Pharming is a type of cyber crime. It is very similar to phishing attacks. The Pharming attacks to name resolution process. However, There is a DNS server in each network. In fact, each computer has its local DNS service. A pharming attack uses two way for attack to this process: First Way More about hosts [...]
Assess Security Impact of Acquired Software When an organization combines with or purchases another organization, the acquired source code, repository access and design, and intellectual property should analyze and review to assess security. Also, the phases of the development cycle should review. There are some use cases that bear further discussion: Open source: Never [...]
Assess the Effectiveness of Software Security In this section of this tutorial, we'll take a look at assessing the effectiveness of software security . These days, one of the most important aspects of cyber security is assessing the effectiveness of application security. Once the application is ongoing and software has been programmed, the next [...]
Identify and Apply Security Controls in Development Environments Organizations must be able to take multiple levels of risk mitigation to protect the code, as well as the applications. In this section of this tutorial, we'll take a look at security controls in development to help you understand the different aspects of security controls in [...]
Understand & Integrate Security in the Software Development Life Cycle (SDLC) SDLC of course sometimes called software development methodology (SDM) also. Anyway, SDLC refers to all the steps required to develop software and systems from conception through implementation, support, and (ultimately) retirement. These days, one of the most important aspects of cyber security is [...]
Implement and Manage Physical Security Physical security is yet another important aspect of the security professional’s responsibilities, and refers to securing physical assets such as land, buildings, computers, and other company property. We've discussed about important physical security concepts and technologies in detail before. If you need to refer to the contents of these [...]
Participate in Business Continuity Planning (BCP) and Exercises Business continuity focuses on a business operating with minimal or no downtime. At result, It also includes disaster recovery. We can say that business continuity is a strategy while disaster recovery is a tactic. In this section of this tutorial, we'll take a look at business [...]
Test Disaster Recovery Plans (DRP) In this section of this tutorial, we'll take a look at test disaster recovery plans (DRP) to help you understand the different aspects of test disaster recovery plans (DRP). Testing the disaster recovery plans is an effective way to assure the company is ready for a real disaster. There [...]
Implement Disaster Recovery (DR) Processes The general process of disaster recovery include: Responding to the disruption Activation of the recovery team Ongoing tactical communication Assessment of the damage Recovery of critical assets and processes Response The first thing to consider when an incident occurs is whether the disaster recovery process is needed. If the [...]