Why Become a CISSP?
As a Certified Information Systems Security Professional (CISSP), you will be seen as a security professional of proven ability who has successfully met a predefined standard of knowledge and experience that is well understood and respected throughout the industry. More ...
What is Penetration Testing?
This book serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. More ...
Implementing a Secure Password Policy
If your network is compromised, identity thefts could use your company's customers credit card numbers and social security numbers to destroy their lives. And it's not only your company's customers who are going to suffer. When the source of the security breach is traced to your company, the result will be a negligence lawsuit. More ...
Handling Rogue Access Points
A Rogue access point is any wireless access points that exist on your network without the consent of the business. If an insider were to use a laptop to act as an access point, regardless of the intent, it poses a security risk. More ...
Digital Signatures and Certificates
The construction of the Digital Signature entails applying a hash function to the message by concatenation of the message with a known secret key and then applying a mathematical function which will produce a fixed length output known as the digest. More ...
Denial of Service Attack (DoS) Detection and Mitigation
A Denial of Service Attack is when a hacker attempts to consume such a large amount of a server's resources that it's services will be unavailable to its intended users. For example a DoS attack against a web server attempts to prevent it from serving web pages to
legitimate Internet clients. More ...
What is Cross Site Scripting?
Cross-site scripting attacks are used to steal information from your browser when you visit websites such as ecommerce stores, forums, and even your email accounts. More ...
Nessus Network Vulnerability Scanner
Nessus is a network vulnerability scanning program that scans network hosts for vulnerabilities and generates reports on its findings. More ...
Designing Physical Network Security
Network security covers a multitude of issues. The first issue to address is physical access to your network. More ...
Firewall Rules
The purpose of a network firewall is to protect computer and IT resources from malicious sources while allowing internal network users to access the Internet. For this purpose it uses an Access Control List (ACL). More ...
Network User Authentication
Some switches require users to authenticate themselves before gaining access to the rest of the network. Network Access Control (NAC) checks the characteristics of the device seeking admission to the network. More ...
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
"Most organizations use both IDS and an IPS. The IPS automatically blocks attacks where it is accurate, while the IDS logs and notifies network administrators of suspicious activity so they can use their judgment as to what countermeasures to take. More ...
Design a Network Security Policy
A security policy is a statement of what your systems' users are and are not allowed to do. Make sure that the policy is consistent and clearly-written. More ...
