The Best Last Minute Cram Study Guide to Pass the Security+ Exam

Are you taking the Security+ exam within the next two weeks?  Here is a Last Minute Cram guide I wrote based on Darrel Gibson’s Security+ book that will help you pass the exam.  Don’t forget to look at the charts at the botton: DARRIL GIBSON SECURITY+ 401 SUMMARY Chapter 1 Exam Topic Review When preparing […]

Read More

What is VM detection?

Dilshan Keragala writes in his excellent 2016 SANS Paper on Detecting Malware and Sandbox Evasion Techniques that “The proposition of Malware Sandbox analysis techniques is an effective remedy to the challenge posed by malware attacks. The concept behind a malware Sandbox analysis system is to capture the malicious program sample in a controlled testing environment […]

Read More

Ethical Hacking

If you want to get your hands-on experience and your ethical hacking game on, Hacking-Lab is an excellent platform to do it on.  Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. Hacking-Lab is providing CTF and mission style challenges for international competitions like […]

Read More

What are Firewalls?

Firewall A host-based firewall monitors traffic going in and out of a single host, such as a server or a workstation. It monitors traffic passing through the NIC and can prevent intrusions into the computer via the NIC. Many operating systems include software-based firewalls used as host-based firewalls. Host-based firewalls provide protection for individual hosts […]

Read More

What are some common security threats?

Common Security Threats DoS (Denial of Service) – A DoS attack is a common type of attack in which false requests to a server overload it to the point that it is unable to handle valid requests, cause it to reset, or shut it down completely. There are many different types of DoS attacks including […]

Read More

Threat Detection and Analysis Example: After-hours Activity

Example: Unexpected activity after business hours. Unbeknownst to the IT department, a remote access program had been installed to permit the user to login to his desktop at work, from a remote location. The user was accessing personal information that had been stored at work. This remote access is obviously an unauthorized “hole” deliberately left […]

Read More

Threat Detection and Analysis Example: A phishing attack

Example: While inspecting browser traffic from a workstation indicating a phishing attack, a title page says “Dropbox Login Page” but it’s not via https.  The workstation user was potentially a victim of an attempt to harvest credentials for Dropbox via a bogus login page. Quarantine the workstation and run a deep scan. For maximum safety, […]

Read More