Stack Operations and Function Invocation

Stack Operations and Function Invocation – The stack is a fundamental data structure in programming languages and operating systems. For example, local variables in C are stored on the functions’ stack space. When the operating system transitions from ring 3 to ring 0, it saves state information on the stack. Conceptually, a stack is a last-in first-out data structure supporting two operations: push and pop. Push means to put something on top of the stack; pop means to remove an item from the top. Concretely speaking, on x86, a stack…

Read More

What Is Security Engineering?

What is Security Engineering?

What Is Security Engineering? – Security engineering is about building systems to remain dependable in the face of malice, error, or mischance. As a discipline, it focuses on the tools, processes, and methods needed to design, implement, and test complete systems, and to adapt existing systems as their environment evolves. Security engineering requires cross-disciplinary expertise, ranging from cryptography and computer security through hardware tamper resistance and formal methods to a knowledge of applied psychology, organizational and audit methods and the law. System engineering skills, from business process analysis through software…

Read More

Importance of Security

Importance Of Security

Importance of Security – Today, almost every company is becoming completely networked, exchanging information almost instantly. Even the most routine tasks rely on computers for storing and accessing information. A company’s intellectual assets not only differentiate it from its competition, but can also mean the difference between profit and loss. Consequently, it is of the utmost importance to secure these assets from outside threats. The scope of information security is vast, and the objective of this course is to give participants a comprehensive body of knowledge to help them secure…

Read More

What is PKI?

What is PKI?

What is PKI? – A PKI is a Public-Key Infrastructure. It is an infrastructure that allows you to recognize which public key belongs to whom. The classical description is as follows. There is a central authority that is called the Certificate Authority, or CA for short. The CA has a public/private key pair (e.g., an RSA key pair) and publishes the public key. We will assume that everybody knows the CA’s public key. As this key remains the same over long periods of time, this is easy to accomplish. The…

Read More

What is Windows Powershell?

What is Windows Powershell?

What is Windows Powershell?- The Linux operating system has long offered more power and flexibility to its administrators through shell scripting. However, Microsoft Windows lacked this flexibility, because of the limited capabilities of the command prompt. To overcome this limitation, Microsoft introduced PowerShell to efficiently automate tasks and manage configurations. It is built on top of the .NET Framework and provides complete access to COM and WMI. What is its application in hacking? If you are able to compromise a target system running Windows operating system, then using PowerShell, you…

Read More

What is Computer Worm?

What is Computer Worms

What is Computer Worm?- Computer worm are malicious program that replicate, execute, and spread across the network connections independently without human interaction. Most of the worms are created only to replicate and spread across a network, consuming available computing resources; however, some worms carry a payload to damage the host system. Attackers use worm payload to install backdoors in infected computers, which turns them into zombies and creates botnet; these botnets can be used to carry further cyber attacks. How Computer Worm Work? Worms can be transmitted via software vulnerabilities.…

Read More

What is Information Warfare?

What is Information Warfare?

What is Information Warfare? -Information Warfare is a concept of warfare, to get involved in the warfare of informations to gain the most of information. The term, “Information Warfares” or “Info War” describes the use of information and communication technology (ICT). The major reason of focus of this information war is to get a competitive advantage over the opponent or enemy. The following is the classification of Information Warfare into two classes:- 1, Defensive Information Warfare Defensive Information Warfares term is used to refer to all defensive actions that are…

Read More

What is Incident Management?

What is Incident Management?

What is Incident Management?- Incident Management is the procedure and method of handling an incident that occurs. This incident may be any specific violation of any condition policies, or else. Similarly, in information security, incident responses are the remediation actions or steps taken as the response of an incident depending upon indentification of an event, threat or attack to the removal or elimination ( when system become stable , secure and functional again). Incident Response Management defines the roles and responsibilities of penetration testers, users or employees of an organization.…

Read More

What is Cloud Security?

What is Cloud Security?

What is Cloud Security? – Cloud Security refers to the security implementations, deployments, and preventions to defend against security threats. Cloud Security includes Control policies, deployment of security devices such as application firewalls, Next generation IPS devices and hardening the infrastructure of Cloud Computing. It also includes some activites that are to be taken from the service providers end as well as actions that should be taken at the user end. Cloud Security Control Layers Application Layer There are several security mechanisms, devices, and policies that provide support at different…

Read More

What is Malware Analysis?

What is Malware?

What is Malware Analysis? – Malware Analysis is the process of identification of a malware till its verification that malware is completely removed, including observing the behavior that malware, is scoping the potential threat to a system and findings other measures. Before explaining the malware analysis, the need for malware analysis and goal to be achived by this analytics must be defined. Security analyst and security professional at some point in their career have performed malware analyst. The major goal of malware analysis is to gain detailed information and observe…

Read More