taxes, taxable grants or payments from the Department of Agriculture.


Form 1099-H documents payments made in advance to help offset certain qualifying health insurance expenses.

From 2002 to 2021, the Health Coverage Tax Credit provided relief to taxpayers receiving Trade Adjustment Assistance (TAA), reemployment TAA or benefits from a Pension Benefit Guaranty Corporation. This legislation helped reduce health insurance costs for vulnerable Americans in the form of a tax credit.

There are legislative efforts to make this program permanent, but negotiations are stalled in the US Senate as of this writing. If you are filing or amending returns from past years, you may encounter this form.


Form 1099-LTC documents income received as a result of long-term care or accelerated death benefits.

Long-term care insurance is a way for people to navigate the uncertainty of how much care they'll need in their elder years. You may receive a 1099-LTC if your insurance policy is actively being used.

An accelerated death benefit is when a life insurance policyholder receives their benefits before death because they have been deemed terminally ill by a doctor. This benefit is intended to help cover medical costs and make the policyholder comfortable.


Form 1099-LS documents acquired interest in a life insurance contract. 

The Tax Cuts and Jobs Act of 2017 added a new section to the Internal Revenue Code called section 6050Y. This code included new regulations for "reportable policy sales" of life insurance, and the IRS created two new 1099 forms to document this activity: Form 1099-LS and Form 1099-SB.

Companies and individuals will receive Form 1099-LS if they acquired a life insurance contract or any interest in a contract. For example, if a company acquired another company, and part of that company's assets included life insurance holdings, the policy sale needs to be reported.

If a sale occurred, it must be documented with the IRS, and all parties involved will receive a 1099-LS as a result.


Form 1099-OID documents an "original issue discount." 

When you purchase a bond for less than its face value, that's called an original issue discount. You'll redeem the bond at its face value when it matures, and the IRS considers the difference between the two to be taxable income.


Form 1099-PATR documents "taxable distributions received from cooperatives." If you are part of a cooperative, such as a farmer's co-op, and you received distributions or profits from the cooperative, you'll also receive this tax form.


Form 1099-Q documents "payments from qualified education programs." If you received distributions from a 529 plan or Coverdell education savings account (CESA) for education expenses, you'll receive this form to document that income. The income may or may not be taxable.


Form 1099-QA documents distributions made from an ABLE account. The Achieving a Better Life Experience Act of 2014 helps people who experienced the onset of a disability before the age of 26 save and pay for disability-related expenses using a tax-advantaged 529A ABLE account.

Many taxpayers who have a disability rely on public policy programs such as Supplemental Security Income (SSI) or Medicaid. These programs have low ceilings for how much income you can earn. For example, your monthly earned income must be under the Substantial Gainful Activity (SGA) threshold of $1,470, or $2,460 if you are blind. ABLE accounts were created to help taxpayers and their loved ones contribute to a savings account that can help pay for expenses associated with having a disability, and this wealth is not considered when determining eligibility for SSI or other programs.

Contributions to an ABLE account are post-tax, and any interest accrued in these accounts will be tax-free. Any distributions from these accounts will be documented on Form 1099-QA.


Form 1099-R documents "distributions from pensions, annuities, retirement or profit-sharing plans, IRAs and insurance contracts." If some of your income is coming from these sources, expect to receive a 1099-R.


Form 1099-S documents profits from a real estate transaction. If you sold real estate that appreciated in value, this difference is subject to capital gains tax. However, there are potential exemptions from this taxable gain.

The Taxpayer Relief Act of 1997 gives many homeowners relief from this tax liability. If the home you sold was your primary residence, and you lived in it for at least 24 months, you are exempt from the first $250,000 of the gain ($500,000 if married and filing jointly). This exemption can only be applied every two years.


Form 1099-SA documents "distributions from a Health Savings Account (HSA), Archer MSA or Medicare Advantage MSA." Whenever you make a withdrawal from a health savings account, the account holder will send you a 1099-SA to report this income.

HSAs offer triple tax savings. The money you deposit in a health savings account is tax free before deposit and tax free upon withdrawal, and any interest earnings will be tax free as well. To be eligible for this tax benefit, your distributions must be used for qualifying health-related expenses.


Form 1099-SB also documents the sale of a life insurance policy, but this form is filed by the original issuer of the policy after they have received a 1099-LS to document their investment and the surrender amount. The issuer must also file Form 1099-SB if the policy has transferred to a foreign person.

There are substantial rules and regulations for reportable policy sales, and these rules are fairly new. Consider working with a tax professional if you are a company or individual working with 1099-LS and 1099-SB forms.

What should I do if I don't receive all my 1099s?

All 1099s are required to be sent out to recipients by Jan. 31 of each calendar year. If you still haven't received your documents either by mail or electronically, reach out to the issuer for assistance.

If the person or company is not planning to issue you a 1099, you can still claim it as other income or self-employment income on your return, said Taylor. 

However, if you still haven't received your forms by Feb. 28, check your ID.me account to see if a copy was issued to the IRS. As a last resort, you can call the IRS, and they can advise you on whether you can use Form 1099-R as a substitute to document the missing income.

Get your taxes organized today

Having multiple sources of income can feel like a tax headache at first, but once you know the different ways income gets classified, the process becomes much easier. Being organized can help ensure a low-stress filing season.

More tax stories from CNET

Wed, 08 Feb 2023 07:16:00 -0600 See full bio en text/html https://www.cnet.com/personal-finance/taxes/1099-tax-forms-explained/
Killexams : California tax confusion: Already filed your return? Here’s what you should (and shouldn’t) do No result found, try new keyword!Claudia Stanley, a certified public accountant from Fresno, gave similar advice in a previous Bee story. Stanley said you can file a superseding or amended return to update your information ... or ... Thu, 16 Feb 2023 05:26:00 -0600 text/html https://www.sacbee.com/news/california/article272516712.html Killexams : Best InfoSec and Cybersecurity Certifications of 2023
  • The U.S. job market has almost 600,000 openings requesting cybersecurity-related skills. 
  • Employers are struggling to fill these openings due to a general cyber-skill shortage, with many openings remaining vacant each year. 
  • When evaluating prospective information-security candidates, employers should look for certifications as an important measure of excellence and commitment to quality.
  • This article is for business owners looking to hire cybersecurity experts, or for individuals interested in pursuing a cybersecurity career. 

Cybersecurity is one of the most crucial areas for ensuring a business’s success and longevity. With cyberattacks growing in sophistication, it’s essential for business owners to protect their companies by hiring qualified cybersecurity experts to manage this aspect of their business. The best candidates will have a certification in information security and cybersecurity. This guide breaks down the top certifications and other guidance you’ll need to make the right hire for your company. It’s also a great primer for individuals who are embarking on a cybersecurity career.

Best information security and cybersecurity certifications

When evaluating prospective InfoSec candidates, employers frequently look to certification as an important measure of excellence and commitment to quality. We examined five InfoSec certifications we consider to be leaders in the field of information security today.

This year’s list includes entry-level credentials, such as Security+, as well as more advanced certifications, like Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). According to CyberSeek, more employers are seeking CISA, CISM and CISSP certification holders than there are credential holders, which makes these credentials a welcome addition to any certification portfolio.

Absent from our list of the top five is SANS GIAC Security Essentials (GSEC). Although this certification is still a very worthy credential, the job board numbers for CISA were so solid that it merited a spot in the top five. Farther down in this guide, we offer some additional certification options because the field of information security is both wide and varied.

1. CEH: Certified Ethical Hacker

The CEH (ANSI) certification is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). It’s a must-have for IT professionals who are pursuing careers in white hat hacking and certifies their competence in the five phases of ethical hacking: reconnaissance, enumeration, gaining of access, access maintenance and track covering. 

CEH credential holders possess skills and knowledge of hacking practices in areas such as footprinting and reconnaissance, network scanning, enumeration, system hacking, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, web server hacking, wireless networks and web applications, SQL injection, cryptography, penetration testing, IDS evasion, firewalls and honeypots. CEH V11 provides a remapping of the course to the NIST/NICE framework’s Protect and Defend (PR) job role category, as well as an additional focus on emerging threats in cloud, OT and IT security, such as fileless malware.

To obtain a CEH (ANSI) certification, candidates must pass one exam. A comprehensive five-day CEH training course is recommended, with the exam presented at the course’s conclusion. Candidates may self-study for the exam but must submit documentation of at least two years of work experience in information security with employer verification. Self-study candidates must also pay an additional $100 application fee. Education may be substituted for experience, but this is evaluated on a case-by-case basis. Candidates who complete any EC-Council-approved training (including with the iClass platform, academic institutions or an accredited training center) do not need to submit an application prior to attempting the exam.

Because technology in the field of hacking changes almost daily, CEH credential holders are required to obtain 120 continuing-education credits for each three-year cycle.

Once a candidate obtains the CEH (ANSI) designation, a logical progression on the EC-Council certification ladder is the CEH (Practical) credential. The CEH (Practical) designation targets the application of CEH skills to real-world security audit challenges and related scenarios. To obtain the credential, candidates must pass a rigorous six-hour practical examination. Conducted on live virtual machines, candidates are presented 20 scenarios with questions designed to validate a candidate’s ability to perform tasks such as vulnerability analysis, identification of threat vectors, web app and system hacking, OS detection, network scanning, packet sniffing, steganography and virus identification. Candidates who pass both the CEH (ANSI) and the CEH (Practical) exams earn the CEH (Master) designation.

CEH facts and figures

Certification name Certified Ethical Hacker (CEH) (ANSI)
Prerequisites and required courses Training is highly recommended. Without formal training, candidates must have at least two years of information security-related experience and an educational background in information security, pay a nonrefundable eligibility application fee of $100 and submit an exam eligibility form before purchasing an exam voucher.
Number of exams One: 312-50 (ECC Exam)/312-50 (VUE) (125 multiple-choice questions, four hours)
Cost of exam $950 (ECC exam voucher) Note: An ECC exam voucher allows candidates to test via computer at a location of their choice. Pearson VUE exam vouchers allow candidates to test in a Pearson VUE facility and cost $1,199.
URL https://www.eccouncil.org/programs/certified-ethical-hacker-ceh
Self-study materials EC-Council instructor-led courses, computer-based training, online courses and more are available at ECCouncil.org. A CEH skills assessment is also available for credential seekers. Additionally, Udemy offers CEH practice exams. CEH-approved educational materials are available for $850 from EC-Council.

Certified Ethical Hacker (CEH) training

While EC-Council offers both instructor-led and online training for its CEH certification, IT professionals have plenty of other options for self-study materials, including video training, practice exams and books.

Pluralsight currently offers an ethical-hacking learning path geared toward the 312-50 exam. With a monthly subscription, you get access to all of these courses, plus everything else in Pluralsight’s training library. Through Pluralsight’s learning path, students can prepare for all of the domains covered in the CEH exam.  

CyberVista offers a practice exam for the CEH 312-50 certification that includes several sets of exam-like questions, custom quizzes, flash cards and more. An exam prep subscription for 180 days costs $149 and gives candidates access to online study materials, as well as the ability to get the materials for offline study. Backed by its “pass guarantee,” CyberVista is so confident its practice exam will prepare you for the CEH exam that the company will refund its practice questions costs if you don’t pass.

Did you know?FYI: Besides certifications in information security and cybersecurity, the best IT certifications cover areas such as disaster recovery, virtualization and telecommunications.

2. CISM: Certified Information Security Manager

The CISM certification is a top credential for IT professionals who are responsible for managing, developing and overseeing information security systems in enterprise-level applications or for developing organizational security best practices. The CISM credential was introduced to security professionals in 2003 by the Information Systems Audit and Control Association (ISACA).

ISACA’s organizational goals are specifically geared toward IT professionals who are interested in the highest-quality standards with respect to the auditing, control and security of information systems. The CISM credential targets the needs of IT security professionals with enterprise-level security management responsibilities. Credential holders possess advanced and proven skills in security risk management, program development and management, governance, and incident management and response.

Holders of the CISM credential, which is designed for experienced security professionals, must agree to ISACA’s code of ethics, pass a comprehensive examination, possess at least five years of experience in information security management, comply with the organization’s continuing education policy and submit a written application. Some combinations of education and experience may be substituted for the full experience requirement.

The CISM credential is valid for three years, and credential holders must pay an annual maintenance fee of $45 (ISACA members) or $85 (nonmembers). Credential holders are also required to obtain a minimum of 120 continuing professional education (CPE) credits over the three-year term to maintain the credential. At least 20 CPE credits must be earned every year.

CISM facts and figures

Certification name

Certified Information Security Manager (CISM)

Prerequisites and required courses

To obtain the CISM credential, candidates must do the following:

  1. Pass the CISM exam.
  2. Agree to the ISACA code of professional ethics.
  3. Adhere to ISACA’s CPE policy
  4. Possess a minimum of five years of information security work experience in described job practice analysis areas. Experience must be verifiable and obtained in the 10-year period prior to the application date or within five years of exam passage. There are some exceptions to this requirement depending on the current credentials held.
  5. Apply for CISM certification. (The processing fee is $50.) The credential must be obtained within five years of exam passage.

Number of exams

One: 150 questions, four hours

Cost of exam

Exam fees: $575 (members), $760 (nonmembers)

Exam fees are nontransferable and nonrefundable.



Self-study materials

Training and study materials in various languages, information on job practice areas, primary references, publications, articles, the ISACA Journal, review courses, an exam prep community, terminology lists, a glossary and more are available at ISACA.org. Additionally, Udemy offers comprehensive training for the certification exam.

Other ISACA certification program elements

In addition to CISM, ISACA offers numerous certifications for those interested in information security and best practices. Other credentials worth considering include the following:

  • Certified Information Systems Auditor (CISA)
  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified in Risk and Information Systems Control (CRISC)

The CISA designation was created for professionals working with information systems auditing, control or security and is popular enough with employers to earn it a place on the leaderboard. The CGEIT credential targets IT professionals working in enterprise IT management, governance, strategic alignment, value delivery, and risk and resource performance management. IT professionals who are seeking careers in all aspects of risk management will find that the CRISC credential nicely meets their needs.

Certified Information Security Manager (CISM) training

Pluralsight offers a CISM learning path containing five courses and 17 hours of instruction. The courses cover the domains addressed in the exam, but the learning path is aimed at the CISM job practice areas. 

CyberVista offers a CISM online training course in both live and on-demand formats. The course includes more than 16 hours of training videos, supplementary lessons, custom quizzes, practice exam questions and access to experts through the instructor. As with other CyberVista courses, the CISM training course comes with a “pass guarantee.” 

Did you know?Did you know?: According to CyberSeek, there are enough workers to fill only 68% of the cybersecurity job openings in the U.S. A cybersecurity certification is an important way to demonstrate the knowledge and ability to succeed in these job roles.

3. CompTIA Security+

CompTIA’s Security+ is a well-respected, vendor-neutral security certification. Security+ credential holders are recognized as possessing superior technical skills, broad knowledge and expertise in multiple security-related disciplines.

Although Security+ is an entry-level certification, the ideal candidates possess at least two years of experience working in network security and should consider first obtaining the Network+ certification. IT pros who obtain this certification have expertise in areas such as threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. The CompTIA Security+ credential is approved by the U.S. Department of Defense to meet Directive 8140/8570.01-M requirements. In addition, the Security+ credential complies with the standards for ISO 17024.

The Security+ credential requires a single exam, currently priced at $381. (Discounts may apply to employees of CompTIA member companies and full-time students.) Training is available but not required.

IT professionals who earned the Security+ certification prior to Jan. 1, 2011, remain certified for life. Those who certify after that date must renew the certification every three years to stay current. To renew, candidates must obtain 50 continuing-education units (CEUs) or complete the CertMaster CE online course prior to the expiration of the three-year period. CEUs can be obtained by engaging in activities such as teaching, blogging, publishing articles or whitepapers, and participating in professional conferences and similar activities.

CompTIA Security+ facts and figures

Certification name

CompTIA Security+

Prerequisites and required courses

None. CompTIA recommends at least two years of experience in IT administration (with a security focus) and the Network+ credential before the Security+ exam. Udemy offers a complete and comprehensive course for the certification.

Number of exams

One: SY0-601 (maximum of 90 questions, 90 minutes to complete; 750 on a scale of 100-900 required to pass)

Cost of exam

$381 (discounts may apply; search for “SY0-601 voucher”)



Self-study materials

Exam objectives, trial questions, the CertMaster online training tool, training kits, computer-based training and a comprehensive study guide are available at CompTIA.org.

CompTIA Security+ training

You’ll find several companies offering online training, instructor-led and self-study courses, practice exams and books to help you prepare for and pass the Security+ exam.

Pluralsight offers a Security+ learning path as a part of its monthly subscription plan for the latest SY0-601 exam. Split into six sections, the training series is more than 24 hours long and covers attacks, threats and vulnerabilities; architecture and design; implementation of secure solutions; operations and incident response; and governance, risk and compliance.

CyberVista offers a Security+ practice exam so you can test your security knowledge before attempting the SY0-601 exam. The test comes with a 180-day access period and includes multiple sets of exam questions, key concept flash cards, access to InstructorLink experts, a performance tracker and more. As with CyberVista’s other offerings, this practice exam comes with a “pass guarantee.”

4. CISSP: Certified Information Systems Security Professional

CISSP is an advanced-level certification for IT pros who are serious about careers in information security. Offered by the International Information Systems Security Certification Consortium, known as (ISC)2 (pronounced “ISC squared”), this vendor-neutral credential is recognized worldwide for its standards of excellence.

CISSP credential holders are decision-makers who possess the expert knowledge and technical skills necessary to develop, guide and manage security standards, policies and procedures within their organizations. The CISSP certification continues to be highly sought after by IT professionals and is well recognized by IT organizations. It is a regular fixture on most-wanted and must-have security certification surveys.

CISSP is designed for experienced security professionals. A minimum of five years of experience in at least two of (ISC)2’s eight common body of knowledge (CBK) domains, or four years of experience in at least two of (ISC)2’s CBK domains and a college degree or an approved credential, is required for this certification. The CBK domains are security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.

(ISC)2 also offers three CISSP concentrations targeting specific areas of interest in IT security:

  • Architecture (CISSP-ISSAP)
  • Engineering (CISSP-ISSEP)
  • Management (CISSP-ISSMP)

Each CISSP concentration exam is $599, and credential seekers must currently possess a valid CISSP.

An annual fee of $125 is required to maintain the CISSP credential. Recertification is required every three years. To recertify, candidates must earn 40 CPE credits each year, for a total of 120 CPE credits within the three-year cycle.

CISSP facts and figures

Certification name

Certified Information Systems Security Professional (CISSP) 

Optional CISSP concentrations:  

  • CISSP Architecture (CISSP-ISSAP)
  • CISSP Engineering (CISSP-ISSEP)
  • CISSP Management (CISSP-ISSMP)

Prerequisites and required courses

At least five years of paid, full-time experience in at least two of the eight (ISC)2 domains or four years of paid, full-time experience in at least two of the eight (ISC)2 domains and a college degree or an approved credential are required. Candidates must also do the following:

  • Agree to the (ISC)2 code of ethics.
  • Submit the CISSP application.
  • Complete the endorsement process.

Number of exams

One for CISSP (English CAT exam: 100-150 questions, three hours to complete; non-English exam: 250 questions, six hours) 

One for each concentration area

Cost of exam

CISSP is $749; each CISSP concentration is $599.



Self-study materials

Training materials include instructor-led, live online, on-demand and private training. There is an exam outline available for review, as well as study guides, a study app, interactive flash cards and practice tests.

Certified Information Systems Security Professional (CISSP) training

Given the popularity of the CISSP certification, there is no shortage of available training options. These include classroom-based training offered by (ISC)2, as well as online video courses, practice exams and books from third-party companies.

Pluralsight’s CISSP learning path includes 12 courses and 25 hours of e-learning covering the security concepts required for the certification exam. Available for a low monthly fee, the CISSP courses are part of a subscription plan that gives IT professionals access to Pluralsight’s complete library of video training courses.

When you’re ready to test your security knowledge, you can take a simulated exam that mimics the format and content of the real CISSP exam. Udemy offers CISSP practice exams to help you prepare for this challenging exam.

5. CISA: Certified Information Systems Auditor

ISACA’s globally recognized CISA certification is the gold standard for IT workers seeking to practice in information security, audit control and assurance. Ideal candidates can identify and assess organizational threats and vulnerabilities, assess compliance, and provide guidance and organizational security controls. CISA-certified professionals demonstrate knowledge and skill across the CISA job practice areas of auditing, governance and management, acquisition, development and implementation, maintenance and service management, and asset protection.

To earn the CISA certification, candidates must pass one exam, submit an application, agree to the code of professional ethics, agree to the CPE requirements and agree to the organization’s information systems auditing standards. In addition, candidates must possess at least five years of experience working with information systems. Some substitutions for education and experience with auditing are permitted.

To maintain the CISA certification, candidates must earn 120 CPE credits over a three-year period, with a minimum of 20 CPE credits earned annually. Candidates must also pay an annual maintenance fee ($45 for members; $85 for nonmembers).

CISA facts and figures

Certification name

Certified Information Systems Auditor (CISA)

Prerequisites and required courses

To obtain the CISA credential, candidates must do the following:

  1. Pass the CISA exam.
  2. Agree to the ISACA code of professional ethics.
  3. Adhere to ISACA’s CPE policy.
  4. Agree to the information auditing standards.
  5. Possess a minimum of five years of information systems auditing, control or security work in described job practice analysis areas. Experience must be verifiable and obtained in the 10-year period prior to the application date or within five years after the exam is passed. There are some exceptions to this requirement depending on the current credentials held.
  6. Apply for CISA certification. (The processing fee is $50.) The credential must be obtained within five years of exam passage.

Number of exams

One: 150 questions, four hours

Cost of exam

$575 (members); $760 (nonmembers)



Self-study materials

ISACA offers a variety of training options, including virtual instructor-led courses, online and on-demand training, review manuals and question databases. Numerous books and self-study materials are also available on Amazon.

Certified Information Systems Auditor (CISA) training

Training opportunities for the CISA certification are plentiful. Udemy offers more than 160 CISA-related courses, lectures, practice exams, question sets and more. On Pluralsight, you’ll find 12 courses with 27 hours of information systems auditor training covering all CISA job practice domains for the CISA job practice areas.

Beyond the top 5: More cybersecurity certifications

In addition to these must-have credentials, many other certifications are available to fit the career needs of any IT professional interested in information security. Business owners should consider employing workers with these credentials as well.

  • The SANS GIAC Security Essentials (GSEC) certification remains an excellent entry-level credential for IT professionals seeking to demonstrate that they not only understand information security terminology and concepts but also possess the skills and technical expertise necessary to occupy “hands-on” security roles.
  • If you find incident response and investigation intriguing, check out the Logical Operations CyberSec First Responder (CFR) certification. This ANSI-accredited and U.S. DoD-8570-compliant credential recognizes security professionals who can design secure IT environments, perform threat analysis, and respond appropriately and effectively to cyberattacks. Logical Operations also offers other certifications, including Master Mobile Application Developer (MMAD), Certified Virtualization Professional (CVP), Cyber Secure Coder and CloudMASTER.
  • The associate-level Cisco Certified CyberOps Associate certification is aimed at analysts in security operations centers at large companies and organizations. Candidates who qualify through Cisco’s global scholarship program may receive free training, mentoring and testing to help them achieve a range of entry-level to expert certifications that the company offers. CompTIA Cybersecurity Analyst (CySA+), which launched in 2017, is a vendor-neutral certification designed for professionals with three to four years of security and behavioral analytics experience.
  • The Identity Management Institute offers several credentials for identity and access management, data protection, identity protection, identity governance and more. The International Association of Privacy Professionals (IAPP), which focuses on privacy, has a small but growing number of certifications as well.
  • The SECO-Institute, in cooperation with the Security Academy Netherlands and APMG, is behind the Cyber Security & Governance Certification Program; SECO-Institute certifications aren’t well known in the United States, but their popularity is growing. 
  • It also may be worth your time to browse the Chartered Institute of Information Security accreditations, the U.K. equivalent of the U.S. DoD 8570 certifications and the corresponding 8140 framework.

Also, consider these five entry-level cybersecurity certifications for more options.

TipTip: Before you decide to purchase training for a certification or an exam voucher, see if your employer will cover the cost. Employers may cover all or part of the cost if you have a continuing education or training allowance, or if the certification is in line with your current or potential job duties.

Information security and cybersecurity jobs

According to CyberSeek, the number of cybersecurity job openings in the U.S. stands at almost 598,000, with about 1.05 million cybersecurity professionals employed in today’s workforce. Projections continue to be robust: The U.S. Bureau of Labor Statistics expects 33% growth in information security analyst positions between 2020 and 2030; in comparison, the average rate of growth for all occupations is about 8%.

Security-related job roles include information security specialist, security analyst, network security administrator, system administrator (with security as a responsibility) and security engineer, as well as specialized roles, like malware engineer, intrusion analyst and penetration tester.

Average salaries for information security specialists and security engineers – two of the most common job roles – vary depending on the source. For example, SimplyHired reports about $74,000 for specialist positions, whereas Glassdoor‘s national average is about $108,000. For security engineers, SimplyHired reports almost $112,000, while Glassdoor’s average is more than $111,000, with salaries on the high end reported at $261,000. Note that these numbers frequently change as the sources regularly update their data. [Meet the man who kept Microsoft safe and secure for more than a decade.]

Our informal job board survey from April 2022 reports the number of job posts nationwide in which our featured certifications were mentioned on a given day. This should deliver you an idea of the relative popularity of each certification.

Job board search results (in alphabetical order by cybersecurity certification)




LinkedIn Jobs



CEH (EC-Council)
























Security+ (CompTIA)






Did you know?Did you know?: Cybersecurity matters even when you’re traveling. Find out how to keep your computer secure when you’re on the road for business or pleasure.

The importance of hiring information security and cybersecurity professionals

According to Risk Based Security‘s 2021 Year End Data Breach Quickview Report, there were 4,145 publicly disclosed breaches throughout 2021, containing over 22 billion records. This is the second-highest number of breached records, after an all-time high the year before. The U.S. was particularly affected, with the number of breaches increasing 10% compared with the previous year. More than 80% of the records exposed throughout 2021 were due to human error, highlighting an ever-increasing need for cybersecurity education, as well as for highly skilled and trained cybersecurity professionals. [Learn how to recover from a data breach.]

If you’re serious about advancing your career in the IT field and are interested in specializing in security, certification is a great choice. It’s an effective way to validate your skills and show a current or prospective employer that you’re qualified and properly trained. If you’re a business owner, hiring certified professionals and skilled IT managers can help prevent cyberattacks and provide confidence that your company’s security is in the right hands. In the meantime, review our quick cybersecurity tips to Boost your company’s protection.

Jeremy Bender contributed to the writing and research in this article.

Sun, 22 Jan 2023 10:00:00 -0600 en text/html https://www.businessnewsdaily.com/10708-information-security-certifications.html
Killexams : Samsung Heavy Delivers LNG Pair for MISC

Seri Damai, Seri Daya join MISC LNG Carrier Fleet

MISC welcomed two of its latest new generation of Liquefied Natural Gas (LNG) carriers, Seri Damai and Seri Daya to its fleet of LNG carriers. 

These 174,000 CBM LNG carriers were built for MISC by Samsung Heavy Industries Co., Ltd. (SHI), and upon their delivery, the new LNG carriers will be on long-term charters to ExxonMobil’s wholly-owned subsidiary, SeaRiver Maritime LLC (SRM) and will be managed by Eaglestar Shipmanagenent (S) Pte.Ltd.

“The delivery of Seri Damai and Seri Daya today, marks a strong start to the year and a significant milestone in MISC’s partnership with SeaRiver Maritime," said Captain Rajalingam Subramaniam, MISC’s President & Group Chief Executive Officer. “My appreciation goes out to our shipbuilder, Samsung Heavy Industries, in-house Project Management team from Eaglestar, Gas Assets & Solutions (GAS) Business team, Class Society ABS and all partners and collabora-tors involved in the safe construction of this state-of-the-art LNG carriers."

“The Seri Daya and Seri Damai represent another major milestone in the valued relationship between SeaRiver Maritime, MISC Berhad, and Samsung Heavy Industries Shipyard,” said Mr. Kostelnik, President & CEO of SeaRiver Maritime, Inc. “This is a step forward in supporting a net-zero future as we add modern, energy-efficient LNG carriers to support ExxonMobil’s growing LNG business.”

With the addition of Seri Damai and Seri Daya MISC now has 31 LNG carriers in its GAS Business, in addition to six Very Large Ethane Carriers (VLECs) and two LNG Floating Storage Units (FSUs), which has a combined deadweight tonnage (dwt) capacity of over two million tons.

The ships feature advanced technology to cater to the growing needs for safe, reliable and energy-efficient solutions in the transportation of LNG. The LNG carriers have enhanced cargo tank insulation with the GTT Mark-III Flex PLUS cargo containment system which is designed to reduce the boil-off rate to 0.07% of cargo volume per day for improved efficiency.

Powered by WinGD X-DF propulsion, the vessels fulfill the IMO Tier-III emission requirements without any external exhaust gas after-treatment system. It also complies with the Energy Efficiency Existing Ship Index (EEXI) standard while the eco-efficient vessels are also certified with ENVIRO Notation, a voluntary adoption of integrating ABS re-quirements with international conventions for environmental protection.

Seri Damai and Seri Daya use the Samsung SVESSEL technology for enhanced safety and efficiency through remote monitoring of vessel performance and operations.

Mon, 30 Jan 2023 10:00:00 -0600 en text/html https://www.marinelink.com/news/samsung-heavy-delivers-lng-pair-misc-502561
Killexams : Already claimed California inflation relief as income? Here’s what to do about your taxes No result found, try new keyword!After the IRS issued guidance for California taxpayers, a reader asked The Bee: What do I do if I already filed? Wed, 15 Feb 2023 21:00:00 -0600 text/html https://www.sanluisobispo.com/news/california/article272516712.html Killexams : What Is CISSP Certification? Qualifications, Benefits And Salary

Editorial Note: We earn a commission from partner links on Forbes Advisor. Commissions do not affect our editors' opinions or evaluations.

IT security professionals looking to advance their careers or dive deeper into the realm of cybersecurity should consider the Certified Information Systems Security Professional (CISSP) certification. Organizations across industries need to protect their data and proprietary information from cyberattacks, making CISSP-certified professionals a valuable asset to any company.

CISSP certification signals to employers that you know how to best protect web-based information systems and command a strong IT security team. Read on to learn all you need to know about earning CISSP certification.

Southern New Hampshire University

Unlock your tech potential with a computer science degree from Southern New Hampshire University.

Learn More

Who Should Get CISSP Certification?

As an early-career IT security professional, you may be tempted to jump into the CISSP certification process soon after completing an undergraduate degree or spending just a few years working entry-level cybersecurity jobs. However, you’ll have to meet certain benchmarks before qualifying to become a CISSP.

(ISC)², which administers CISSP certification, requires candidates to have completed either five years of full-time employment or four years of employment plus an undergraduate degree (such as a bachelor’s degree in cybersecurity) or another approved credential.

(ISC)² also created the Body of Knowledge (CBK), which holds nearly all the information a seasoned cybersecurity professional should know. The CBK lists eight primary domains, including asset security and software development security. To become a CISSP, your past work experience must be within one or more of these eight domains.

Earning CISSP certification is not an easy process. From passing the exam to paying annual fees, this certification requires an investment of time, energy and money. On the other hand, CISSP certification is among the most common cybersecurity credentials required by employers, and 72% of cybersecurity professionals are required by their employer to hold a certification, according to a workforce study conducted by (ISC)².

Whether you plan to become a chief information officer or an independent security consultant, knowing your “why” can help you stay the course as you work toward earning CISSP certification.

Benefits of CISSP Certification

A CISSP certification is among the gold standards for IT and cybersecurity professionals. This credential can lead to higher salaries, a competitive advantage in the job market and knowledge of the latest industry advancements.

Increase Your Earning Potential

Salaries for CISSP-certified professionals vary by job title and location. On average, these workers earn over $120,000 per year in North America.

CISSP-certified professionals are some of the most well-paid IT professionals in the industry. This is because employers understand the rigorous process required to become a CISSP, and the credential is recognized on a global scale.

Become a More Competitive Job Candidate

Adding CISSP certification to your cybersecurity resume signifies to recruiters and employers that you are among the top candidates in the information security industry. This credential also guarantees that you have at least four or five years of hands-on experience.

Most cybersecurity professionals report that their organizations require them to hold a certification, according to (ISC)²’s 2021 workforce study. The study found that the CISSP credential was the most commonly held certification among cybersecurity professionals.

Build Cybersecurity Expertise

Part of the CISSP certification process is becoming intimately familiar with all relevant information in the world of cybersecurity, both to pass the exam and to maintain certification.

After earning their certification, CISSPs must accumulate a set number of continuing education credits. Continuing education helps build expertise and ensure that CISSPs have current, relevant skills.

Participants in (ISC)²’s workforce study reported that their teams recognize the following benefits of employing cybersecurity professionals with certifications like the CISSP.

  • These workers have a deeper knowledge of critical cybersecurity topics.
  • Certified workers increase confidence in their teams’ ability to handle security challenges.
  • Hiring professionals with cybersecurity certifications ensures current knowledge and practice of information security trends.
  • Certification allows organizations to hire high-level workers with demonstrated expertise in cybersecurity.

Network with Other CISSPs

All CISSPs must become (ISC)² members, granting access to networking opportunities. More than 168,000 cybersecurity professionals are members of (ISC)².

What is the Current Demand for Cybersecurity Professionals?

Between 2020 and 2021, cyberattacks and data breaches increased by 15.1% on average. This spike in cyberattacks among companies of all types highlights both the need for expert cybersecurity professionals and the gap in supply.

Despite the field’s increasing popularity, the (ISC)²’s workforce study found that 60% of cybersecurity professionals say a shortage of cybersecurity professionals is putting their organizations at risk. (ISC)² estimated a cybersecurity workforce gap of 2.7 million in 2021.

One potential reason for this workforce gap is that most cybersecurity job requirements include certifications such as the CISSP. Earning certification involves considerable time and effort, making it tougher to close this workforce gap. Meanwhile, technological advances used by malicious parties continue to outpace the rate at which IT and cybersecurity professionals enter the field and develop expertise necessary to secure data against these attacks.

The Demand for CISSPs

CISSP professionals are in high demand across industries due to their advanced knowledge and ability to defend against data breaches and Boost security measures.

According to CyberSeek, CISSP certifications see the most demand among all current cybersecurity job openings requiring certification. As of October 2022, more than 137,000 cybersecurity job listings request CISSP certification.

How to Earn CISSP Certification

To earn CISSP certification, you must first meet requirements for work experience, education and professional credentials. Candidates may have five years of relevant work experience, or four years if they also hold a related undergraduate degree or an (ISC)²-approved credential.

If you do not meet these requirements but are still interested in taking the CISSP exam, you can work toward becoming an Associate of (ISC)². Associates have passed the exam but cannot become fully certified until they have fulfilled the work experience requirements.

Pass the Certification Exam

Each candidate has four hours to complete the CISSP certification exam, which comprises 125 to 175 questions. You can find ample preparation resources, including practice exams and study materials, on (ISC)²’s website.

When the time comes, you can register online to take the exam, though the exam itself will take place in person at a Pearson VUE testing center. Note that the exam fee is $749.

To pass, you must score at least 700/1,000 or higher. If you do not pass the CISSP exam the first time, you’re in good company—many test-takers attempt the exam multiple times. You can retake the CISSP exam 30 days after your first try and up to four times within a 12-month period.

Get Endorsed

After passing the CISSP exam, you must obtain an endorsement from a current certification-holder before becoming certified yourself.

This endorsement validates that you have completed the necessary work experience to earn CISSP certification. You have nine months to find an endorsement after passing the exam. In the event you are unable to find someone, (ISC)² may act as your endorser.

Maintain Certification

Like many professional accrediting bodies, (ISC)² requires its members to stay up to date on the latest trends and research in cybersecurity. You must earn at least 120 continuing professional education (CPE) credits every three years to maintain CISSP certification. Many members earn their CPEs by attending courses or conferences, volunteering or teaching.

Frequently Asked Questions (FAQs) About CISSP Certification

A CISSP professional maintains an organization’s IT security systems, securing data against external threats. Responsibilities may also include running security audits, gathering data on security performance, managing teams of IT security professionals and creating security reports for stakeholders

Is CISSP a good certification?

Yes, the CISSP credential is one of the most respected certifications in the cybersecurity field. Its rigor and high standards are well-known in the industry, and many organizations place a high value on recruiting CISSPs.

No, CISSP certification requires five years of professional experience in a cybersecurity-related role, or a combination of work experience and education.

Wed, 15 Feb 2023 17:37:00 -0600 Meghan Gallagher en-US text/html https://www.forbes.com/advisor/education/what-is-cissp/
Killexams : IRS says it won’t tax California’s Middle Class Tax Refund

Relax, Californians — the Middle Class Tax Refund you received last year will not be subject to federal taxes.

The Internal Revenue Service issued long-awaited guidance Friday afternoon, saying it “determined it will not challenge the taxability of payments related to general welfare and disaster relief.” California’s Middle Class Tax Refund falls into that category, the agency said, as do the payments in 16 other states.

According to the IRS, you won’t need to report the payment as income on your 2022 return. So recipients can ignore the federal 1099-MISC form sent out last month by the state Franchise Tax Board.

Accountants across California had been grumbling for weeks about the IRS’ refusal to clarify the issue. And on Thursday, the IRS’ in-house taxpayer advocate service added its voice in a blog post.

“Giving taxpayers a choice between waiting to file their returns and receive their refunds or filing returns now that the IRS may later determine to be inaccurate is not acceptable,” the National Taxpayer Advocate said. The advocate is an independent division within the IRS that helps taxpayers resolve problems with the agency.

“This was a known issue, with ramifications for tens of millions of taxpayers, tax return preparers (who still prepare most federal income tax returns) and tax software developers. The failure to have identified and resolved this issue before the filing season suggests that someone, or everyone, was asleep at the switch.”

Although the IRS has published several forests’ worth of guides on the intricacies of the federal tax code, it hesitated to clarify how California households should treat the $200 to $1,050 they received from the state’s Middle Class Tax Refund. The confusion stemmed from the fact that the payments were not actually tax refunds but were just (for lack of a better term) handouts. Were they tax refunds, they would be considered taxable income by the feds only for recipients who itemize their deductions and write off their state taxes.

And while the payments were funded with federal COVID-19 relief dollars, they were not explicitly aimed at helping people affected by the pandemic — a designation that would have exempted them from federal taxation. Instead, California billed the money as relief from the state’s high gasoline prices.

Last week, the IRS urged taxpayers who were uncertain about how to treat these payments to hold off filing their federal returns, promising to offer clarity to at least some taxpayers this week.

Matthew Frankel, a certified financial planner and contributor to the Motley Fool financial website, said the 17 states that issued some type of rebate last year typically used federal COVID relief money to pay for them. The stated goal of the aid, however, usually was to help households cope with inflation, Frankel said.

These sorts of rebates should be exempt from federal taxes, he said, because they fall under “general welfare exclusion.” That category covers payments a state makes to benefit the public at large, such as the checks California sent to low- and moderate-income households in 2021 as part of the Golden State Stimulus program.

In Friday’s guidance, the IRS said that determining whether a payment fit into the tax-exempt categories of general welfare or disaster relief was “a complex fact intensive inquiry that depends on a number of considerations.”

Given both the nature of the payments and taxpayers’ need for “certainty and clarity,” the IRS said it “will not challenge the treatment of the 2022 payment as excludable for income on an original or amended return.” One reason, it said, was “the fact that the pandemic emergency declaration is ending in May, 2023 making this an issue only for the 2022 tax year.”

Most Californians received their Middle Class Tax Refund in 2022, but some payments went out this year.

The state Franchise Tax Board has said California won’t tax the payments. It offered no guidance on whether the money would be subject to federal taxes.

H&R Block didn’t wait for the IRS to get off the fence, Frankel said; the service has been treating the Middle Class Tax Refund as exempt from federal taxes and not waiting to file returns. Similarly, he said, Intuit’s TurboTax software is treating the payments as tax exempt.

Tax professionals say that Californians should file their returns as soon as they can. That’s because about 75% of households are due a refund — the average was a little more than $3,000 last year — and the longer they wait to claim it, the longer they’re lending money to the feds interest-free. Worse, some tax pros warn, the later you file, the greater the risk that a fraudster will use your stolen Social Security number to try to claim your refund before you do.

About The Times Utility Journalism Team

This article is from The Times’ Utility Journalism Team. Our mission is to be essential to the lives of Southern Californians by publishing information that solves problems, answers questions and helps with decision making. We serve audiences in and around Los Angeles — including current Times subscribers and diverse communities that haven’t historically had their needs met by our coverage.

How can we be useful to you and your community? Email utility (at) latimes.com or one of our journalists: Matt Ballinger, Jon Healey, Ada Tseng, Jessica Roy and Karen Garcia.

Fri, 10 Feb 2023 05:54:00 -0600 en-US text/html https://www.latimes.com/california/story/2023-02-10/taxpayer-advocate-blasts-irs-for-delay-in-deciding-key-california-tax-issue
Killexams : Here's where you can file your taxes for free in South Florida


Here's where you can file your taxes for free in South Florida

The filing deadline for taxes is April 18 this year.There are several places in the Palm beaches and Treasure Coast that are helping people do their taxes for free.United Way of Palm Beach CountyThe 20th year of the Volunteer Income Tax Assistance Program offers free income tax preparation for people who have a 2022 income of $70,000 or less.The program files electronically through "a secure IRS-certified program" so that people can receive money while also saving it on filing fees, according to the program.In 2022, the volunteers process over 7,300 tax returns. It has returned more than $267 million to the Palm Beach County economy since 2003, according to the group.To file online, click here.To file in person, click here to find the nearest location. There is no appointment required. When going in person, taxpayers need to bring the following documents:2021 tax returnsocial security cards and birthdates for all family membersall W2 statements for 2022 forms 1095-A, 1099, and 1098a photo ID and a voided checkNote: Joint returns require both spouses to attend. Those who earned less than $60,000 may also be eligible for up to $6,935 in Earned Income Tax Credits.Indian River State CollegeAnyone who made less than $66,000 in 2022 is eligible.Services are available on Thursdays from Feb. 9 through March 23, except on March 16. Services are done in Room 102 of the Brown Center for Innovation and Entrepreneurship (Building Y) at the IRSC Massey Campus located at 3209 Virginia Avenue.They take place from 1:30 p.m. to 6:30 p.m. No appointments are necessary. Those who are married and filing jointly must both be present to electronically file the return.Everything is overseen by tax professionals.Assistance will be provided for those filing: Form 1040-A Form 1040-EZ Form 1040-V 1040-ES Form 1040 (A, B, C-EZ, D, EIC, R, SE) Form 2441 (Dependent Care Expenses) Schedule 8812 (Additional Child Tax Credit) Form 8863 (Education Credit)Assistance WILL NOT be provided for those filing: Schedule C (with loss, depreciation or use of home) Complicated Schedule D (capital gains and losses) Form SS-5 (request for Social Security Number) Form 8606 (non-deductible IRA) Form 8814 (child taxed at parent's tax rate) Form SS-8 (determination of worker status for taxes) Parts 4 & 5 of Form 8962 (Premium Tax Credits)Participants must bring the following items to the sessions: Proof of identification (photo ID) Social Security cards (or ITINs) for you, your spouse and dependents Birth dates for you, your spouse and all dependents on the tax return Wage statements (Form W-2, W-2G, 1099-R, 1099-Misc) from all employers Interest and dividend statements from banks (Forms 1099) Health Insurance Exemption Certificate, if received A copy of last year's federal and state returns (if available) Proof of bank routing and account numbers for direct deposit, such as a blank check Total paid for day care and the day care provider's tax identifying number (EIN or SSN) Forms 1095-A, B and C, Health Coverage Statements Copies of income transcripts from IRS and state, if applicable Charitable contribution letters from recipients (church or other 501(c)(3) organizations)For more information, call Matthew Boucher at 772-462-7489

The filing deadline for taxes is April 18 this year.

There are several places in the Palm beaches and Treasure Coast that are helping people do their taxes for free.

United Way of Palm Beach County

The 20th year of the Volunteer Income Tax Assistance Program offers free income tax preparation for people who have a 2022 income of $70,000 or less.

The program files electronically through "a secure IRS-certified program" so that people can receive money while also saving it on filing fees, according to the program.

In 2022, the volunteers process over 7,300 tax returns. It has returned more than $267 million to the Palm Beach County economy since 2003, according to the group.

To file online, click here.

To file in person, click here to find the nearest location. There is no appointment required.

When going in person, taxpayers need to bring the following documents:

  • 2021 tax return
  • social security cards and birthdates for all family members
  • all W2 statements for 2022
  • forms 1095-A, 1099, and 1098
  • a photo ID and a voided check

Note: Joint returns require both spouses to attend. Those who earned less than $60,000 may also be eligible for up to $6,935 in Earned Income Tax Credits.

Indian River State College

Anyone who made less than $66,000 in 2022 is eligible.

Services are available on Thursdays from Feb. 9 through March 23, except on March 16. Services are done in Room 102 of the Brown Center for Innovation and Entrepreneurship (Building Y) at the IRSC Massey Campus located at 3209 Virginia Avenue.

They take place from 1:30 p.m. to 6:30 p.m. No appointments are necessary. Those who are married and filing jointly must both be present to electronically file the return.

Everything is overseen by tax professionals.

Assistance will be provided for those filing:

  • Form 1040-A
  • Form 1040-EZ
  • Form 1040-V 1040-ES
  • Form 1040 (A, B, C-EZ, D, EIC, R, SE)
  • Form 2441 (Dependent Care Expenses)
  • Schedule 8812 (Additional Child Tax Credit)
  • Form 8863 (Education Credit)

Assistance WILL NOT be provided for those filing:

  • Schedule C (with loss, depreciation or use of home)
  • Complicated Schedule D (capital gains and losses)
  • Form SS-5 (request for Social Security Number)
  • Form 8606 (non-deductible IRA)
  • Form 8814 (child taxed at parent's tax rate)
  • Form SS-8 (determination of worker status for taxes)
  • Parts 4 & 5 of Form 8962 (Premium Tax Credits)

Participants must bring the following items to the sessions:

  • Proof of identification (photo ID)
  • Social Security cards (or ITINs) for you, your spouse and dependents
  • Birth dates for you, your spouse and all dependents on the tax return
  • Wage statements (Form W-2, W-2G, 1099-R, 1099-Misc) from all employers
  • Interest and dividend statements from banks (Forms 1099)
  • Health Insurance Exemption Certificate, if received
  • A copy of last year's federal and state returns (if available)
  • Proof of bank routing and account numbers for direct deposit, such as a blank check
  • Total paid for day care and the day care provider's tax identifying number (EIN or SSN)
  • Forms 1095-A, B and C, Health Coverage Statements
  • Copies of income transcripts from IRS and state, if applicable
  • Charitable contribution letters from recipients (church or other 501(c)(3) organizations)

For more information, call Matthew Boucher at 772-462-7489

Thu, 09 Feb 2023 07:02:00 -0600 en text/html https://www.wpbf.com/article/florida-taxes-file-free/42802966
Killexams : Strong start of the year for MISC

MIDF REsearch says it maintains its “neutral” call on MISC with a target price of RM7.77.

PETALING JAYA: The addition of two new-generation liquefied natural gas (LNG) carriers, Seri Damai and Seri Daya, to MISC Bhd’s fleet of LNG carriers is a strong start for 2023.

More importantly, MIDF Research said it also represented a step forward in supporting a net-zero future for the LNG industry.

On Tuesday, MISC announced that it had delivered the two LNG vessels to Exxonmobil’s subsidiary, SeaRiver Maritime.

The green and energy-efficient vessels were built by Samsung Heavy Industries (SHI) and would be handled by Eaglestar Shipmanagement.

MIDF said the development is “a key milestone in its collaboration with SeaRiver Maritime, as well as its continuous partnerships with SHI, Eaglestar and its own gas assets and solutions team”.

“We opine that given MISC’s track record with LNG carriers’ long-term charters, as well as the strong demand in LNG globally, MISC is set to continue its robust performance,” said the research firm, adding that it sees positive future prospects in the oil and gas shipping sub-industry.

According to MIDF, the Seri Damai and Seri Daya will now add on to MISC’s fleet strength, which currently consists of 31 LNG carriers for its gas business.

In addition it has six very-large ethane carriers and two LNG floating storage units.

However, it said “the additional vessels have been factored in and considering their long-term operations, we make no changes to our earnings estimates at this juncture.

“Overall, we continue to like MISC as its medium to long-term growth plans stay intact, in line with the demand growth for LNG post-pandemic and the heightened tension in the Russia-Ukraine front,” said MIDF Research in a report.

The research firm said it maintains its “neutral” call on MISC with a target price (TP) of RM7.77. The TP is pegged on a price-earnings ratio of 21 times to a 2023 earnings per share of 37 sen.

Thu, 02 Feb 2023 11:33:00 -0600 en text/html https://www.thestar.com.my/business/business-news/2023/02/03/strong-start-of-the-year-for-misc
Killexams : IRDAI revises Guidelines on issuance of FRN to Cross Border Re­insurers

Insurance Regulatory and Development Authority

Ref: IRDAI/REIN/GDL/MISC/2/1/2023 Dated: January 3, 2023

The CEOs of All Insurers

Subject: Guidelines on issuance of File Reference Numbers (FRN) to Cross Border Re­insurers

1. Background:

A. The Indian Insurance Industry is poised for growth and the Authority has been taking various steps to reduce the protection gap and develop the Insurance industry. These steps are towards ease of doing business and would also facilitate further development of the insurance industry.

B. The availability of well-developed reinsurance market ensures that insurance products are available at reasonable prices to the policyholders. The Cross Border Re-insurers (CBRs) play a significant role in reinsurance market in providing reinsurance support/capacity to the Insurers. The insurer has to ensure that CBRs meet, interalia, rating requirements as per IRDAI (Reinsurance) Regulations, 2018 and shall have File Reference Number (FRN), before placing any business with them. At present, such FRNs are allotted on annual basis by the Authority.

C. After considering the feedback and also inputs from the Task Force on Non-life Insurers and Reinsurers and the Working group on ease of doing business, it has been decided to consider Auto-renewal of FRNs by the Insurer itself, provided such CBRs meet the required criteria as specified hereafter.

D. The Authority in exercise of the powers conferred under Sec. 34 (1) of the Insurance Act, 1938 read with Reg. 4 (3) and 12 (3) of the IRDAI (Re-insurance) Regulations, 2018, makes the following Guidelines.

E. These Guidelines aim to streamline the regulatory process with respect to cross border reinsurers and will supersede existing Guidelines No. IRDA/R1/GDL/MISC/015/01/2021 dated 22th January, 2021, on CBRs.

2. Allotment of FRN to CBRs

A) Application for New FRN:

i. The CBRs, who meet the eligibility criteria as per the extant regulations, will qualify as ‘Eligible CBRs’. The CBRs, who do not meet the eligibility criteria, are regarded as ‘Non-Eligible CBR’;

ii. The insurers, who wish to place re-insurance business with CBR, shall file an online application with the Authority at https://cbr.irdai.gov.in/login.aspx (CBR Portal) in the form as specified at Annexure – 1, for allotment of FRN to CBRs under the category of either ‘Eligible CBR’ or ‘Non-Eligible CBR’, as the case may be;

iii. The Authority may raise any other requirements, if necessary, for processing of such application while allotting FRN to CBR. After examination of submissions made by the insurer, the Authority allots system generated FRN to the CBR;

iv. Filing of application for allotment of FRN to CBR shall commensurate with Re­insurance programme of the insurer, as per extant regulations.

B) Application for Renewal of FRN:

The Insurer can generate FRNs on their own for the CBRs who qualify for Auto-renewal. The CBRs, who do not qualify for Auto-renewal, shall have to obtain FRN on annual basis. The detailed procedure is as under:

i. Process for ‘Auto – Renewal’ of FRN:

a) To qualify for Auto-renewal of a CBR, the Insurer shall ensure that –

(i) Credit rating of the CBR shall not be less than ‘Standard & Poor’s A- or equivalent. The latest credit rating of the CBR shall not be prior to 12 months from the date of application for Auto-renewal;

(ii) CBR has been allotted FRN under ‘Eligible CBR’ by the Authority in the financial year preceding to the financial year for which application is made;

(iii) necessary and latest information is filed and

(iv) Such CBR meets the other requirements as per Reg. 4 (1) of IRDAI (Reinsurance) Regulations, 2018 to qualify as ‘Eligible CBR’

b) While doing Auto-renewal process, if the applicant Insurer notices that CBR does not meet the requirements as per (a) above, it shall file the application for renewal as per the process stated in para B(ii) below.

c) The portal would be available for Auto-renewal for the current financial year and would also be available three months in advance for the next financial year.

d) The auto-renewal facility is available for three consecutive financial years for a CBR. After three financial years, fresh application has to be submitted by the insurer through CBR portal.

ii. Process for Renewal of FRN for the CBR, who does not qualify for Auto-renewal:

a) On completion of every financial year, any insurer may make an application for Renewal of FRN through the CBR portal.

b) The Authority, on examination of submissions made by the insurer, may allot system generated FRN.

c) The validity of renewed FRN allotted to such CBRs shall be for one financial year.

3. General Provisions:

i. No insurer shall place re-insurance business with any CBR without valid FRN.

ii. The Authority may allot country wise separate FRN to the CBR.

iii. The facility for Auto-renewal would be available for FY 2023-24 and thereafter.

iv. Once FRN is allotted for a particular CBR, the same shall be used by other insurer for placement of reinsurance business with such CBRs.

v. The Insurer, while placing reinsurance business with CBR (who has valid FRN), shall satisfy itself and is solely responsible to ensure that the CBR meets the eligible conditions as per the extant regulations.

vi. The Insurer shall place all the re-insurance business placements made with the ‘Non-Eligible’ CBRs before its Board of Directors for their approval / ratification, and shall file within fifteen days the certified copy of such resolution with the Authority.

vii. The insurer, within thirty days of commencement of the financial year, shall submit a certificate of compliance (Annexure-2) to the Authority confirming that all the re-insurance placements are made with the CBRs who comply with the eligibility criteria or with those CBRs prescribed in these guidelines. This certificate is to be filed with the Authority along with submissions required to be made under Reg. 3 (3) (A) (c) of the IRDAI (Re-insurance) Regulations, 2018.

viii. Notwithstanding anything contained in these guidelines, the insurer shall comply with the Insurance Act,1938 and other applicable regulations issued by the Authority from time to time.

These Guidelines shall come into force from the date of the issue.

A Ramana Rao

Chief General Manager (Re-insurance)

Download Annexure – 1 and Annexure-2

Sun, 31 Dec 2000 10:00:00 -0600 en text/html https://taxguru.in/corporate-law/irdai-revises-guidelines-issuance-frn-cross-border-reinsurers.html
DCA exam dump and training guide direct download
Training Exams List