Quantitative Analysis (ALE=SLE x ARO) ALE = Annualized Loss Expectancy (A dollar amount that estimates the loss potential from a risk in a span of year) SLE = Single Loss Expectancy (A dollar amount that is assigned to a single event that represents the company’s potential loss) ARO = Annualized Rate of Occurrence (Frequency of… Read more »
Posts Tagged: Certification
CISSP Security & Risk Management-The After-Action Review
After-action review (AAR): a detailed examination of events that occurred from incident detection to recovery Identify areas of the BC/DR plans that worked, didn’t work, or need improvement AAR’s are conducted with all participants in attendance AAR is recorded for use as a training case AAR brings the BCP/DRP teams’ actions to a close
CISSP Security & Risk Management-Results from the BIA
Result contains: Identified critical functions and required resources
CISSP Security & Risk Management-Business Impact Analysis (BIA)
Identify organization’s critical business functions
CISSP Security & Risk Management-Disaster Recovery (DR)
Review the BIA BIA contains the prioritized list of critical business functions Should be reviewed for compatibility with the BC plan
CISSP Security & Risk Management- Business Continuity (BC) & Disaster Recovery (DR) Requirements
Project Initiation and Management Develop and Document Project Scope and Plan
CISSP Security & Risk Management- Global Legal and Regulatory Issues
Computer/Cyber Crime CryptoLocker Ransomware – Spreads via email and propagates rapidly. Encrypts various file types and then a pop-up window appears to inform user about the actions performed on computer and, therefore demand a monetary payment for files to be decrypted.
CompTIA Network+ | Microsoft MTA Networking: Common Security Threats
Source mc mcse Certification Resources DoS (Denial of Service) – A DoS attack is a common type of attack in which false requests to a server overload it to the point that it is unable to handle valid requests, cause it to reset, or shut it down completely.
CompTIA Sec+ | Microsoft MTA Security: Types of Wireless Attacks Part 2
The Types of Wireless Attacks Part 2 CompTIA Security+ Objective 1.2 WPS Attacks Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN). For example, a user can configure a new wireless… Read more »
CompTIA Sec+ | Microsoft MTA Security: Types of Wireless Attacks
The Types of Wireless Attacks Part 1 CompTIA Security+ Objective 1.2 Replay Attacks A replay attack occurs when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties. Unless mitigated, the computers subject to the attack process the stream as legitimate messages, resulting in a range… Read more »
CompTIA and Immersive Labs Issue A Pen Test Challenge
CompTIA and Immersive Labs are challenging cybersecurity professionals in the United States and United Kingdom to test their penetration testing skills this month. The two organizations launched the pen test challenge on the opening day of RSA® Conference 2019. “Penetration testing, if done right, is a proven and valuable activity that all organizations should engage… Read more »
CompTIA Sec+ | Microsoft MTA Security: Most Common Application/Service Attacks Part 2
The nature of cyberattacks is constantly in flux, always evolving to keep pace with the times. Hacking of websites, theft of credit card information and other personal information has become an almost daily occurrence, along with illegal remittances via Internet banking. Recent years have witnessed the accelerating dissemination of new technologies such as IoT… Read more »
CompTIA Sec+ | Microsoft MTA Security: Most Common Application/Service Attacks Part 1
“Richard Clarke, a former counter-terrorism expert for the United Government, once said, “If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked”. While the latter is a tad harsh (we wouldn’t wish a cyber attack on anyone!), the former is certainly true.” If you… Read more »
CompTIA Sec+ | Microsoft MTA Security: Exam prepration and Questions
1. Your manager asks you to implement a system that can filter out unwanted content, such as viruses and unproductive Internet content. The best way to accomplish this would be through a system that implements a:
CompTIA Sec+ | Microsoft MTA Security: Certification Cram Guide & Study Notes
In this cram guide, we would like to give you some short tips on what to study for the Security+ exam to ensure a great score.
CompTIA Sec+ | Microsoft MTA Security: Security Topologies
One of the most essential portions of information security is the design and topology of secure networks. What exactly do we mean by “topology?” Usually, a geographic diagram of a network comes to mind.
CompTIA Sec+ | Microsoft MTA Security: Email and Application Security
Some of the Security+ exam will test you on your knowledge of some basic email, Internet, and application security issues. Although the amount of detail of knowledge that is required is quite minimal, you must still have a working knowledge of some simple email and application security concepts.
CompTIA Sec+ | Microsoft MTA Security: Organizational Security
Physical Security Physical security refers to the aspects of information security that are related to physical threats, such as fire or natural disasters. We will cover some basic physical security threats below:
CompTIA Sec+ | Microsoft MTA Security: Public Key Cryptography
Public Key Cryptography is a widely-applied form of cryptography commonly utilized in many network transactions.
CompTIA Sec+ | Microsoft MTA Security: Symmetric Key Cryptography
In here we will learn about different symmetric key algorithms and their key features. More importantly, we will learn about some more key concepts related to cryptography as it applies to both symmetric and asymmetric algorithms.
CompTIA Sec+ | Microsoft MTA Security: Networking Overview
Networking Overview In subsequent chapters of this study guide, we will take a look at different security topologies or ways that networks can be set up with security in mind.
CompTIA Sec+ | Microsoft MTA Security: Firewall
[bs_icon name=”glyphicon glyphicon-chevron-right”] What is a Firewall? A firewall is any hardware or software designed to prevent unwanted network traffic. Some firewalls are simplistic in nature;
CompTIA Sec+ | Microsoft MTA Security: Cryptography
[bs_icon name=”glyphicon glyphicon-chevron-right”] Introduction to Cryptography
CompTIA Sec+ | Microsoft MTA Security: Malicious Software
Viruses, Trojan Horses, Worms Despite all the hype about viruses and worms, the Security+ exam actually does not heavily test on viruses and the like.
CompTIA Sec+ | Microsoft MTA Security: Remote Access
One of the most ever-present and ancient uses of the Internet and networking has been to provide remote access to networks or network resources.
CISSP LANs and Their Components
A local area network (LAN) is a critical component of a modern data network. A LAN is comprised of one or more computers, a communication protocol, a network topology, and cabling or a wireless network to connect the systems.
CISSP System Validation
No system or architecture will ever be completely secure; there will always be a certain level of risk.
CISSP Security Models of Control
Security Models of Control Security models of control are used to determine how security will be implemented, what subjects can access the system, and what objects they will have access to. Simply stated, they are a way to formalize security policy.
CISSP Security Mechanisms
Although a robust architecture is a good start, real security requires that you have security mechanisms in place to control processes and applications. Some good security mechanisms are described in the following sections.
CISSP Computer System Architecture
Computer System Architecture At the core of every computer system is the CPU and hardware that make it run.
CISSP Penetration Testing
Penetration testing is a series of activities undertaken to identify and exploit security vulnerabilities.
CompTIA Sec+ | Microsoft MTA Security: Tunneling
Tunneling, VPN, and IPSec
CISSP Single sign-on
Single sign-on is an attempt to address a problem that is common for all users and administrators.
CISSP Access Control Models
Data access controls are established to control how subjects can access data, what they can access with it, and what they can do with it once accessed. Three primary types of access control are discussed in this section. [bs_icon name=”glyphicon glyphicon-chevron-right”] Mandatory Access Control (MAC)
CISSP Legal Systems
The two law systems that form the basis of legal systems in most countries are:
CISSP Kerberos
Kerberos is a network authentication protocol created by the Massachusetts Institute of Technology (MIT) that uses secret-key cryptography. Kerberos has three parts: a client, server, and trusted third party (KDC) to mediate between them.
CISSP Attacks
[bs_icon name=”glyphicon glyphicon-chevron-right”] Types of Attacks Denial of Service (DoS) Smurf Fraggle SYN Flood Teardrop Distributed Denial of Service (DDoS) Ping Sweep Port Scan Salami attack Man-in-the-Middle Session or TCP Hijacking Replay Buffer Overflow Scareware and Ransomeware Password attack Covert channels [bs_icon name=”glyphicon glyphicon-chevron-right”] Web Attacks SQL Injection – An injection of SQL query through input… Read more »
CISSP Asymmetric Systems
Asymmetric Systems –Uses a pair of keys (private and public) for encryption and decryption
CompTIA A+ | Microsoft MTA O/S: Common networking command-line tools
Common networking command-line tools include the following:
CISSP Intrusion-Detection Systems (IDS)
An IDS is designed to function as an access-control monitor. It can monitor network or host activity and record which users attempt to access specific network resources.
13 Tips How to prepare for Cisco CCNA exam
Get our complete tutorial in PDF Tip #1) Make sure as soon as you get into testing room, write all your IP subnet tables, since you have about 20 mins before the exam start
Cisco CCNA Basic Router Configuration
Follow @ASM_Educational Here are the configuration for Basic Router Configuration When You Open a new router you will see Router> This is called user mode; then you type en=enable to get to enable mode Router# This is called privilege mode
6 Cisco CCNA Switch Tips
Follow @ASM_Educational Get our complete tutorial in PDF To Find Out If Link is UP Switch#show ip int brief
9 Cisco CCNA Router Tips
Follow @ASM_Educational Get our complete tutorial in PDF To Find out if link is up and has Ip address Router#show ip int brief
Cisco CCNA Extended Access List
Follow @ASM_Educational Cisco CCNA-Extended access list In this Lab we will cover the concept of Extended ACL , make sure read another blogs about Standard ACL .
CompTIA A+ | Microsoft MTA O/S: Authentication
Authentication : The verification of a person’s identity – Helps protect against unauthorized access.
CompTIA A+ | Microsoft MTA O/S: Types of Optical Discs
Optical disc drives use removable media to store and retrieve data, typically 5.25”.
CompTIA A+ | Microsoft MTA O/S: Troubleshooting Tips
No network connectivity?
CompTIA A+ | Microsoft MTA O/S: Storage Devices
Hard Disk Drives are nonvolatile (meaning they don’t lose data when power off) devices that store data, generally 3.5”. Types of HDD include:
