How to write a disaster recovery plan

Reference: SearchDisasterRecovery and ComputerWeekly An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned incidents that threaten an IT infrastructure, which includes hardware, software, networks, processes and people. Protecting your firm’s investment in its technology infrastructure, and protecting your firm’s ability to conduct business are the key reasons for […]

Read More

What are Windows logs?

How to use Event Viewer in Windows: Use Event Viewer in Windows®. To open Event Viewer follow the steps below: 1. Press  + R and type“eventvwr.msc” and press Enter or click OK.  Security note: If UAC is enabled, then you’ll get a UAC prompt on screen. Please specify credentials or permission to pass the UAC […]

Read More

How do you identify abnormal or malicious behavior?

Reference: https://marksforensicblog.wordpress.com/ Malware, in general, has four main characteristics: 1. An initial infection vector – how it got on the system in the first place; this can be through browser download, email attachment, etc. 2. Artifacts – what actions does the malware take upon infection and what footprints does it leave? It’s sufficient and quicker […]

Read More

What is a disaster recovery plan?

A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.[1] Such a plan, ordinarily documented in written form, specifies procedures an organization is to follow in the event of a disaster. It is “a comprehensive statement of consistent […]

Read More

What is the NIST Cyber Security Framework?

Recognizing the national and economic security of the United States depends on the reliable function of critical infrastructure, the President issued Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. The Order directed NIST to work with stakeholders to develop a voluntary framework – based on existing standards, guidelines, and practices – for reducing […]

Read More

What is the difference between a GET and a POST?

The POST request method is designed to request that a web server accepts the data enclosed in the request message’s body for storage. It is often used when uploading a file or submitting a completed web form. In contrast, the HTTP GET request method is designed to retrieve information from the server.

Read More

What are Firewalls?

Firewall A host-based firewall monitors traffic going in and out of a single host, such as a server or a workstation. It monitors traffic passing through the NIC and can prevent intrusions into the computer via the NIC. Many operating systems include software-based firewalls used as host-based firewalls. Host-based firewalls provide protection for individual hosts […]

Read More

What is IPSec?

IPSec. Internet Protocol security (IPSec) is used to encrypt IP traffic.  The IP Security (IPsec) architecture comprises a suite of protocols developed to ensure the integrity, confidentiality and authentication of data communications over an IP network. IPSec may be used in three different security domains: virtual private networks, application-level security and routing security.  IPsec is […]

Read More

How would you make your Linux server more secure?

Install only what you need.  Keep your server lean.  Install only those packages that you really need. If there are unwanted packages; purge. The fewer the packages the less chance of unpatched code. Run only what you need.  This output will show you which services are running on which ports: netstat -npl You should also […]

Read More

What is the difference between DNS and DHCP?

DHCP is what is used by the router to assign an IP address to a specific computer, while DNS is a service that translates website names into the website’s IP address. Therefore, DHCP assigns IP addresses, and DNS looks up already existing addresses.

Read More