Security&Governance

AAL (Authenticator Assurance Level ) decision tree

AAL (Authenticator Assurance Level ) decision tree

Identity proofing establishes that a subject is who they claim to be. Digital authentication establishes that a subject attempting to access a digital service is in control of one or more valid authenticators associated with that subject’s digital identity. For services in which return visits are applicable, successfully authenticating provides reasonable risk-based assurances that the …

AAL (Authenticator Assurance Level ) decision tree Read More »

Agile Project Management Tool: Jira, Trello Studying Notes

Agile Project Management Tool: Jira, Trello Studying Notes

Trello (Acquired by Atlassian) is a simple, customizable kanban type board for teams that want to work agile, but aren’t observing the whole liturgy of agile development. Trello is largely designed for more general usages. Trello is a lightweight project management tool, designed as a Kanban board tool, you can visualize your task flow of anything …

Agile Project Management Tool: Jira, Trello Studying Notes Read More »

How to Set PHP Connects to Mongodb

How to Set PHP Connects to Mongodb

1. First download a php extension driver for mongodb that matches the current php version number The download link is as follows: http://pecl.php.net/package/mongodb 2. Find the path of the current PHP link database: D: \ phpstudy \ PHPTutorial \ php \ php-5.6.27-nts \ ext, extract the compressed package you just downloaded, and put the php_mongodb.dll driver …

How to Set PHP Connects to Mongodb Read More »

Windows 2008 2012 2016 Security Baseline Setup Script

Windows 2008 2012 2016 Security Baseline Setup Script

A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers. Microsoft enables various controls to Windows users by providing multiple configuration capabilities since the organization needs to implement control over their security configurations. Here …

Windows 2008 2012 2016 Security Baseline Setup Script Read More »

Security Awareness Deployment Plan

Overview : The purpose of this document is to outline a proposed approach to deploying the security awareness and training program at the ITPROSEC.  This document will outline the proposed approach, timing and materials the ITPROSEC’s Information Security team would like to deploy over the course of the upcoming fiscal year (FY2017/2018).  The intended audience …

Security Awareness Deployment Plan Read More »

Some Useful Information Security Websites/Blogs to Visit

1. Brian Krebs 2. Wombat Security 3.  Errata Security 4. Kaspersky Labs 5. Security Bloggers Network 6. Sophos 7. Paul’s Security Weekly 8. Akamai 9. The Security Ledger 10. Graham Cluley 11. Akamai 12. McAfee AntiVirus securing tomorrow 13. Naked Security 14. Shodan  15. NoMoreRansom 16. National Cyber Security Centre 17. Reddit:  r/infosec  r/sysadmin  r/crypto  r/cybersecurity  r/opsec  r/privacy r/intelligence  r/asknetsec 18. Google’s Digital Attack Map 19. OSINT …

Some Useful Information Security Websites/Blogs to Visit Read More »

Apache webpage and security optimization-webpage caching (connotation experiment)

Foreword: Apache’s mod_expries module automatically generates Express tags and Cache-Control tags in the header information of the page. The client browser determines according to the tag that the next visit is to fetch the page in the cache of the local machine, and does not need to make a request to the server again, thereby …

Apache webpage and security optimization-webpage caching (connotation experiment) Read More »