Denial of Service Attack (DoS) Detection and Mitigation
A Denial of Service Attack is when a hacker attempts to consume such a large amount of a server's resources that it's services will be unavailable to its intended users. For example a DoS attack against a web server attempts to prevent it from serving web pages to
legitimate Internet clients. More ...
Digital Signatures and Certificates
The construction of the Digital Signature entails applying a hash function to the message by concatenation of the message with a known secret key and then applying a mathematical function which will produce a fixed length output known as the digest. More ...
What's the Difference Between Sniffing, Snooping, and Spoofing?
Network sniffing and snooping involve tapping into network traffic for the purpose extracting usernames, passwords, account numbers, and other information. Spoofing is when a hacker creates an email or a website that appears to genuine but is designed for the purpose extracting usernames, passwords, account numbers. More ...
Elementary Information Security
This book is certified to comply fully with the NSTISSI 4011 federal training standard for information security professionals. The text emphasizes both the technical and non-technical aspects of information security and uses practical examples and real-world assessment tools. More ...
What is Cross Site Scripting?
Cross-site scripting attacks are used to steal information from your browser when you visit websites such as ecommerce stores, forums, and even your email accounts. More ...
Domain Name System (DNS) Vulnerabilities
The original design of the DNS did not include robust security features. DNS vulnerabilities open networks to various types of attacks, cache poisoning and DDoS attacks being the most common. More ...
What is Network AAA (Authentication, Authorization, and Accounting)?
The acronym AAA stands for three network procedures and processes that help to make a network more secure and reliable. The A's stand for Authentication, Authorization, and Accounting. The difference between authentication, authorization, and accounting is described here. More ...
Are You Meeting ISO 27000 Standards for Information Security Management?
The ISO 27000 standard developed by The (IEC) and (ISO) is an internationally accepted industry standard for Information Security Management (ISM). More ...
How to Protect Your Business From a Cyber Attack
Hackers can be crippling for small businesses who, many times, never recover from the theft. Here are some precautions you can take to help keep your business protected against hackers. More ...
Multi-Layered Approach to Cyber Security
A multi-layered approach can be tailored to different levels of security. Not every asset needs to be completely secure; instead, only the most business critical assets, such as proprietary and confidential information, need be protected by the most restricted settings. More ...
Firewall Rules
The purpose of a network firewall is to protect computer and IT resources from malicious sources while allowing internal network users to access the Internet. For this purpose it uses an Access Control List (ACL). More ...
What Roles Do Firewalls and Proxy Servers Play in Network Security?
A firewall can detect specific application protocol content and filter out any applications that exhibits certain characteristics. A proxy server sits between hosts and server that filters requests by checking IP Addresses, Protocol and application content. More ...
Public Key Infrastructure
PKI (Public Key Infrastructure) uses a public and private key pair obtained and shared through a trusted authority. Public and private keys are used to lock (encrypt) and unlock (decrypt) data. Certificates are the cornerstones of the PKI. More ...
