bastion.inf

This is post 10 of 10 in the series “[ Security+ Certification ]” [System Access] MinimumPasswordAge = 2 MaximumPasswordAge = 42 MinimumPasswordLength = 10 PasswordComplexity = 1 PasswordHistorySize = 6 LockoutBadCount = 5 ResetLockoutCount = 720 LockoutDuration = -1 RequireLogonToChangePassword = 1 ForceLogoffWhenHourExpire = 1 NewAdministratorName = “root” [System Log] MaximumLogSize = 100032 AuditLogRetentionPeriod = …

Security+ Domain 4.0: Identity and Access Management

This is post 6 of 10 in the series “[ Security+ Certification ]” Domain 4.0 Identity and Access Management Authentication, Access Control & Auditing Know For The Security+ Test: The three “pillars” or “foundations” of information security are Authentication, Access Control and Auditing. (The mnemonic “AAA” may help you remember.) Authentication: By What You Know …

Security+ Domain 3.0: Architecture and Design

This is post 5 of 10 in the series “[ Security+ Certification ]” Chapter 11: Architecture Frameworks and Secure Network Architectures Chapter 12: Chapter 13: Chapter 14: Chapter 15: Chapter 16: Chapter 17:   Hardening networks: Firmware upgrades Computers, routers and other network equipment store fixed firmware in ROM modules, including: Erasable Programmable Read-Only Memory …

Security+ Domain 2.0: Technologies and Tools

This is post 4 of 10 in the series “[ Security+ Certification ]” Chapter 4: Vulnerability Scanning and Penetration Testing Pen Test Concepts Active vs Passive reconnaissance Exploitation Pivoting Escalation Types of Pen Testing Black Box White Box Gray Box Vulnerability Scanning MBSA Nessus / OpenVAS Retina Chapter 5: Vulnerabilities and Impacts System vulns Improper …

Security+ Domain 1.0: Threats, Attacks and Vulnerabilities

This is post 3 of 10 in the series “[ Security+ Certification ]” Chapter 1: Malware and Indicators of Compromise Malware Polymorphic malware Viruses Armored virus (encryption) Crypto-Malware Ransomware Worms Trojans Rootkit Keylogger Adware Spyware Bots RATs Logic Bombs Backdoors Indicators of Compromise IOC Tools from FireEye (Mandiant) OpenIOC from MITRE STIX TAXII CybOx Chapter …

NYS DFS Cybersecurity Regulations are going to create a lot of CISO jobs, and a lot of pain for just about every business

This ominous-sounding set of regulations is going to apply to a lot more businesses than they will expect. And they’re deep, and specific. Most organizations are going to be required to have a CISO, for instance, and that’ll be a bitter surprise to some. It’s likely that the responsibility will be loaded onto some existing …