Types of Computer Security Threats
No book nor any checklist or method can show you all the kinds of harm that can happen to computer assets. There are too many ways to interfere with your use of these assets. Two information sources are of value however. The CVE list and the CVSS measurement system. More ...
Remote Access Authentication Protocols
A remote access authentication protocol is the method by which remote users will be authenticated when they log on the network. Some options are EAP, CHAP, and PAP, explined here. More ...
Methods to Combat Distributed Denial of Service (DDoS) Attacks
DDOS attacks are costly in terms of lost revenue and added costs. DDoS attack protection plays a fundamental role in keeping businesses online. Here are some strategies that can be used to protect against a DDoS attack. More ...
What is a SQL Injection Attack?
SQL injection can be used by an attacker to inject code into a website in order to access and manipulate the database behind the site. More ...
Elementary Information Security
This book is certified to comply fully with the NSTISSI 4011 federal training standard for information security professionals. The text emphasizes both the technical and non-technical aspects of information security and uses practical examples and real-world assessment tools. More ...
Wireless Network Security
Before the IEEE completed the 802.11i standard the Wi-Fi Alliance released WPA. After the release of the IEEE 802.11i standard, the Wi-Fi Alliance released WPA2 which is compatible with both the 802.11i standard and WPA. More ...
What is a Password Hash and Salt?
Never store a user's password as plain-text. A Hashing algorithm is similar to encryption. To increase the security of a hashed password, a random value called salt is added to the hash. More ...
Detecting Network Sniffers
A packet sniffer is a program or device that eavesdrops on network traffic and gathers data from packets. Malicious intruders may install packet sniffers in order to retrieve usernames and passwords. More ...
Understanding the Different Classes of Firewalls
A firewall is able to achieve its functions through the capabilities it is able to provide. These are the capabilities determine the type of firewall to needed to meet a certain and specific set of security needs. More ...
Network User Authentication
Some switches require users to authenticate themselves before gaining access to the rest of the network. Network Access Control (NAC) checks the characteristics of the device seeking admission to the network. More ...
Network Security Model - Defining an Enterprise Security Strategy
These are the five primary security groups that should be considered with any enterprise security model. These include security policy, perimeter, network, transaction and monitoring security. These are all part of any effective company security strategy. More ...
Understanding the Dangers Your Systems Face
It's one thing to know generally that your systems are under fire from hackers around the world and malicious users around the office; it's another to understand specific attacks against your systems. This section discusses some well-known attacks but is by no means a comprehensive listing. More ...
Secure, Network Compliant BYOD (Bring Your Own Device) Solutions
A recent IBM study and revealed that 81% of organizations reported their employees are using their personal mobile devices to connect to "company resources". But BYOD (Bring Your Own Device) doesn't necessarily equate to network security problems. More ...
