Tuesday, April 30, 2019

Security Vulnerability Test - Password Cracking

Describe the test and purpose of the test
It is the process to gain unauthorized access to restricted systems by using common passwords. In other words, this is to obtain the correct password which gives access to the system that is protected by an authentication method.

Discuss how it works
This is done by either guessing the password repeated usually through computer algorithm where the computer tries numerous combinations until the password is successfully discovered.

Provide example of the test

Discuss the solution if there is vulnerability after a test

  • Make a strong password that cannot be detect or guess by anyone 
  • Apply an auto-lock to the account if any of the attempt to unlock the system is incorrect
  • Make sure that every account has different password
  • Change your password frequently


Produce an audit document showing the range of tests on IT systems and networks (eg LANs/WANs and wireless networks)


References:

Techopedia.com. (2019). What is Password Cracking? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/4044/password-cracking [Accessed 25 Apr. 2019].


Guru99.com. (2019). How to Crack a Password. [online] Available at: https://www.guru99.com/how-to-crack-password-of-an-application.html [Accessed 30 Apr. 2019].


Infosec Resources. (2013). Password Auditing Explained. [online] Available at: https://resources.infosecinstitute.com/password-auditing/#gref [Accessed 30 Apr. 2019].


Friday, April 12, 2019

Method of Threat

Social Engineering:

Describe the method of threat  
It is a practice of using non-technical means, usually by communication through phones, which is to attack a target.

How it works?

  • By phone
They can pose as employees of the company or organization. They can ask questions to gain the trust of the person, this might include getting the confidential information
  • Phishing (most common technique on the internet)
Hacker can get data or information from the website where the user put their information 
  • Using attachments to email 
In this, malware is used to attack users address book and send emails with the file's attached to all of the user's contact

Provide example how it affect a system
When a hacker calls a company to pretends they are from the internal IT department and they will start asking the employee for sensitive information that can help them to gain access to the network.

Describe how to prevent such threat

  • Delete any request to personal information or passwords
Delete any request through email that asking for your personal information because no one should be contacting your personal information through email, this is a scam. 
  • Reject any requests for help or offers of help
This social engineers may request your help with your information or they might also offering to help you (as a technician). 
  • Set your spam filters to high
Email has a spam filter, so check your settings and set them to high in order to avoid risky messages coming into your inbox and dont forget to check them always because it is possible that any messages could be trapped from time to time.
  • Secure your devices
Install an antivirus software, firewalls and email filters and also set your automatic updates on and only access the secured websites 




References:

Wordfence. (2019). Understanding Social Engineering Techniques. [online] Available at: https://www.wordfence.com/learn/understanding-social-engineering-attacks/ [Accessed 12 Apr. 2019].


Maureen Data Systems. (2018). 5 Ways to Prevent Social Engineering Attacks. [online] Available at: https://www.mdsny.com/5-ways-to-prevent-social-engineering-attacks/ [Accessed 12 Apr. 2019].


Panda Security Mediacenter. (2014). How does social engineering work? - Panda Security Mediacenter. [online] Available at: https://www.pandasecurity.com/mediacenter/security/social-engineering/ [Accessed 17 Apr. 2019].

Project Management

Research Activity

1. Explain the project management
It is about the knowing of the goals, how to achieve them, and what are the resources that we need. The goals is to ensure that everyone are involved in a project and are aware of the purpose of the project.

2. Identify the key stages of project management
Initiation - implementing ideas and identifying the needs of the project, and it is where the research begin
Planning - setting up goals, outline the objectives of the project. 
Execution - the deliverable of the project is then develop and completed
Monitoring and evaluation - making sure that the project is meeting up with the project management plan
Closure - includes the important tasks to be check

3. Identify the advantages and the importance of implementing project management
Advantages:

  1. Improve the chances to achieve the desired result
  2. Set the schedule and budget accurately from the start
  3. Improve productivity and quality of work
Importance: 
  • Defines a plan and organizes chaos
Project can be a chaos and by organizing and planning the project will then can solve this chaos. Planning from the beginning to the end of the project can make sure the outcome will meet the goals of the project. 
  • Establishes a schedule and plan
A schedule is one of the key to a successful project, because without a schedule the project will not be done on time. 
  • Enforces and encourages teamwork
A project can bring people together in order to share ideas and also to provide inspiration. Collaboration can be the effective key in planning and management a project. 



References:

Paymo. (2019). What Is Project Management? Definition and Importance · Paymo Academy. [online] Available at: https://www.paymoapp.com/academy/what-is-project-management/ [Accessed 10 Apr. 2019].


Piston And Fusion. (2017). 5 KEY PHASES OF PROJECT MANAGEMENT. [online] Available at: http://www.pistonandfusion.org/blog/5-key-phases-of-project-management/ [Accessed 10 Apr. 2019].


nibusinessinfo.co.uk. (2012). Advantages of project management. [online] Available at: https://www.nibusinessinfo.co.uk/content/advantages-project-management [Accessed 12 Apr. 2019].


2020 Project Management. (2019). 10 Reasons why Project Management matters. [online] Available at: https://2020projectmanagement.com/resources/general-interest-and-miscellaneous/10-reasons-why-project-management-matters [Accessed 12 Apr. 2019].

CRP - Key Considerations for Research

Determine the key considerations are for planning and undertaking research Issues that can be encountered in research  poor time mana...