Home / IT Security / Security+ (page 2)

Security+

Government and Military Classification

Government and Military Classification

Government and Military Classification: The U.S government and the military have slightly different types of concerns relating to information classification. Government agencies are concerned about privacy and national security. Because of this, a unique system of classification and access controls has been implemented to protect information.   The following is …

Read More »

Hardening Email Servers

Hardening Email Server: Email servers provide the communications backbone for many businesses they typically run either as an additional service on an existing server or as dedicated systems. Putting an active virus scanner on email servers can reduce the number of viruses introduced into your network and prevent viruses from …

Read More »

Securing the Network

Securing the Network

Securing the Network: Obviously, network security is broad topic, and it will be addressed throughout these articles However, there are some essential concepts identified on the CompTIA Security + exam that are discussed in this section: MAC Limiting and Filtering: Limit access to the network to MAC addresses that are …

Read More »

Noteworthy HTTP Status Codes

Noteworthy HTTP Status Codes

HTTP Status Codes: As web server responses are received by your browser, they will include a status code to signal what type of response it is. There are over 50 numerical HTTP responses codes grouped into five families that provide similar type of status codes. Knowing what each type of …

Read More »

The Early Days of Hacking

The Early Days of Hacking

The Early Days of Hacking: The idea of hacking and hackers goes way back to the first technologies enthusiastic that wanted to learn about new technology and were curious about how it worked. They were the same types of people who today are interested not only in acquiring all sorts …

Read More »

Using a Honeypot in Practice

Using a Honeypot in Practice

Honeypot in Practice: A honeypot is ideally suited to get a clearer picture of the activity on or around the critical systems in your environment. The common use of honeypots is to look like a legitimate resource so as to be indistinguishable from the real thing. This will subject both …

Read More »

Biometrics: Installing Biometric Devices

Biometrics: Installing Biometric Devices

Biometrics: Biometrics systems use some kind of unique biological trait to identify a person, such as fingerprint, patterns on the retina, and handprints. Some methods that are used include hand scanners, retinal scanners, facial recognition applications, and keystroke recognition programs, which can be used as part of the access control …

Read More »

Directory Traversal/Command Injection

Directory Traversal Command Injection

Directory Traversal and Command Injection: If an attacker is able to gain access to restricted directories (such as the root directory) through HTTP, it is known as a directory traversal attack. If the attackers can gain access to the root directory of a system (which is limited from all but …

Read More »

Antimalware

Antimalware

Antimalware: To keep all hosts safe from malware, there are a number of actions you should take at minimum: Install Antivirus Software: Access Control, Authentication, and Authorization, Should be installed and definitions kept current on all hosts. Antivirus software should run on the server as well as on every workstation. …

Read More »

Smart Cards

Smart Cards

Smart Cards are generally used for access control and security purposes. The card itself usually contains a small amount of memory that can be used to store permissions and access information. Smart cards are difficult to counterfeit, but they are easy to steal. Once a thief has a smart card, …

Read More »