THE CCCure Family of Portal
Brought to you by Clément Dupuis and Nathalie Lambert (Site Maintainers and Owners)

CCCure was borned at a time when Facebook, Google, Twitter, Pinterest and all of those web sites did not even exist.  We have been helping people for a VERY LONG period of time and we continue to do so today.  That's what we like to do.

WHO IS THIS CLÉMENT DUPUIS GUY?

Let me give you a bit of background on myself and how the the idea of having study guides came along. As I mentioned earlier, I am a retired military Communication and IT Specialist (20 years of service) for the Canadian Army,  I retired in early 1998. The last 12 years of my military career were strictly in IT and more specifically security oriented in the last three.

I was THE pioneer who deployed the first computer into a field unit for the Canadian Army. It was a big clunker of 65 pounds with tons of screws (42 to open the cover) due to TEMPEST requirements. A bit later I also achieved the milestone of setting up the first LAN and WAN in a deployed operational unit. I have deployed networks for large Army Headquarters in exotic places such as Somalia and Rwanda while under constant threats from thugs and at time under live fire. I must admit that your view of Africa is very different once you spend six months in Rwanda and six months in Somalia with regular visits to neighboring countries such as Ouganda, Ethiopa, and Kenya.  Once you get back home, you never, ever, complain about the water being too cold in your shower; you simply consider yourself lucky to have basic necessities such as water.

Who, What, Where, When, Why, What is next

The Open Study Guides Web sites ( known today as "The CCCure Family of Portals" are dedicated to helping people in achieving their goal of becoming certified on some of the leading security certifications such as the CISSP, SSCP, CISM, CISA, or GCFW or simply helping them in learning more about what security is all about.  We always preach an holistic approach to security.  Relying on a black box is simply ineffective and inadequate to meet today's and tomorrow's threats.

Over the years The CCCure Family of Portal has taken a life on it's own.  Our family of portals has become a vast container of resources that can assist you in mastering the domains of the specific Common Body of Knowledge related to each of the certifications mentioned above and others not listed.  The site has become the default page for quite a few security specialists out there.

Around 100,000 unique visitors are using our portals as their primary study resource.  Combine this with some of the leading CISSP and certification study books and you have a successful recipe to pass your exams. The sites today also offers security news, a great collection of security links, security videos, forums, and an extensive library of documents that people like to peruse and extract from to dig deeper into specific domains of each of the CBK or simply to help in their daily security tasks.

The CCCure Family of Portals is owned and maintained by myself and my wife Nathalie. A large team of volunteers from around the world have been very actively contributing on regular basis. Many people are coming back after reaching their certification goals to share their knowledge with others and to help others succeed in their quest as well.  This is what our Family of Portals is all about: take some and give some.   Leechers are NEVER welcome.

Without all of the volunteers that assisted us, the CCCure Family of Portals would never be what it is today. There is no way that I could manage to produce, find and categorize all of the resources that the site has to offer by myself.  The volunteers are my eyes and ears and they help me in keeping you informed about the latest developments in the world of security certifications and security news.  You are also most welcome to publish your own work or simply share some of your nuggets with the site visitors and members. Any contributions are welcome.

In real life (yes, I do have a life outside being online all the time, at least I believe so),  Nathalie and I are the proud parent of  four great girls who are our pride and our reason to reach further. Currently I am employed as the Chief Learning Officer for Secure Ninja the training arm of Insyte LLC as their Chief Learning Officer (CLO).   Before working with Secure Ninja I was working with Shon Harris at Logical Security.  In the past I was employed by Vigilar and also the SANS Institute.  For quite a few years I ran my own consultancy business specializing in security-training consultation, security-training delivery, custom courseware development, and security-testing/penetration-testing services.

Prior to this I was employed as one of the three senior courseware developers for SANS and I was also a member of the SANS faculty. I have contributed significantly to the development of both the GSEC and CISSP track.  To this day I still continue to contribute regularly to the development of their curriculums.

Prior to working for SANS, I was the security program manager for Intense School in Fort Lauderdale, Florida. As their security program manager I got to teach and further develop their CISSP boot camp and to create their Professional Security Tester (Ethical Hacker) course as well.

Teaching is fun, It is always fun to have the opportunity to meet people face to face after working in the Web shadow for so long. 

Prior to my employment with Intense School, I was Senior Security Analyst and Subject Matter expert with the CGI Consulting Group ( http://www.cgi.com ) in Montréal, Québec, Canada. CGI Consulting has the largest concentration of CISSPs in Canada amongst their security team. They now have close to 350 CISSPs in total.

Prior to CGI I did 20 years in the army as a Communication and Computer specialist. The last eight years have been highly focused on security and gave me the desire to get deeper into the subject and learn more about it.  Learning is never completed; this field is constantly changing and this is the fun part of it.

One portal of particular interest is the PST,  it is focused on helping people doing security testing for a living or anyone who wishes to learn more about security testing and penetration testing. The portal is NOT a script kiddie portal but a place where professionals can share and discuss issues of doing security testing. The portal is at http://www.professionalsecuritytesters.org

I also invite you to visit our Computer Forensic portal at http://www.forensicsgurus.com.  Official opening is March 2009.  The portal will be focused on network and system forensic and providing study resources to people who wishes to learn more about he fascinating world of forensics and computer investigations.

Finally, I also maintain a French security portal at http://www.cccure.net .

Being every great man there is a great woman, meet my wife Nathalie

I am one of the most lucky person in the world,  I have my wife Nathalie who has been supporting me in all of my crazy projects, plans, ideas, even when sometimes it did not sound like I was sane at all.  She is the lady working in the shadow, she is the one doing the silent work while I am on the road consulting, teaching, doing security and penetration assessments.   I am in the limelights while she is in the shadow.

Without her support, dedication, and understanding, I would have closed all of my portals a long time ago.  She bring calm, wisdom, and her feminin touch to our Family of Portals.  She does this while being a SUPER MOM for our 4 young girls.  I have all the reason in the world to be happy and I consider myself very fortunate to have her by my side.

Nathalie is a mechanical engineer by trade. She did her studies at the University of Sherbrooke and Université Laval in Québec city.  She was later on dragged away from her job by her famous husband (hint his name starts with clem...) who was posted by the Army once again to a location about 900 kilometers away from her employment,  it was the same routine every two to three years.  She had to start over from scratch many times, that was not easy for her but she never complained and always kept a posititive attitude.

In 1992, She followed me to Kingston, Ontario and had to once again start over in her career because of my frequent career moves. This time she went back to school to learn a bit more about computer programming while teaching math and physics to the cadets at the Royal Military College in Kingston, Ontario. Quickly she found a job full time in the computer field where she was doing mainly Windows networking, system administration, and basic security tasks.  

Today, after a few years away from the computer field to look after and  take care of our kids, she is getting back into the field and quickly learning all facets of security. As you can imagine we have a very geeky family and I am no longer surprised when my 8 year-old tells me that she needs more bandwidth or she guessed my password on her computer. One day I will pay for all this when my four girls will hack my servers over and over again :-).  Such is life of a geeky security family.


Our latest site administrator,  meet my brother Alain:

As you have experience yourself, all of our portals have been growing at frantic speed.  I was totally overwhelmed by the massive amount of emails and maintenance tasks I had to do on a daily basis.   I have asked my brother to get out of retirement to help me with the maintenance of our portals.  He agreed and I was very happy he did.  Below you have a short biography of Alain:

My brother Alain  has retired from the Canadian Navy after more than 34 years of Service. During his career, he has worked primarily in the information technology field as an electronic technician, computer and communications technologist, combat system engineer, and software analyst.  He has held various positions such as Chief Technical Officer in charge of maintaining a mainframe computer centre and Quality Assurance Officer during the construction of the Canadian Patrol Frigates.  For his last 7 years of Service in the Navy, he has worked as a programmer and software analyst for the Combat System software used on the Canadian Frigates. He has specialized in large-scale, multi-million dollars software projects.

For the past 20 years, he has assisted his wife, Lynette, in her activities with the Block Parent Program in Ottawa, Victoria, and Halifax. His family received their first Block Parent window sign in Gloucester, Ontario. In 2002, the BPLink project asked Alain to join their team as a technical advisor. Because of his technical background, Alain was well suited for the job. Shortly after, he accepted the position of Project Manager on a voluntary basis, a job that he still performs today.

We are extremely glad to have Alain onboard and it will help GREATLY to maintain proper quality of service and prompt response to any of your queries.

Involvement

Over the past few years I have helped in the fostering many exciting projects for the community such as the Open Source Security Testing Methodology Manual (OSSTMM) located at http://www.osstmm.org,  I have helped give birth to the Information System Security Assessment Framework (ISSAF) located at http://www.oissg.org to name only a few of them. 

As you have probably guessed,  I am a strong believer in knowledge-sharing and giving back to the community. There is an amazing amount of knowledge out there and the best way to make use of it is to share it with others. Do take freely from our sites and portals,  however do share when you have a chance as well, give back once in a while.

It must be noted that the CCCure.Org site is a personal endeavor that my wife and I maintain on our own free time (lunch, evening, weekends).  Both of us usually spend between 15 to 20 hours a week in maintaining this site, so bear with me if sometimes it seems like a long period of  time before I respond to your e-mails and inquiries: I usually receive hundreds of messages a day. I attempt to be as responsive as possible but at times I have to pull away from all this and give some quality time to my dear wife and four daughters to maintain some form of sanity.

WHERE DOES THE IDEA OF STUDY GUIDES COME FROM?

After retirement I joined a large consulting firm in Montreal, Canada. The firm had a small security group and I convinced them of the benefits attached to the CISSP certification. I did my certification in the spring of 1999 in Vancouver where I had Hal Tipton (the father of the ISC2 CBK) and Sandy Sherizen as instructors.

I have exchanged a great deal with both of the instructors and it soon became apparent that there were very few resources available to help in getting certified (at that time there were no books, quizzes, cram study guides, or anything on the CISSP certification that was publicly available. This is when my friend Chris Hare from Nortel Networks and I decided to produce a study guide for each of the domains as we would prepare ourselves for the exam. We were able to produce guides for seven of the 10 domains before the time ran short on us and the certification date was upon us (we both passed the exam, so I guess there must have been some good content within our study guides).

Prior to taking the exam, the guides were distributed to all the students of our CBK seminar class and later we made them available on a Web site for anyone interested. The instructors from (ISC)² began distributing the link to the single Web page (in fact a directory listing) during their seminars which helped in directing traffic to the guides and getting the word spread about their existence.

At the end of 2000 I started getting more and more e-mails asking if there were updates available for the study guides. I also received a lot of requests for the three guides that did not exist. This is when I decided that it would be nice to set up a portal where the guides could be made available and updated by CISSPs and volunteers of the INFOSEC community. I have kept ownership of the study guide for Domain 1 and have helped and facilitated the development of the other study guides.

CCCure.Org went officially online on 15 January 2001 which is the same day that my fourth daughter was born. Both my young girl and the site have been growing very rapidly. Both brings me worries but also a whole lot of joy.

The portal initiative worked very well and the membership of the site has been increasing steadily every month.   As of end of January 2012 there was than 120,000 members and there have been close to twenty millions downloads so far. The site now has guides for all of the ten domains. It also includes active forums, online quiz, cram guides, documents relating to the CBK, a list of study groups, a list of CBK training resources, exams tips and info, links to CISSP articles in the press, and a whole lot more for you to discover.

The site used to be totally NON commercial for the first year.  However, I was the victim of my own success and got kicked off many shared hosting servers because I was using too much resources. Nobody out there wanted to host a free site that has 800 to 1000 GB of transfers per month, between 50,000  up to 70,000 unique visitors a month, and over twenty million hits per month on a shared server. This forced me to rethink my strategy and I decided it was time to look for a permanent hosting solution that would suit the needs of the site. The only choice available was to rent a dedicated server with tons of bandwidth, RAM and CPU.

In order to sustain the cost of the two dedicated servers we use today,  I had to establish relationships with key partners very quickly. I always pick my advertisers and partners very carefully and choose only the best.  I resolved not to advertise commercial offerings for free anymore; this type of offering is posted for an advertising fee. Having sponsors and advertisers is definitely the best win-win situation to maintain free access to all of the resources on CCCure.Org while maintaining some quality of service and control over the information.  So members of the sites will receive a few emails per week from my advertisers,  this is the price you have to pay for the FREE access you get.   We never ever share your email address, we do send all emails ourselves from our servers.

As I did mention in the past, I have no intention of charging the end user for access and have no desire to do so as long as I can still personally support the cost associated with supporting the Family of Portals while offering a proper level of service in terms of bandwidth and server space without going into the red.  This is my personal way of giving back to the security community that has been very generous to me. 

My vision for the future is to continue being the best portals for security certification and to provide this service for free to the end user.  I have been receiving lots of positive feedback from people who have used the site and passed their exam.   That remind us that we are on the right track and providing something useful.

I strongly believe that availability of training resource should not be limited by geographical location. As you have seen on the site lately, my effort is not geographically limited. I am trying to help people in Dubai, Johannesburg, Bagota, Turkey and other places in starting up study groups, in getting (ISC)² down in their region, in having exams that take place on their continent closer to their home.  Still today the battle continues on a day to day basis with ISC2.  They are always willing to deliver a training class and exam as a package anywhere you would like them to do so.  However, if you ask them to deliver an exam only, it is another story and they are not as forthcoming with the request.  Soon the exam will be available online on VUE testing and these childish games will stopped at the same time.

International students outside Canada and USA are probably 20% of my registered users so far. I am filling a gap as there are still very few seminar or boot camps being run locally.  In some countries, The cost of attending a seminar in a remote location would be prohibitive if we take under consideration that the fee might be equal to multiple months of salary.  I have delivered classes in Europe, the Middle East, Africa, India, Canada, UK, the USA, only to name a few.  We will travel to where you need us to travel.

Personally I am very satisfied with what has been done so far. Lately I have contributed to helping some of the ISSA chapters; for example, the Atlanta chapter asked for my database of questions to do a CRAM session. In exchange each of the participants provided CCCure.Org with two questions to be added to the test database. This is the type of collaborative effort that I like to see taking place.

Thanks for your interest in the CCCure Family of Portal and please feel free to advise me of any activities relating to the CISSP certification so I can post them on the CCCure.Org calendar for the benefit of all our members.

Last but not least, I strongly encourage you to support my sponsors as they are keeping the site alive and paying the bills for me.

Thanks to everyone!

Salut!

Clément and Nathalie
The CCCure Family of Portal
Owners and maintainers