Application Security

credentials

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials?

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials? Option 1: Reverse engineering Option 2: Social engineering Option 3: …

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials? Read More »

CISSP Development Methodologies – Bk1D8T1St1P3

Test-driven development (TDD) Test-driven development (TDD) is a software development process where code-level testing, also known as unit testing, guides software design and implementation. It is based on the repetition of an extremely short development cycle: write a test, run tests, write code, run tests until it passes, refactor, then repeat. TDD has the following steps: Add a test. Run all tests and see if the new test fail. Write the code. Run all the …

CISSP Development Methodologies – Bk1D8T1St1P3 Read More »

Defense-in-depth

What is Defense in Depth? & How Defense in depth Works

Defense in depth may be a security strategy during which security professionals use many protection layers throughout associate information system. This strategy uses the military principle that it’s more difficult for associate enemy to defeat a fancy. Multi-layered defense system than to penetrate one barrier. Defense-in-depth helps to stop direct attacks against associate information system. It’s knowledge as a result of a possibility in one layer only leads the offender to successive layer. If a …

What is Defense in Depth? & How Defense in depth Works Read More »