Tuesday , December 18 2018
Home / IT Security / Security+ (page 2)

Security+

Legal and Regulatory Issues

Though general understanding of the major legal systems and their types of law is really essential, it is critical that information security professionals understand the concepts described in the next section. Of course with the ubiquity of information systems, data and applications comes a host of legal issues that require …

Read More »

Protocol Analyzers

Protocol Analyzers

The terms protocol analyzing and packet sniffing are interchangeable. They refer to the process of monitoring the data that is transmitted across the network. The software that performs the operation is called either an analyzer or a snifter. Sniffers are readily available on the Internet. These tools were initially intended …

Read More »

Confidentiality and Strength

Confidentiality and Strength

Confidentiality and Strength: One of the major reasons of implement a cryptographic system is to ensure the confidentiality of the information being used. Confidentiality may be intended to prevent the unauthorized disclosures of information in a local network or to prevent the unauthorized disclosure of information across a network. A …

Read More »

Password Attacks

Password Attacks

Password Attacks occur when an account is attacked repeatedly. This is accomplished by using applications known as password crackers, which send possible passwords to the account in a systematic manner. The attacks are initially carried out to gain passwords for an access or modification attack. There are several types of …

Read More »

The Principles Behind Social Engineering

The Principles Behind Social Engineering

The Principles Behind Social Engineering: A number of principals, or elements, allow social engineering attacks to be effective. Most of these based on our nature to be helpful, or trust other in general, and to believe that there is a hierarchy of leadership that should be followed. For the exam, …

Read More »

Understanding Hashing

Understanding Hashing

Understanding Hashing: Simply yet, hashing can be considered a type of one-way encryption. More accurately, it is a process that creates a scrambled output that can’t be reversed—or at least can’t be revered easily. The process of hashing takes plain text and transform it into cipher text but does so …

Read More »

Cross Site Scripting

Cross Site Scripting

Cross-Site Scripting (XSS) is a type of attack that can occur in many forms, but in general they occur when data of some type enters a web application through an untrusted source (in the major of cases, a web request). Typically, this data is included as part of dynamic content …

Read More »

File Systems

File Systems

File Systems: Several filesystems are involved in the operating systems, and from a network perspective, they have a high level of interoperability among them. Throughout the years, different vendors have implemented their own sets of file standards. Some of the more common filesystems in Windows are listed here: Microsoft FAT: …

Read More »

Monitoring System Logs

Monitoring System Logs

Monitoring System Logs: In addition to network monitoring, you must monitor the event logs. Event Logs are system logs that record various events that occur. Event logs comprise a broad category that includes some logs that are not relevant to security issue. But within that broad category are security and …

Read More »