[Notes] Chapter 2: Personnel Security and Risk Management Concepts

[Notes] Chapter 2: Personnel Security and Risk Management Concepts

Personnel Security Policies and Procedures: Vendor, Consultant, and Contractor Agreements and Controls: Privacy Policy Requirements: Security Governance: Risk Management Concepts: Risk Assessment/Analysis: Countermeasure Selection and Implementation: Types of Controls: Continuous Improvement: Risk Frameworks: Security Awareness, Education, and Training: Manage the Security Function:

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

The CIA Triad Confidentiality: Confidentiality terms: Integrity: Integrity terms: Availability: Availability terms: Other Security Concepts Evaluate and Apply Security Governance Principles Data Classification Organizational Roles and Responsibilities Security Control Frameworks Due Care and Due Diligence Developing Documents Threat Modeling Prioritization and Response Apply Risk-Based Management 

List the SSL/TLS cipher suites a particular website offers

List the SSL/TLS cipher suites a particular website offers

 Command Line Nmap with ssl-enum-ciphers  This will be a very simple and and  faster way to get a list of available ciphers from a network service.  and nmap will provide a strength rating of strong, weak, or unknown for each available cipher. Which will help to determine 

OpenSSH 7.3 on CentOs 6.7

OpenSSH 7.3 on CentOs 6.7

A simple script to upgrade OpneSSH on CentOs 6.7. This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters 

Keep sensitive info out of your email & chat logs

Keep sensitive info out of your email & chat logs

During work, We share passwords or some other sensitive piece of information with a friend or coworker. The problem is When you do it over chat or email, that data just got really insecure and easy to find, if some one got access of  your account,