Threats from within an organization. Insider security threats are the most significant threat to today’s information systems. Insiders often have elevated access within an organizations information systems which often gives them a level of authorized access that can cause a lot of damage if misused intentionally, or unintentionally. In the SANS Reading Room article; Insider… Read More »
LAMP (Basic) on Ubuntu 16.04. Short Essential Version LAMP (Linux, Apache, MySQL, PHP) The more detailed version of this LAMP (Basic) Installation on Ubuntu 16.04 Server can be found here… Basic Server Configuration Set root password [simterm]sudo passwd root[/simterm] Enter sudo password, then new root password twice at each prompt Update Ubuntu 16.04 [simterm]sudo apt-get update[/simterm] [simterm]sudo… Read More »
LAMP (Basic) Installation on Ubuntu 16.04 Server LAMP is a very popular server configuration already covered by countless tutorials and HowTo’s readily found with a basic web search. The following tutorial was constructed on request from several colleagues and fellow students who want to setup a basic LAMP server for lab, or home use. YES, I… Read More »
Routing protocols are used to establish a path between routers. The most common routing protocols used are: Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Intermediate System to Intermediate System (IS-IS). Which protocol to use with a Local Area Network (LAN) depends on the following Factors: Administrative cost… Read More »
A Bastion Host (BH) is a computer on a network perimeter which is running a hardened Operating System (OS). This protection includes patches, authentication, encryption, and eliminates unnecessary software and services (Weaver, Weaver, Farwood, & Weaver, 2012). Weaver et al.’s (2012) provides the following list of BH characteristics: A machine with adequate memory and processor… Read More »
Terms and Acronyms Used in Security+ Term Acronym Triple Digital Encryption Standard 3DES Authentication, Authorization and Accounting AAA Access Control List ACL Advanced Encryption Standard AES Advanced Encryption Standards 256-bit AES256 Authentication Header AH Annualized Loss Expectancy ALE Access Point AP Application Programming Interface API Advanced Persistent Threat APT Annualized Rate of Occurrence ARO Address… Read More »
Security+ General Information The CompTIA Security+ Certification is often a first step towards more advanced security certifications. About The CompTIA Security+ certification is a vendor-neutral, internationally recognized credential used by organizations and security professionals around the globe to validate foundation level security skills and knowledge. Candidates are encouraged to use this document to help prepare… Read More »
The Process of Migrating an Application to the Cloud Applications can be moved to the cloud quickly with little problem if the migration is planned correctly. The process of constructing a plan for migrating a system to the cloud generally includes the following steps: Define the system goals and requirements. This process includes considering several… Read More »
It has been estimated that within the next few years mobile computing using cloud-based systems will become a trillion dollar business. Currently, it is not clear whether mobile computing is driving the growth of cloud-based systems or vice versa. Either way, most businesses understand that it is critical to have a mobile computing presence. To… Read More »
The Governance of Cloud-Based Systems The Dot Com crash of 2000 and corporate scandals such as Enron highlighted the need for better laws to oversee financial organizations, and also highlighted the need for better corporate governance. IT Governance is the part of corporate governance that includes policies, procedures, and controls that relate to information systems… Read More »