Understanding The Evolution Of Security Tools

Ethical hacking involves using many different types of tools to test the network and end devices. To validate the security of a network and its systems, many network penetration testing tools have been developed.

However, many of these tools can also be used by threat actors for exploitation. In this article, I am going to talk about some of the evolutions of security tools. Follow me as we are going to do that in this article.

Threat actors have also created various hacking tools. These tools are explicitly written for nefarious reasons. Cybersecurity personnel must also know how to use these tools when performing network penetration tests.

Explore the categories of common network penetration testing tools. Notice how some tools are used by white hats and black hats. Keep in mind that the list is not exhaustive as new tools are continually being developed.

Note: Many of these tools are UNIX or Linux based; therefore, a security professional should have a strong UNIX and Linux background.

Categories of Tools	Description
password crackers	Passwords are the most vulnerable security threat. Password cracking tools are often referred to as password recovery tools and can be used to crack or recover the password. This is accomplished either by removing the original password, after bypassing the data encryption or by the outright discovery of the password. Password crackers repeatedly make guesses in order to crack the password and access the system. Examples of password cracking tools include John the Ripper, Ophcrack, L0phtCrack, THC Hydra, RainbowCrack, and Medusa.
wireless hacking tools	Wireless networks are more susceptible to network security threats. Wireless hacking tools are used to intentionally hack into a wireless network to detect security vulnerabilities. Examples of wireless hacking tools include Aircrack-ng, Kismet, InSSIDer, KisMAC, Firesheep, and NetStumbler.
network scanning and hacking tools	Network scanning tools are used to probe network devices, servers, and hosts for open TCP or UDP ports. Examples of scanning tools include Nmap, SuperScan, Angry IP Scanner, and NetScanTools.
packet crafting tools	Packet crafting tools are used to probe and test a firewall’s robustness using specially crafted forged packets. Examples of such tools include Hping, Scapy, Socat, Yersinia, Netcat, Nping, and Nemesis.
packet sniffers	Packet sniffers tools are used to capture and analyze packets within traditional Ethernet LANs or WLANs. Tools include Wireshark, Tcpdump, Ettercap, Dsniff, EtherApe, Paros, Fiddler, Ratproxy, and SSLstrip.
rootkit detectors	A rootkit detector is a directory and file integrity checker used by white hats to detect installed rootkits. Example tools include AIDE, Netfilter, and PF: OpenBSD Packet Filter.
fuzzers to search vulnerabilities	Fuzzers are tools used by threat actors when attempting to discover a computer system’s security vulnerabilities. Examples of fuzzers include Skipfish, Wapiti, and W3af.
forensic tools	White hat hackers use forensic tools to sniff out any trace of evidence existing in a particular computer system. Examples of tools include Sleuth Kit, Helix, Maltego, and Encase.
debuggers	Debugger tools are used by black hats to reverse engineer binary files when writing exploits. They are also used by white hats when analyzing malware. Debugging tools include GDB, WinDbg, IDA Pro, and Immunity Debugger.
hacking operating systems	Hacking operating systems are specially designed operating systems preloaded with tools and technologies optimized for hacking. Examples of specially designed hacking operating systems include Kali Linux, SELinux, Knoppix, Parrot OS, and BackBox Linux.
encryption tools	These tools safeguard the contents of an organization’s data when it is stored or transmitted. Encryption tools use algorithm schemes to encode the data to prevent unauthorized access to the data. Examples of these tools include VeraCrypt, CipherShed, Open SSH, OpenSSL, OpenVPN, and Stunnel.
vulnerability exploitation tools	These tools identify whether a remote host is vulnerable to a security attack. Examples of vulnerability exploitation tools include Metasploit, Core Impact, Sqlmap, Social Engineer Tool Kit, and Netsparker.
vulnerability scanners	These tools scan a network or system to identify open ports. They can also be used to scan for known vulnerabilities and scan VMs, BYOD devices, and client databases. Examples of these tools include Nipper, Securia PSI, Core Impact, Nessus, SAINT, and Open VAS.

Categories of Attacks

Threat actors can use the previously mentioned tools or a combination of tools to create various attacks. The table displays common types of attacks. However, the list of attacks is not exhaustive as new ways to attack networks are continually being discovered.

It is important to understand that threat actors use a variety of security tools to carry out these attacks.

Category of Attack	Description
eavesdropping attack	An eavesdropping attack is when a threat actor captures and listens to network traffic. This attack is also referred to as sniffing or snooping.
data modification attack	Data modification attacks occur when a threat actor has captured enterprise traffic and has altered the data in the packets without the knowledge of the sender or receiver.
IP address spoofing attack	An IP address spoofing attack is when a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet.
password-based attacks	Password-based attacks occur when a threat actor obtains the credentials for a valid user account. Threat actors then use that account to obtain lists of other users and network information. They could also change server and network configurations, and modify, reroute, or delete data.
denial-of-service (DoS) attack	A DoS attack prevents normal use of a computer or network by valid users. After gaining access to a network, a DoS attack can crash applications or network services. A DoS attack can also flood a computer or the entire network with traffic until a shutdown occurs because of the overload. A DoS attack can also block traffic, which results in a loss of access to network resources by authorized users.
man-in-the-middle attack (MiTM)	A MiTM attack occurs when threat actors have positioned themselves between a source and a destination. They can now actively monitor, capture, and control the communication transparently.
compromised key attack	A compromised-key attack occurs when a threat actor obtains a secret key. This is referred to as a compromised key. A compromised key can be used to gain access to a secured communication without the sender or receiver being aware of the attack.
sniffer attack	A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunnelled) packets can be broken open and read unless they are encrypted and the threat actor does not have access to the key.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.

Fact Check Policy

CRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

Fact Check Policy

Differences Between A Hacker And A Threat Actor

Leave a reply

We are under attack and attackers want access to our assets. Assets are anything of value to an organization, such as data and other intellectual property, servers, computers, smartphones, tablets, and more. In this article, we are going to be looking at the differences between a hacker and a threat actor. Follow me as we will look at that together in this article.

To better understand any discussion of network security, it is important to know the following terms:

Term	Explanation
Threat	A potential danger to an asset such as data or the network itself.
Vulnerability	A weakness in a system or its design could be exploited by a threat.
Attack surface	An attack surface is the total sum of the vulnerabilities in a given system that are accessible to an attacker. The attack surface describes different points where an attacker could get into a system, and where they could get data out of the system. For example, your operating system and web browser could both need security patches. They are each vulnerable to attacks and are exposed on the network or the internet. Together, they create an attack surface that the threat actor can exploit.
Exploit	The mechanism that is used to leverage a vulnerability to compromise an asset. Exploits may be remote or local. A remote exploit is one that works over the network without any prior access to the target system. The attacker does not need an account in the end system to exploit the vulnerability. In a local exploit, the threat actor has some type of user or administrative access to the end system. A local exploit does not necessarily mean that the attacker has physical access to the end system.
Risk	The likelihood that a particular threat will exploit a particular vulnerability of an asset and result in an undesirable consequence.

Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset. There are four common ways to manage risk, as shown in the table:

Risk Management Strategy	Explanation
Risk acceptance	This is when the cost of risk management options outweighs the cost of the risk itself. The risk is accepted, and no action is taken.
Risk avoidance	This means avoiding any exposure to the risk by eliminating the activity or device that presents the risk. By eliminating an activity to avoid risk, any benefits that are possible from the activity are also lost.
Risk reduction	This reduces exposure to risk or reducing the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy. This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk.
Risk transfer	Some or all of the risk is transferred to a willing third party such as an insurance company.

Other commonly used network security terms include:

Countermeasure – The actions that are taken to protect assets by mitigating a threat or reducing risk.
Impact – The potential damage to the organization that is caused by the threat.

Note: A local exploit requires inside network access such as a user with an account on the network. A remote exploit does not require an account on the network to exploit that network’s vulnerability.

Hacker vs. Threat Actor

As we know, “hacker” is a common term used to describe a threat actor. However, the term “hacker” has a variety of meanings, as follows:

A clever programmer capable of developing new programs and coding changes to existing programs to make them more efficient.
A network professional that uses sophisticated programming skills to ensure that networks are not vulnerable to attack.
A person who tries to gain unauthorized access to devices on the internet.
An individual who run programs to prevent or slow network access to a large number of users, or corrupt or wipe out data on servers.

The terms white hat hacker, black hat hacker, and grey hat hacker are often used to describe hackers.

White hat hackers are ethical hackers who use their programming skills for good, ethical, and legal purposes. They may perform network penetration tests in an attempt to compromise networks and systems by using their knowledge of computer security systems to discover network vulnerabilities. Security vulnerabilities are reported to developers and security personnel who attempt to fix the vulnerability before it can be exploited. Some organizations award prizes or bounties to white hat hackers when they provide information that helps to identify vulnerabilities.
Grey hat hackers are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage. An example would be someone who compromises a network without permission and then discloses the vulnerability publicly. Grey hat hackers may disclose a vulnerability to the affected organization after having compromised their network. This allows the organization to fix the problem.
Black hat hackers are unethical criminals who violate computer and network security for personal gain, or for malicious reasons, such as attacking networks. Black hat hackers exploit vulnerabilities to compromise computer and network systems.

Good or bad, hacking is an important aspect of network security. In this course, the term threat actor is used when referring to those individuals or groups that could be classified as grey or black hat hackers.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Use Of Access Control List In Networking

Leave a reply

An Access Control List in networking is a series of commands that control whether a device forwards or drops packets based on information found in the packet header. When configured, ACLs perform the following tasks:

They limit network traffic to increase network performance. For example, if a corporate policy does not allow video traffic on the network, ACLs that block video traffic could be configured and applied. This would greatly reduce the network load and increase network performance.
They provide traffic flow control. ACLs can restrict the delivery of routing updates to ensure that the updates are from a known source.
They provide a basic level of security for network access. ACLs can allow one host to access a part of the network and prevent another host from accessing the same area. For example, access to the Human Resources network can be restricted to authorized users.
They filter traffic based on traffic type. For example, an ACL can permit email traffic but block all Telnet traffic.
The screen hosts permit or deny access to network services. ACLs can permit or deny a user to access file types, such as FTP or HTTP.

In addition to either permitting or denying traffic, ACLs can be used for selecting types of traffic to be analyzed, forwarded, or processed in other ways. For example, ACLs can be used to classify traffic to enable priority processing. This capability is similar to having a VIP pass at a concert or sporting event.

The VIP pass gives selected guests privileges not offered to general admission ticket holders, such as priority entry or being able to enter a restricted area.

What Is an ACL?

ACLs: Important Features

Two types of Cisco IPv4 ACLs are standard and extended. Standard ACLs can be used to permit or deny traffic only from source IPv4 addresses. The destination of the packet and the ports involved are not evaluated.

Extended ACLs filter IPv4 packets based on several attributes that include:

Protocol type
Source IPv4 address
Destination IPv4 address
Source TCP or UDP ports
Destination TCP or UDP ports
Optional protocol type information for finer control

Standard and extended ACLs can be created using either a number or a name to identify the ACL and its list of statements.

Using numbered ACLs is an effective method for determining the ACL type on smaller networks with more homogeneously defined traffic. However, a number does not provide information about the purpose of the ACL. For this reason, a name can be used to identify a Cisco ACL.

By configuring ACL logging, an ACL message can be generated and logged when traffic meets the permit or deny criteria defined in the ACL.

Cisco ACLs can also be configured to only allow TCP traffic that has an ACK or RST bit set, so that only traffic from an established TCP session is permitted. This can be used to deny any TCP traffic from outside the network that is trying to establish a new TCP session.

SNMP

Simple Network Management Protocol (SNMP) allows administrators to manage end devices such as servers, workstations, routers, switches, and security appliances, on an IP network.

It enables network administrators to monitor and manage network performance, find and solve network problems, and plan for network growth.

SNMP is an application layer protocol that provides a message format for communication between managers and agents.
As shown in the figure, the SNMP system consists of two elements.

SNMP manager that runs SNMP management software.
SNMP agents are the nodes being monitored and managed.

The Management Information Base (MIB) is a database on the agents that stores data and operational statistics about the device.

To configure SNMP on a networking device, it is first necessary to define the relationship between the manager and the agent.

The SNMP manager is part of a network management system (NMS). The SNMP manager runs SNMP management software.

As shown in the figure, the SNMP manager can collect information from an SNMP agent by using the “get” action and can change configurations on an agent by using the “set” action. In addition, SNMP agents can forward the information directly to a network manager by using “traps”.

NetFlow

NetFlow is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch.

While SNMP attempts to provide a very wide range of network management features and options, NetFlow is focused on providing statistics on IP packets flowing through network devices.

NetFlow provides data to enable network and security monitoring, network planning, and traffic analysis to include the identification of network bottlenecks, and IP accounting for billing purposes. For example, in the figure, PC 1 connects to PC 2 using an application such as HTTPS.

NetFlow in the Network

NetFlow can monitor that application connection, tracking byte and packet counts for that individual application flow. It then pushes the statistics over to an external server called a NetFlow collector.

NetFlow technology has seen several generations that provide more sophistication in defining traffic flows, but “original NetFlow” distinguished flows using a combination of seven fields. Should one of these fields vary in value from another packet, the packets could be safely determined to be from different flows:

Source IP address
Destination IP address
Source port number
Destination port number
Layer 3 protocol type
Type of Service (ToS) marking
Input logical interface

The first four of the fields NetFlow uses to identify a flow should be familiar. The source and destination IP addresses, plus the source and destination ports, identify the connection between the source and destination application.

The Layer 3 protocol type identifies the type of header that follows the IP header (usually TCP or UDP, but other options include ICMP). The ToS byte in the IPv4 header holds information about how devices should apply quality of service (QoS) rules to the packets in that flow.

Port Mirroring

A packet analyzer (also known as a packet sniffer or traffic sniffer) is typically software that captures packets entering and exiting the network interface card (NIC). It is not always possible or desirable to have the packet analyzer on the device that is being monitored. Sometimes it is better on a separate station designated to capture the packets.

Because network switches can isolate traffic, traffic sniffers or other network monitors, such as IDS, cannot access all the traffic on a network segment. Port mirroring is a feature that allows a switch to make duplicate copies of traffic passing through a switch, and then send it out to a port with a network monitor attached.

The original traffic is forwarded in the usual manner. An example of port mirroring is illustrated in the figure.

Traffic Sniffing Using a Switch

Syslog Servers

When certain events occur on a network, networking devices have trusted mechanisms to notify the administrator with detailed system messages.

These messages can be either non-critical or significant. Network administrators have a variety of options for storing, interpreting, and displaying these messages, and for being alerted to those messages that could have the greatest impact on the network infrastructure.

The most common method of accessing system messages is to use a protocol called Syslog.

Many networking devices support Syslog, including routers, switches, application servers, firewalls, and other network appliances. The Syslog protocol allows networking devices to send their system messages across the network to Syslog servers.

Syslog

The Syslog logging service provides three primary functions:

The ability to gather logging information for monitoring and troubleshooting
The ability to select the type of logging information that is captured
The ability to specify the destination of captured Syslog messages

NTP

It is important to synchronize the time across all devices on the network because all aspects of managing, securing, troubleshooting, and planning networks require accurate and consistent timestamping.

When the time is not synchronized between devices, it will be impossible to determine the order of the events that have occurred in different parts of the network.

Typically, the date and time settings on a network device can be set using one of two methods:

Manual configuration of the date and time
Configuring the Network Time Protocol (NTP)

As a network grows, it becomes difficult to ensure that all infrastructure devices are operating with synchronized time. Even in a smaller network environment, the manual method is not ideal. If a device reboots, how will it get an accurate date and timestamp?

A better solution is to configure the NTP on the network. This protocol allows routers on the network to synchronize their time settings with an NTP server. A group of NTP clients that obtain time and date information from a single source have more consistent time settings.

When NTP is implemented in the network, it can be set up to synchronize to a private master clock or it can synchronize to a publicly available NTP server on the Internet.
NTP networks use a hierarchical system of time sources.

Each level in this hierarchical system is called a stratum. The stratum level is defined as the number of hop counts from the authoritative source. The synchronized time is distributed across the network using NTP. The figure displays a sample NTP network.

NTP Stratum Levels

NTP servers are arranged in three levels known as strata:

Stratum 0 – An NTP network gets the time from authoritative time sources. These authoritative time sources, also referred to as stratum 0 devices, are high-precision timekeeping devices assumed to be accurate and with little or no delay associated with them.
Stratum 1 – The stratum 1 devices are directly connected to the authoritative time sources. They act as the primary network time standard.
Stratum 2 and lower strata – The stratum 2 servers are connected to stratum 1 devices through network connections. Stratum 2 devices, such as NTP clients, synchronize their time using the NTP packets from stratum 1 servers. They could also act as servers for stratum 3 devices.

Smaller stratum numbers indicate that the server is closer to the authorized time source than larger stratum numbers. The larger the stratum number, the lower the stratum level.

The max hop count is 15. Stratum 16, the lowest stratum level, indicates that a device is unsynchronized. Time servers on the same stratum level can be configured to act as a peer with other time servers on the same stratum level for backup or verification of time.

AAA Servers

The table lists the three independent security functions provided by the AAA architectural framework.

AAA Provides	Description
Authentication	Users and administrators must prove that they are who they say they are. Authentication can be established using a username and password combinations, challenge and response questions, token cards, and other methods. AAA authentication provides a centralized way to control access to the network.
Authorization	After the user is authenticated, authorization services determine which resources the user can access and which operations the user is allowed to perform. An example is “User ‘student’ can access host server XYZ using SSH only.”
Accounting	Accounting records what the user does, including what is accessed, the amount of time the resource is accessed, and any changes that were made. Accounting keeps track of how network resources are used. An example is “User ‘student’ accessed host serverXYZ using SSH for 15 minutes.”

Terminal Access Controller Access-Control System Plus (TACACS+) and Remote Authentication Dial-In User Service (RADIUS) are both authentication protocols that are used to communicate with AAA servers. Whether TACACS+ or RADIUS is selected depends on the needs of the organization.

While both protocols can be used to communicate between a router and AAA servers, TACACS+ is considered the more secure protocol. This is because all TACACS+ protocol exchanges are encrypted, while RADIUS only encrypts the user’s password. RADIUS does not encrypt usernames, accounting information, or any other information carried in the RADIUS message.

The table lists the differences between the two protocols.

	TACACS+	RADIUS
Functionality	Separates AAA according to the AAA architecture, allowing modularity of the security server implementation	Combines authentication and authorization but separates accounting, allowing less flexibility in implementation than TACACS+
Standard	Mostly Cisco supported	Open/RFC standard
Transport	TCP	UDP
Protocol CHAP	Bidirectional challenge and response as used in Challenge Handshake Authentication Protocol (CHAP)	Unidirectional challenge and response from the RADIUS security server to the RADIUS client
Confidentiality	Entire packet encrypted	Password encrypted
Customization	Provides authorization of router commands on a per-user or per-group basis	Has no option to authorize router commands on a per-user or per-group basis
Accounting	Limited	Extensive

Virtual Private Network

Instead of using a dedicated physical connection, a VPN uses virtual connections that are routed through the internet from the organization to the remote site. The first VPNs were strictly IP tunnels that did not include authentication or encryption of the data. For example, Generic Routing Encapsulation (GRE) is a tunnelling protocol developed by Cisco that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels. This creates a virtual point-to-point link to Cisco routers at remote points over an IP network.

A VPN is virtual in that it carries information within a private network, but that information is actually transported over a public network. A VPN is private in that the traffic is encrypted to keep the data confidential while it is transported across the public network.

A VPN is a communications environment in which access is strictly controlled to permit peer connections within a defined community of interest. Confidentiality is achieved by encrypting the traffic within the VPN.

Today, a secure implementation of VPN with encryption is what is generally equated with the concept of virtual private networking.

In the simplest sense, a VPN connects two endpoints, such as a remote office to a central office, over a public network, to form a logical connection.

The logical connections can be made at either Layer 2 or Layer 3. Common examples of Layer 3 VPNs are GRE, Multiprotocol Label Switching (MPLS), and IPsec. Layer 3 VPNs can be point-to-point site connections, such as GRE and IPsec, or they can establish any-to-any connectivity to many sites using MPLS.

IPsec is a suite of protocols developed with the backing of the IETF to achieve secure services over IP packet-switched networks.

IPsec services allow for authentication, integrity, access control, and confidentiality. With IPsec, the information exchanged between remote sites can be encrypted and verified. VPNs are commonly deployed in a site-to-site topology to securely connect central sites with remote locations.

They are also deployed in a remote-access topology to provide secure remote access to external users travelling or working from home. Both remote-access and site-to-site VPNs can be deployed using IPsec.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Differences Between Wireless And Wired LANs

Leave a reply

WLANs use Radio Frequencies (RF) instead of cables at the physical layer and MAC sublayer of the data link layer. WLANs share a similar origin with Ethernet LANs. The IEEE has adopted the 802 LAN/MAN portfolio of computer network architecture standards. The two dominant 802 working groups are 802.3 Ethernet, which defined Ethernet for wired LANs, and 802.11 which defined Ethernet for WLANs. There are important differences between the two.

WLANs also differ from wired LANs as follows:

WLANs connect clients to the network through a wireless access point (AP) or wireless router, instead of an Ethernet switch.
WLANs connect mobile devices that are often battery-powered, as opposed to plugged-in LAN devices. Wireless NICs tend to reduce the battery life of a mobile device.
WLANs support hosts that contend for access to the RF media (frequency bands). 802.11 prescribes collision avoidance (CSMA/CA) instead of collision-detection (CSMA/CD) for media access to proactively avoid collisions within the media.
WLANs use a different frame format than wired Ethernet LANs. WLANs require additional information in the Layer 2 header of the frame.
WLANs raise more privacy issues because radio frequencies can reach outside the facility.

The table summarizes the differences between wireless and wired LANs.

Characteristic	802.11 Wireless LAN	802.3 Wired Ethernet LANs
Physical Layer	radio frequency (RF)	physical cables
Media Access	collision avoidance	collision detection
Availability	anyone with a wireless NIC in range of an access point	physical cable connection required
Signal Interference	yes	minimal
Regulation	different regulations by country	IEEE standard dictates

Frame Structure

Recall that all Layer 2 frames consist of a header, payload, and Frame Check Sequence (FCS) section. The 802.11 frame format is similar to the Ethernet frame format, except that it contains more fields, as shown in the figure.

All 802.11 wireless frames contain the following fields:

Frame Control – This identifies the type of wireless frame and contains subfields for protocol version, frame type, address type, power management, and security settings.
Duration – This is typically used to indicate the remaining duration needed to receive the next frame transmission.
Address1 – This usually contains the MAC address of the receiving wireless device or AP.
Address2 – This usually contains the MAC address of the transmitting wireless device or AP.
Address3 – This sometimes contains the MAC address of the destination, such as the router interface (default gateway) to which the AP is attached.
Sequence Control – This contains information to control sequencing and fragmented frames.
Address4 – This usually missing because it is used only in ad hoc mode.
Payload – This contains the data for transmission.
FCS – This is used for Layer 2 error control.

CSMA/CA

WLANs are half-duplex, shared media configurations. Half-duplex means that only one client can transmit or receive at any given moment. Shared media means that wireless clients can all transmit and receive on the same radio channel. This creates a problem because a wireless client cannot hear while it is sending, which makes it impossible to detect a collision.
To resolve this problem, WLANs use carrier sense multiple access with collision avoidance (CSMA/CA) as the method to determine how and when to send data on the network. A wireless client does the following:

Listens to the channel to see if it is idle, which means that is senses no other traffic is currently on the channel. The channel is also called the carrier.
Sends a ready to send (RTS) message to the AP to request dedicated access to the network.
Receives a clear to send (CTS) message from the AP granting access to send.
If the wireless client does not receive a CTS message, it waits a random amount of time before restarting the process.
After it receives the CTS, it transmits the data.
All transmissions are acknowledged. If a wireless client does not receive an acknowledgement, it assumes a collision occurred and restarts the process.

Wireless Client and AP Association

For wireless devices to communicate over a network, they must first associate with an AP or wireless router. An important part of the 802.11 processes is discovering a WLAN and subsequently connecting to it. Wireless devices complete the following three-stage process, as shown in the figure:

Discover a wireless AP
Authenticate with AP
Associate with AP

In order to have a successful association, a wireless client and an AP must agree on specific parameters. Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association.

SSID -The SSID name appears in the list of available wireless networks on a client. In larger organizations that use multiple VLANs to segment traffic, each SSID is mapped to one VLAN. Depending on the network configuration, several APs on a network can share a common SSID.
Password – This is required from the wireless client to authenticate to the AP.
Network mode – This refers to the 802.11a/b/g/n/ac/ad WLAN standards. APs and wireless routers can operate in a Mixed-mode meaning that they can simultaneously support clients connecting via multiple standards.
Security mode – This refers to the security parameter settings, such as WEP, WPA, or WPA2. Always enable the highest security level supported.
Channel settings – This refers to the frequency bands used to transmit wireless data. Wireless routers and APs can scan the radio frequency channels and automatically select an appropriate channel setting. The channel can also be set manually if there is interference with another AP or wireless device.

Passive and Active Discover Mode

Wireless devices must discover and connect to an AP or wireless router. Wireless clients connect to the AP using a scanning (probing) process. This process can be passive or active.

Passive mode

Active mode

In passive mode, the AP openly advertises its service by periodically sending broadcast beacon frames containing the SSID, supported standards, and security settings. The primary purpose of the beacon is to allow wireless clients to learn which networks and APs are available in a given area. This allows the wireless clients to choose which network and AP to use.

Fact Check Policy

Guidelines For Ensuring Credit Card Safety

Leave a reply

In my previous article, I talked about how online shopping has made life easy for people making transactions online. Despite the fact that it is very easy to make transactions online using credit and debit cards, you need to follow some guidelines in order to secure your funds.

In this article, I want to talk about guidelines for ensuring credit card safety. Follow me as we are going to look at that in this article. I will also divide the process into two, I will talk about what you should do before shopping and what you need to do after shopping as well.

Before you shop…

You have to check if the website in question is a known business entity. Is it a popular e-commerce website or you are just stumbling on it for the very first time.
There is a need for you to also check for third-party trust verification. There are reputable websites that are saddled with the responsibility of confirming and verifying websites. If there is no symbol of trust on that website, you need to tread softly. The site has to be verified by Verisign and eTrust among other verification bodies.
You also need to look out for the review of other users. You can Google sites where you can find comments of other users who have visited the site and transact with them at one time or another.
You also need to review the privacy statement of the website. This will give you an idea of the rights that you have under the law.
You need to use only one credit card for all your online transactions.
Keep records of all your online transactions.
Do not share your credit card information with anyone.

These are some of the steps that you need to take while you are shopping…

Disclose only required personal information. Be discreet.
Ensure that you are using a secured computer and using a secured site.
Adopt the use of a strong password.
Use one-click shopping continuously.
Check for a confirmation email after an online purchase or transaction.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be delighted to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

CRMNAIJA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

Some Facts To Know Virtual LANs Generally

Leave a reply

Within a switched internetwork, VLANs provide segmentation and organizational flexibility. VLANs provide a way to group devices within a LAN. A group of devices within a VLAN communicate as if they were connected to the same network segment. VLANs are based on logical connections, instead of physical connections.

VLANs allow an administrator to segment networks based on factors such as function, project team, or application, without regard for the physical location of the user or device, as shown in the figure.

Devices within a VLAN act as if they are in their own independent network, even if they share a common infrastructure with other VLANs. Any switch port can belong to a VLAN.

Unicast, broadcast, and multicast packets are forwarded and flooded only to end devices within the VLAN where the packets are sourced. Each VLAN is considered a separate logical network.

Packets destined for devices that do not belong to the VLAN must be forwarded through a device that supports routing.

A VLAN creates a logical broadcast domain that can span multiple physical LAN segments. VLANs improve network performance by separating large broadcast domains into smaller ones.

If a device in one VLAN sends a broadcast Ethernet frame, all devices in the VLAN receive the frame, but devices in other VLANs do not.

VLANs also prevent users on different VLANs from snooping on each other’s traffic. For example, even though HR and Sales are connected to the same switch in the figure, the switch will not forward traffic between the HR and Sales VLANs.

This allows a router or another device to use access control lists to permit or deny the traffic. Access lists are discussed in more detail later in the chapter. For now, just remember that VLANs can help limit the amount of data visibility on your LANs.

STP

Network redundancy is key to maintaining network reliability. Multiple physical links between devices provide redundant paths.

The network can then continue to operate when a single link or port has failed. Redundant links can also share the traffic load and increase capacity.

Multiple paths need to be managed so that Layer 2 loops are not created. The best paths are chosen, and an alternate path is immediately available should a primary path fail.

The Spanning Tree Protocol is used to maintain one loop-free path in the Layer 2 network, at any time.

Redundancy increases the availability of the network topology by protecting the network from a single point of failure, such as a failed network cable or switch.

When physical redundancy is introduced into a design, loops and duplicate frames occur. Loops and duplicate frames have severe consequences for a switched network. STP was developed to address these issues.

STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop.

A port is considered blocked when user data is prevented from entering or leaving that port. This does not include bridge protocol data unit (BPDU) frames that are used by STP to prevent loops.

Blocking the redundant paths is critical to preventing loops on the network. The physical paths still exist to provide redundancy, but these paths are disabled to prevent the loops from occurring.

If the path is ever needed to compensate for a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to allow the redundant path to become active.

Multilayer Switching

Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching but also forward frames based on Layer 3 and 4 information. All Cisco Catalyst multilayer switches support the following types of Layer 3 interfaces:

Routed port – A pure Layer 3 interface similar to a physical interface on a Cisco IOS router.
Switch virtual interface (SVI) – A virtual VLAN interface for inter-VLAN routing. In other words, SVIs are the virtual-routed VLAN interfaces.

Routed Ports
A routed port is a physical port that acts similarly to an interface on a router, as shown in the figure. Unlike an access port, a routed port is not associated with a particular VLAN.

A routed port behaves like a regular router interface. Also, because Layer 2 functionality has been removed, Layer 2 protocols, such as STP, do not function on a routed interface.

However, some protocols, such as LACP and EtherChannel, do function at Layer 3. Unlike Cisco IOS routers, routed ports on a Cisco IOS switch do not support subinterfaces.

Routed Ports

Switch Virtual Interfaces
An SVI is a virtual interface that is configured within a multilayer switch, as shown in the figure. Unlike the basic Layer 2 switches discussed above, a multilayer switch can have multiple SVIs.

An SVI can be created for any VLAN that exists on the switch. An SVI is considered to be virtual because there is no physical port dedicated to the interface.

It can perform the same functions for the VLAN as a router interface would, and can be configured in much the same way as a router interface (i.e., IP address, inbound/outbound ACLs, etc.).

The SVI for the VLAN provides Layer 3 processing for packets to or from all switch ports associated with that VLAN.

Fact Check Policy

Video: How To Concatenate In Microsoft Excel

Leave a reply

[embedyt] https://www.youtube.com/watch?v=omaxRWsrXz4[/embedyt]

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Become Part Of our Fan Base on Facebook. Click Here.

READ THIS Be Holy, For You Are The Temple Of Holy Spirit. RCCG House Fellowship 21/03/21

Many Crypto. One place. Use Roqqu

Hi, I now use RavenBank to send, receive and save money. I also pay my bills with ease, you should try it out too

Fact Check Policy

Health Benefits Of Kedi V-CA Tablet

Leave a reply

Kedi V-Ca Tablet is a nutritious way of adding to the body’s supply of Vitamin C and calcium V-Ca drink is a perfect way to start your day. In this article, I want to talk about some of the health benefits of this exciting product.

Health Benefits:

V-Ca facilitates calcium absorption, making it more bio-available to the cells.
V-Ca is important in many other critical functions such as the absorption of iron, simulation of the immune system and as an antioxidant to strengthen the immune system.
V-Ca neutralises potentially harmful reactions in the watery part of the body, such as blood and fluid both inside and sounding cells.
V-Ca may be useful as an immune stimulator and modulator in some circumstances. It promotes resistance to infection through the immunologic activity of leukocytes, the production of interferon and maintaining mucous membrane.
V-Ca increased intake is required to maintain normal plasma levels under acute emotional or environmental stress such as trauma, fever, infection, or elevated environmental temperature.
It helps you replace the Vitamin C loss through colds and flu.

Recommended Daily Intake

Dissolve one tablet in a glass of water (220ml – 300 ml) either warm or ordinary water. Do not exceed the recommended intake.

Fact Check Policy

Understanding IP Vulnerabilities In Networking

Leave a reply

In my previous article, I have talked about some of the facts that you need to know about network security. This article talks about some of the facts that you need to know about IP Vulnerabilities in Networking. Follow me as we are going to look at that in this article.

There are different types of attacks that target IP. The table lists some of the more common IP-related attacks.

IP Attacks	Description
ICMP attacks	Threat actors use Internet Control Message Protocol (ICMP) echo packets (pings) to discover subnets and hosts on a protected network, to generate DoS flood attacks, and alter host routing tables.
Denial-of-Service (DoS) attacks	Threat actors attempt to prevent legitimate users from accessing information or services.
Distributed Denial-of-Service (DDoS) attacks	Similar to a DoS attack, but features a simultaneous, coordinated attack from multiple source machines.
Address spoofing attacks	Threat actors spoof the source IP address in an attempt to perform blind spoofing or non-blind spoofing.
Man-in-the-middle attack (MiTM)	Threat actors position themselves between a source and destination to transparently monitor, capture and control the communication. They could simply eavesdrop by inspecting captured packets or alter packets and forward them to their original destination.
Session hijacking	Threat actors gain access to the physical network, and then use a MiTM attack to hijack a session.

ICMP Attacks

ICMP was developed to carry diagnostic messages and to report error conditions when routes, hosts, and ports are unavailable. ICMP messages are generated by devices when a network error or outage occurs.

The ping command is a user-generated ICMP message, called an echo request, that is used to verify connectivity to a destination.
Threat actors use ICMP for reconnaissance and scanning attacks. This enables them to launch information-gathering attacks to map out a network topology, discover which hosts are active (reachable), identify the host operating system (OS fingerprinting), and determine the state of a firewall.

Threat actors also use ICMP for DoS and DDoS attacks, as shown in the ICMP flood attack in the figure.

ICMP Flood

Note: ICMP for IPv4 (ICMPv4) and ICMP for IPv6 (ICMPv6) are susceptible to similar types of attacks.
The table lists common ICMP messages of interest to threat actors.

ICMP Message	Description
ICMP echo request and echo reply	This is used to perform host verification and DoS attacks.
ICMP unreachable	This is used to perform network reconnaissance and scanning attacks.
ICMP mask reply	This is used to map an internal IP network.
ICMP redirects	This is used to lure a target host into sending all traffic through a compromised device and create a MiTM attack.
ICMP router discovery	This is used to inject bogus route entries into the routing table of a target host.

Networks should have strict ICMP access control list (ACL) filtering on the network edge to avoid ICMP probing from the internet. Security analysts should be able to detect ICMP-related attacks by looking at captured traffic and log files.

In the case of large networks, security devices, such as firewalls and intrusion detection systems (IDS), should detect such attacks and generate alerts to the security analysts.

Amplification and Reflection Attacks

Threat actors often use amplification and reflection techniques to create DoS attacks. The example in the figure illustrates how an amplification and reflection technique called a Smurf attack is used to overwhelm a target host.

Note: Newer forms of amplification and reflection attacks such as DNS-based reflection and amplification attacks and Network Time Protocol (NTP) amplification attacks are now being used.
Threat actors also use resource exhaustion attacks. These attacks consume the resources of a target host to either crash it or consume the resources of a network.

Address Spoofing Attacks

IP address spoofing attacks occur when a threat actor creates packets with false source IP address information to either hide the identity of the sender or to pose as another legitimate user. The threat actor can then gain access to otherwise inaccessible data or circumvent security configurations. Spoofing is usually incorporated into another attack such as a Smurf attack.
Spoofing attacks can be non-blind or blind:

Non-blind spoofing – The threat actor can see the traffic that is being sent between the host and the target. The threat actor uses non-blind spoofing to inspect the reply packet from the target victim. Non-blind spoofing determines the state of a firewall and sequence-number prediction. It can also hijack an authorized session.
Blind spoofing – The threat actor cannot see the traffic that is being sent between the host and the target. Blind spoofing is used in DoS attacks.

MAC address spoofing attacks are used when threat actors have access to the internal network. Threat actors alter the MAC address of their host to match another known MAC address of a target host, as shown in the figure. The attacking host then sends a frame throughout the network with the newly-configured MAC address. When the switch receives the frame, it examines the source MAC address.

Threat Actor Spoofs a Server’s MAC Address

The switch overwrites the current CAM table entry and assigns the MAC address to the new port, as shown in the figure. It then forwards frames destined for the target host to the attacking host.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

CRMNUGGETS is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

Fact Check Policy

Suicide Forbidden. RCCG Sunday School Students

Leave a reply

Memory Verse: “Casting all your care upon Him, for He careth for you”-1 Peter 5:7.

Bible Passage: Romans 5:1-8.

Introduction

Suicide is the act of intentionally causing one’s death and deliberately killing one’s self. Research shows that approximately 90% of people who have died by suicide were suffering from a mental illness at the time. The most common mental illness reported is depression. Also, many suicides happen impulsively in a moment of crisis with a breakdown in the ability to deal with life stresses, such as financial problems, relationship break-up or chronic pain and illness. In addition, experiencing conflict, disaster, violence, abuse, (physical, sexual emotional, verbal and so on) discrimination or loss and a sense of isolation are strongly associated with suicidal behaviour. Intense sadness and hopelessness, not caring about activities that used to matter, withdrawal from family, friends, sports and social activities; substance (drug, alcohol) abuse are some of the common signs of suicidal thoughts.

OUTLINES

1. Biblical view of Suicide

2. Antidotes to suicidal thoughts/attempts

The Biblical View Of Suicide

The Bible views suicide as equal to murder (self-murder). God is the only one to decide when and how a person should die. We should say with the Psalmist. “My times are in thy hand…“(Psalms 31:14). God is the giver of life. He gives and He takes away (Job 1:21). The Bible mentions six specific people who committed suicide. Abimelech (Judges 9:54), Saul (1 Sam 31:4), Saul’s armour bearer (1 Sam. 31:4-6), Ahitophel (2 Samuel 17:23), Zimri (1 Kings 16:18) and Judas (Matt. 27:5).

Suicide, the taking of one’s own life, is ungodly because it rejects God’s gift of life. No one should presume to take God’s authority upon them to end his or her own life. Some people in Scripture felt deep despair in life. Solomon, in his pursuit of pleasure, reached the point where he “hated life”(Eccl. 2:17). Elijah was fearful and depressed and yearned for death (1 Kings 19:4). Jonah was so angry at God that he wished to die (Jonah 4:8). Even the apostle Paul and his missionary companions at one point were under great pressure that resulted in despair (2 Cor. 1:8).

However, non of these men committed suicide. Solomon learned to fear God and keep his commandment (Eccl. 12:13). Elijah was comforted by an angel, allowed to rest and given a new commission (1 Kings 19:5,15). Jonah received admonition and rebuke from God (Jonah 4:1-3;8-11). Paul learned that, although the pressure he faced was beyond his ability to endure, the Lord can bear all things (2 Cor. 1:9).

ANTIDOTES TO SUICIDAL THOUGHTS/ATTEMPTS

According to the Bible, suicide is a sin (Ex. 20:13). Therefore if you or anyone around you expresses suicidal thoughts or exhibits self-harming behaviours, seek pastoral and professional help. In addition, the following steps may help to rescue anyone having suicidal thoughts.

Take a few moments to consider letting God prove His love to you (Romans 5:5).
Know that Jesus identifies with you in times of rejection and humiliation (Isaiah 53:2-6).
Jesus Christ endured suffering and shame so that you might have all your sins forgiven and your weight of guilt removed (Romans 5:7-8, Romans 8:32).
Know that Jesus will forgive and repair your brokenness and restore your joy if you humbly receive Him as your Saviour (Is. 1:18; 2 Cor. 5:17).
Be assured that Jesus will always come to your rescue whenever you are in trouble if only you cry or call upon Him (Psalms 61:1-2; Jer. 33:3; Ps. 50:15).

CONCLUSION: No matter how bad things are in your life, there is the God of love who is waiting for you to guide you through your tunnel and out into His marvellous light.

QUESTIONS

What is the biblical view of suicide?
Mention the antidotes to suicidal thoughts/attempts

ASSIGNMENT: From the lesson introduction and contemporary environment, identify any five (5) sources of suicide (2×5=10Marks).

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be thrilled to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria, and Phillips Consulting among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

I know you might agree with some of the points raised in this article. You might disagree with some of the issues raised. Let me know your views about the topic discussed. We would appreciate it if you can drop your comment. Thanks in anticipation.

Fact Check Policy

Understanding Address Resolution Protocol Vulnerabilities

Leave a reply

Hosts broadcast an ARP Request to other hosts on the network segment to determine the MAC address of a host with a particular IP address. All hosts on the subnet receive and process the ARP Request. The host with the matching IP address in the ARP Request sends an ARP Reply. This article talks about Address Resolution Protocol vulnerabilities. Follow me as we will look at that together in this article.

Any client can send an unsolicited ARP Reply called a “gratuitous ARP.” This is often done when a device first boots up to inform all other devices on the local network of the new device’s MAC address. When a host sends a gratuitous ARP, other hosts on the subnet store the MAC address and IP address contained in the gratuitous ARP in their ARP tables.

However, this feature of ARP also means that any host can claim to be the owner of any IP/MAC they choose. A threat actor can poison the ARP cache of devices on the local network, creating a MiTM attack to redirect traffic. The goal is to associate the threat actor’s MAC address with the IP address of the default gateway in the ARP caches of hosts on the LAN segment. This positions the threat actor in between the victim and all other systems outside of the local subnet.

ARP Cache Poisoning

ARP cache poisoning can be used to launch various man-in-the-middle attacks.

PC-AR1

IP: 192.168.10.10
MAC: AA:AA:AA:AA:AA:AAIP: 192.168.10.254
MAC: EE:EE:EE:EE:EE:EEIP: 192.168.10.1
MAC: A1:A1:A1:A1:A1:A1Threat ActorARP Request: MAC of 192.168.10.1

ARP Cache on PC-A
ARP Cache on PC-A
IP Address	MAC Address
192.168.10.1	????

ARP Cache on Threat Actor Host
ARP Cache on Threat Actor Host
IP Address	MAC Address
192.168.10.10	AA:AA:AA:AA:AA:AA
192.168.10.1	A1:A1:A1:A1:A1:A1

Note: There are many tools available on the internet to create ARP MiTM attacks including dsniff, Cain & Abel, ettercap, Yersinia, and others.

DNS Attacks

The Domain Name Service (DNS) protocol defines an automated service that matches resource names, such as www.cisco.com, with the required numeric network address, such as the IPv4 or IPv6 address. It includes the format for queries, responses, and data and uses resource records (RR) to identify the type of DNS response.

Securing DNS is often overlooked. However, it is crucial to the operation of a network and should be secured accordingly.
DNS attacks include the following:

DNS open resolver attacks
DNS stealth attacks
DNS domain shadowing attacks
DNS tunnelling attacks

DNS Open Resolver Attacks
Many organizations use the services of publicly open DNS servers such as GoogleDNS (8.8.8.8) to provide responses to queries. This type of DNS server is called an open resolver. A DNS open resolver answers query from clients outside of its administrative domain. DNS open resolvers are vulnerable to multiple malicious activities described in the table.

Table caption
DNS Resolver Vulnerabilities	Description
DNS cache poisoning attacks	Threat actors send spoofed, falsified record resource (RR) information to a DNS resolver to redirect users from legitimate sites to malicious sites. DNS cache poisoning attacks can all be used to inform the DNS resolver to use a malicious name server that is providing RR information for malicious activities.
DNS amplification and reflection attacks	Threat actors use DoS or DDoS attacks on DNS open resolvers to increase the volume of attacks and to hide the true source of an attack. Threat actors send DNS messages to the open resolvers using the IP address of a target host. These attacks are possible because the open resolver will respond to queries from anyone asking a question.
DNS resource utilization attacks	A DoS attack that consumes the resources of the DNS open resolvers. This DoS attack consumes all the available resources to negatively affect the operations of the DNS open resolver. The impact of this DoS attack may require the DNS open resolver to be rebooted or services to be stopped and restarted.

DNS Stealth Attacks
To hide their identity, threat actors also use the DNS stealth techniques described in the table to carry out their attacks.

Table caption
DNS Stealth Techniques	Description
Fast Flux	Threat actors use this technique to hide their phishing and malware delivery sites behind a quickly-changing network of compromised DNS hosts. The DNS IP addresses are continuously changed within minutes. Botnets often employ Fast Flux techniques to effectively hide malicious servers from being detected.
Double IP Flux	Threat actors use this technique to rapidly change the hostname to IP address mappings and to also change the authoritative name server. This increases the difficulty of identifying the source of the attack.
Domain Generation Algorithms	Threat actors use this technique in malware to randomly generate domain names that can then be used as rendezvous points to their command and control (C&C) servers.

DNS Domain Shadowing Attacks
Domain shadowing involves the threat actor gathering domain account credentials in order to silently create multiple sub-domains to be used during the attacks. These subdomains typically point to malicious servers without alerting the actual owner of the parent domain.

DNS Tunneling

Botnets have become a popular attack method of threat actors. Most often, botnets are used to spread malware or launch DDoS and phishing attacks.

DNS in the enterprise is sometimes overlooked as a protocol that can be used by botnets. Because of this, when DNS traffic is determined to be part of an incident, the attack is often already over.

It is necessary for the cybersecurity analyst to be able to detect when an attacker is using DNS tunnelling to steal data and prevent and contain the attack. To accomplish this, the security analyst must implement a solution that can block outbound communications from the infected hosts.

Threat actors who use DNS tunnelling place non-DNS traffic within DNS traffic. This method often circumvents security solutions. For the threat actor to use DNS tunnelling, the different types of DNS records such as TXT, MX, SRV, NULL, A, or CNAME are altered. For example, a TXT record can store the commands that are sent to the infected host bots as DNS replies. A DNS tunnelling attack using TXT works like this:

The data is split into multiple encoded chunks.
Each chunk is placed into a lower level domain name label of the DNS query.
Because there is no response from the local or networked DNS for the query, the request is sent to the ISP’s recursive DNS servers.
The recursive DNS service will forward the query to the attacker’s authoritative name server.
The process is repeated until all of the queries containing the chunks are sent.
When the attacker’s authoritative name server receives the DNS queries from the infected devices, it sends responses for each DNS query, which contains the encapsulated, encoded commands.
The malware on the compromised host recombines the chunks and executes the commands hidden within.

To be able to stop DNS tunnelling, a filter that inspects DNS traffic must be used. Pay particular attention to DNS queries that are longer than average, or those that have a suspicious domain name. Also, DNS security solutions, such as Cisco Umbrella (formerly Cisco OpenDNS), block much of the DNS tunnelling traffic by identifying suspicious domains. Domains associated with Dynamic DNS services should be considered highly suspect.

DHCP

DHCP servers dynamically provide IP configuration information to clients. The figure shows the typical sequence of a DHCP message exchange between client and server.

DHCP Attacks

DHCP Spoofing Attack
A DHCP spoofing attack occurs when a rogue DHCP server is connected to the network and provides false IP configuration parameters to legitimate clients. A rogue server can provide a variety of misleading information:

Wrong default gateway – The threat actor provides an invalid gateway, or the IP address of its host to create a MiTM attack. This may go entirely undetected as the intruder intercepts the data flow through the network.
Wrong DNS server – A threat actor provides an incorrect DNS server address pointing the user to a malicious website.
Wrong IP address – The threat actor provides an invalid IP address, invalid default gateway IP address, or both. The threat actor then creates a DoS attack on the DHCP client.

Assume a threat actor has successfully connected a rogue DHCP server to a switch port on the same subnet as the target clients. The goal of the rogue server is to provide clients with false IP configuration information.

1. Client Broadcasts DHCP Discovery Messages

2. DHCP Servers Respond with Offers

3. Client Accepts Rogue DHCP Request

4. Rogue DHCP Acknowledges the Request

In the figure, a legitimate client connects to the network and requires IP configuration parameters. The client broadcasts a DHCP Discover request looking for a response from a DHCP server. Both servers receive the message.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Health Benefits Of Kedi V-CA Tablet

Leave a reply

Health Benefits:

V-Ca facilitates calcium absorption, making it more bio-available to the cells.
V-Ca is important in many other critical functions such as the absorption of iron, simulation of the immune system and as an antioxidant to strengthen the immune system.
V-Ca neutralises potentially harmful reactions in the watery part of the body, such as blood and fluid both inside and sounding cells.
V-Ca may be useful as an immune stimulator and modulator in some circumstances. It promotes resistance to infection through the immunologic activity of leukocytes, the production of interferon and maintaining mucous membrane.
V-Ca increased intake is required to maintain normal plasma level under acute emotional or environmental stress such as trauma , fever , infection , or elevated environmental temperature.
It helps you replace the Vitamin C loss through colds and flu.

Recommended Daily Intake

Dissolve one tablet in a glass of water (220ml – 300 ml) either warm or ordinary water. Do not exceed the recommended intake.
Action Point

PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Choosing Best Hosting Platform For Website

Leave a reply

Choosing the right host can make all the difference in how fast your website loads and how easy it is to use. You don’t want your server to be overloaded with traffic, causing your site to load slowly, or worse, crash! Make sure your website stays up and running with these tips on finding the best hosting platform.

What Is Web Hosting?

Web hosting is a service that allows organizations and individuals to post a website or web page onto the Internet.

A web host, or web hosting service provider, is a business that provides the technologies and services needed for the website or webpage to be viewed on the Internet.

Websites are hosted or stored, on special computers called servers. When Internet users want to view your website, all they need to do is type your website address or domain into their browser.

Why Should I Choose a Good Web Host?

A good web host will keep your website up and running smoothly, with little to no downtime. They will also offer you features like unlimited storage space, bandwidth, and email accounts.

Plus, a good web host will have excellent customer service in case you need any help.

What Are the Different Types of Web Hosting Services?

1) Shared hosting is the most popular type of web hosting, and is perfect for small-scale websites and blogs. With shared hosting, your website will be hosted on a server with other websites.

2) VPS hosting is great for medium-sized businesses or websites with high traffic. With VPS hosting, your website will be hosted on a virtual private server, giving you more control over your server environment.

(3) Dedicated hosting is ideal for large businesses or websites with very high traffic. You get a fully dedicated server for your business, which gives you all the power and stability that comes with owning your own physical hardware. If you’re still not sure what kind of hosting best suits your needs, compare our top 5 hosts below !

– SiteGround
– Bluehost
– A2Hosting
– DreamHost
– InMotionHosting

How Do I Choose Between Them?

If you’re running a website, you need a hosting platform that can keep it up and running reliably. But with so many options out there, how do you choose the best one for your needs?

Here are some things to consider when making your decision:

What features does the company offer?
Do they have an uptime guarantee or any type of support for their customers?
Do they offer domain registration services or other related features?
How much does it cost per month and what payment methods are accepted?
Does this company offer shared hosting or dedicated servers as well as VPSes (virtual private servers)?

How Much Should I Expect To Pay?

The cost of hosting a website can vary greatly depending on your needs. If you are just starting out, you can find shared hosting plans for as little as $5 per month.

However, if you need more power or have a higher traffic website, you may need to pay $10 or more per month. Additionally, some hosting providers offer discounts if you pay for multiple months in advance.

How Do I Get Started With My New Webhost?

So you’ve decided on a web host and are ready to get started with your new website. Congratulations! Now it’s time to get started on the fun part: building your site. But first, you need to set up your hosting account.

Here’s a quick guide on how to do that.

1) Fill out the sign-up form for your hosting service of choice.

2) Check your email inbox for an activation link or confirmation email from the company’s support team.

3) Click or tap on this link/email to confirm your purchase. Next, enter your billing information (name, address, credit card number). After filling in the necessary fields, click on Confirm Purchase. You should now be redirected to a page where you can log in to your account. Choose a username and password (this will be different than any other login info you may have used elsewhere), then enter them into the login boxes. Now you’re taken to the control panel for your hosting account, which is called cPanel. In order to add a domain name (or make any changes at all) to your account, you’ll need to add it through cPanel.

Action Point

PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Increasing Blog Traffics: 6 Methods To Help Drive Traffic

Leave a reply

The above question has been a common question among bloggers and this post will you improve your blog. Keep reading…

If you want to drive more traffic to your blog and increase your visibility, you’re going to need to ensure that you aren’t leaving anything on the table. You’ll want to maximize every single opportunity that you can, which means looking at different ways that you can drive traffic from multiple sources.

Here are six great methods that you can use today to help drive traffic to your blog and increase your online presence.

#1. Write Great Content

The number one thing you can do today to increase your traffic is simply published great content. If you’re interested in driving a lot of organic traffic, focus on consistently publishing great content that people want to read and share.

This will make it easier for search engines to find your site and rank it highly for relevant terms. It will also make it easier for other bloggers to share your content with their readers, which can lead to more referral traffic.

#2. Create Quality Backlinks

You’ve got a great piece of content and it’s on a topic that people want to read about, but no one knows it exists yet. The only way they’re going to find out is if you can get quality backlinks pointing at your site.

Don’t just ask anyone either, find credible sites in your industry or niche and make sure you exchange links with them. If you don’t know how to do that, use an SEO tool like Ahrefs to analyze their link profile first. It will show you what kind of anchor text they are using for their backlinks.

Then, simply replicate their process by making your relevant links with similar anchor texts so that Google sees you as someone who shares information rather than someone trying to game its system.

#3. Share on Social Media, Comment on Other Blogs

The best way to drive a ton of traffic is by commenting on other blogs, as well as sharing on social media. Since you’re adding value and giving away information for free, people will start following you and driving even more traffic back to your site. The key here is linking back to original content with contextual links.

If someone asks a question in their post, answer it directly in your comment. If they link to an outside resource, use that link when referencing it in your comment. This helps create a natural flow of traffic from one post to another that drives targeted visitors back to your website.

#4. Ask For Feedback

If you know someone who reads or writes for a living, ask them for feedback on your writing. Specifically, ask if there’s anything that sounds awkward or is difficult to read.

Sometimes it can be hard to see our own mistakes and find flaws in our writing without another person’s perspective. If you feel comfortable doing so, ask them if they have any suggestions on how you could make it better.

You may even consider sending them an entire draft of something you’re working on rather than just asking for feedback from one specific piece. The more eyes you get looking at your work, the more likely it will be improved before publishing.

#5. Participate in a Community or Network of Bloggers

One of the best ways to increase your exposure on Google is by participating in a community or network of bloggers. There are tons of these out there; blogging has become an integral part of internet culture over recent years, so finding one that fits you is pretty simple.

Once you’ve got that down, it’s just a matter of sharing links and commenting frequently on others’ blogs (Just make sure you read their posts before leaving comments!)

By being active within these communities, you can build relationships with other bloggers who will share your content, and maybe even link back to it, helping you get more exposure from search engines.

#6. SEO (Search Engine Optimization)

Although Google is less dependent on keywords in rankings than it used to be, having a site filled with words and phrases that people are likely to search for will still give you an edge over those who lack a keyword strategy.

SEO isn’t just about stuffing as many keywords into your pages as possible, though, it’s also about choosing carefully what words and phrases you target, and how those words and phrases appear on your page.

For example, How to make money blogging may have more traffic potential than Blogging for profit tips. Your goal should be to make sure that every page of your website has at least one or two keywords or keyphrases in it somewhere; otherwise, you might find yourself getting lost in the shuffle when it comes time for search engines to do their thing.

You can use tools like Google AdWords Keyword Planner to research which keywords and keyphrases are most popular among searchers.

These are obviously the free ways to drive traffic to your blog. Slow and steady wins the raise

Why My Blog is Not Getting Traffic?

To understand why Google might not be sending you as much traffic as you’d like, let’s first talk about why Google likes a site.

For example, if a lot of other sites link to yours (the linking concept is called link popularity), or if a lot of people read and share content on yours regularly (called engagement), then that tells Google that yours is a popular and engaging site, so it will send more visitors to you.

If none of these things are happening for you, then there are a few reasons why. You could have chosen an unpopular topic for your website—if no one cares about what you’re writing about, they won’t go to your site and tell their friends either.

Or maybe you don’t have any quality content—if readers can’t find anything useful when they get to your site, they won’t come back again.

What is Good Traffic For a Blog?

Various metrics can be used to determine whether or not a website is popular, and how much traffic it has. One of these metrics is Google PageRank, which uses a scale of 1–10 to measure how important a site is.

The higher a site’s PageRank score, the more likely it will appear in search results. However, there are many factors involved in determining how high a site appears on search engine result pages (SERPs).

For example, how often people link to you from other sites—known as backlinks—is an important factor. In addition, how popular your topic is can also affect how high you rank on SERPs.

This is why choosing a niche for your website can help increase its popularity; if you choose a highly-popular niche, chances are that more people will be searching for information related to your site than if you chose a less-popular niche.

Finally, how frequently new content is added to your site can influence how well it ranks on SERPs; Google likes sites with fresh content because they tend to have higher visitor engagement rates than those without new content.

Blog Traffic Checker

There are a lot of different tools that will allow you to check statistics on your website, but one of my favourites is Google Analytics.

You can use it to see where people are coming from when they click on your links, what they’re searching for in search engines, how much time they spend on each page, and which pages convert most effectively (i.e., what action do they take after reading that particular page).

These are important factors to consider when trying to increase your visitors. The more you know about how people interact with your site, the better equipped you’ll be to make changes that improve performance.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be thrilled to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria, and Phillips Consulting among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

As a Student, earn $1.5 (N1,500.00) performing simple 5 Minutes tasks. Here are my withdrawal tasks.

Claim your 1 USDT for reading this post.

Free BNB up for Grab. Click here to claim yours.

Internal Link Building For SEO Success

Leave a reply

What is link building? There are various definitions online, but the best one I have found comes from Wikipedia, which explains link building as the process of attracting links to a website from other websites.

In simpler terms, link building is how you make sure that people can find your site when they look up specific keywords on search engines like Google and Bing.

What is Internal Link Building?

Internal link building is a component of search engine optimization that involves adding links within your website’s content and navigation.

Internal link building can boost your site’s search visibility by increasing its prominence in search engine results. It also helps ensure that all the pages on your site are easily found, ensuring higher quality traffic.

You can do internal link building yourself with just some time and patience or hire an expert to get it done for you.

What Are The 3 Types of Internal Links?

The three major types of internal links are; contextual, navigational, and hub. All three are important for getting traffic to your site, but if you want to get an advantage over your competitors you need to learn how to do them right. This is a summary of the three types of internal linking.

– Contextual linking is when you link to pages that are related to the one that visitors are on.

– Navigational linking points visitors in the direction of other pages they might be interested in based on what they clicked on or entered into a search engine like Google.

– Hub linking creates new entry points into your website from which people can go deeper into its content. The key to this type of linking is making sure it’s easy for users to find their way back out again.

Linking also helps make your site more scannable because it lets users jump around easily between different sections and topics. Think about using headings, subheadings, bullet points, and paragraphs to help organize your information.

It’s not enough just to have text; there should be some form of structure as well. Try starting with headers first before going any further so you know where your post will begin and end and where you’ll include graphics or images.

How Does Internal Linking Benefit Me?

Internal linking allows search engines to see every page on your site as relevant and important. Search engines like relevance, which means if your website is poorly linked internally, it could be at a significant disadvantage.

The more internal links you have on your site, the more pages you get indexed—and that is exactly what you want when trying to achieve success from an organic search engine ranking perspective.

How Do I Put Together an Effective Strategy?

If you’re familiar with content marketing, then you know that a successful strategy involves creating and sharing lots of content across various platforms.

Internal link building is a fundamental part of most campaigns because it helps improve your site’s rank in Google’s SERPs.

To implement a successful strategy, however, you have to know how to put together an effective one. Here are some tips for effective internal link building for SEO success:

1) Create content at least once per week

2) Include links back to other pages on your website or blog whenever possible. It will help boost the relevance of these pages when they show up in search results.

The more times a page appears in search engine results, the more weight Google assigns to its ranking.

In addition, by linking to your content from external sites like LinkedIn or YouTube, you can increase the credibility of those websites as well.

Finally, keep in mind that not all links should be considered equal. That’s why it’s important to strategically include links between different types of content such as blog posts, videos, infographics, and articles.

Doing so will give readers a better understanding of what’s being discussed and encourage them to visit the other pages on your site.

It also provides readers with additional information that may answer their questions before they even ask them.

And while this may seem like something that would work against improving your rankings, it has the opposite effect.

Creating a Map of Your Site

Internal links aren’t just important for link building; they play a crucial role in site structure and usability.

Getting your internal linking strategy down to a science will not only help your search rankings but will also help boost user experience and funnel more traffic to your website.

To start creating a map of your site, look at high-level pages or sections of content that are similar to one another, then make an educated guess about what pages would be useful to users who land on those specific sections.

Next, do some preliminary research on the topic to see if you can find out any popular keywords that people use when searching for information related to these topics.

If so, include them in your navigation bar (or other prominent areas) so users can quickly and easily get to where they want to go.

You can also create new content around these popular keywords and see how often people share it with their friends online. The more social shares you have, the higher your search engine ranking will be because Google likes websites with lots of social signals!

Internal Linking Tool

If you want to automate things, you can use Ahrefs. Ahrefs is a popular link indexing and analysis tool. By using its various filters, you can learn more about your top linking pages and competitors’ best-performing pages.

You can even copy these links and put them to work on your website if you want to try similar content strategies.

If that doesn’t work for some reason, simply reach out to influencers who have shared your competitors’ top-performing content to request they share yours instead.

These days it’s easier than ever to find the contact information of any given person with just a few clicks. A little hard work will yield impressive results!

Conclusion

Internal links make a website more user-friendly and help search engines crawl your site more effectively.

Search engine bots can’t see through URLs, so they won’t know to follow internal links on your site unless you tell them (i.e., via internal links).

Internal link building is therefore one of several strategies you can use to increase your website’s traffic, search engine rankings, and reputation.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

MYCRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

Download my ICT APP App On Google Playstore

Migrate to Truehost Domain and Hosting. Very Cheap. Very Fast and 99.9% Reliable

Monitor Your Keywords and Ranking, Join SEOPOZ Today

Youtube Video Marketing: How to Make Your Videos Go Viral

Leave a reply

Did you know that YouTube has over 1 billion users each month? That’s almost 1 out of every 2 people on the internet, and it’s just one of many social media platforms that you can tap into when creating your video marketing campaign to promote your business or service, particularly if you have a product or service that lends itself to demonstration or explanation via video content.

As these statistics indicate, YouTube video marketing is worth exploring as part of your overall marketing strategy, and this article will explain some of the basics of how to get started.

Use Your Target Keywords

One of the simplest, yet most important parts of Youtube marketing is to use your target keywords when you upload your videos.

YouTube indexes and ranks videos on their search engine with these keywords as a crucial element. If you want your video to go viral or rank highly in Youtube search results, make sure that they are packed with relevant keywords. Using keywords such as tips or tricks will give your video a higher chance of ranking higher than other competitors if viewers also enter those terms in the Youtube search bar.

In addition, try inserting hashtags at the end of your description for even more promotion!

Know What Works Best for Each Type of Content

With a little bit of research, you can figure out what kind of video works best for your industry. Figure out how long videos in your niche tend to be and match that length—too short or too long and people might not watch them.

Read up on what sort of content does well on YouTube—and then give that a shot. You’ll need to create something that isn’t too technical or niche if you want it to have broad appeal. Do some research before diving in.

That way, you can tailor the video accordingly. What do other companies produce? What’s the usual number of minutes per video? Is there any technical jargon that would alienate potential viewers? You’ll need to answer these questions before getting started.

Once you’ve got all this information and have crafted an idea, get started! You may find success with one type of content but struggle with another so don’t be afraid to experiment and try new things!

Ensure your videos are fully optimized

There are a few tips you should consider to ensure your videos are fully optimized. Always keep in mind that optimization is a processAlways keep in mind that optimization is a process, not an event. You will want to tweak each video as it performs.

Here are a few questions you should ask yourself before uploading your next video

-Does the thumbnail image accurately represent the content of the video?

-Is there a clear call to action for viewers?

-Is there any text on the screen other than subtitles?

-Are captions available in multiple languages?

-What’s the length of the video and how many views have been generated by it so far?

-If I were a viewer, would I subscribe to this channel based on this one video alone?

-How can I use annotations and cards effectively within my YouTube Channel?

Choose the right format for your content

There are many formats for videos on YouTube, such as explainer videos, product demos, interviews, tutorials, vlogs, and commercials. While you can mix these styles within a single video, each of them should be marketed to reach different kinds of viewers and increase your number of subscribers.

The first thing you need to decide is whether you want your videos to entertain or inform your audience—this will help determine what kind of video style works best for you.

If you have an interview with an expert in the field, then it might make sense to have a format that looks more like TV news. If it’s a tutorial or how-to video, it might make sense to use stop motion animation.

It’s also important to keep the length of your video manageable—most people wax have short attention spans so if they’re not hooked by 10 seconds, they’ll click away. It’s also helpful to think about who you’re trying to reach and tailor your content accordingly.

It would make sense for a company selling pet products to upload videos of animals playing with their toys while someone making makeup tutorials could show women wearing their cosmetics at home in front of a mirror, as well as tips on how to apply them correctly.

Understand Retention Metrics

There are a few key metrics that you should be paying attention to when it comes to marketing your videos. The first is retention, which tells you how many people watch at least 50% of your video.

A low retention rate might mean that people lose interest in what you’re promoting or your video isn’t very interesting. On the other hand, if people stop watching before the end of your video, then they may not like what they see and it could be for some reasons.

They might have been expecting something different than what was delivered on the video or they simply didn’t find anything that interested them.

If your retention rates are really low, there are a couple of things you can do to improve them: create more engaging content, use a better thumbnail image, promote your videos better on social media platforms like Facebook and Twitter, etc.

Get Influencers To Promote For You

Now that you have created a viral video, it’s time to promote it. Start by building relationships with people in your industry who have large followings.

Many of them are looking for ways to stay relevant and will be eager to share your content if you ask. If they agree, start spreading your message through their audience via social media and email, but do not be afraid to cold call and email random people on YouTube who might be interested too.

If they are not the right person, ask how you can connect with someone else at their company or what steps you need to take next to grow your channel.

Do not just stop there! Networking is one of the most important aspects of any successful business so keep going until you get enough traction.

Utilize your YouTube statistics

Do you spend a lot of time watching YouTube videos? Have you ever thought about utilizing these statistics for marketing purposes? Well, now you can.

There are tons of YouTube influencers who have millions of subscribers and views. If one is willing to promote your product or service, it may prove beneficial in increasing sales.

You can offer them incentives or pay them a certain amount if they can increase traffic on your website, which will directly affect your sales.

Share your new video on Social Media

Post your video on Facebook, Twitter, Reddit, and other social media platforms your target audience uses regularly. By sharing links with friends, family, and colleagues (and adding hashtags like #videomarketing) you have an opportunity to get noticed by people outside of your network.

This is what can lead to viral success!

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Download my ICT APP App On Google Playstore

Migrate to Truehost Domain and Hosting. Very Cheap. Very Fast and 99.9% Reliable

Monitor Your Keywords and Ranking, Join SEOPOZ Today

Email Marketing Techniques to Grow Your Business

Leave a reply

Email marketing can make your business look huge even if it’s tiny, but only if you do it correctly. It’s easy to use the process to bring in new customers and increase the sales from the people who are already buying from you, but it requires effort to be effective.

Read on to learn how to create an email marketing strategy that will grow your business using techniques that you can use again and again as you start to expand your online presence.

Types of Email Marketing

The list of marketing tactics you can use is limited only by your imagination. But if you are new to email marketing, we recommend you begin with a few tried-and-true techniques: offers and coupons (sales), newsletter subscriptions, invitations for webinars and events, contact lists for direct sales, deals, and prizes.

Many other email marketing strategies could work well for your business. Experiment with what suits you best!

How to Write a Subject Line

With over seven billion emails sent every day, no one can afford to ignore email marketing. If you want your brand’s message in front of consumers at all times, email is your best bet.

But with so many emails competing for people’s attention, it’s important to make yours stand out. To do that, you have to use words that appeal directly to recipients and inspire them to open and read your message.

Here are a few tips on how to write an effective subject line
– Avoid spammy words like FREE or LIMITED TIME OFFER. The goal here is to get the reader interested enough to open the email, not trick them into opening a fake virus attachment.

– Create curiosity by using action verbs or adjectives like Exclusive or Amazing.

– Keep it short and sweet – any sentence longer than 25 words will be too wordy for most readers.

Lead Magnets

In simple terms, a lead magnet is an incentive. It’s something you offer in exchange for an email address and permission to send marketing messages via email—in other words, permission to advertise (spam) your business.

Lead magnets can be anything: free reports, e-books, white papers or videos, infographics… whatever you have that people will find useful and want in exchange for their contact info.

Promote your lead magnet on social media and wherever else you might market yourself or your business.

Introduction To Newsletters

While some people have grown up on instant messaging and social media, email marketing is still one of the most powerful tools you can use as a small business owner. In fact, by incorporating newsletters into your marketing plan, you’ll be able to create leads, convert customers, and connect with new customers without spending too much time or money.

If you know how to use newsletters for business, it can do wonders for your company. For example, businesses that send regular updates see an average return of $40 for every dollar spent on their newsletter campaigns.

As your customer base grows, so will the ROI from your newsletter campaign—so it pays to get started now!

When Should I Send Emails?

Email marketing is extremely popular with businesses because email is inexpensive and offers several ways for you to build customer relationships. But it can be challenging to decide when you should send emails.

You don’t want to bombard your customers with too many emails, but you also don’t want them wondering why they haven’t heard from you in ages.

So when should you send an email? Here are some guidelines.

#1 Send an email no more than once a week if the recipient is not on your list of regular contacts.

#2 If you regularly correspond with the recipient, feel free to contact them more often—though never more than once per day or every other day—as long as it feels natural to do so.

#3 For new leads or prospects, consider sending them one introductory email at the beginning of your relationship and then again three months later.

#4 Once you have sent these two introductory emails, make sure to space out any future messages so that you don’t end up spamming your prospect with unwanted content.

How Long Should My Emails Be?

The optimal length for your emails should be between 120 and 250 words, depending on how complex your subject matter is. Shorter email lengths tend to get more click-throughs and conversions than longer ones.

Your content mustn’t feel too long—so if you find yourself writing copy that goes over 1,000 words, it might be a good idea to rewrite it into multiple shorter pieces instead of one big one.

How Many Emails Should I Send Out?

Email marketing is, without a doubt, one of THE most effective forms of marketing there is, but that doesn’t mean you should send out dozens or hundreds of emails daily.

Your email subscribers are busy people with full inboxes—they don’t need your constant clogging up their inboxes! For example, a good rule of thumb is to never send more than one email per week.

Another good idea: Include an unsubscribe link at the bottom of every email you send out.

Conclusion

Email marketing is one of your strongest marketing assets. When executed properly, email can turn strangers into customers and mere customers into lifelong advocates.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Download my ICT APP App On Google Playstore

Migrate to Truehost Domain and Hosting. Very Cheap. Very Fast and 99.9% Reliable

Monitor Your Keywords and Ranking, Join SEOPOZ Today

Common Http And Https Exploits For Networks

Leave a reply

Internet browsers are used by almost everyone. Blocking web browsing completely is not an option because businesses need access to the web, without undermining web security. In this article, I want to look at common HTTP and https exploits for networks.
To investigate web-based attacks, security analysts must have a good understanding of how a standard web-based attack works. These are the common stages of a typical web attack:

The victim unknowingly visits a web page that has been compromised by malware.
The compromised web page redirects the user, often through many compromised servers, to a site containing malicious code.
The user visits this site with malicious code and their computer becomes infected. This is known as a drive-by download. When the user visits the site, an exploit kit scans the software running on the victim’s computer including the OS, Java, or Flash player looking for an exploit in the software. The exploit kit is often a PHP script and provides the attacker with a management console to manage the attack.
After identifying a vulnerable software package running on the victim’s computer, the exploit kit contacts the exploit kit server to download code that can use the vulnerability to run malicious code on the victim’s computer.
After the victim’s computer has been compromised, it connects to the malware server and downloads a payload. This could be malware or a file download service that downloads other malware.
The final malware package is run on the victim’s computer.

Independent of the type of attack being used, the main goal of the threat actor is to ensure the victim’s web browser ends up on the threat actor’s web page, which then serves out the malicious exploit to the victim.

Some malicious sites take advantage of vulnerable plugins or browser vulnerabilities to compromise the client’s system. Larger networks rely on IDSs to scan downloaded files for malware. If detected, the IDS issues an alert and records the event to log files for later analysis.

Server connection logs can often reveal information about the type of scan or attack. The different types of connection status codes are listed here:

Informational 1xx – This is a provisional response, consisting only of the Status-Line and optional headers. It is terminated by an empty line. There are no required headers for this class of status codes. Servers MUST NOT send a 1xx response to an HTTP/1.0 client except under experimental conditions.
Successful 2xx – The client’s request was successfully received, understood, and accepted.
Redirection 3xx – Further action must be taken by the user agent to fulfil the request. A client SHOULD detect infinite redirection loops because these loops generate network traffic for each redirection.
Client Error 4xx – For cases in which the client seems to have erred. Except when responding to a HEAD request, the server SHOULD include an entity containing an explanation of the situation, and if it is temporary. User agents SHOULD display any included entity to the user.
Server Error 5xx – For cases where the server is aware that it has erred, or it cannot perform the request. Except when responding to a HEAD request, the server SHOULD include an entity containing an explanation of the error situation, and if it is temporary. User agents SHOULD display any included entity to the user.

To defend against web-based attacks, the following countermeasures should be used:

Always update the OS and browsers with current patches and updates.
Use a web proxy like Cisco Cloud Web Security or Cisco Web Security Appliance to block malicious sites.
Use the best security practices from the Open Web Application Security Project (OWASP) when developing web applications.
Educate end-users by showing them how to avoid web-based attacks.

The OWASP Top 10 Web Application Security Risks is designed to help organizations create secure web applications. It is a useful list of potential vulnerabilities that are commonly exploited by threat actors.

Common HTTP Exploits

Malicious iFrames
Threat actors often make use of malicious inline frames (iFrames). An iFrame is an HTML element that allows the browser to load another web page from another source. iFrame attacks have become very common, as they are often used to insert advertisements from other sources into the page. Threat actors compromise a webserver and modify web pages by adding HTML for the malicious iFrame. The HTML links to the threat actor’s webserver. In some instances, the iFrame page that is loaded consists of only a few pixels. This makes it very hard for the user to see. Because the iFrame is run on the page, it can be used to deliver a malicious exploit, such as spam advertising, an exploit kit, and other malware.
These are some of the ways to prevent or reduce malicious iFrames:

Use a web proxy to block malicious sites.
Because attackers often change the source HTML of the iFrame in a compromised website, make sure web developers do not use iFrames. This will isolate any content from third-party websites and make modified pages easier to find.
Use a service such as Cisco Umbrella to prevent users from navigating to websites that are known to be malicious.
Make sure the end-user understands what an iFrame is. Threat actors often use this method in web-based attacks.

HTTP 302 Cushioning
Another type of HTTP attack is the HTTP 302 cushioning attack. Threat actors use the 302 Found HTTP response status code to direct the user’s web browser to a new location. Threat actors often use legitimate HTTP functions such as HTTP redirects to carry out their attacks. HTTP allows servers to redirect a client’s HTTP request to a different server.

HTTP redirection is used, for example, when web content has moved to a different URL or domain name. This allows old URLs and bookmarks to continue to function. Therefore, security analysts should understand how a function such as HTTP redirection works and how it can be used during attacks.

When the response from the server is a 302 Found status, it also provides the URL in the location field. The browser believes that the new location is the URL provided in the header. The browser is invited to request this new URL. This redirect function can be used multiple times until the browser finally lands on the page that contains the exploit. The redirects may be difficult to detect due to the fact that legitimate redirects frequently occur on the network.

These are some ways to prevent or reduce HTTP 302 cushioning attacks:

Use a web proxy to block malicious sites.
Use a service such as Cisco Umbrella to prevent users from navigating to websites that are known to be malicious.
Make sure the end user understands how the browser is redirected through a series of HTTP 302 redirections.

Domain Shadowing
When a threat actor wishes to create a domain shadowing attack, the threat actor must first compromise a domain. Then, the threat actor must create multiple subdomains of that domain to be used for the attacks.

Hijacked domain registration logins are then used to create the many subdomains needed. After these subdomains have been created, attackers can use them as they wish, even if they are found to be malicious domains. They can simply make more from the parent domain. The following sequence is typically used by threat actors:

A website becomes compromised.
HTTP 302 cushioning is used to send the browser to malicious websites.
Domain shadowing is used to direct the browser to a compromised server.
An exploit kit landing page is accessed.
Malware downloads from the exploit kit landing page.

These are some ways to prevent or reduce domain shadowing attacks:

Secure all domain owner accounts. Use strong passwords and use two-factor authentication to secure these powerful accounts.
Use a web proxy to block malicious sites.
Use a service such as Cisco Umbrella to prevent users from navigating to web sites that are known to be malicious.
Make sure that domain owners validate their registration accounts and look for any subdomains that they have not authorized.

Email

Over the past 25 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate communications. Each day, more than 100 billion corporate email messages are exchanged. As the level of use rises, security becomes a greater priority. The way that users access email today also increases the opportunity for the threat of malware to be introduced.

It used to be that corporate users accessed text-based email from a corporate server. The corporate server was on a workstation that was protected by the company’s firewall. Today, HTML messages are accessed from many different devices that are often not protected by the company’s firewall. HTML allows more attacks because of the amount of access that can sometimes bypass different security layers.

The following are examples of email threats:

Attachment-based attacks – Threat actors embed malicious content in business files such as an email from the IT department. Legitimate users open malicious content. Malware is used in broad attacks often targeting a specific business vertical to seem legitimate, enticing users working in that vertical to open attachments or click embedded links.
Email spoofing – Threat actors create email messages with a forged sender address that is meant to fool the recipient into providing money or sensitive information. For example, a bank sends you an email asking you to update your credentials. When this email displays the identical bank logo as mail you have previously opened that was legitimate, it has a higher chance of being opened, having attachments opened and links clicked. The spoofed email may even ask you to verify your credentials so that the bank is assured that you are you, exposing your login information.
Spam email – Threat actors send an unsolicited email containing advertisements or malicious files. This type of email is sent most often to solicit a response, telling the threat actor that the email is valid and a user has opened the spam.
Open mail relay server – Threat actors take advantage of enterprise servers that are misconfigured as open mail relays to send large volumes of spam or malware to unsuspecting users. The open mail relay is an SMTP server that allows anybody on the internet to send mail. Because anyone can use the server, they are vulnerable to spammers and worms. Very large volumes of spam can be sent by using an open mail relay. It is important that corporate email servers are never set up as an open relay. This will considerably reduce the number of unsolicited emails.
Homoglyphs – Threat actors can use text characters that are very similar or even identical to legitimate text characters. For example, it can be difficult to distinguish between an O (upper case letter O) and a 0 (number zero) or a l (lower case “L”) and a 1 (number one). These can be used in phishing emails to make them look very convincing. In DNS, these characters are very different from the real thing. When the DNS record is searched, a completely different URL is found when the link with the homoglyph is used in the search.

Just like any other service that is listening to a port for incoming connections, SMTP servers also may have vulnerabilities. Always keep SMTP software up to date with security and software patches and updates.

To further prevent threat actors from completing their task of fooling the end-user, implement countermeasures. Use a security appliance specific to email such as the Cisco Email Security Appliance.

This will help to detect and block many known types of threats such as phishing, spam, and malware. Also, educate the end-user. When attacks make it by the security measures in place, and they will sometimes, the end-user is the last line of defence. Teach them how to recognize spam, phishing attempts, suspicious links and URLs, homoglyphs, and never open suspicious attachments.

Web-Exposed Databases

Web applications commonly connect to a relational database to access data. Because relational databases often contain sensitive data, databases are a frequent target for attacks.
Code Injection
Attackers are able to execute commands on a web server’s OS through a web application that is vulnerable. This might occur if the web application provides input fields to the attacker for entering malicious data. The attacker’s commands are executed through the web application and have the same permissions as the web application. This type of attack is used because often there is insufficient validation of input. An example is when a threat actor injects PHP code into an insecure input field on the server page.SQL Injection
SQL is the language used to query a relational database. Threat actors use SQL injections to breach the relational database, create malicious SQL queries, and obtain sensitive data from the relational database.
One of the most common database attacks is the SQL injection attack. The SQL injection attack consists of inserting a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data, execute administration operations on the database, and sometimes, issue commands to the operating system.

Unless an application uses strict input data validation, it will be vulnerable to the SQL injection attack. If an application accepts and processes user-supplied data without any input data validation, a threat actor could submit a maliciously crafted input string to trigger the SQL injection attack.

Security analysts should be able to recognize suspicious SQL queries in order to detect if the relational database has been subjected to SQL injection attacks. They need to be able to determine which user ID was used by the threat actor to log in, then identify any information or further access the threat actor could have leveraged after a successful login.

Client-side Scripting

Cross-Site Scripting
Not all attacks are initiated from the server-side. Cross-Site Scripting (XSS) is where web pages that are executed on the client-side, within their own web browser, are injected with malicious scripts.

These scripts can be used by Visual Basic, JavaScript, and others to access a computer, collect sensitive information, or deploy more attacks and spread malware. As with SQL injection, this is often due to the attacker posting content to a trusted website with a lack of input validation. Future visitors to the trusted website will be exposed to the content provided by the attacker.
These are the two main types of XSS:

Stored (persistent) – This is permanently stored on the infected server and is received by all visitors to the infected page.
Reflected (non-persistent) – This only requires that the malicious script is located in a link and visitors must click the infected link to become infected.

These are some ways to prevent or reduce XSS attacks:

Be sure that web application developers are aware of XSS vulnerabilities and how to avoid them.
Use an IPS implementation to detect and prevent malicious scripts.
Use a web proxy to block malicious sites.
Use a service such as Cisco Umbrella to prevent users from navigating to websites that are known to be malicious.
As with all other security measures, be sure to educate end-users. Teach them to identify phishing attacks and notify infosec personnel when they are suspicious of anything security-related.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be delighted to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Understanding Threats And Vulnerabilities For Networks

Leave a reply

In this article, I want to look at some of the facts that you need to know about threats and vulnerabilities for networks. Cybersecurity analysts must prepare for any type of attack. It is their job to secure the assets of the organization’s network. To do this, cybersecurity analysts must first identify:

Assets – Anything of value to an organization that must be protected including servers, infrastructure devices, end devices, and the greatest asset, data.
Vulnerabilities – A weakness in a system or its design that could be exploited by a threat actor.
Threats – Any potential danger to an asset.

Identify Assets

As an organization grows, so do its assets. Consider the number of assets a large organization would have to protect. It may also acquire other assets through mergers with other companies. The result is that many organizations only have a general idea of the assets that need to be protected.

The collection of all the devices and information owned or managed by the organization are assets. The assets constitute the attack surface that threat actors could target. These assets must be inventoried and assessed for the level of protection needed to thwart potential attacks.

Asset management consists of inventorying all assets, and then developing and implementing policies and procedures to protect them. This task can be daunting considering many organizations must protect internal users and resources, mobile workers, and cloud-based and virtual services.

Further, organizations need to identify where critical information assets are stored, and how access is gained to that information. Information assets vary, as do the threats against them. For example, a retail business may store customer credit card information.

An engineering firm will store competition-sensitive designs and software. A bank will store customer data, account information, and other sensitive financial information. Each of these assets can attract different threat actors who have different skill levels and motivations.

Identify Vulnerabilities

Threat identification provides an organization with a list of likely threats for a particular environment. When identifying threats, it is important to ask several questions:

What are the possible vulnerabilities of a system?
Who may want to exploit those vulnerabilities to access specific information assets?
What are the consequences if system vulnerabilities are exploited and assets are lost?

The threat identification for an e-banking system would include:

Internal system compromise – The attacker uses the exposed e-banking servers to break into an internal bank system.
Stolen customer data – An attacker steals the personal and financial data of bank customers from the customer database.
Phony transactions from an external server – An attacker alters the code of the e-banking application and makes transactions by impersonating a legitimate user.
Phony transactions using a stolen customer PIN or smart card – An attacker steals the identity of a customer and completes malicious transactions from the compromised account.
Insider attack on the system – A bank employee finds a flaw in the system from which to mount an attack.
Data input errors – A user inputs incorrect data or makes incorrect transaction requests.
Data centre destruction – A cataclysmic event severely damages or destroys the data centre.

Identifying vulnerabilities on a network requires an understanding of the important applications that are used, as well as the different vulnerabilities of that application and hardware. This can require a significant amount of research on the part of the network administrator.

Identify Threats

Organizations must use a defence-in-depth approach to identify threats and secure vulnerable assets. This approach uses multiple layers of security at the network edge, within the network, and on network endpoints.

Edge router – The first line of defence is known as an edge router (R1 in the figure). The edge router has a set of rules specifying which traffic it allows or denies. It passes all connections that are intended for the internal LAN to the firewall.
Firewall – The second line of defence is the firewall. The firewall is a checkpoint device that performs additional filtering and tracks the state of the connections. It denies the initiation of connections from the outside (untrusted) networks to the inside (trusted) network while enabling internal users to establish two-way connections to the untrusted networks. It can also perform user authentication (authentication proxy) to grant external remote users access to internal network resources.
Internal router – Another line of defence is the internal router (R2 in the figure). It can apply final filtering rules on the traffic before it is forwarded to it’s destination.

Routers and firewalls are not the only devices that are used in a defence-in-depth approach. Other security devices include Intrusion Prevention Systems (IPS), Advanced Malware Protection (AMP), web and email content security systems, identity services, network access controls and more.
In the layered defence-in-depth security approach, the different layers work together to create a security architecture in which the failure of one safeguard does not affect the effectiveness of the other safeguards.

The Security Onion and The Security Artichoke

There are two common analogies that are used to describe a defence-in-depth approach.

#1 Security Onion

A common analogy used to describe a defence-in-depth approach is called “the security onion.” a threat actor would have to peel away at a network’s defences layer by layer in a manner similar to peeling an onion. Only after penetrating each layer would the threat actor reach the target data or system.
Note: The security onion described on this page is a way of visualizing defence-in-depth. This is not to be confused with the Security Onion suite of network security tools.

#2 Security Artichoke

The changing landscape of networking, such as the evolution of borderless networks, has changed this analogy to the “security artichoke”, which benefits the threat actor.
As illustrated in the figure, threat actors no longer have to peel away each layer. They only need to remove certain “artichoke leaves.” The bonus is that each “leaf” of the network may reveal sensitive data that is not well secured.
For example, it’s easier for a threat actor to compromise a mobile device than it is to compromise an internal computer or server that is protected by layers of defence. Each mobile device is a leaf. And leaf after leaf, it all leads the hacker to more data. The heart of the artichoke is where the most confidential data is found. Each leaf provides a layer of protection while simultaneously providing a path to attack.
Not every leaf needs to be removed in order to get at the heart of the artichoke. The hacker chips away at the security armour along the perimeter to get to the “heart” of the enterprise.
While internet-facing systems are usually very well protected and boundary protections are typically solid, persistent hackers, aided by a mix of skill and luck, do eventually find a gap in that hard-core exterior through which they can enter and go where they please.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

Fact Check Policy

Understanding Security Policy Regulations And Standards

Leave a reply

Business policies are the guidelines that are developed by an organization to govern its actions. The policies define standards of correct behaviour for the business and its employees. In networking, policies define the activities that are allowed on the network.

This sets a baseline of acceptable use. If the behaviour that violates the business policy is detected on the network, it is possible that a security breach has occurred. understanding Security Policy Regulations And Standards. In this article, I want to talk about security policy regulations and standards in cyber security.

An organization may have several guiding policies, as listed in the table.

Policy	Description
Company policies	These policies establish the rules of conduct and the responsibilities of both employees and employers. Policies protect the rights of workers as well as the business interests of employers. Depending on the needs of the organization, various policies and procedures establish rules regarding employee conduct, attendance, dress code, privacy and other areas related to the terms and conditions of employment.
Employee policies	These policies are created and maintained by human resources staff to identify employee salary, pay schedule, employee benefits, work schedule, vacations, and more. They are often provided to new employees to review and sign.
Security policies	These policies identify a set of security objectives for a company, define the rules of behavior for users and administrators, and specify system requirements. These objectives, rules, and requirements collectively ensure the security of a network and the computer systems in an organization. Much like a continuity plan, a security policy is a constantly evolving document based on changes in the threat landscape, vulnerabilities, and business and employee requirements.

Security Policy

A comprehensive security policy has a number of benefits, including the following:

Demonstrates an organization’s commitment to security
Sets the rules for expected behavior
Ensures consistency in system operations, software and hardware acquisition and use, and maintenance
Defines the legal consequences of violations
Gives security staff the backing of management

Security policies are used to inform users, staff, and managers of an organization’s requirements for protecting technology and information assets. A security policy also specifies the mechanisms that are needed to meet security requirements and provides a baseline from which to acquire, configure, and audit computer systems and networks for compliance.

The table lists policies that may be included in a security policy.

Policy	Description
Identification and authentication policy	Specifies authorized persons that can have access to network resources and identity verification procedures.
Password policies	Ensures passwords meet minimum requirements and are changed regularly.
Acceptable Use Policy (AUP)	Identifies network applications and uses that are acceptable to the organization. It may also identify ramifications if this policy is violated.
Remote access policy	Identifies how remote users can access a network and what is accessible via remote connectivity.
Network maintenance policy	Specifies network device operating systems and end user application update procedures.
Incident handling procedures	Describes how security incidents are handled.

One of the most common security policy components is an AUP. This can also be referred to as an appropriate use policy. This component defines what users are allowed and not allowed to do on the various system components. This includes the type of traffic that is allowed on the network. The AUP should be as explicit as possible to avoid misunderstanding.

For example, an AUP might list specific websites, newsgroups, or bandwidth-intensive applications that are prohibited from being accessed by company computers or from the company network. Every employee should be required to sign an AUP, and the signed AUPs should be retained for the duration of employment.

BYOD Policies

Many organizations must now also support Bring Your Own Device (BYOD). This enables employees to use their own mobile devices to access company systems, software, networks, or information. BYOD provides several key benefits to enterprises, including increased productivity, reduced IT and operating costs, better mobility for employees, and greater appeal when it comes to hiring and retaining employees.

However, these benefits also bring an increased information security risk because BYOD can lead to data breaches and greater liability for the organization.
A BYOD security policy should be developed to accomplish the following:

Specify the goals of the BYOD program.
Identify which employees can bring their own devices.
Identify which devices will be supported.
Identify the level of access employees are granted when using personal devices.
Describe the rights to access and activities permitted to security personnel on the device.
Identify which regulations must be adhered to when using employee devices.
Identify safeguards to put in place if a device is compromised.

The table lists BYOD security best practices to help mitigate BYOD vulnerabilities.

Best Practice	Description
Password-protected access	Use unique passwords for each device and account.
Manually control wireless connectivity	Turn off Wi-Fi and Bluetooth connectivity when not in use. Connect only to trusted networks.
Keep updated	Always keep the device OS and other software updated. Updated software often contains security patches to mitigate against the latest threats or exploits.
Back up data	Enable backup of the device in case it is lost or stolen.
Enable “Find my Device”	Subscribe to a device locator service with a remote wipe feature.
Provide antivirus software	Provide antivirus software for approved BYOD devices.
Use Mobile Device Management (MDM) software	MDM software enables IT, teams, to implement security settings and software configurations on all devices that connect to company networks.

Regulatory and Standards Compliance

There are also external regulations regarding network security. Network security professionals must be familiar with the laws and codes of ethics that are binding on Information Systems Security (INFOSEC) professionals.

Many organizations are mandated to develop and implement security policies. Compliance regulations define what organizations are responsible for providing and the liability if they fail to comply. The compliance regulations that an organization is obligated to follow depend on the type of organization and the data that the organization handles. Specific compliance regulations will be discussed later in the course.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.