CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Key Concepts and Other Definitions

December 22, 2009 · Posted in Information Security, Information Systems · Comment

Rainbow Series

The Rainbow Series (sometimes known as the Rainbow Books) is a series of computer security standards published by the United States government in the 1980s and 1990s. They were originally published by the U.S. Department of Defense Computer Security Center, and then by the National Computer Security Center.

These standards describe a process of evaluation for trusted systems. In some cases, U.S. government entities (as well as private firms) would require formal validation of computer technology using this process as part of their procurement criteria. Many of these standards have influenced, and have been superseded by, the Common Criteria. Read more

Tags: <CISSP Exam, CISSP Notes, computer security, department of defense, Layered Architecture, Orange Book, OSI model, Protocols, Rainbow Series, Redbook, Salami Attack, TCSEC, TNI, Trusted Computer System Evaluation Criteria, Trusted Network Interpretation, US Government>

Join Me On Facebook

Trehb101 - Got Geek?

Promote Your Page Too
Entry Categories
- All Other Items (1)
- Biz Mgt & Dev (8)
- Blog-keeping (1)
- Bum-A-Post (3)
- Don's eBook Report (22)
- eBooks, etc… (9)
- eCommerce / eBiz (22)
- Entrepreneurship (21)
- Geek Mail (4)
- Information Security (49)
- Information Systems (46)
- Information Technology (34)
- InfoSec Docs (11)
- Internet Docs (3)
- Internet Marketing (44)
- IT Docs (4)
- Life Happens (22)
- Project Management (28)
- Random Stuff (13)
- The Demondaynizer (4)
- The Internet (75)
- Web Design / Development (34)
- Yeah Boy! Yah Suck! (5)
Recent Posts
Follow Me on Twitter
Business Tech Press Releases
Archives
Tags

Book Building business CISSP CISSP Exam CISSP reviewer Development Dummies eBusiness Edition Engine Entrepreneurship Exam facebook From Google Guide Hardcover Information Information Security internet Joomla Maceo MAD MAC Management marketing Media Online Optimization Paperback PMP Exam Professional Project Search Secrets Security Social strategies Technology Trehb101 Tweets Twitter with Wordpress Your

Your Shopping Cart
Your cart is empty
Calendar

February 2012

M T W T F S S

« Mar

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29
From the National Vulnerability Database
- CVE-2012-1034 (episerver_cms) February 7, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]
  nvd@nist.gov
- CVE-2011-5076 (hdwiki) February 6, 2012
  SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. […]
  nvd@nist.gov
- CVE-2012-1021 (4images) February 6, 2012
  Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action. […]
  nvd@nist.gov
- CVE-2012-1031 (episerver_cms) February 6, 2012
  Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417. […]
  nvd@nist.gov
- CVE-2012-1008 (officesip_server) February 6, 2012
  OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message. […]
  nvd@nist.gov
- CVE-2012-0992 (openemr) February 6, 2012
  interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. […]
  nvd@nist.gov
- CVE-2012-1004 (foswiki) February 6, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephon […]
  nvd@nist.gov
- CVE-2012-1019 (xwiki_enterprise) February 6, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/D […]
  nvd@nist.gov
- CVE-2012-1002 (openconf) February 6, 2012
  Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors. […]
  nvd@nist.gov
- CVE-2012-1029 (tube_ace) February 6, 2012
  SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. […]
  nvd@nist.gov

February 2012
M	T	W	T	F	S	S
« Mar
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29

Information Security : Information Technology Project Management : Life

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Key Concepts and Other Definitions

Join Me On Facebook

Entry Categories

Recent Posts

Follow Me on Twitter

Business Tech Press Releases

Archives

Tags

Your Shopping Cart

Calendar

From the National Vulnerability Database

Information Security : Information Technology
Project Management : Life