Wentz Wu

OK
About Wentz Wu
Wentz Wu is the co-founder of Amicliens and has been working in the IT industry for more than 20 years. He is devoted to applying information technologies to solve business problems, delivering training and education courses, and giving back to the community.
In his professional career, Wentz is skilled at implementing IT infrastructure and cloud services, developing quality software, conducting comprehensive business analysis, managing projects with agility, and advising and delivering practical business solutions.
With solid technical background and business savvy, Wentz comprehensively offers the CISSP course based on the Amicliens InfoSec Conceptual Model, which effectively addresses the official (ISC)² CISSP exam outline.
As a lifelong learner, Wentz demonstrates his endeavor and achievement as follows:
- EMBA/CBAP/PMP/ACP/PBA/RMP
- CGEIT/CISM/CRISC/CISA
- CISSP-ISSMP,ISSEP,ISSAP/CCSP/CSSLP
- CEH/ECSA/AWS-CSAA/MCSD/MCSE/MCDBA
- SCRUM: PSM Level I/PSPO Level I/PSD Level I
- ISO 27001 LA/ISO 27701 LA Courses Completed
Customers Also Bought Items By
Are you an author?
Author Updates
-
-
-
Blog post人類最原始、最單純的感情,就是好奇心。
~ 沈敬為 (Sky), 暫時通過CISSP考試, CEH, ECIH,CHFI, ECSA, CCNA, ISO 27001 壹、報考動機 一、提升自己的價值與競爭力 進入資安產業工作時常聽前輩說考取證照就是要CISSP,由於本人我進入業界並沒有太多實務經驗,充其量只能算是個菜鳥跟技術腦,在我不做工程師之後,決定要來挑戰CISSP證照,提升自己在資安領域知識點。
二、持續精進實務工作 現在大環境仍然是以「經歷」做為選才的優先考量,而非「能力」,而要想在眾人中脫穎而出,除了「能力」培養以外,也必須將「經歷」持續培養向上提升,這也成為我考取CISSP的動機,希望能在這個學習階段培養資安專業能力,並透過從WUSON社群學習到的架構觀念與實務結合,建立自己的一套方法論,考取證照只是順便,重要的是學習到的知識。
貳、學習計畫 一、學習方向 在WUSON 這段時間的學習,從Bruce老師時常強調的資安定義,與覆蓋了考試各領域的心智圖,心智圖完全貫穿所有的CISSP的知識領域,QOTD的考題觀念練習,每日<6 days ago Read more -
Blog post清晰產生力量
~ 黃一展 (Nicky), 志工教練, 暫時通過CISSP考試, PMP 2022的7月25日,是我2022年辛苦也是最幸運的一天,經過5個半小時的艱難燒腦,終於在第二次報考通過了CISSP考試,在這裡面首先要感謝WUSON,感謝Bruce老師、Daily Scram Jimmy教練與豐盛教練!當拿到考試結果通知單,心中的想法是終於通過了這條天堂路,那一刻,我感覺所有的焦慮與壓力全部釋放了。
有考CISSP的想法已經有幾年了,光是聽別人考都感覺過程太難了,內容太多,抓不住重點。直到2022年立下了考CISSP 的FLAG,在古哥上看了許多的培訓課程,竟然有一個課程號稱CISSP通過率80%,整個吸引著我的眼光,我把整個網站爬文仔仔細細的看了一遍,感覺上課程還不錯。只是不太理解WUSON的考試培訓計劃與安排,現在回過頭來看,才覺得整個培訓計劃非常科學與精準,是保障通過考試的前提。
好了切入正題,跟大家分享一下考試的歷程與經驗教訓。
1、首先總的原則:要定好考試的目標,在課程後計劃3~6個月的考試時間週期2 weeks ago Read more -
Blog post透過WUSON的教學新法, 就如武俠小說般的醍醐灌頂,
注入了8個Domain的精華, 讓通過CISSP考試不再是天方夜譚
~ 萬家興 (Jason), 暫時通過CISSP考試, PMP, CCIE 緣起
CISSP一直是大家夢寐以求的證照,對我來說,小弟的人生總是常常給自己一個又一個的目標。因此今年的我,在更換跑道的空檔,決定再給自己一個新的挑戰,讓自己更有競爭力。因此,下定決心考CISSP,想不到,CISSP準備起來,卻是一個學無止盡,資安知識海的無窮知識吸收。但慶幸我選擇了WUSON。
學習方向
在WUSON 這段時間的學習,從Bruce老師鉅細彌遺的資安知識指導,教材涵蓋了整個資安觀念,心智圖完全貫穿所有的CISSP的知識領域,QOTD的資安概念練習,每日的進度追蹤,每週的模擬測驗,不定時的教練Review,都是一步步的協助我,確認自己是否在對的路上,一天一天的進步,總將能取得CISSP的黃金證照。
熟讀 Bruce 老師的教材,是協助我打底最好的武功秘笈。
練2 weeks ago Read more -
-
Blog post“何かを犠牲にした” とは考えない「すべては前に進むために必要なこと」。
我不認為有什麼犠牲的,一切都是必要的前進條件而已。
~ 娟娟 (Chuan Chuan), 志工教練, CISSP, CISA, PMP, ISO 27001 LA 機緣
首先因為能擠進企業包班最後一個名額,讓我有機會成為老師的學生,老師的教學方法及講義都很有系統性,專業知識豐富,如果從深度和廣度兩個角度來看,心智圖的設計讓學習更加倍,加上老師在群組中持續提供的資訊,給了我們隨時隨地學習的機會,而這些豐富的內容,層層疊疊加深又累積了知識的基礎;而廣度當然就是精心設計且提供正確建議答案與詳細解說的 QOTD 題目。
學習方法
訂定目標目標導向是激勵理論之一,評估後採用三個月的積極目標,避免考試時間離上課太久遠,念書時也會顯得疲乏、後繼無力建議考試的評估日期可為預計摘金日期往前推,並需包含上場摘金指標的項目建立只有自己一個人的CISSP Line群組群組的名稱設定成要達到的目標,並做釘選,給自己打氣把老師、教練和同學在群組的分享及叮嚀2 weeks ago Read more -
-
Blog post管理觀念通,解題很輕鬆。
~ 黃星評 (Kuro Huang), 志工教練, 暫時通過CISSP考試, CISA, CISM, CRISC, CGEIT, CEH, ECSA, CSA, CTIA, CPSA, CCNP, NSPA,ISO 27001 LA 開頭先破題,CISSP的考試真的不難:
管理觀念通,解題很輕鬆。
~ Kuro 動機:
身為資安顧問有重大的使命,要給自己與我的客戶能夠有正確的資安觀念,給出具有成本效益的建議,所以要提升自己各個領域的水平,所以先前學習了 ISACA 與其他相關的資安認證,最後就是要拿到 CISSP 這張證照來達成 5C !因為資安顧問需要比客戶學習更多的知識才行。(先前已取得:CISA/CISM/CRISC/CGEIT/CEH/ECSA/CSA/CTIA/CPSA/CCNP Ent & Sec / NSPA / ISO 27001 LA )。
由於後來認識了 Steven 總教練、宸賓教練與幾位同學,對於老師網站上的資料深感佩服,而且對於資安各個定義都非3 weeks ago Read more -
-
Blog postVisible light is only a small part of the electromagnetic spectrum (Source: TechnologyUK) https://www.technologyuk.net/science/measurement-and-units/luminous-intensity-and-photometry.shtmlhttps://www.dcmsistemes.com/en/technical-data/additional-information/2/light-measurements/https://www.bipm.org/en/si-base-units/candela3 weeks ago Read more
-
Blog postThe Visual Microphone: Passive Recovery of Sound from Video Side-Channel Attack In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or minor, but potentially devastating, mistakes or oversights in the implementation. (Crypt
4 weeks ago Read more -
Blog postModulation Schemes Signal, as a waveform, is the carrier of data. By alternating amplitude, frequency, phase, or any combination of them, the modulation process synthesizes the signal (as the carrier wave) and the data (as an input wave) and generates the modulated result. Modulation can be analog or digital.
Digital Modulation Data Element vs Signal Element (Credit: rfwireless-world.com) There are many types of digital modulation techniques, for example:
ASK – Amplitude Shift Ke1 month ago Read more -
Blog postData, Control, and Management Plane A router is a device that forwards packets across various networks based on the routing table, which informs the decision of path selection per the distance-vector, link-state, or other criteria. A router is typically designed based on a layered architecture that isolates operations, such as data forwarding, route control, and system management so that they won’t interfere with one another.
A layer that shares common design concerns is also known a1 month ago Read more
Titles By Wentz Wu
"This book should be part of your study plan for the CISSP." -J. Stapp
The Effective CISSP: Security and Risk Management is for CISSP aspirants and those who are interested in information security or confused by cybersecurity buzzwords and jargon. It is a supplement, not a replacement, to the CISSP study guides that CISSP aspirants have used as their primary source. It introduces core concepts, not all topics, of Domain One in the CISSP CBK - Security and Risk Management. It helps CISSP aspirants build a conceptual security model or blueprint so that they can proceed to read other materials, learn confidently and with less frustration, and pass the CISSP exam accordingly. Moreover, this book is also beneficial for ISSMP, CISM, and other cybersecurity certifications.
This book proposes an integral conceptual security model by integrating ISO 31000, NIST FARM Risk Framework, and PMI Organizational Project Management (OPM) Framework to provide a holistic view for CISSP aspirants. It introduces two overarching models as the guidance for the first CISSP Domain: Wentz's Risk and Governance Model.
- Wentz's Risk Model is based on the concept of neutral risk and integrates the Peacock Model, the Onion Model, and the Protection Ring Model derived from the NIST Generic Risk Model.
- Wentz's Governance Model is derived from the integral discipline of governance, risk management, and compliance.
There are six chapters in this book organized structurally and sequenced logically. If you are new to CISSP, read them in sequence; if you are eager to learn anything and have a bird view from one thousand feet high, the author highly suggests keeping an eye on Chapter 2 Security and Risk Management.
This book, as both a tutorial and reference, deserves space on your bookshelf.
This book has a nickname, CISSP Sudoku 365, a metaphor of turning the 365 questions into the exciting game, Sudoku. It is for CISSP aspirants who:
- intend to learn by topics,
- finish the first round of study, or
- sprint for the CISSP exam.
Reasoning and Justification
This book not only provides a pool of quality questions and suggested answer keys but also advocates reasoning and justification. Most of the questions synthesize two or more facts and entail an analysis of the implications.
How to Use This Book
To use this book effectively, readers need to:
- think, research, and study intensively,
- use judgment and critical thinking, and
- develop justification and identify the best answer.
Handy Navigation Experience
This book also features its handy navigation experience. Readers can navigate between questions and answers and justification from the author's blog. If you have tried this Sudoku challenge and not retreated, you may feel more comfortable in the real exam.
CISSP數獨365!
這是本書的另一個名字!它是一個比喻,希望能把365個具有挑戰性的考試題目變成令人興奮、又好玩的遊戲-數獨。
這本書是為對CISSP充滿熱情的考生而寫,適合以下讀者:
- 打算採取主題式學習
- 打算採取主題式學習
- 為CISSP考試作最後衝刺
推理與論證
這本書不只提供高品質的題庫及解答,更提倡推理和論證的過程。大多數問題綜合了兩個或更多的知識點,需要進一步分析題目的意涵。
如何使用本書
為了有效地使用這本書,讀者需要:
- 仔細閱讀、思考、找資料、及研讀
- 運用判斷力和關鍵性思考能力
- 提出接受或拒絕每個選項的理由,並選出最佳答案
便捷的瀏覽體驗(僅適用Kindle電子書)
讀者可以在題目、答案以及作者網站詳解頁面之間快速切換。或者在作的網站輸入題目日期或關鍵字查詢,以獲得英文詳細解說。