CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols

Protocols – a standard set of rules that determines how computers communicate with each other across networks despite their differences

Layered architecture

• Shows how communication should take place
• Clarify the general functions of a communication process
• To break down complex networking processes into more manageable sub-layers
• Using industry standard interfaces enables interoperability
• To change the features of one layer without changing the code in every layer
• Easier troubleshooting Read more

Yeah Boy! Yah Suck! Friday…

Missed last Friday’s Yeah Boy, Yeah Suck ‘coz of the holidays and today I’ve been fighting the network gremlins all morning and a little out of sorts right now and playing catch-up… Yes that cheese to go with my whine sounds good just about now…

Anyway…

This week’s Yeah Boy! (should have been last week, but who’s tracking?)…

Efren Peñaflorida and the rest of the 10 CNN 2009 Heroes. Their stories are simply the true silver lining in the dark clouds that has been laying over our dear planet. Efren Peñaflorida was named the CNN Hero of the Year, but even though I am truly proud of this man from my home country, I can easily say that any of the other 9 folks recognized in this event are equally deserving.

My hat’s off to these heroes: http://www.cnn.com/SPECIALS/cnn.heroes/archive09/index.html

What else is there to say but YEAH BOY!!!

This week’s Yah Suck, well there are so many choices: Read more

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Availability Concepts / Fault Tolerance

Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is the lack thereof, one example of this is a common attack known as a denial of service (DoS) attack.

For example: In 2000 Amazon, CNN, eBay, and Yahoo! were victims of a DoS attack.

Fault Tolerance is the ability of a system to respond gracefully to an unexpected hardware or software failure. There are many levels of fault tolerance, the lowest being the ability to continue operation in the event of a power failure. Many fault-tolerant computer systems mirror all operations — that is, every operation is performed on two or more duplicate systems, so if one fails the other can take over. Source: http://www.webopedia.com/term/f/fault_tolerance.html Read more

• Join Me On Facebook

  Trehb101 - Got Geek?
  
  Promote Your Page Too

• Entry Categories

  • All Other Items (1)
  • Biz Mgt & Dev (8)
  • Blog-keeping (1)
  • Bum-A-Post (3)
  • Don's eBook Report (22)
  • eBooks, etc… (9)
  • eCommerce / eBiz (22)
  • Entrepreneurship (21)
  • Geek Mail (2)
  • Information Security (40)
  • Information Systems (35)
  • Information Technology (29)
  • InfoSec Docs (11)
  • Internet Docs (3)
  • Internet Marketing (44)
  • IT Docs (4)
  • Life Happens (20)
  • Project Management (25)
  • Random Stuff (12)
  • The Demondaynizer (4)
  • The Internet (75)
  • Web Design / Development (34)
  • Yeah Boy! Yah Suck! (5)

• Recent Posts

  • Learning Joomla! 1.5 Extension Development: Creating Modules, Components, and Plugins with PHP (Paperback)
  • Joomla! 1.5 Template Design (Paperback)
  • Mastering Niche Marketing: A Definitive Guide to Profiting From Ideas in a Competitive Market (Paperback)
  • WordPress In Depth (Paperback)
  • Professional Joomla! (Programmer to Programmer) (Paperback)
  • The Art of the Start: The Time-Tested, Battle-Hardened Guide for Anyone Starting Anything (Hardcover)
  • How to Use the Internet to Advertise, Promote and Market Your Business or Website with Little or No Money (Paperback)

• Follow Me on Twitter

• Business Tech Press Releases

  • Accusoft Pegasus Named to the 2010 Inc. 5000 List of Fastest-Growing Private Companies September 3, 2010
  • Offerpal Media Names Mihir Shah CEO; George Garrick Executive Chairman September 3, 2010
  • Activision Blizzard to Present at the Deutsche Bank 2010 Technology Conference September 3, 2010
  • Nation's #1 Small Business Named in Top 1,000 List by Influential Inc. Magazine September 3, 2010
  • SaveOnResorts.com Ranks No. 289 on the 2010 Inc. 500 With Three-Year Sales Growth of 1,055% September 3, 2010

• Archives

  Select Month August 2010  (4) July 2010  (19) June 2010  (28) May 2010  (37) April 2010  (63) March 2010  (54) February 2010  (1) January 2010  (4) December 2009  (18) November 2009  (27) October 2009  (4) September 2009  (1)

• Tags

  Blog Book Building business CISSP CISSP Exam CISSP reviewer Development Dummies eBusiness Edition Engine Entrepreneurship Exam facebook From Google Guide Hardcover Information internet Joomla Maceo MAD MAC Management marketing Media Online Optimization Paperback PMP Exam Professional Project Search Secrets Security Social strategies Technology Trehb101 Tweets Twitter with Wordpress Your

• Your Shopping Cart

  Your cart is empty

• Calendar

  September 2010

  M	T	W	T	F	S	S
  « Aug
  		1	2	3	4	5
  6	7	8	9	10	11	12
  13	14	15	16	17	18	19
  20	21	22	23	24	25	26
  27	28	29	30

• e-Business News from eCommerceTimes

  • HP's Wallet-Busting Win
    The insane tug-of-war between Dell and HP for enterprise storage company 3Par has finally drawn to a close. We have a winner, if you want to call it that -- the final sale price is more than double the figure Dell initially put forward when it announced its intentions to buy 3Par a couple weeks ago, so who knows how much of that is real value and how much is […]
  • Making Change Happen Every Day: Q&A With GSA's David McClure
    The U.S. government spends $80 billion annually on information technology. The U.S. General Services Administration is directly involved in nearly 25 percent of federal IT procurement activities through its Schedule 70 acquisition program, including nearly $9 billion directly for information technology investments. GSA has emerged as a leader in guiding fede […]
  • Marketers, Let's Get Personal
    On Aug. 13, IBM and Unica Corporation announced they had entered into a definitive agreement for IBM to acquire Unica, a leading provider of marketing software solutions that focuses on streamlining marketing program development, execution and management to achieve improved marketing effectiveness. […]
  • 3Par Sale Frenzy Ends With HP the Presumed Winner
    HP has won the bidding war it waged with Dell for data-storage company 3Par, whose shares were trading at $9.65 when Dell first tried to acquire it in mid-August. Dell decided not to match HP's $2.4 billion ($33 per share) offer, which topped Dell's bid of $32 per share. Dell first tried to acquire 3Par with an $18 per share offer on August 16, whi […]
  • Intel, Infineon and the Winds of Change
    Intel has focused solely on the computer business for so long, we forget it can pursue other avenues of growth as well. Tomorrow, all our devices will be connected and talk to each other and share information. In that new world, Intel has been looking around for another business to acquire to help expand its reach, and it chose Infineon. […]
  • In iTunes, All App Reviews Are Not Created Equal
    I like walled gardens. They are safe and, for the most part, keep out the predators. However, when one sneaks over the wall, the results can be ugly, to say the least. With the iTunes App Store, one of the key supposed advantages for end-users is that it is a walled garden, and Apple is providing a safe, secure environment you can trust in. […]
  • How to Build a Better Business Blog
    About the easiest way for companies to dip their toes into the social media waters is the blog. There are few technical burdens to setting them up, the time needed to create posts can flex with the workloads of the assigned writers, and they can become a conduit for customer conversations through the comments section. So every business is leaping eagerly int […]
  • Do E-Readers Spell the End of Print Media?
    Recently, library chief Helen Josephine of Stanford University's Engineering Library said that the students' search through volumes of books to get to a formula that they want is basically at an end because "with books being digitized and available through full text search capabilities, they can find that formula quite easily." […]
  • Sony's New Touchscreen Readers Unlikely to Shake Up Market
    Sony has updated its e-reader family of devices: the Reader Pocket, Reader Touch and Reader Daily. The new Readers offer touchscreen functionality based on infrared sensors that read taps made by a finger or a stylus. They are smaller and lighter, and have redesigned user interfaces. […]
  • Will Wednesday's Big Show Put More Spring in AAPL's Step?
    Shares of Apple closed up 60 cents on Tuesday to hit $243.10. However, Cupertino is still smarting from the downward spiral of the past few weeks, when its stocks took a beating along with the rest of the market. The Dow on Tuesday recovered a fraction of what it lost after a Monday drubbing, and the Nasdaq fell nearly six points. […]

• From the National Vulnerability Database

  • CVE-2010-2364 (moobbs) August 30, 2010
    Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]
    nvd@nist.gov
  • CVE-2010-3188 (bugtracker.net) August 30, 2010
    SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page. […]
    nvd@nist.gov
  • CVE-2010-3196 (db2) August 30, 2010
    IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view. […]
    nvd@nist.gov
  • CVE-2010-3190 (visual_studio) August 30, 2010
    Untrusted search path vulnerability in ATL MFC Trace Tool (AtlTraceTool8.exe), as used in Microsoft Visual Studio, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a TRC, cur, rs, rct, or res file. […]
    nvd@nist.gov
  • CVE-2010-3195 (db2) August 30, 2010
    Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration." […]
    nvd@nist.gov
  • CVE-2010-2365 (moobbs2) August 30, 2010
    Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]
    nvd@nist.gov
  • CVE-2010-3194 (db2) August 30, 2010
    The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner. […]
    nvd@nist.gov
  • CVE-2010-3191 (captivate) August 30, 2010
    Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .cptx file. NOTE: the provenance of this information is unknown; the details are ob […]
    nvd@nist.gov
  • CVE-2010-3193 (db2) August 30, 2010
    Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors. […]
    nvd@nist.gov
  • CVE-2010-3189 (internet_security) August 30, 2010
    The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer. […]
    nvd@nist.gov