IT.Networking Academy

IT.Networking Academy

Formation cisco certifiante en ITE, CCENT, CCNA, CCNP CCIE, Security, Wireless, IoT, IoE.

Operating as usual

02/01/2024

Bonne et Heureuse Année 2024 à tous les apprenants et alumni de IT.Networking Academy.
Que cette année soit pour nous tous celle de dopage excessive de nos diverses compétences et de nouvelles opportunités.🙏

.NetworkingAcademy

24/12/2023
19/12/2023

Des formations promotionnelles ITE, CCNA1, CCNA2, CCNA3 et IoT, IoT Big Data disponibles jusqu'au 15 janvier 2024.
Contactez nous au +225 07 58 36 85 10 pour plus d'infos.
Merci.

12/11/2023

💪 Strengthen your technical skills by adding interpersonal skills, they are essential for success in your future workplace or in your own business.

Explore the two new free courses on : http://cs.co/6182uoPEy

Photos from Cybersecurity Prism's post 12/11/2023
08/11/2023

What is SIEM software? How it works?

Evolving beyond its log-management roots, today's security information and event management (SIEM) software vendors are introducing machine learning, advanced statistical analysis and other analytic methods to their products.

What is SIEM software?

Security information and event management (SIEM) software gives enterprise security professionals both insight into and a track record of the activities within their IT environment.

SIEM technology has been in existence for more than a decade, initially evolving from the log management discipline. It combined security event management (SEM) – which analyzes log and event data in real time to provide threat monitoring, event correlation and incident response – with security information management (SIM) which collects, analyzes and reports on log data.

How SIEM works

SIEM software collects and aggregates log data generated throughout the organization’s technology infrastructure, from host systems and applications to network and security devices such as firewalls and antivirus filters.
The software then identifies and categorizes incidents and events, as well as analyzes them. The software delivers on two main objectives, which are to

• Provide reports on security-related incidents and events, such as successful and failed logins, malware activity and other possible malicious activities and
• Send alerts if analysis shows that an activity runs against predetermined rulesets and thus indicates a potential security issue.

Enterprise need for better compliance management drove much of the early adoption of this technology, says Paula Musich, research director at Enterprise Management Associates (EMA), a market research and consulting firm based in Boulder, Colo.

“Auditors needed a way to look at whether compliance was being met or not, and SIEM provided the monitoring and reporting necessary to meet mandates like HIPPA, SOX and PCI DSS,” she says, referring to the Health Insurance Portability and Accountability Act, the Sarbanes–Oxley Act and the Payment Card Industry Data Security Standard.
However, experts say enterprise demand for greater security measures has driven more of the SIEM market in recent years.
“Now large organizations typically look to SIEM as a foundation for standing up the security operations center,” Musich says.
_______________________
YOU CAN FOLLOW ME AT:
https://www.facebook.com/cybersec.prism
__________________________
*******************************************************************
Here are more resources:
__________________________________
Gateway ⛩ to Cybersecurity
https://luminisindia.com/goehm
__________________________________
The new Cyber Warrior's Command Guide For Ethical Hackers to help you learn faster...
_________________________________________
✅ Grab a FREE Command Guide here: https://luminisindia.com/getcgeh
_________________________________________
Are you willing to learn Networking now?
Would you like to watch some videos of Networking, CCNA Routing & Switching, etc?
_________________________________________
https://luminisindia.com/networking-free
_________________________________________
❓ Do you want to have the complete set of my CCNA Security powerpoint PRESENTATIONS ❓
______________________________________________________________
https://luminisindia.com/free-ccna-security-presentations
______________________________________________________________

Inscription au NetAcad Summer Camp 04/07/2023

Inscription au NetAcad Summer Camp L’équipe Cisco NetAcad Afrique et Moyen-orient organise « NetAcad Summer Camp » au profit des étudiants souhaitant profiter des formations en Sécurité des réseaux, Python et L'essentiel de la cybersécurité . Format : Inscription au cours en ligne NetAcad, travaux pratiques avec l’outil ...

12/05/2023

Contactez-nous pour une licence et le déploiement de MANAGEO dans votre structure : gestion quotidienne et en ligne de vos ventes, stock, facturation, suivi de la clientèle,...

Photos from IT.Networking Academy's post 12/05/2023
04/12/2022
Timeline photos 13/11/2022

Well, well, well. The time is up for the Packet Tracer Challenge⌛️

Answer: Check the VLAN allowed list on switch. Allow VLAN 1

Let us know how you did in the comments! 👇

11/11/2022

How can you help yourself and others to protect against cyber security attacks?

Follow these steps to help increase your cyber safety knowledge.

• Only use trusted sites when providing your personal information. A good rule of thumb is to check the URL. If the site includes “https://,” then it’s a secure site. If the URL includes “http://,” — note the missing “s” — avoid entering sensitive information like your credit card data or Social Security number.

• Don’t open email attachments or click links in emails from unknown sources. One of the most common ways networks and users are exposed to malware and viruses is through emails disguised as being sent by someone you trust.

• Always keep your devices updated. Software updates contain important patches to fix security vulnerabilities. Cyber attackers can also target outdated devices which may not be running the most current security software.

• Back up your files regularly for extra protection in the event of a cyber security attacks. If you need to wipe your device clean due to a cyberattack, it will help to have your files stored in a safe, separate place.

Cyber security is constantly evolving, which can make it difficult to stay up to date. Staying informed and being cautious online are two of the best ways to help protect yourself, your networks and devices, and your business

--------------------------------------------------------

Recently I had created a PDF out of my compilation of important commands which are helpful to ethical hackers in general...

Grab your FREE Command Guide here: https://luminisindia.com/getcgeh
_

_____________________________________________________
You can watch 👓👓👓 all the videos of Cybersecurity Series here:
page : 👉👉👉 Cybersecurity Prism https://www.facebook.com/LuminisConsultingServices
Please click on the 'Follow' button 💛 on my page, to receive a Facebook notification when I publish another live video!

You can connect with me:
Hear My Podcast: https://anchor.fm/meena-r
Linkedin Page : Cybersecurity Prism https://www.linkedin.com/company/10117131/
Facebook Group : Cybersecurity Forever https://www.facebook.com/groups/642084319272190/
_____________________________________________________
🙊🙉🙈

#

10/11/2022

What is Principle of Least Privilege?

The principle of least privilege is widely considered to be a cybersecurity best practice and is a fundamental step in protecting privileged access to high-value data and assets.

The principle of least privilege (PoLP) is an information security concept in which a user is given the minimum levels of access – or permissions which are needed to perform his/her job functions.

The principle of least privilege extends beyond human access. The model can be applied to applications, systems, processes or connected devices that require privileges or permissions to perform a required task. The enforcement of Least privilege actually ensures that all the non-human tools have the requisite access needed – BUT nothing more.

In order to enforce it effectively, least privilege requires a way to centrally manage and secure privileged credentials, along with flexible controls so that you can balance cybersecurity and compliance requirements with your operational needs and the end-user needs.

What is Privilege Creep?

Let us assume that your organization chooses to revoke all administrative rights from its business users. However, your IT team will often need to re-grant privileges so that your users can perform certain tasks.

For example, many legacy and home-grown applications which are used within your enterprise IT environments, will require more privileges to run properly. It would happen with many commercial off-the-shelf (COTS) applications too. For your business users to run these authorized and necessary applications appropriately, your IT team has no choice but to give local administrator privileges back to these users. Am I right?

But the problem is that once these privileges are re-granted, these are rarely revoked, and over time, your organization may end up with a situation, in which a large number of your users would be holding local administrator rights again. This is what is known as Privilege Creep. And, it is not a good situation to be in!

Because, “privilege creep” reopens the security loophole associated with excessive administrative rights and makes those organizations that likely believe they are well-protected, actually more vulnerable to all kind of threats.

Thus, by implementing least privilege access controls, your organization can help curb this evil of “privilege creep” and ensure that your human and non-human users only have the minimum levels of access required.

Why is the Principle of Least Privilege (PoLP) Important?

@) It reduces the cyber-attack surface.

Most advanced attacks today rely on the exploitation of privileged credentials. By limiting super-user and administrator privileges (that provide IT administrators will unfettered access to target systems), least privilege enforcement helps to reduce the overall cyber-attack surface.

@) It stops the spread of malware.

By enforcing least privilege on endpoints, malware attacks (such as SQL injection attacks) are unable to use elevated privileges to increase access and move laterally in order to install or execute malware or damage the machine.

@) It improves end-user productivity.

Removing local administrator rights from business users helps to reduce the risk, but enabling just-in-time privilege elevation, based on policy, helps to keep users productive and keeps IT helpdesk calls to a minimum.

@) It helps streamline compliance and audits.

Many internal policies and regulatory requirements require organizations to implement the principle of least privilege on privileged accounts to prevent malicious or unintentional damage to critical systems. Least privilege enforcement helps organizations demonstrate compliance with a full audit trail of privileged activities.
__
-------------------------------------------------------

[FREE DOWNLOAD]

Cyber Warrior's Command Guide For Ethical Hackers

--------------------------------------------------------

Recently I had created a PDF out of my compilation of important commands which are helpful to ethical hackers in general...

Grab your FREE Command Guide here: https://luminisindia.com/getcgeh
_

Guys, what do you think of Principle of Least Privilege?
Kindly leave me your thoughts in the comment section.
With thanks,
Meena R.
___________________________

Timeline photos 06/11/2022

Packet Tracer Challenge Time! 📣

Can you find out why PC1 is not getting an IP address?
Download the Packet tracer here: http://cs.co/6183MQy0f

Come back Monday to see if you got it right!😆

06/11/2022

What is Secure Boot?

Secure Boot is one feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C). The feature defines an entirely new interface between operating system and firmware/BIOS.

When enabled and fully configured, Secure Boot helps a computer resist attacks and infection from malware. Secure Boot detects tampering with boot loaders, key operating system files, and unauthorized option ROMs by validating their digital signatures. Detections are blocked from running before they can attack or infect the system.

-

How does Secure Boot work?

Secure Boot works like a security gate. Code with valid credentials gets through the gate and executes. However, Secure Boot blocks at the gate and rejects a code that has bad credentials, or no credential.

Intel® Desktop Boards embed the default Secure Boot keys for Windows 8*. These boards, and required BIOS versions, have been tested and passed the Windows Hardware Certification Kit (WHCK) for Windows 8.

The Secure Boot mechanism relies on public/private key pairs to verify the digital signature of all firmware and software before ex*****on.

The UEFI "Secure Boot" technology consists of a collection of keys, categorized as follows:

🔑 Platform Key (PK)
🔑 Key Exchange Key (KEK)
🔐 Whitelist Database (DB)
🔒 Blacklist Database (DBX)

On a system with Secure Boot enabled and configured, each of these items will contain the public portions of public/private key pairs. The keys are used to authorize various components of the firmware and software.

1. The Platform Key (PK) establishes a trust relationship between the platform owner and the firmware (UEFI BIOS) by controlling access to the KEK database. There is a single PK per platform, and the public portion of the PK is installed into the system, typically during production at the OEM (Original equipment manufacturer). The private portion of the PK is necessary for modifying the KEK database.

2. The Key Exchange Key (KEK) database establishes a trust relationship between the firmware and the OS. The KEK consists of a list of public keys that can be checked against for authorization to modify the whitelist database (DB) or blacklist database (DBX). There can be multiple KEKs per platform. The private portion of a KEK is necessary for modifying the DB or DBX.

3. The whitelist database (DB) is a list of public keys that are used to check the digital signature of a given firmware or software. To discuss the DB, let's assume the system is booting and is about to execute the bootloader for selecting an OS to boot. The system will check the digital signature of the bootloader using the public keys in the DB, and if this bootloader was signed with a corresponding private key, then the bootloader is allowed to execute. Otherwise, it is blocked as unauthorized.

4. Conversely, the blacklist database (DBX) is a list of public keys known to correspond to malicious or unauthorized firmware or software. Any software signed with a corresponding private key from this database will be blocked.

Over the years, experts observed several attacks employing rootkits that were specifically developed to target the firmware to achieve persistence and bypassing security solutions.

But the Secure Boot mechanism allows the ex*****on of only software that is trusted by the Original Equipment Manufacturer (OEM).

Injecting a malicious code in the UEFI/BIOS firmware of a device could allow attackers to achieve persistence on the device and make the malware undetectable to common Anti-malware solutions.

-

👉👉👉 TRICKBOOT

As the very latest reports have confirmed that TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

The infamous TrickBot gets a new improvement, its authors have added a new feature dubbed “TRICKBOOT” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits.

The TrickBoot functionality was documented by experts from Advanced Intelligence (AdvIntel) and Eclypsium.

“This new functionality makes use of readily available tools to check devices for well-known vulnerabilities that can allow attackers to read, write, or erase the UEFI/BIOS firmware of a device. This marks a significant step in the evolution of TrickBot as UEFI level implants are the deepest, most powerful, and stealthy form of bootkits. by adding the ability to canvas victim devices for specific UEFI/BIOS firmware vulnerabilities,

TrickBot actors are able to target specific victims with firmware-level persistence that survives re-imaging or even device bricking capability.”

Thanks to the new improvement TrickBot can carry out UEFI attacks that could be also part of hacking campaigns of nation-state actors.

-

Please let me know of what do you think about this in the comment section. You can also share with all if the information shared here helps you in some manner.

👉 Kindly write your comment on the posts or topics, because when you do that you help me greatly in designing new quality article/post on cybersecurity.

With thanks,

Meena R.

___________________________

Please click on the 'Follow' button 💛 on my page, to receive a Facebook notification when I publish another new post/live video on Cybersecurity!

You can also watch 👀 all the videos of Cybersecurity Series there:
page : 👉👉👉 Cybersecurity Prism https://www.facebook.com/cybersec.prism/

Wanna' start your cybersecurity career,
Join my "Cyber Warrior's ETHICAL HACKING Masterclass":
👉 https://luminisindia.com/goehm

___________________________
🙊🙉🙈

Timeline photos 10/10/2022

Behold...The Cable Throne😳🧵

Do you have what it takes to reign on ?

Timeline photos 10/10/2022

If you want to work in , one of the most important things you can do is gain foundational tech skills through a program like Skills For All.

Here are our 7 tips to Successfully Learn and Build a Career in Cybersecurity✅.

Start today exploring the Free Courses here➡️ http://cs.co/6180MdQyQ

Share this post to share the knowledge🧠!

30/09/2022

Formation en ligne et en présentiel:
Programmez (codez) un jeux rapidement et efficacement en 5 semaines (5 ateliers différents).
Prix : 50.000 FCFA.
10% de réduction pour les inscriptions en groupe.
Prérequis: savoir utiliser un ordinateur et surfer sur internet.

28/09/2022

d'exploitation

28/09/2022

Pour des raisons de facilitation des différentes rentrée scolaires et universitaire, l'IT.Networking Academy effectue une remise de 25% sur chacune de ses formations à compter de 28/09/2022 jusqu'au28/10/2022.

Très respectueusement.

L'administrateur LMC de l'académie.

Want your school to be the top-listed School/college?

Videos (show all)

Pour des raisons de facilitation des différentes rentrée scolaires et universitaire, l'IT.Networking Academy effectue un...

Telephone