Archive for the ‘ Computer Security ’ Category
What is a DNS Poisoning Attack?
A Domain Name System (DNS) poisoning attack, also called DNS spoofing, is when an attacker is able to redirect a victim to different website than the address that he types into his browser. For example, a user types www.google.com into their browser, but instead of being directed to Google’s servers he is instead is sent [...]
What is a Spoofing Attack?
Spoofing is when an attacker pretends to be someone else in order gain access to restricted resources or steal information. This type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. [...]
What are Access Control Models?
Access control is the process of deciding who can use specific systems, resources, and applications. An access control model is a defined set of criteria a system administrator utilizes to define system users’ rights. There are three main access control models. These are Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role [...]
What is Access Control?
Access control involves managing who has access to specific systems and resources at a given time. The concept of access control revolves around the process comprised of three steps. These steps are identification, authentication, and authorization. Using these three principles a system administrator can control what resources are available to a system’s users.
The term identification [...]
What is Environmental Security?
Environmental security, from a computer networking standpoint, involves protecting and controlling the facilities where your systems are stored. The benefits of well-constructed environmental security process can ensure that data is not lost or in the case of a system failure is able to restore critical functions. Environmental security processes ensure business continuity in the [...]
What is a Hash?
A hash, also called a digest, is a unique string of data. A hash is created when a collection of information that you want to protect is run through a hash function. The process of creating a hash is called hashing. The resulting hash is unique to the original message and therefore can be used [...]
What is Public Key Infrastructure?
Using the technology of asymmetric or public key cryptography, a digital certificate is used to verify a user’s public key. In other words, digital certificates ensure that a user is who he says he is and a website is who they say they are. Verifying identities with digital certificates is important because many phishing and [...]
