protocols

vulnerability assessment

An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols founds on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevent tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols founds on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevent tests. What is the type of vulnerability assessment solution …

An organization is performing a vulnerability assessment for mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols founds on the organization’s machines to detect which ports are attached to services such as an email server, a web server, or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevent tests. What is the type of vulnerability assessment solution that James employed in the above scenario? Read More »

ports

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewall. On which of the following ports should Robin run the NSTX tool?

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewall. On which of the following ports should Robin run the NSTX tool? Option 1 : Port 53 Option 2 : Port 80 Option 3 : Port 50 Option 4 : Port 23 1. Port 53 DNS uses Ports 53 which is almost always …

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewall. On which of the following ports should Robin run the NSTX tool? Read More »

protocols

Which of the following protocols can be used to secure an LDAP service against anonymous queries?

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Option 1 : WPA Option 2 : RADIUS Option 3 : NTLM Option 4 : SSO 1. WPA Wi-Fi Protected Access (WPA) could be a security standard for users of computing devices equipped with wireless web connections. WPA was developed by the Wi-Fi Alliance to produce a lot of subtle encoding and higher user authentication than Wired Equivalent Privacy …

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Read More »

Investigation-of-Network-Traffic

Investigation of Network Traffic

Investigation of Network Traffic in this Network forensics are often defined as sniffing, recording, acquisition, and analysis of the network traffic and event logs so as to research a network security incident. It allows investigator to examine network traffic and logs to spot and locate the attacking system. Devices connected to network still proliferate; computers, smartphones, tablets etc. because the number of attacks against networked systems grow, the importance of network forensics has increased and …

Investigation of Network Traffic Read More »

ISO-27001-Annex-A.14.2-Security-in-Development-and-Support-Processes

ISO 27001 Annex : A.14.2 Security in Development and Support Processes

ISO 27001 Annex : A.14.2  Security in Development and Support Processes It’s objective is ensuring the creation and implementation of information security in the information system development process. A.14.2.1  Secure Development Policy Control- Regulations for software and system development should be laid down and applied to organizational developments. Implementation Guidance – Secure development includes a safe infrastructure, architecture, software, and system to be developed. The following considerations should be taken into account in a stable …

ISO 27001 Annex : A.14.2 Security in Development and Support Processes Read More »

Learn-more-about-IPv4-Routing-Protocols

Learn about IPv4 Routing Protocols

Learn about IPv4 Routing Protocols in this the routing (forwarding) process depends heavily on having an accurate and up-to-date IP routing table on each router. This section takes another check out routing protocols, considering the goals of a routing protocol, the methods routing protocols use to teach and learn routes, and an example. First, consider the goals of a routing protocol, no matter how the routing protocol works: To dynamically learn and fill the routing …

Learn about IPv4 Routing Protocols Read More »

Introduction-to-TCP-and-UDP

Introduction to TCP and UDP

Introduction to TCP and UDP in the OSI transport layer (Layer 4) defines several functions, the most important of which are error recovery and flow control. Likewise, the TCP/IP transport layer protocols also implement these same sorts of features. Note that both the OSI model and the TCP/IP model call this layer the transport layer. But as was common , when pertaining to the TCP/IP model, the layer name and number are supported OSI, so …

Introduction to TCP and UDP Read More »

ISO-27001-Annex - A.8.3-Media-Handling

ISO 27001 Annex : A.8.3 Media Handling

ISO 27001 Annex : A.8.3 Media Handling Its objective is to Stop unauthorized release, alteration, deletion, or destruction of information contained in the media. A.8.3.1 Management of Removable Media Control- Procedures shall be implemented for the management of removable media in accordance with the classification scheme adopted by the organization. Implementation Guidance- The following guidelines should be considered for the management of removable media: If not needed, the contents of any reusable media that are …

ISO 27001 Annex : A.8.3 Media Handling Read More »

sending-data-in-ethernet-networks

Sending Data in Ethernet Networks

Sending Data in Ethernet Networks Although physical layer standards vary quite bit, other parts of the Ethernet Networks standards work  the same way, no matter the sort of physical Ethernet link.Next, this final major section of this chapter looks at several protocols and rules that Ethernet uses no matter the sort of link. especially , this section examines the details of the Ethernet Networks link layer protocol, plus how Ethernet nodes, switches, and hubs forward …

Sending Data in Ethernet Networks Read More »

Introduction-of-OSI-Networking-Model

Introduction of OSI Networking Model

Introduction of OSI Networking Model this blog is written on OSI Networking Model with it’s layer description as well as function and compared OSI with TCP/IP model. OSI Networking Model At one point within the history of the OSI model, many of us thought that OSI would win the battle of the networking models discussed earlier. If that had occurred, rather than running TCP/IP on every computer within the world, those computers would be running …

Introduction of OSI Networking Model Read More »