Information Security for Senior Management

Information Security for Senior Management

Share

Information Security for the senior management page will provide all security domains for a manager need.

Photos from Information Security for Senior Management's post 22/07/2020

CyberSecurity Program

15/07/2020
14/07/2020

A comparison of vulnerability scan tools ==> should use some tools for scanning.

11/07/2020

Build portal web for security SDL.

Photos from Information Security for Senior Management's post 11/07/2020

KAFKA vs RabbitMQ

10/07/2020

Methodology
Top 10 vulnerabilities
10. Weak and default passwords
9. Outdated VMWare ESXi hypervisor
8. Reuse of passwords
7. Insufficient Network Segregation
6. IPMI password hash disclosure
5. SMB 1.0 protocol
4. NetBIOS over TCP/IP enabled
3. Unpatched Windows systems
2. Default SNMP community strings
1. Clear text protocols

https://www.infosecmatter.com/top-10-vulnerabilities-internal-infrastructure-pentest/ #2-default-snmp-community-strings

Top 16 Active Directory Vulnerabilities - InfosecMatter 10/07/2020

Top 16 Active Directory vulnerabilities
1. Users having rights to add computers to a domain
2. AdminCount attribute set on common users
3. A high number of users in privileged groups
4. Service accounts being members of Domain Admins
5. Excessive privileges allowing for shadow Domain Admins
6. Service accounts vulnerable to Kerberoasting
7. Users with non-expiring passwords
8. Users with password not required
9. Storing passwords using reversible encryption
10. Storing passwords using LM hashes
11. Service accounts vulnerable to AS-REP roasting
12. Weak domain password policy
13. Inactive domain accounts
14. Privileged users with a password reset overdue
15. Users with a weak password
16. Credentials in SYSVOL and Group Policy Preferences (GPP)

Top 16 Active Directory Vulnerabilities - InfosecMatter List of 16 common Active Directory vulnerabilities found during pe*******on tests with detailed command examples on how to find them and exploit them.

Photos from Information Security for Senior Management's post 07/07/2020

TAP vs SPAN port

07/06/2020

Security Architecture Landscape

07/06/2020

According to the CVE website, a vulnerability is a mistake in software code that provides an attacker with direct access to a system or network. For example, the vulnerability may allow an attacker to pose as a superuser or system administrator who has full access privileges. An exposure, on the other hand, is defined as a mistake in software code or configuration that provides an attacker with indirect access to a system or network. For example, an exposure may allow an attacker to secretly gather customer information that could be sold.

The catalog's main purpose is to standarize the way each known vulnerability or exposure is identified. This is important because standard IDs allow security administrators to quickly access technical information about a specific threat across multiple CVE-compatible information sources.

Want your school to be the top-listed School/college in Nha Trang?

Click here to claim your Sponsored Listing.

Location

Telephone

Website

Address


Nha Trang
650000