sorted by date 
Logical Security, Network Security: Passing the Audit By Shon Harris
The Public Company Accounting Oversight Board’s standards, and the secrets you must know before the audit. Many IT managers and professionals strongly believe that although Sarbanes-OxleyLogical Security, Network Security: SOX and Internal Controls By Shon Harris
The Sarbanes-Oxley Act (“SOX”) established far-reaching changes in how public companies report information to investors. The Act fundamentally changed the informationAn Introduction to Firewalling with iptables and pf By Shon Harris
Abstract In this article we assume the reader knows what a firewall is and other basic concepts about firewalls, like the distinction between stateless (static)Logical Security, Network Security: PCI Standards By Shon Harris
PCI Standards What is PCI all about? PCI is all about credit card system security. The credit card system plays a critical role in the economy. The system is built from the bricks ofLogical Security, Network Security: GLBA Compliance Chalenges By Shon Harris
Gramm Leach Bliley Act Specific GLBA Compliance Challenges Financial institutions and others subject to GLBA find three aspects of compliance particularly challenging:Logical Security, Network Security: Scary to Scarier By Shon Harris
Most of us know about Paris Hilton’s stint in jail; yet we are not aware of the continuous computer crimes that are taking place around us. You can visit www.cybercrime.gov to seeLogical Security, Network Security: OMB Circular A-123 By Shon Harris
Before we dive into this one, let’s figure out who the OMB is. Basically this is the group that oversees all executive branch funding, so when they come down with a new requirement, governmentCareer Path By Shon Harris
Today any field that pertains to technology has been affected by the growing demands of security, whether it is a network administrator or engineer, programmer, implementer, or consultant. IncreaseLogical Security, Network Security: Regulation Government Agencies By Shon Harris
1 Government Agencies The Congress and President of the United States delegate specific authority to federal government agencies. Others are created at the state level.Logical Security, Network Security: Security Issues of Social Network Sites By Shon Harris
1. What Social Networks Are Social networks are very widely diffused today. A social network is a social structure made of people that are tied by one or more specific types of interdependency, suchLogical Security, Network Security: IPSec By Shon Harris
The Internet Protocol (IP) was not developed with security in mind, thus it is very easy to forge IP addresses, modify packets, perform replay attacks by resending capturedLogical Security, Network Security: How Would a Birthday Attack Take Place?
Sue and Joe are going to get married, but before they do, they have a prenuptial contract drawn up that states if they get divorced, then Sue takes her original belongings and Joe takes his originalLogical Security, Network Security: Attacks Against One-Way Hash Functions
A good hashing algorithm should not produce the same hash value for two different messages. If the algorithm does produce the same value for two distinctly different messages, this is called aAnswers By Shon Harris
1. A. Cryptanalysis is the process of trying to reverse-engineer a cryptosystem with the possible goal of uncovering the key used. Once this key is uncovered, all other messages encrypted with thisQuick Tips By Shon Harris
• Cryptography is the science of protecting information by encoding it into an unreadable format. • The most famous rotor encryption machine is the Enigma used by the Germans in WWII.Logical Security, Network Security: Summary By Shon Harris
Cryptography has been used in one form or another for over 4000 years, and the attacks on cryptography have probably been in place for 3999 years and 364 days. As one group of people works to findLogical Security, Network Security: Questions By Shon Harris
Please remember that these questions are formatted and asked in a certain way for a reason. Keep in mind that the CISSP exam is asking questions at a conceptual level. Questions may not always haveDifferential Cryptanalysis By Shon Harris
This type of attack also has the goal of uncovering the key that was used for encryption purposes. It was invented in 1990 as an attack against DES, and it turned out to be an effective andLogical Security, Network Security: Cookies By Shon Harris
Cookies are text files that a browser maintains on a user’s hard drive. Cookies have different uses, and some are used for demographic and advertising information. As a user travels from site toLogical Security, Network Security: Secure Electronic Transaction By Shon Harris
Secure Electronic Transaction (SET) is a security technology proposed by Visa and MasterCard to allow for more secure credit card transaction possibilities than what is currently available. SET hasBlogger: Page not found
Secure Shell (SSH) functions as a type of tunneling mechanism that provides terminal like access to remote computers. SSH is a program and a protocol that can be used to log in to another computerLogical Security, Network Security: Internet Security Protocol By Shon Harris
The Internet Protocol Security (IPSec) protocol suite provides a method of setting up a secure channel for protected data exchange between two devices. The devices that share this secure channel canLogical Security, Network Security: Attacks By Shon Harris
Eavesdropping and sniffing data as it passes over a network are considered passive attacks because the attacker is not affecting the protocol, algorithm, key, message, or any parts of theLogical Security, Network Security: Internet Security By Shon Harris
The Web is not the Internet. The Web runs on top of the Internet, in a sense. The Web is the collection of HTTP servers that hold and process web sites we see. The Internet is the collection ofLogical Security, Network Security: E-mail Standards By Shon Harris
Like other types of technologies, cryptography has industry standards and de facto standards. Standards are necessary because they help ensure interoperability among vendor products. Standards usuallyLogical Security, Network Security: Multipurpose Internet Mail Extension By Shon Harris
Multipurpose Internet Mail Extension (MIME) is a technical specification indicating how multimedia data and e-mail attachments are to be transferred. The Internet has mail standards thatLogical Security, Network Security: Privacy-Enhanced Mail by Shon Harris
Privacy-Enhanced Mail (PEM) is an Internet standard to provide secure e-mail over the Internet and for in-house communication infrastructures. The protocols within PEM provide authentication,Logical Security, Network Security: Pretty Good Privacy By Shon Harris
Pretty Good Privacy (PGP) was designed by Phil Zimmerman as a freeware e-mail security program and was released in 1991. It was the first widespread public key encryption program.Logical Security, Network Security: Quantum Cryptography By Shon Harris
Today, we have very sophisticated and strong algorithms that are more than strong enough for most uses, even financial transactions and exchanging your secret meatloaf recipe.Logical Security, Network Security: Link Encryption vs. End-to-End Encryption By Shon Harris
Encryption can be performed at different communication levels, each with different types of protection and implications. Two general modes of encryption implementation are link encryption and
