CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols

Protocols – a standard set of rules that determines how computers communicate with each other across networks despite their differences

Layered architecture

• Shows how communication should take place
• Clarify the general functions of a communication process
• To break down complex networking processes into more manageable sub-layers
• Using industry standard interfaces enables interoperability
• To change the features of one layer without changing the code in every layer
• Easier troubleshooting Read more

Yeah Boy! Yah Suck! Friday…

Missed last Friday’s Yeah Boy, Yeah Suck ‘coz of the holidays and today I’ve been fighting the network gremlins all morning and a little out of sorts right now and playing catch-up… Yes that cheese to go with my whine sounds good just about now…

Anyway…

This week’s Yeah Boy! (should have been last week, but who’s tracking?)…

Efren Peñaflorida and the rest of the 10 CNN 2009 Heroes. Their stories are simply the true silver lining in the dark clouds that has been laying over our dear planet. Efren Peñaflorida was named the CNN Hero of the Year, but even though I am truly proud of this man from my home country, I can easily say that any of the other 9 folks recognized in this event are equally deserving.

My hat’s off to these heroes: http://www.cnn.com/SPECIALS/cnn.heroes/archive09/index.html

What else is there to say but YEAH BOY!!!

This week’s Yah Suck, well there are so many choices: Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Availability Concepts / Fault Tolerance

Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is the lack thereof, one example of this is a common attack known as a denial of service (DoS) attack.

For example: In 2000 Amazon, CNN, eBay, and Yahoo! were victims of a DoS attack.

Fault Tolerance is the ability of a system to respond gracefully to an unexpected hardware or software failure. There are many levels of fault tolerance, the lowest being the ability to continue operation in the event of a power failure. Many fault-tolerant computer systems mirror all operations — that is, every operation is performed on two or more duplicate systems, so if one fails the other can take over. Source: http://www.webopedia.com/term/f/fault_tolerance.html Read more

• Join Me On Facebook

  Trehb101 - Got Geek?
  
  Promote Your Page Too

• Entry Categories

  • Biz Mgt & Dev (8)
  • Blog-keeping (1)
  • Bum-A-Post (3)
  • Don's eBook Report (6)
  • eBooks, etc… (3)
  • eCommerce / eBiz (7)
  • Entrepreneurship (6)
  • Geek Mail (2)
  • Information Security (26)
  • Information Systems (22)
  • Information Technology (9)
  • InfoSec Docs (2)
  • Internet Docs (2)
  • Internet Marketing (12)
  • Life Happens (16)
  • Project Management (3)
  • Random Stuff (11)
  • The Demondaynizer (4)
  • The Internet (15)
  • Web Design / Development (2)
  • Yeah Boy! Yah Suck! (3)

• Recent Posts

  • PMP Review Notes (Chapter 1) – Programs v. Portfolios
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Security Protocols
  • PMP Exam Prep, Sixth Edition: Rita’s Course in a Book for Passing the PMP Exam (Perfect Paperback)
  • PMP Review Notes (Chapter 1) – What is Project Management?
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – More Protocols
  • PMP Review Notes (Chapter 1) – Projects Defined
  • CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols – Continued

• Business Tech Press Releases

  • ConvergEx Offers Eze OMS Clients Access to LiquidPoint's Latest Options Execution and Routing Technologies March 11, 2010
  • NI Technology Updates Outlooks for Microvision, Towerstream, National Semiconductor, TriQuint Semiconductor and RF Micro Devices March 11, 2010
  • Fund.com Forms Strategic Alliance With Transparensee to Create Next Generation Search Engine for Mutual Funds and ETFs March 11, 2010
  • Allion Test Labs Selects LeCroy USB 3.0 Test Suite for Complete SuperSpeed USB Compliance Testing March 11, 2010
  • High Gear Media Launches All-New Used Car Listings Marketplace March 11, 2010

• Follow Me on Twitter

• Archives

  Select Month March 2010  (7) February 2010  (1) January 2010  (4) December 2009  (18) November 2009  (28) October 2009  (4) September 2009  (1)

• Your Shopping Cart

  Your cart is empty

• Calendar

  March 2010

  M	T	W	T	F	S	S
  « Feb
  1	2	3	4	5	6	7
  8	9	10	11	12	13	14
  15	16	17	18	19	20	21
  22	23	24	25	26	27	28
  29	30	31

• From the National Vulnerbility Database

  • CVE-2010-0958 (tribisur) March 9, 2010
    Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information. […]
    nvd@nist.gov
  • CVE-2010-0957 (saskias_shopsystem) March 9, 2010
    Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter. […]
    nvd@nist.gov
  • CVE-2010-0947 (bbsmax) March 9, 2010
    Cross-site scripting (XSS) vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter. […]
    nvd@nist.gov
  • CVE-2010-0956 (opencart) March 9, 2010
    SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. […]
    nvd@nist.gov
  • CVE-2010-0949 (natychmiast-cms) March 9, 2010
    Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS allow remote attackers to inject arbitrary web script or HTML via the id_str parameter to (1) index.php and (2) a_index.php. […]
    nvd@nist.gov
  • CVE-2010-0955 (bild_flirt_community) March 9, 2010
    SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. […]
    nvd@nist.gov
  • CVE-2010-0791 (ncpfs) March 9, 2010
    The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. […]
    nvd@nist.gov
  • CVE-2010-0954 (pre_e-learning_portal) March 9, 2010
    SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter. […]
    nvd@nist.gov
  • CVE-2010-0103 (duo_usb) March 9, 2010
    UsbCharger.dll in the Energizer DUO USB battery charger software contains a backdoor that is implemented through the Arucer.dll file in the %WINDIR%\system32 directory, which allows remote attackers to download arbitrary programs onto a Windows PC, and execute these programs, via a request to TCP port 7777. […]
    nvd@nist.gov
  • CVE-2010-0953 (phpcoin) March 9, 2010
    Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter. […]
    nvd@nist.gov

• Tags

  Access Control advertising affiliate marketing Availability blogs business CIRT CISSP CISSP Exam CISSP Notes CISSP Review CISSP reviewer Computer Incident Response Team computer security Confidentiality demondaynizer denial of service department of defense DOS e-commerce ebook Information Security Integrity Internet Marketing ISDN Maceo MAD MAC Microsoft monday network notes pay-per-click pay-per-sale privacy Review RSS Feeds Security social media social networking starter pack strategies Trehb101 Tweets Web 2.0 yeah boy