Tuesday , December 18 2018
Home / IT Security / Security+ (page 8)

Security+

Risks Associated with Cloud Computing

Risks Associated with Cloud Computing

Risks with Cloud Computing: The Term cloud computing has grown in popularity recently, but few agree on what it truly means. For the purpose of the Security+ Exam, cloud computing means hosting services and data on the Internet instead of hosting it locally. Some examples of this include running office …

Read More »

Risks Associated with Virtualization

Risks Associated with Virtualization

Risks Associated with Virtualization: If cloud computing has grown in popularity, virtualization has become the technology du jour. Virtualization consists of allowing one set of hardware to host multiple virtual machines. It is in use at most large corporations, and it is also becoming more common at smaller businesses. Some …

Read More »

Burp Suite

Burp Suite

Burp Suite: For our purposes, we will use Burp Suite Intercept (or just Burp for short) as our proxy as it is widely viewed as one of the most feature-rich web hacking platform available.   We will be using many tools in Burp Suite throughout the duration of our hacking …

Read More »

BRUTE FORCE AUTHENTICATION ATTACKS

BRUTE FORCE AUTHENTICATION ATTACKS

Brute Force Attacks: Authentication actually takes place in many other parts of the web application other then the main login page. It is also present when you change your password, update your account information, use the password recovery functionality, answering secret questions, and when you use the remember me option. …

Read More »

Countermeasures of Social Networking

Countermeasures of Social Networking

Countermeasures for Social Networking: Because social networking exploded in popularity so quickly, companies and individuals had little time to deal with the problems the technology brought to bear. Surveys taken a few years ago found that many companies either did not have policy in place regarding social networking or were …

Read More »

SSL and TLS

SSL and TLS

SSL and TLS: Secure Sockets Layer (SSL) is used to establish a secure communication connection between two TCP-based machines. This protocol uses the handshake method of establishing a session. The number of steps in the handshake depends on whether steps are combined and/or mutual authentication is included. The number of …

Read More »

Understanding Cryptography Standards and Protocols

Understanding Cryptography Standards and Protocols

Understanding Cryptography Standards and Protocols: Numerous standards are available to establish secure service. Some of the standard that will be presented in the following section, here we will remind you of them and introduce you to a few more standards. The movement from proprietary governmental standards toward more unified global …

Read More »

Phishing, Spear Phishing, and Vishing

Phishing, Spear Phishing, and Vishing

Phishing, Spear Phishing, and Vishing: Phishing is a form of social engineering in which you ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. An email might look as if it is from a bank and contain …

Read More »

Spoofing Attacks – Understanding Various Types of Attacks

Spoofing Attacks – Understanding Various Types of Attacks

Spoofing Attacks: A spoofing attack is an attempt by someone or something to masquerade as someone else. This type of attack is usually considered an access attack. A common spoofing attack that was popular for many years on early Unix and other timesharing systems involved a programmer writing a fake …

Read More »