CISSP: Vulnerability and Penetration Testing for Access Control
IT components such as operating systems, application software, and even networks, have many vulnerabilities. These vulnerabilities are open to compromise or exploitation. This creates...
Install GNOME-Shell on Ubuntu 9.10 “Karmic Koala”
Remember, these are development builds and preview snapshots, and are still in the early stages. While it appears to be functional (so far) your...
Blocking Common Attacks using ModSecurity 2.5: Part 3
Source code revelation
Normally, requesting a file with a .php extension will cause mod_php to execute the PHP code contained within the file and then...
Blocking Common Attacks using ModSecurity 2.5: Part 2
Cross-site scripting
Cross-site scripting attacks occur when user input is not properly sanitized and ends up in pages sent back to users. This makes it...
Blocking Common Attacks using ModSecurity 2.5: Part 1
Web applications can be attacked from a number of different angles, which is what makes defending against them so difficult. Here are just a...
Ways to improve performance of your server in ModSecurity 2.5
A typical HTTP request
To get a better picture of the possible delay incurred when using a web application firewall, it helps to understand the...
CISSP: Security Measures for Access Control
Knowledge requirements
A candidate appearing for the CISSP exam should have knowledge in the following areas that relate to access control:
Control access by applying concepts,...
Telecommunications and Network Security Concepts for CISSP Exam
Transport layer
The transport layer in the TCP/IP model does two things: it packages the data given out by applications to a format that is...
Public Key Infrastructure (PKI) and other Concepts in Cryptography for CISSP Exam
Public key infrastructure
Public Key Infrastructure (PKI) is a framework that enables integration of various services that are related to cryptography.
The aim of PKI is...
Preventing SQL Injection Attacks on your Joomla Websites
Introduction
Mark Twain once said, "There are only two certainties in life-death and taxes." Even in web security there are two certainties: It's not "if...