Cryptography

CISSP Security of Application Programming Interfaces – Bk1D8T5St2

An Application Programming Interfaces (API) defines how to interact with software. Software components interact and work together through the use of an API. An API is a software program’s contract that describes how other programs should communicate with it. APIs define the publicly accessible functionality of the program. An API defines how that functionality is invoked, limitations on its use, and expectations when calling it. An API can act as the front gate for its …

CISSP Security of Application Programming Interfaces – Bk1D8T5St2 Read More »

CISSP Cryptographic Systems – Bk1D3T5St4

Cryptographic Systems as American cryptologist Bruce Schneier famously stated, “All cryptography can eventually be broken—the only question is how much effort is required.” The challenge then becomes one of weighing the value of the encrypted information to the attacker against the level of effort required to compromise the cryptographic system. In making this decision, the potential attacker has a number of avenues which can be followed to compromise a cryptographic system. These include: Algorithm and …

CISSP Cryptographic Systems – Bk1D3T5St4 Read More »

CISSP Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements – Bk1D3T5

Assessing information security vulnerabilities can be done by inspection or testing. Inspection can be manual, reviewing the design and implementation looking for vulnerabilities, or automated, in which software analyzes the configuration or code. Testing can be white-box, in which the tester knows the details of the system’s design and implementation; black-box, in which the tester knows nothing about the internals of the system; or gray-box, in which the tester has some knowledge. Related Product : …

CISSP Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements – Bk1D3T5 Read More »

Anti-Forensics-Techniques-Steganography

Anti-Forensics Techniques: Steganography

Leave a Comment / CHFI, Knowledge Base / By

Anti-Forensics Techniques: Steganography, the art of hidden writing, has been in use for centuries. It involves embedding a hidden message in some transport or carrier medium and mathematicians, military personnel, and scientists have been using it. They all engage in changing the common language and transferring it through secret and hidden communication. The history of steganography dates back to the Egyptian civilization. Today, with the emergence of the Internet and multimedia, the use of steganography …

Anti-Forensics Techniques: Steganography Read More »

Anti-Forensics-Techniques-Password-Protection

Anti-Forensics Techniques: Password Protection

Leave a Comment / CHFI, Knowledge Base / By

Anti-Forensics Techniques: Password Protection in this A password refers to collection of words, letters, numbers, and/or special characters used for security processes such as user authentication or to grant access to a resource. The password ensures that unauthorized users do not access the computer, network resources, or other secured information. In addition, data files and programs may require a password. Password protection shields information, protects networks, applications, files, documents, etc., from unauthorized users. Many organizations …

Anti-Forensics Techniques: Password Protection Read More »

ISO-27001-Annex-A.9.2.3 Management-of-Privileged-Access-Rights

ISO 27001 Annex : A.9.2.3 Management of Privileged Access Rights & A.9.2.4 Management of Secret Authentication Information of Users

Leave a Comment / ISO 27001 La, Knowledge Base / By

ISO 27001 Annex : A.9.2.3 Management of Privileged Access Rights & A.9.2.4 Management of Secret Authentication Information of Users these two topic is explained in this article. A.9.2.3 Management of Privileged Access Rights Control- A.9.2.3 Management of Privileged Access Rights The allocation and usage of exclusive access privileges will be limited and controlled. Implementation guidance- A structured authorizing procedure in accordance with the appropriate access management policies should monitor the allocation and usage of delegated …

ISO 27001 Annex : A.9.2.3 Management of Privileged Access Rights & A.9.2.4 Management of Secret Authentication Information of Users Read More »