Saturday , September 22 2018
Home / IT Security / Security+ (page 5)

Security+

Using a Honeypot in Practice

Using a Honeypot in Practice

Honeypot in Practice: A honeypot is ideally suited to get a clearer picture of the activity on or around the critical systems in your environment. The common use of honeypots is to look like a legitimate resource so as to be indistinguishable from the real thing. This will subject both …

Read More »

Biometrics: Installing Biometric Devices

Biometrics: Installing Biometric Devices

Biometrics: Biometrics systems use some kind of unique biological trait to identify a person, such as fingerprint, patterns on the retina, and handprints. Some methods that are used include hand scanners, retinal scanners, facial recognition applications, and keystroke recognition programs, which can be used as part of the access control …

Read More »

Directory Traversal/Command Injection

Directory Traversal Command Injection

Directory Traversal and Command Injection: If an attacker is able to gain access to restricted directories (such as the root directory) through HTTP, it is known as a directory traversal attack. If the attackers can gain access to the root directory of a system (which is limited from all but …

Read More »

Antimalware

Antimalware

Antimalware: To keep all hosts safe from malware, there are a number of actions you should take at minimum: Install Antivirus Software: Access Control, Authentication, and Authorization, Should be installed and definitions kept current on all hosts. Antivirus software should run on the server as well as on every workstation. …

Read More »

Smart Cards

Smart Cards

Smart Cards are generally used for access control and security purposes. The card itself usually contains a small amount of memory that can be used to store permissions and access information. Smart cards are difficult to counterfeit, but they are easy to steal. Once a thief has a smart card, …

Read More »

Wi-Fi Encryption

Wi-Fi Encryption

Wi-Fi Encryption requires a short discussion of its own. In such an environment, the clients and the access point share the same key, using symmetric encryption, and RC4 was mentioned for this purpose earlier in articles. Since all the clients and the access point share the same key, this is …

Read More »

Pretty Good Privacy

Pretty Good Privacy

Pretty Good Privacy (PGP) is a freeware email encryption system. PGP was introduced in the early 1990s, and it’s considered to be a very good system. It’s widely used for email security. PGP uses both symmetrical and asymmetrical systems as a part of its process; it is this serial combination …

Read More »

The Patriot Act

The Patriot Act

The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 was passed largely because of the World Trade Center attack on September 11, 2001. This law gives the U.S government extreme latitude in pursuing criminals who commit terrorist acts. The …

Read More »

The Computer Security Act of 1987

The Computer Security Act requires federal agencies to identify and protect computer systems that contain sensitive information. This law requires agencies that keep sensitive information to conduct regular training and audits and to implement procedures to protect privacy. All federal agencies must comply with this act. Note: For more information …

Read More »

The Cyberspace Electronic Security Act

The Cyberspace Electronic Security Act

The Cyberspace Electronic Security Act (CESA) was passed in 1999, and it gives law enforcement the right to gain access to encryption keys and cryptography methods. The initial version of this act allowed federal law enforcement agencies to secretly use monitoring, electronic capturing equipment, and other technologies to access and …

Read More »