Archive for the ‘Certification’ Category

‘;–have i been pwned? Check if you have an account that has been compromised in a data breach

Have I been pwned? as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach.

https://haveibeenpwned.com/

 

Top 10 breaches

359,420,698  MySpace accounts
234,842,089  NetEase accounts
164,611,595  LinkedIn accounts
152,445,165  Adobe accounts
112,005,531  Badoo accounts
93,338,602  VK accounts
91,436,280  Rambler accounts
68,648,009  Dropbox accounts
65,469,298  tumblr accounts
58,843,488  Modern Business Solutions accounts

test vulnerabilitie

test-image.php

Disaster recovery illustrated

raid

Web 2.0 Compliance

Regardless of the industry regulations an organization is subject to, most require member firms to be able to identify
employees, even if they use “buddy” names, control content that might be construed as advertising or advice and
archive all electronic communications. However, in practice not many firms are able log content posted to Facebook
or Twitter, let alone try to control the content of the actual message.
Within some industries this may even be taken a step further where creating ethical walls between business functions
is a required element of compliance. Complete, of course, with a full audit trail of who joined the “conversation”
and when, how long they stayed and when they left. Although the majority of these regulations are centered in
the banking, finance, healthcare and energy industries, most businesses are governed by a set of regulations that
demand that best practice be followed.

Just a snapshot of these regulations include: 

SEC Rules 17a-3 and 17a-4 and NASD rule 3110

Organizations must retain records of communications related to business.

Gramm-Leach-Bliley Act (GLBA)

Requires that the content of communications should be scanned for sensitive content that should not be sent in clear text – e.g., personally identifiable credit information; as well as content that should never be sent via public communications channels

FINRA Notice 07-59

Ethical walls requirement between research and investment banking departments

FRCP (Federal Rules of Civil Procedure)

Requires the storage of business records in whatever medium they may have been produced or stored. Email and IM are electronically stored information. Posts to social media sites must be preserved if reasonably determined to be discoverable.

Investment Dealers Association of Canada (IDA29.7)

Demands the retention of records with relation to business activities, regardless of its medium of creation.

MiFID and FSA Markets in Financial Instruments Directive (EU)

Specifically requires the retention of electronic communications conversations when trades are referenced.

FERC Order No. 717

The goal of this order is to create an ethical wall between the marketing and transmission functions of vertically integrated companies. Retain communications for 5 years. Plus, if communications takes place, it must be made public immediately.

CFTC & NFA Compliance Rule 2-29 Supervisory procedures for email and Web. NFA Interpretive Note 9063

If a Member or Associate hosts a blog, a chat room, or a forum where futures or forex are discussed, the Member or Associate is required to supervise the use of that community. This requires, at a minimum, that the Member or Associate regularly monitor the content of the sites it hosts, take down any misleading or otherwise fraudulent posts, and ban users for egregious or repeat violations.

Sarbanes-Oxley (SOX)

Businesses must preserve information relevant to the company reporting.

Wanna see how long it might take a computer to crack your password?

how-secure-is-your-password

CCNA Security 640-553 Cert Flash Cards Online available

The CCNA Security 640-553 Cert Flash Cards Online provides a concise review of all objectives on the IINS exam 640-553. This online exam preparation tool consists of a custom flash card application loaded with 250 total questions that test your skills and enhance retention of exam topics.

 

Questions are organized by exam objective, allowing you to focus your study on selected topics. You can choose to view cards in order or at random, and you can create custom sets from the entire bank of cards. The engine provides you with the ability to mark each question correct or incorrect and provides a detailed score report by category at the end of the exam. You can even write notes on each question and then get a printable PDF of all your notes aligned to the relevant questions.

 

These robust features make this a truly unique learning tool:

     .    Test your knowledge by entering your own answers

     .    Grade your answers against the correct answer

     .    Create custom question sets

     .    View detailed score reports

     .    Enter and print notes for each question

     .    Use on any device that has a web browser and Internet connection

 

CCNA Security 640-553 Cert Flash Cards Online is an online, internet-based service, available in both desktop and mobile device formats, allowing you to test yourself at home, at work, or on the go.

 

System Requirements:

Web browser and Internet connection

 

US: $24.99 / CAN: $29.99

 

Table of Contents

 

1. Describe the security threats facing modern network infrastructures

2. Secure Cisco[r] routers

3. Implement AAA on Cisco routers using local router database and external ACS

4. Mitigate threats to Cisco routers and networks using ACLs

5. Implement secure network management and reporting

6. Mitigate common Layer 2 attacks

7. Implement the Cisco IOS[r] IPS feature set using SDM

8. Implement site-to-site VPNs on Cisco Routers using SDM

 

source: http://www.ciscopress.com/bookstore/product.asp?isbn=1587058588

Tags: , ,

Networking Essential Free Poster !

A free Networking Essentials Free Poster with cable types, Osi Layer, Protocles, Network Topologies, …

Tags: , ,

Defense-in-Depth with defense in breadth

You can find in the Cisco certification guide for the Cisco 640-553 this explanation of the Defense-in-Depth security approach :

“Cisco recommends multiple and overlapping solutions. These overlapping solutions target different aspects of security, such as securing against insider attacks and securing against technical attacks. These solutions should also be subjected to routine testing and evaluation. Security solutions should also overlap in a way that eliminates any single point of failure.

Defense in Depth is a design philosophy that achieves this layered security approach. The layers of security present in a Defense in Depth deployment should provide redundancy for one another while offering a variety of defense strategies for protecting multiple aspects of a network. Any single points of failure in a security solution should be eliminated, and weak links in the security solution should be strengthened.”

But if you consider attacks targeting the different aspect of security : Confidentiality, Integrity, and Availability, (CIA) things are not such simpler.

Read this article on “Observations on the effects of defense in depth on adversary behavior in cyber warfare”. They have built different networks with different number of security layers. Then a team tried to catch flags that correspond to the realization of an attack on the different CIA security aspects for each network.

The goal is to see the factor between the number of security layer in each network and the corresponding time for the attacker to successfully launch all the three attack ( Confidentiality, Integrity, Availability)

The result is that to launch a read or modify attack the workload that take two hours at configuration level one and two, take 26 hours at level 3. The big change is in the time to develop the attack instead of launching it.

You can see that in the following graph :

 

image

But what happens to availability attacks ?

More you have systems, more you have possibility to exploit a vulnerability from the chain of systems and to denial service to it.

Look at the following graph :

 

image

 

Less time to launch a denial of services attack with more layer of security.

 

Therefore, what to do ? Plans carefully your different layer and the overlaps between them , think about not only the number, but the scope covered by the layer think about “Defense-in-Depth” with “Defense-in-breadth”.

 

The following graph from the US Transport Security Agency is an example of the “Defense-in-Depth” with “Defense-in-breadth” security approach, you have multiple layer that’s overlaps with each other to form a large area of defense.

Graphic which shows layers of security used to ensure the security of the traveling public and the Nation's transportation system.

Source : http://www.tsa.gov/what_we_do/layers/index.shtm

In conclusion, adding security layers to a system does not necessarily guarantee increased assurance. Introducing new layers of security has the potential to introduce new vulnerabilities, or control surfaces, for sophisticated adversaries to exploit. Defensive layers must be analyzed to gain a thorough understanding of how they work together before they are integrated into an operational system.

Recent Posts

Blogroll

Partner Site