What’s Been Happening

I’ve been away from this blog for quite some time, and really feeling quite guilty for not making the entry. Although not the first time I’ve abandoned this  blog, this is the first time that this blog actually has some purpose and structure (sort of). Anyway, I have this little thing about excuses and how I think they are similar to a–holes. Everybody has them and they all stink . However, I do want to explain as to why I have been an absentee blogger since  the holidays. One word — BUSY. Yeah, yeah aren’t we all? Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols

Protocols – a standard set of rules that determines how computers communicate with each other across networks despite their differences

Layered architecture

• Shows how communication should take place
• Clarify the general functions of a communication process
• To break down complex networking processes into more manageable sub-layers
• Using industry standard interfaces enables interoperability
• To change the features of one layer without changing the code in every layer
• Easier troubleshooting Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Availability Concepts / Fault Tolerance

Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is the lack thereof, one example of this is a common attack known as a denial of service (DoS) attack.

For example: In 2000 Amazon, CNN, eBay, and Yahoo! were victims of a DoS attack.

“	Yahoo Attacked. No one knows what happened except that it was inaccesable for more than 3 hours. It was also known that the attack was co-ordinated and hence the standard firewall algorithms failed to figure out what was happening. Source: http://en.wikipedia.org/wiki/Information_assurance

Fault Tolerance is the ability of a system to respond gracefully to an unexpected hardware or software failure. There are many levels of fault tolerance, the lowest being the ability to continue operation in the event of a power failure. Many fault-tolerant computer systems mirror all operations — that is, every operation is performed on two or more duplicate systems, so if one fails the other can take over. Source: http://www.webopedia.com/term/f/fault_tolerance.html Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Intrusion Detection Systems

Intrusion Detection Systems

An Intrusion detection system (IDS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior. (Source: http://en.wikipedia.org/wiki/Intrusion_detection_system)

Terminologies:

• Alert/Alarm- A signal suggesting that a system has been or is being attacked.
• True attack stimulus- An event that triggers an IDS to produce an alarm and react as though a real attack were in progress.
• False attack stimulus- The event signaling an IDS to produce an alarm when no attack has taken place.
• False (False Positive)- An alert or alarm that is triggered when no actual attack has taken place.
• False negative- A failure of an IDS to detect an actual attack.
• Noise- Data or interference that can trigger a false positive.
• Site policy- Guidelines within an organization that control the rules and configurations of an IDS.
• Site policy awareness- The ability an IDS has to dynamically change its rules and configurations in response to changing environmental activity.
• Confidence value- A value an organization places on an IDS based on past performance and analysis to help determine its ability to effectively identify an attack.
• Alarm filtering- The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks. Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Remote Access Security Management

Key Concepts:

• Confidentiality – no disclosure of data
• Integrity – no alteration of data
• Availability – no destruction of data

Common Remote Connections

• xDSL – Digital Subscriber Line
• Cable Modem
• Wireless
• ISDN – Integrated Services Digital Network

Common Tools in Securing External Remote Connections

• VPN – Virtual Private Network
• SSL – Secure Socket Layer
• SSH – Secure Shell Read more

CISSP Exam Note (Domain 1: Access Control) – Centralized & Decentralized, etc…

Access Control – Centralized and Decentralized

Centralized Access Control – is a facility in which all the core functions for access such as Authentication, Authorization, and Accountability (AAA) are performed from a centralized location.

• RADIUS – Remote Access Dial-In User Service (incorporates an AS and dynamic password)
• TACACS – Terminal Access Controller Access Control System (for network applications, static pwd)
• TACACS+ – Terminal Access Controller Access Control System Plus, supports token authentication

CHAP – Challenge Handshake Authentication Protocol

• Supports encryption, protects password

Decentralized Access Control – generally require medium to large workgroups of individuals and carry higher administrative overhead accordingly. In a decentralized environment, maintaining a homogeny of equipment and services scales in increasing difficulty with proportion to the number of access control points. Changes effected on individual systems are spread locally, instead of having the wide-reaching consequences and effects of a singular centralized system. Read more

CISSP Note (Domain 1: Access Control) – Three Things to Consider

Three things to consider

• Threats – potential to cause harm
• Vulnerabilities – weakness that can be exploited
• Risk – potential for harm

Risk is the likelihood that something bad will happen that causes harm to an informational asset (or the loss of the asset). A vulnerability is a weakness that could be used to endanger or cause harm to an informational asset. A threat is anything (man made or act of nature) that has the potential to cause harm.

The likelihood that a threat will use a vulnerability to cause harm creates a risk. When a threat does use a vulnerability to inflict harm, it has an impact. In the context of information security, the impact is a loss of availability, integrity, and confidentiality, and possibly other losses (lost income, loss of life, loss of real property). It should be pointed out that it is not possible to identify all risks, nor is it possible to eliminate all risk. The remaining risk is called residual risk.

Planning to take the CISSP Exam? Get a copy of my personal notes (300plus pages worth) that I used to pass the exam for only $25.00. Click the Add To Cart Button to Purchase Plus you will also get copies of notes from other CISSPs. Learn more about this package by visiting this blog entry: CISSP REVIEW NOTES I USED TO PASS THE EXAM. CLICK BELOW TO MAKE YOUR PURCHASE NOW. All Purchases are securely processed through Paypal. IMPORTANT NOTICE: I MANUALLY REVIEW ALL ORDERS. SO ONCE YOU PURCHASE THE PRODUCT, THERE WILL BE SOME DELAY ON YOU RECIEVING AN E-MAIL FROM ME WITH THE LINK TO THE DOWNLOAD AREA OF THE PRODUCT. YOU WILL GET A RESPONSE FROM ME WITHIN 24-48 HOURS.

CISSP Note (Domain 1: Access Control): C.I.A. – Quick Definitions

Information Security has three key focus ensuring the Confidentiality, Integrity and Availability of information, commonly known as C.I.A. Below are their definitions.

Confidentiality – ensure that information is not disclosed to unauthorized person

Integrity

• Prevention of modification by unauthorized users
• Prevention of unauthorized changes by otherwise authorized users
• Internal and external consistency
  • Internal consistency within the system (i.e. within a database the sum of subtotals is equal to the sum of all units)
  • External consistency – database with the real world (i.e. database total is equal to the actual inventory in the warehouse)

Availability – ability of authorized personnel to access information on time and as necessary Read more

• Join Me On Facebook

  Trehb101 - Got Geek?
  
  Promote Your Page Too

• Entry Categories

  • Biz Mgt & Dev (8)
  • Blog-keeping (1)
  • Bum-A-Post (3)
  • Don's eBook Report (5)
  • eBooks, etc… (3)
  • eCommerce / eBiz (7)
  • Entrepreneurship (6)
  • Geek Mail (2)
  • Information Security (25)
  • Information Systems (20)
  • Information Technology (8)
  • InfoSec Docs (2)
  • Internet Docs (2)
  • Internet Marketing (12)
  • Life Happens (16)
  • Project Management (2)
  • Random Stuff (11)
  • The Demondaynizer (4)
  • The Internet (15)
  • Web Design / Development (2)
  • Yeah Boy! Yah Suck! (3)

• Recent Posts

  • PMP Review Notes (Chapter 1) – What is Project Management?
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – More Protocols
  • PMP Review Notes (Chapter 1) – Projects Defined
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols – Continued
  • What’s Been Happening
  • Something off topic but really important: Help Haiti
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols

• Business Tech Press Releases

  • Telecom Argentina S.A. Announces Consolidated Annual Period ('FY09') and Fourth Quarter Results for Fiscal Year 2009 ('4Q09')* March 10, 2010
  • Country Club Products Chooses Direct|Connect 4.0 for its Paid Search Marketing Needs March 10, 2010
  • RTS Introduces First Phase of Technology Initiative to Further Reduce Latency March 10, 2010
  • Health Privacy Rights Are Threatened by Proposed Federal Rule for Electronic Health Records (EHRs) March 10, 2010
  • Motorola Announces Industry Leading Capabilities for MOTOTRBO(TM) Professional Digital Two-way Radio System March 10, 2010

• Follow Me on Twitter

• Archives

  Select Month March 2010  (4) February 2010  (1) January 2010  (4) December 2009  (18) November 2009  (28) October 2009  (4) September 2009  (1)

• Your Shopping Cart

  Your cart is empty

• Calendar

  March 2010

  M	T	W	T	F	S	S
  « Feb
  1	2	3	4	5	6	7
  8	9	10	11	12	13	14
  15	16	17	18	19	20	21
  22	23	24	25	26	27	28
  29	30	31

• From the National Vulnerbility Database

  • CVE-2010-0940 (simple_php_guestbook) March 7, 2010
    Cross-site scripting (XSS) vulnerability in guestbook.php in Simple PHP Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the action parameter. […]
    nvd@nist.gov
  • CVE-2010-0936 (dkvm-ip8) March 7, 2010
    Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. […]
    nvd@nist.gov
  • CVE-2010-0945 (com_hotbrackets) March 7, 2010
    SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. […]
    nvd@nist.gov
  • CVE-2010-0938 (todoo_forum) March 7, 2010
    Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo Forum 2.0 allows remote attackers to inject arbitrary web script or HTML via the id_forum parameter in a post action. […]
    nvd@nist.gov
  • CVE-2010-0944 (com_jcollection) March 7, 2010
    Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. […]
    nvd@nist.gov
  • CVE-2009-4678 (winn_guestbook) March 7, 2010
    Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. […]
    nvd@nist.gov
  • CVE-2010-0943 (com_jashowcase) March 7, 2010
    Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. […]
    nvd@nist.gov
  • CVE-2010-0939 (abb_forum) March 7, 2010
    Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fpdb/abb.mdb. […]
    nvd@nist.gov
  • CVE-2010-0942 (com_jvideodirect) March 7, 2010
    Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. […]
    nvd@nist.gov
  • CVE-2010-0937 (visualization_library) March 7, 2010
    Multiple unspecified vulnerabilities in Visualization Library before 2009.08.812 have unknown impact and attack vectors. […]
    nvd@nist.gov

• Tags

  Access Control advertising affiliate marketing Availability blogs business CIRT CISSP CISSP Exam CISSP Review CISSP reviewer Computer Incident Response Team computer security Confidentiality demondaynizer denial of service department of defense DOS e-commerce ebook Information Security Integrity Internet Marketing ISDN Maceo MAD MAC Microsoft monday network notes pay-per-click pay-per-sale privacy Review RSS Feeds Security social media social networking starter pack strategies telnet Trehb101 Tweets Web 2.0 yeah boy