PROTOCOL / PACKET ANALYZERS

 WIRESHARK / TCPDUMP

Wireshark is a free download in GUI format. The sniffer winpcap captures the traffic, and Wireshark analyzes it. 

With Wireshark, you can capture specific protocols or IP addresses. It also offers many different options for viewing protocols, flags, and the direction of the data stream. 

With Linux, you can use a command-line protocol analyzer, tcpdump. If the capture is saved as a .pcap file, it can be imported into Wireshark, making it easier to read. 

Specific ports can be port mirrored to capture that traffic. The NIC (Network Interface card) must have promiscuous mode enabled. On a Linux system, this can be enabled with the following command: "ifconfig eth0 promisc".

International Organization for Standardization (ISO) 27001/27002/27701/31000

ISO 27001/27002/27017/27701/31000

27001 - Provides requirements for an information security system. This lets other organizations know that your company meets security standards.

27002 - Classifies security controls

27017 - Guidelines for information security controls for cloud services

27701 - Focuses on personal data and privacy

31000 - Standards related to risk management, also referred to as ISO 31K

PCI DSS (Payment Card Industry Data Security Standard)

 Requirements for PCI DSS compliance

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

5. Use and regularly update anti-virus software or programs

6. Develop and maintain secure systems and applications

7. Restrict access to cardholder data by business need-to-know

8. Assign a unique ID to each person with computer access

9. Restrict physical access to cardholder data

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

12. Maintain a policy that addresses information security for employees and contractors

GDPR ( General Data Protextion Regulation)

 GDPR - Things to know for the exam

The General Data Protection Regulation regulates the protection of personal data for residents of the European Union.

The GDPR outlines the roles and responsibilities of data controllers and data processors.

The data controller is responsible for protecting privacy & website user rights.

The data protection officer (DPO) can advocate for the care and use of customer information.

A data protection officer ensures the organization complies with all relevant laws.

The data controller (sometimes called the data owner) is responsible for the data's use.

A data processor uses and manipulates the data on behalf of the data controller.

Password Policy

PASSWORD POLICY

The recommended minimum password length is 14 characters. With the advancement of CPU processing power and RAM, 8-character passwords are no longer recommended. 

Avoid using words found in the dictionary or part of the username to make a password strong. Use at least 3 of the following four:
Uppercase letters (26 A through Z)
Lowercase letters (26 a through z)
Numbers (10 numbers 0-9)
Special characters (32 characters, like !, @, #, %, &, and *)

An 8-character password with only lowercase letters is calculated as 26^8, or 208827064576 (208 billion) possibilities. Making the password 10 lowercase letters changes it to 141 trillion possibilities. 

With a desktop computer and a high-end graphics card, password-cracking tools are capable of testing 20 billion passwords per second. An attacker could break the 10-character password in two hours.

The combination possibilities of utilizing all four character types will equal 94 characters. Change your password to 14 characters and use a combination of all four character types  (94^14), and the possibilities are mind-blowing, a little over 4 septillions. 

Password length: To make brute force attacks more difficult, enforce minimum length. 

Password history: A password history setting in Group Policy can be enabled for 24 passwords. Once 24 passwords have been used, users can only use their favorite password. This needs to be enabled along with Password Minimum Age. Password History is not enabled if the user uses the same password after the Maximum Password Age (Password expiration).

Password Minimum Age: The default setting in Group Policy is 0, meaning users could change their passwords multiple times on the same day to return to their favorite password. The administrator would receive multiple password reset alerts. 

Passwordless Authentication: The Future of Secure and Seamless Logins

 Passwordless Authentication

Passwordless authentication replaces traditional passwords with alternative methods for verifying a user's identity, offering enhanced security and a more user-friendly experience. Instead of relying on something the user knows (a password), it utilizes factors like biometrics, possession of a device, or unique digital keys. This approach minimizes the risk of password-related vulnerabilities, such as phishing and theft, while also simplifying the login process.

 

How Passwordless Authentication Works:

Passwordless authentication leverages different methods to verify a user's identity without relying on passwords. Here's a breakdown of common approaches:

1. Biometrics:

• This method uses unique biological traits like fingerprints, facial recognition, or iris scans to verify identity.
• Users unlock their devices or access applications by simply scanning their fingerprint or using facial recognition, eliminating the need for passwords.
• Examples include fingerprint sensors on smartphones or facial recognition features in laptops. 

2. Possession Factors:

• This approach relies on something the user possesses, like a device or a security key. 
• One-Time Passwords (OTPs): Users receive a unique, time-sensitive code via SMS or an authentication app, which they enter to log in. 
• Magic Links: Users receive a link via email or other messaging app. Clicking the link grants access to the user, eliminating the need for a password. 
• Hardware Security Keys: Users plug in a physical device (like a USB key) to authenticate. 

3. FIDO2/WebAuthn:

• This standard utilizes public-key cryptography to generate a unique key pair for each website or application.
• The private key remains securely stored on the user's device (e.g., smartphone, computer), while the public key is registered with the service.
• When logging in, the service sends a challenge, which the user's device signs using the private key. The service then verifies the signature using the public key. 

Benefits of Passwordless Authentication:

Enhanced Security: Reduces the risk of phishing attacks, password theft, and other vulnerabilities associated with passwords.

Improved User Experience: Eliminates the hassle of remembering and typing complex passwords, making login faster and easier.

Reduced Support Costs: Password-related helpdesk calls decrease as users don't need to reset passwords as frequently.

Increased User Satisfaction: Removing password frustrations leads to a more positive user experience. 

Examples:

Windows Hello: Microsoft's solution for passwordless authentication using facial recognition, fingerprint scanning, or a PIN. 

Google Chrome's Passwordless Login: Chrome allows users to log in to websites using security keys or QR codes linked to their devices. 

Authenticator Apps: Apps like Google Authenticator or Microsoft Authenticator generate time-based one-time passwords (TOTPs) for various services. 

Passwordless authentication represents a significant shift in how we approach digital security, offering a more secure and user-friendly way to access online services. 

CompTIA A+ Questions

 Here are CompTIA A+ Questions, more to be added daily

IPv4 Subnetting Videos

 Video 1. Intro to IPv4 Subnetting

Video 2.  Converting Dotted Decimal to Binary

Video 3. Subnetting Rules

Video 4. Basic Subnetting Part 1

Video 5. Basic Subnetting Part 2.