Saturday , September 22 2018
Home / IT Security / Security+ (page 3)

Security+

Intelligence Gathering – PTES

Intelligence Gathering – Penetration Testing Execution Standard

Intelligence Gathering – Penetration Testing Execution Standard: Once a plan is in place and proper preparation has been successfully completed, now you can begin the information-gathering process. This phase basically represents the start of the actual test, even though you will not yet be engaging your target directly. However, at …

Read More »

Secure Router Configuration

Secure Router Configuration

Secure Router Configuration: One of the most important things you can do to secure your network is to secure the router. Though this is basic common sense, it is too often overlooked in the rush to finish the router configuration and move on the next job. To configure the router …

Read More »

Creating a Test Setup Lab

Creating a Test Setup Lab

What You Will Need: In order to build a proper lab you will need to do several things first, some optional and other not. I recommend putting down some important foundations first. Make sure you have a good understanding of what you are trying to accomplish, and don’t just start …

Read More »

Why Build a Lab? The Build Process

Why Build a Lab? The Build Process

Why Build a Lab: So which should you become fluent with or concentrate on when testing or training? I have included a list of tools later in this post, where you should consider getting familiar with in order to prepare properly for the test. NOTE: The list is s short …

Read More »

Penetration Testing Frameworks & Alternative Methods

Penetration Testing Frameworks & Alternative Methods

Overview of Alternative Methods: Now that you have an idea of what penetration testing is, we need to take a close look at the process that a penetration tester follows outside of what EC-Council offers. When you are considering a methodology to follow, you must remember some points and ideas …

Read More »

Passwords and Physical Security

Passwords and Physical Security

Passwords and Physical Security: Passwords are perhaps one of the best primary lines of defense for an environment. Although not commonly thought of as a protective measure for physical intrusions, they do indeed fulfill this purpose. However, the downside is that unless passwords are carefully and thoughtfully implemented they tend …

Read More »

What is Enumeration?

What is Enumeration?

What is Enumeration: Enumeration is the process of extracting information from a target system to determine more of the configuration and environment present. In many cases it is possible to extract information such as usernames, machine names, shares, and services from a system as well as other information, depending on …

Read More »

Commonly Exploited Services

Commonly Exploited Services

Commonly Exploited Services: The Windows OS is popular with both users and attackers for various reasons, but for now let’s focus on attackers and what they exploit. Windows has long been known for running number services by default, each of which opens up a can of worms for a defender …

Read More »

Services and Ports of Interest

Services and Ports of Interest

Services and Ports of Interest: As we wade into the enumeration phase, let’s make sure you understand more details about ports. You should expect during your scanning phase to uncover a number of ports, some of which may be useful to you for enumeration and other less so. Here are …

Read More »