After years of searching we have finally found Rebecca, my deceased sister’s daughter. I haven’t seen her since 1994, at my sister’s funeral.

After years of searching we have finally found Rebecca, my deceased sister’s daughter. I haven’t seen her since 1994, at my sister’s funeral.


Jaime turned another year older. I got my baby a tiara. We shopped a lot that day. We also had dinner with the family. It was really nice! I wish I got more pictures.

Wow. Four decades.
I’m very appreciative of all who wished me a happy birthday and of the gifts that were given to me.
My wife got me a cool bike, well… us some cool bikes. Which I like that she got a bike too, so that we could ride together.


We had it all planned out, Jaime printed 9 vehicles for us to look at that were in our price range and estimated monthly payment breakdown of 3, 4, and 5 year monthly payments. We were able to test drive and purchase one of the jeeps that was on the list.
We are now looking at getting rid of the camaro that I’ve had for so long since I will now drive the magnum (when it rains or whatnot). I’m still going to drive the motorcycle as my daily driver. Let’s face it, my commute to work is so short, that I paid $7 in gas for the month using the motorcycle. That’s hard to beat!
The Jeep is a base model and it’s very, very, nice! It is Jaime’s new daily driver.
We hosted the Halloween party at our home this year.
[AFG_gallery id=’20’]
Without control over the physical environment, you can’t have adequate security with as much administrative or technical/logical control you through at it. If a malicious person can gain physical access to your facility or equipment, they can do whatever they want. destroy, disclose, alter.
Examples of administrative physical security controls are facility construction and selection, site management, personnel controls, awareness training, and emergency response and procedures.
Technical physical controls can be access controls, intrusion detection, alarms, CCTV, monitoring, HVAC, power supplies, and fire detection and suppression.
Physical controls for physical security are fencing, lighting, locks, construction materials, mantraps, dogs, and guards.
The order of controls are: deterrence, then denial, then detection, then delay.
The key elements in making a site selection are visibility, composition of the surrounding area, area accessibility, and the effects of natural disasters. A key element in designing a facility for construction is understanding the level of security needed by your organization and planning for it before construction begins.
There should not be equal access to all locations within a facility. Areas that contain assets of higher value or importance should have restricted access. Valuable and confidential assets should be located in the heart or center of protection provided by a facility. Also, centralized server or computer rooms need be human compatible.
If a facility employs restricted areas to control physical security, then a mechanism to handle visitors is required. Often an escort is assigned to visitors, and their access and activities are monitored closely. Failing to track the actions of outsiders when they are granted access into a protected area can result in malicious activity against the most protected assets.
The security controls to manage physical security are: Administrative, Technical and Physical.
Common threats to physical access controls: Abuse, Masquerading and Piggybacking. TO counter, deploy a guard or other monitoring system.
Abuses of physical access controls are propping open secured doors and bypassing locks or access controls. Masquerading is using someone else’s security ID to gain entry into a facility. Piggybacking is following someone through a secured gate or doorway without being identified or authorized personally.
Audit trails and access logs are useful tools even for physical access control. They may need to be created manually by security guards or they can be generated automatically if sufficiently automated access control mechanisms are in place. Consider monitoring entry points with CCTV and compare the audit trails and access logs with visually recorded history of the events. Useful for reconstructing the events of an intrusion, breach or attack.
Power supplied by electric companies is not always consistent and clean. Most electronic equipment demands clean power in order to function properly. Equipment damage because of power fluctuations is a common occurrence. Many organizations opt to manage their own power through several means. A UPS is a type of self-charging battery that can be used to supply consistent clean power to sensitive equipment. UPSs also provide continuous power even after the primary power source fails. A UPS can continue to supply power for minutes or hours depending on its capacity and the draw of the equipment.
As they relate to power…
Define Fault: In an electric power system, a fault is any abnormal electric current. For example, a short circuit is a fault in which current bypasses the normal load. An open-circuit fault occurs if a circuit is interrupted by some failure. In three-phase systems, a fault may involve one or more phases and ground, or may occur only between phases. In a “ground fault” or “earth fault”, charge flows into the earth. The prospective short circuit current of a fault can be calculated for power systems. In power systems, protective devices detect fault conditions and operate circuit breakers and other devices to limit the loss of service due to a failure.
Define Blackout: A power outage (also known as a power cut, power failure, power loss, or blackout) is a short- or long-term loss of the electric power to an area.
Define Sag: A power is a momentary drop in power. It involves voltages 80 to 85 percent below normal for short periods.
Define Brownout: A brownout is an intentional or unintentional drop in voltage in an electrical power supply system. Intentional brownouts are used for load reduction in an emergency. The reduction lasts for minutes or hours, as opposed to short-term voltage sag or dip.
Define Spike: In electrical engineering, spikes are fast, short duration electrical transients in voltage (voltage spikes), current (current spike), or transferred energy (energy spikes) in an electrical circuit.
Define inrush: Inrush current or input surge current refers to the maximum, instantaneous input current drawn by an electrical device when first turned on.
Define Noise: A steady, interfering power disturbance or fluctuation.
Define Transient: A short duration of line noise disturbance
Define Clean: Non fluctuation pure power
Define Ground: The wire in a circuit that is grounded.
In addition to power considerations, maintaining the environment involves control over the HVAC mechanisms. Rooms containing primarily computers should be kept at 60 to 75 degrees Fahrenheit or 15 to 23 degrees Celsius.
Humidity in a computer room should be maintained between 40 and 60 percent. Too much humidity causes corrosion and too little causes static electricity.
It is possible to generate 20,000 volt static discharge on nonstatic carpeting if the humidity is too low.
Water leakage and flooding should be addressed in your environmental safety policy and procedures. Plumbing leaks are not an everyday occurrence but when they occur they often cause significant damage. Water and electricity don’t mix. Whenever possibly, locate server rooms and critical computer equipment away from any water source or transport pipes.
Fire detection and suppression must not be overlooked. Protecting personnel from harm should always be the most important goal of any security or protection system. In addition to protecting people, fire detection and suppression is designed to keep damage caused by a fire, smoke, heat, and suppression materials to a minimum, especially in regard to the IT infrastructure.
The destructive elements of a fire include smoke and heat but also the suppression medium, such as water or soda acid. Smoke is damaging to most storage devices. Heat can damage any electronic or computer component. Suppression mediums can cause short circuits, initiate corrosion, or otherwise render equipment useless. All of these issues must be addressed when designing a fire response system.
In all circumstances and under all conditions, the most important aspect of security is protecting people. Thus, preventing harm to people is the most important goal for all security solutions.
[AFG_gallery id=’19’]
It is with heavy hearts, lumps in our throats, and tears in our eyes, that we announce the passing of Christy Lee Woodford which occurred on September 8th, 2013, at the young age of 63.
Visit http://www.christywoodford.com/memorial-services/ in regards to memorial services for her.
Computer crime is a crime that is directed against, or directly involves, a computer.
Computer crimes are grouped into six categories: military, business, financial, terrorist, grudge, and thrill.
As soon as you discover an incident, you must being to collect evidence and as much information about the incident as possible. The evidence should be treated in a way that it can be legally used in court. Evidence collection can also assist you in determining the extent of damage.
Incidents should be defined in your security policy. Even though specific incidents may not be outlined, the existence of the policy sets the standard for the use of your system. An incident is any event that has a negative outcome affecting the confidentiality, integrity, or availability of an organization’s data.
An incident occurs when an attack or other violation of your security policy is carried out against your system. Incidents can be grouped into four categories: scanning, compromises, malicious code and DoS/DDoS.
Attacks will generate some activity that is not normal. Recognizing abnormal and suspicious activity is the first step toward detecting incidents.
You must have possession of equipment, software, or data to analyze it and use it as evidence. You must acquire the evidence without modifying it or allowing anyone else to modify it.
3 basic alternatives for confiscating evidence.
First, the person who owns the evidence could voluntarily surrender it. Second, a subpoena could be used to compel the subject to surrender the evidence. Thirdly, a search warrant is most useful when you need to confiscate evidence without giving the subject an opportunity to alter it.
Use logging and store it for a reasonable amount of time as it may take some time to actually realize an incident has occurred.
Establish a working relationship with the corporate and law enforcement personnel with whom you will work to resolve an incident. When you have a need to report an incident, gather as much descriptive information as possible and make your report in a timely manner.
To be admissible, evidence must be relevant to a fact at issue in the case, the fact must be material to the case, and the evidence must be competent or legally collected.
Real evidence consists of actual objects that can be brought into the courtroom. Documentary evidence consists of written documents that provide insight into the facts. Testimonial evidence consists of verbal or written statements made by witnesses.
Security practitioners are granted a very high level of authority and responsibility to execute their job functions. The potential for abuse exists, and without a strict code of personal behaviour, security practitioners could be regarded as having unchecked power. Adherence to a code of ethics helps ensure that such power is not abused.
RFC 1087 is about ethics and the (ISC)^2 has a code of ethics that CISSP candidates must subscribe to.
Above is the map of where we made camp.
We left Saturday morning, finally, after months of preparation, we were on vacation! I always marvel at the trip, much of Arizona is very beautiful.
We drove pretty much all day to get there, then once we got the houseboat, we drove until it got dark, the next day we drove some more until we found a great spot. It was really great having everybody there. As we had newbies to Lake Powell, we had to make the trip to Rainbow bridge. I can’t wait until next time. I can’t believe, yet again, another or the same hummingbird came up to my face.
[AFG_gallery id=’18’]
The flip I normally do when we get a houseboat.
The one I did back in 2007, the first time we had a houseboat.
Here is our Lake Powell 2010 pictures
Lake Powell 2009 pictures
and our Lake Powell 2007 pictures
The differences between criminal law, civil law,and administrative law are:
Criminal law protects society against acts that violate the basic principles we believe in. Violations of criminal law are prosecuted by federal and state governments.
Civil law provides the framework for the transaction of business between people and organizations.
Violations of civil law are brought to the court and argued by the two affected parties. Administrative law is used by government agencies to effectively carry out their day-to-day business.
The computer fraud and abuse act protects computers used by the government or in interstate commerce from a variety of abuses. The computer security act outlines steps the government must take to protect its own systems from attack. The government information security reform act further develops the federal government information security program.
Copyrights protect original works of authorship, such as books, articles, poems, and songs. Trademarks are names, slogans, and logos that identify a company, product, or service. Patents provide protection to the creators of new inventions. Trade secret law protects the operating secrets of a firm.
The digital millennium copyright act prohibits the circumvention of copy protection mechanisms placed in digital media and limits the liability of Internet service providers for the activities of their users.
The economic espionage act provides penalties for individuals found guilty of the theft of trade secrets. Harsher penalties apply when the individual knows that the information will benefit a foreign government.
Contractual license agreements are written agreements between a software vendor and user. Shrink-wrap agreements are written on software packaging and take effect when a user opens the package. Click-wrap agreements are included in a package but require the user to accept the terms during the software installation process.
The uniform computer information transactions act provides a framework for the enforcement of shrink-wrap and click-wrap agreements by federal and state goverments.
Ni high-performance computers or encryption technology may be exported to tier 4 countries. The export of hardware capable of operating in excess of 0.75 weighted teraflops to tier 3 countries must be approved by the department of commerce. New rules permit the easy exporting of “mass market” encryption software.
The united states has a number of privacy laws that affect the government’s use of information as well as the use of information by specific industries, such as financial services companies and health-care organizations that handle sensitive information. The EU has a more comprehensive directive on data privacy that regulates the use and exchange of personal information.
Most organizations are subject to a wide variety of legal and regulatory requirements related to information security. Building a compliance program ensures that you become and remain compliant with these often overlapping requirements.
The expanded use of cloud services by many organizations requires added attention to conducting reviews of information security controls during the vendor selection process and as part of ongoing vendor governance.