SQL Server, Technology

SQL Server Database Backups

Backups are crucial. You need to have the right backups in place to have your data covered in the case of any disasters. In this post I go through the different backup types and some of the different strategies for implementing them.

Comptia Security+, Security, Technology

Security+ Course – 6.6 Cryptanalytic attacks

1. Brute Force Attacks Brute-force attacks are the simplest form of attack against a cryptographic system. In a brute-force attack, the attacker simply guesses repeatedly at the encryption key until he or she stumbles upon the correct value for the key and gains access to the encrypted information. Brute-force attacks can take a very long time to complete successfully, if…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 6.5 Public Key Infrastructure (PKI)

1. Trust Models Requirements for Symmetric Key Exchange: The 2 parties must be confident that they are really communicating with each other and not an imposter The 2 parties must be confident that nobody is eavesdropping on the key exchange Asymmetric Cryptography Users don’t need to share their private keys Users can share their public keys freely Eavesdropping protection isn’t…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 6.4 Key Management

1. Key Exchange In symmetric encryption, the sender and receiver share a single secret key that nobody else should know. Before the sender and receiver can begin to communicate using a symmetric algorithm, they must somehow agree upon and exchange the shared secret key that they will use for that communication session. Problems with Key exchange EG: Alice and Bob…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 6.3 Asymmetric Cryptography

1. Rivest-Shamir-Adleman (RSA) Asymmetric cryptography solves issues of scalability by giving each user a pair of keys for use in encryption and decryption operations. The RSA algorithm was one of the earliest asymmetric cryptographic algorithms and it is still used today. It was published in 1977. There’s a lot of complex maths involved in creating that key pair, but the…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 6.2 Symmetric Cryptography

1. Data Encryption Standard (DES) DES was designed by IBM in the 1970’s Intended to serve as a federal encryption standard. Up until that point different agencies used different encryption algorithms. This caused issues with security because all of those algorithms weren’t thoroughly tested, and interoperability because different agencies couldn’t easily communicate with each other How DES Works DES uses…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 6.1 Encryption

1. Understanding Encryption Cryptography is the use of mathematical algorithms to transform information into a form that is not readable by unauthorised individuals. Cryptography does, however, provide authorised individuals with the ability to transform that encrypted information back into readable form. Encryption: converts information from its plaintext form into an encrypted version that is unreadable. This is known as ciphertext…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 5.5 Forensics

1. Conducting Investigations There are four main types of investigations that often involve cybersecurity professionals. These are: 1. Operational investigations: Seek to resolve technology issues (EG: service might be returning errors, a server might be responding too slowly, or a network might be congested) Restore normal operations as quickly as possible low standards of evidence as no legal action involved…

Continue Reading

Comptia Security+, Security, Technology

Security+ Course – 5.4 Incident Response

1. Security Incidents Security Incident Terminology Security Event: these occur anytime that an observable action takes place on a system that has security implications. This may be a user accessing a web page, a file being written to disk by a process, a connection being established through a firewall, or any other security related event. Thousands of security events take…

Continue Reading