Tuesday , December 18 2018
Home / IT Security / Security+ (page 3)

Security+

Application Security

Application Security

The Application Security: There are a number of issues to be cognizant of when it comes to application security.  Many of these have been addressed—or will be addressed—in other posts where discussion is more relevant, but the following is a list of those issues that CompTIA wants you to be …

Read More »

Intelligence Gathering – PTES

Intelligence Gathering – Penetration Testing Execution Standard

Intelligence Gathering – Penetration Testing Execution Standard: Once a plan is in place and proper preparation has been successfully completed, now you can begin the information-gathering process. This phase basically represents the start of the actual test, even though you will not yet be engaging your target directly. However, at …

Read More »

Secure Router Configuration

Secure Router Configuration

Secure Router Configuration: One of the most important things you can do to secure your network is to secure the router. Though this is basic common sense, it is too often overlooked in the rush to finish the router configuration and move on the next job. To configure the router …

Read More »

Creating a Test Setup Lab

Creating a Test Setup Lab

What You Will Need: In order to build a proper lab you will need to do several things first, some optional and other not. I recommend putting down some important foundations first. Make sure you have a good understanding of what you are trying to accomplish, and don’t just start …

Read More »

Why Build a Lab? The Build Process

Why Build a Lab? The Build Process

Why Build a Lab: So which should you become fluent with or concentrate on when testing or training? I have included a list of tools later in this post, where you should consider getting familiar with in order to prepare properly for the test. NOTE: The list is s short …

Read More »

Penetration Testing Frameworks & Alternative Methods

Penetration Testing Frameworks & Alternative Methods

Overview of Alternative Methods: Now that you have an idea of what penetration testing is, we need to take a close look at the process that a penetration tester follows outside of what EC-Council offers. When you are considering a methodology to follow, you must remember some points and ideas …

Read More »

Passwords and Physical Security

Passwords and Physical Security

Passwords and Physical Security: Passwords are perhaps one of the best primary lines of defense for an environment. Although not commonly thought of as a protective measure for physical intrusions, they do indeed fulfill this purpose. However, the downside is that unless passwords are carefully and thoughtfully implemented they tend …

Read More »

What is Enumeration?

What is Enumeration?

What is Enumeration: Enumeration is the process of extracting information from a target system to determine more of the configuration and environment present. In many cases it is possible to extract information such as usernames, machine names, shares, and services from a system as well as other information, depending on …

Read More »

Commonly Exploited Services

Commonly Exploited Services

Commonly Exploited Services: The Windows OS is popular with both users and attackers for various reasons, but for now let’s focus on attackers and what they exploit. Windows has long been known for running number services by default, each of which opens up a can of worms for a defender …

Read More »