Nov 30

Git LFS: Large File System

  • To use Homebrew, run brew install git-lfs
  • To use MacPorts, run port install git-lfs
  • git lfs track "*.tar.gz"
  • 

    git add path/to/file.tar.gz
    

    • 

  • 

    

    git commit -m "add file.psd"
    

    • 

  • 

    

    git push origin master
    

    • 





Reference:

https://help.github.com/en/github/managing-large-files/configuring-git-large-file-storage


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue.

http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


						
						
						
		

		
			




 
            

                


            

            		

                



		
	

    
    			    	

            

            	Nov
                30
                            

                    

            
		        

			
				Mysql error after upgrading magento 2.3.2 to 2.3.3            
			        

		
					    
    		
				

			
													
							
												
								
Solution to:

SQLSTATE[HY000]: General error: 1419 You do not have the SUPER privilege and binary logging is enabled (you might want to use the less safe log_bin_trust_function_creators variable), query was: CREATE TRIGGER trg_catalog_product_entity_after_insert AFTER INSERT ON catalog_product_entity FOR EACH ROW BEGIN INSERT IGNORE INTO `scconnector_google_feed_cl` (`entity_id`) VALUES (NEW.`entity_id`); END


Sol:

mysql -u root -p set global log_bin_trust_function_creators=1;Worked for me.


Reference: https://community.bitnami.com/t/mysql-error-after-upgrading-magento-2-3-2-to-2-3-3/71536


By


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue.

http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


						
						
						
		

		
			




 
            

                


            

            		

                



		
	

    
    			    	

            

            	Nov
                30
                            

                    

            
		        

			
				bitnami services: start stop ….            
			        

		
					    
    		
				

			
													
							
												
								
The script file name can be: ctl.sh as well 


sudo /opt/bitnami/ctlscript.sh status


sudo /opt/bitnami/ctlscript.sh start


sudo /opt/bitnami/ctlscript.sh restart apache


Use this script to stop all services:


sudo /opt/bitnami/ctlscript.sh stop


Restart the services by running the script without any arguments:


sudo /opt/bitnami/ctlscript.sh restart


						
						
						
		

		
			




 
            

                


            

            		

                



		
	

    
    			    	

            

            	Nov
                30
                            

                    

            
		        

			
				Update Magento 2 to the latest version            
			        

		
					    
    		
				

			
													
							
												
								
Update Magento 2 to the latest version—https://devdocs.magento.com/guides/v2.3/comp-mgr/cli/cli-upgrade.html


Work with Github large file system

—install: Git-lfs: https://help.github.com/en/github/managing-large-files/installing-git-large-file-storage

—How to work with: https://help.github.com/en/github/managing-large-files/configuring-git-large-file-storage


Sure, had to deal with i.e. work with


By


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue.

http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                27
                            

                    

            
		        

			
				Stochastic Processes and Related Terms            
			        

		
					    
    		
				

			
													
							
												
								
What is a Random Variable?

Ans: "In probability and statistics, a random variable, random quantity, aleatory variable, or stochastic variable is described informally as a variable whose values depend on outcomes of a random phenomenon."


In probability theory, "a random variable is understood as a measurable function defined on a probability space whose outcomes are typically real numbers"

https://en.wikipedia.org/wiki/Random_variable


What Is the Central Limit Theorem (CLT)?

"In the study of probability theory, the central limit theorem (CLT) states that the distribution of sample means approximates a normal distribution (also known as a “bell curve”), as the sample size becomes larger, assuming that all samples are identical in size, and regardless of the population distribution shape."

https://www.investopedia.com/terms/c/central_limit_theorem.asp


"The Central Limit Theorem and Means

An essential component of the Central Limit Theorem is that the average of your sample means will be the population mean. In other words, add up the means from all of your samples, find the average and that average will be your actual population mean. Similarly, if you find the average of all of the standard deviations in your sample, you’ll find the actual standard deviation for your population. It’s a pretty useful phenomenon that can help accurately predict characteristics of a population. Watch a video explaining this phenomenon, or read more about it here: The Mean of the Sampling Distribution of the Mean." https://www.statisticshowto.datasciencecentral.com/probability-and-statistics/normal-distributions/central-limit-theorem-definition-examples/


What is stochastic behavior?

"The word "stochastic" means "pertaining to chance" (Greek roots), and is thus used to describe subjects that contain some element of random or stochastic behavior. For a system to be stochastic, one or more parts of the system has randomness associated with it. https://www.cds.caltech.edu › courses › cds101 › faq › 02-10-07_stochastic


What is the meaning of stochastic process?

"A stochastic process means that one has a system for which there are observations at certain times, and that the outcome, that is, the observed value at each time is a random variable. Stochastic Processes – an overview | ScienceDirect Topics"

https://www.sciencedirect.com › topics › neuroscience › stochastic-processes


Stationary ergodic process

"In probability theory, a stationary ergodic process is a stochastic process which exhibits both stationarity and ergodicity. In essence this implies that the random process will not change its statistical properties with time and that its statistical properties (such as the theoretical mean and variance of the process) can be deduced from a single, sufficiently long sample (realization) of the process.""


What is a stationary process?

"Stationarity is the property of a random process which guarantees that its statistical properties, such as the mean value, its moments and variance, will not change over time. A stationary process is one whose probability distribution is the same at all times. For more information see stationary process."


Several sub-types of stationarity are defined: first-order, second-order, nth-order, wide-sense and strict-sense. For details please see the reference above.


What is a Ergodic process

"An ergodic process is one which conforms to the ergodic theorem. The theorem allows the time average of a conforming process to equal the ensemble average."" https://en.wikipedia.org/wiki/Stationary_ergodic_process


Ergodic Process:

"In econometrics and signal processing, a stochastic process is said to be ergodic if its statistical properties can be deduced from a single, sufficiently long, random sample of the process. … Conversely, a process that is not ergodic is a process that changes erratically at an inconsistent rate."

https://en.wikipedia.org › wiki › Ergodic_process


A correlation function

"A correlation function is a function that gives the statistical correlation between random variables, contingent on the spatial or temporal distance between those variables."

https://en.wikipedia.org › wiki › Correlation_function


What is energy spectral density?

"Energy spectral density describes how the energy of a signal or a time series is distributed with frequency. Here, the term energy is used in the generalized sense of signal processing; that is, the energy of a signal is. Spectral density – Wikipedia"

https://en.m.wikipedia.org › wiki › Spectral_density


Spectral density estimation

"In statistical signal processing, the goal of spectral density estimation (SDE) is to estimate the spectral density (also known as the power spectral density) of a random signal from a sequence of time samples of the signal.[1] Intuitively speaking, the spectral density characterizes the frequency content of the signal. One purpose of estimating the spectral density is to detect any periodicities in the data, by observing peaks at the frequencies corresponding to these periodicities."

https://en.wikipedia.org/wiki/Spectral_density_estimation


Markov Process — from Wolfram MathWorld

mathworld.wolfram.com › … › Interactive Demonstrations

"Markov Process. A random process whose future probabilities are determined by its most recent values."


Poisson Process

"A Poisson Process is a model for a series of discrete event where the average time between events is known, but the exact timing of events is random. The arrival of an event is independent of the event before (waiting time between events is memoryless).""


Poisson Distribution

"The Poisson Process is the model we use for describing randomly occurring events and by itself, isn’t that useful. We need the Poisson Distribution to do interesting things like finding the probability of a number of events in a time period or finding the probability of waiting some time until the next event." https://towardsdatascience.com/the-poisson-distribution-and-poisson-process-explained-4e2cb17d459


Statistical signal processing

"Statistical signal processing is an approach which treats signals as stochastic processes, utilizing their statistical properties to perform signal processing tasks. Statistical techniques are widely used in signal processing applications.""

https://en.wikipedia.org › wiki › Signal_processing


Linear MMSE Estimation

https://www.probabilitycourse.com/chapter9/9_1_6_linear_MMSE_estimat_of_random_vars.php


Harmonic analysis

"Harmonic analysis is a branch of mathematics concerned with the representation of functions or signals as the superposition of basic waves, and the study of and generalization of the notions of Fourier series and Fourier transforms (i.e. an extended form of Fourier analysis)."

https://en.wikipedia.org › wiki › Harmonic_analysis


By


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue. http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                25
                            

                    

            
		        

			
				Stock Market Today            
			        

		
					    
    		
				

			
													
							
												
								
Stock Market Today (Mostly up, also lately mostly up). XUS ETF price increase: $20 to $52 in 6 years


https://www.morningstar.ca/ca/report/etf/performance.aspx?t=0P0000YUAU&lang=en-CA


By


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue.

http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


		
		


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                25
                            

                    

            
		        

			
				Stock market is up today. lately mostly up            
			        

		
					    
    		
				

			
													
							
												
								

Stock market is up today. Lately, mostly up. Though, I had a gut feeling that it will go down temporarily on December, 2019 at one point. However, until 2020 USA election, the market will be kind of good (my wild gut feeling and wish, no logic)




Image Reference: morningstar.ca, at around 10:00 am, Nov 25, 2019


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                23
                            

                    

            
		        

			
				How To Set Up Apache Virtual Hosts on Ubuntu 16.04            
			        

		
					    
    		
				

			
													
							
												
								
How To Set Up Apache Virtual Hosts on Ubuntu 16.04


https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-16-04


Yes, implemented these in the past at work. Also, did for myself..


By


Sayed Ahmed




BSc. Eng. in Comp. Sc. & Eng. (BUET)

MSc. in Comp. Sc. (U of Manitoba, Canada)

MSc. in Data Science and Analytics (Ryerson University, Canada)

Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


Get access to courses on Big Data, Data Science, AI, Cloud, Linux, System Admin, Web Development and Misc. related. Also, create your own course to sell to others to earn a revenue.

http://sitestree.com/training/


If you want to contribute to the operation of this site (Bangla.SaLearn) including occasional free and/or low cost online training (using Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education/health/social service sector), you can financially contribute to: safoundation at salearningschool.com using Paypal or Credit Card (on http://sitestree.com/training/enrol/index.php?id=114 ).



Affiliate Links: Deals on Amazon :

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                21
                            

                    

            
		        

			
				Do you want to be an information security professional?            
			        

		
					    
    		
				

			
													
							
												
								
Do you want to be an information security professional or an Ethical Hacker? Then you can learn by finding answers to the following questions. You can search Google, read book, or even ask the security professionals around you to get the answers. Knowing these (and doing/practicing/analyzing/thinking/applying/building/relating) for sure will help.


What you might need to know for Ethical Hacking (CEH Foundation)


First some Operating System Basics


What is an Operating System? What is a kernel?


How do Windows Kernel and Linux Kernel differ?


What is ring or layered architecture for Kernel?


What is a file system? Give examples of File System. Give some details on the File Systems that you just mentioned.


What are device drivers?


Difference between stacks and heaps?


Types of windows authentication? Local and Central


How can you backup and restore windows registry?


What is windows event viewer? What can you use to identify security incidents?


What are windows services?


Where can you see windows security policies?


What is the shell command wf.msc ?


What do the following commands do? Is there any relation to security ? tasklist, tracert, ipconfig, driverquery, cipher, assoc


What are the permission groups in Linux?


What is a IPTable in Linux? Give some IPTable related commands? Also give some related concepts. How can you use them to ensure/check security? What are input chain, output chain, forward chain?


What do the following files do in Linux/Unix? /etc/hosts.allow, /etc/hosts.deny


What do the following commands do? uname, sudo, last, diff, history, uptime, w, crontab, lsof, kill


What are TCP wrappers?


What is uid, gid in Linux? Also, what is sticky bit? What is SELinux? What is LDAP? What is Active Directory?


How can you dump all password hashes in windows? and do similar in Linux?


How can you set password policy?


What is Powershell Integrated Scripting Environment?


what does netsh.exe do?


What do the following powershell cmdlets do? Stop-Process, Get-Process, Get-eventlog, Export-csv, Get-Service, Get-Help, Get-CimInstance, Get-WmiObject


What is a Hypervisor? Types of Hypervisors?


What is a Type 1 Hypervisor? What is a Type 2 Hypervisor?


What are snapshots? How can you use this for the integrity of the Operating System and the installed software?


What are common security issues with Virtual Machines?


Unpatched Hypervisor, Insecure Management Console, Dormant virtual machines: What are these?


What are the commercial/free software to create virtual machines?


What is docker? What is Software Containerization? How can docker help? Any other alternatives to Docker?


What is Kubernetes?


What are SaaS, PaaS, IaaS?


What are cloud security considerations?


How the following can happen in Cloud? What can you do about these?

Data Loss, Account Hijacking, Insecure APIs, Denial of Service Attack, Legal Issues, Abuse by malicious insiders.


Define Confidentiality, Integrity, Availability.


Give examples of attacks that affect confidentiality?


Give examples of attacks that affect Integrity?


Give examples of attacks that affect Availability?


How do Functionality, Usability, Security interact/influence each other? Define them as well.


Define Authentication, Authorization, and Accounting (AAA)? How are they related?


What is nonrepudiation?


What is a vulnerability?


What is a zero day vulnerability?


What is an exploit? What is a Risk? What is Threat?


What are some Natural, Physical, and Human threats to Information Security?


What is Defense in Depth architecture for Information Security? (layered … )


What are the types of hackers? How do they differ?


Black Hats, White Hats, Gray Hats, Suicide Hats, Script-Kiddies, Spy Hacks, Cyber Terrorists, State Sponsored Hacks : what are these?


Difference between Hacking and ethical Hacking?


What are the steps in Incident Management?


What is a penetration testing? Does it apply to the infrastructure or the software?


What is security assessment? Is it required?


What are the types of Penetration Testing? Black, gray, White,


What are other testing for security? Announced, manual, automated


What are the steps in Penetration Testing?


What should you do in the pre-attack phase, attack phase, post-attack phase.?


Define False Positive and False Negative Security alarms?


What is Footprinting?


What are the ways hackers collect information about your organization (assets)?


How do hackers use Pipl?


What is Enumeration in the hacking process?


How can you use Maltego? https://www.paterva.com/buy/maltego-clients/maltego-ce.php . How hackers use this?


What do the following commands do? Finger, Netscan tools, superscan, nmap,


what is https://www.shodan.io/?


What is nbtstat tool?


what can you find on www.sec.gov/edgar.shtml?


Where can you trace emails? www.traceemail.com/trace-email-header.html


readnotify.com what does it do?


What are attack vectors when it comes down to web-application hacking?


Give some examples of web-application flaws?


Give some examples of web-application authentication flaws?


Give some examples of web-application authorization flaws?


Give some examples of web-application session management flaws?


Give some examples of web-application input validation flaws?


Give some examples of web-application configuration management flaws?


What are the steps in Web Application Hacking Methodology?

Analyze web-app, identify entry and exit points, break down components, test for vulnerability, automated security scanning, remove false positives, reporting with remediation


What can you do to mitigate and prevent the security flaws mentioned above? authentication flaws, authorization flaws, session management flaws, input validation flaws, configuration management flaws, auditing and logging flaws?


What are some advantages and risks of Wireless Networking?


What do you know about OSA authentication, Shared Key authentication and centralized authentication for Wireless Networks? At least give some examples?


What are some common Wireless Threats?


What are the steps in Wireless Hacking Methodology?

Discover Wi-fi networks, GPS Mapping, Wireless Traffic Analysis, execute attacks (), break wi-fi encryption

attacks: Fragmentation, MAC-spoofing, De-authentication, Man-in-the-middle, Evil twin


What is Spectrum Analysis? How can Bluetooth hacking happen? What is Bluetooth pairing?


What are common Bluetooth Threats?

loss personal data, hijacking, sending SMS, use airtime, malicious code, bluejacking,, blue sniffing, bluesmacking, bluesnarfing


How can you defend against bluetooth attacks? PIN change, go to hidden mode, monitor pairing, enable only when needed, review pairing requests


What are common Mobile Attack Vectors? Malware, Jailbreak, application modification


Jailbreak: enable to run all 3rd party applications, corrupt kernel


Provide some Android, and iOs security guidelines?


What is IDS? How does it work? Can IDS be used for Anomaly Detection?


What are the different types of IDS? Network Host, Log, File


What are the approaches to evade IDS? Insertion attack, DoS, Obfuscating/Encoding, Session Splicing, invalid packets, polymorphic shellcodes


What are the common Symptoms of an Intrusion?


DMZ what is it?


What are the following concepts for Firewall architecture? Bastion Host, Screened subnet, multi-homes subnet


What are the different types of firewalls? Packet, circuit, application level, stateful inspection


How to detect firewalls in the target system? What is Port Scanning? How can it help in this case?


What is firewalking? What is the purpose?


What are some possible ways to evade firewalls? IP Address spoofing, source routing, use a proxy to bypass firewalls, tunneling


What are Honeypots? What are the types? High, Low -> interactions


How can you detect Honeypots? HPING, Port Scan detect all services, Send Safe Honeypot Hunter,


What are the different types of Encryption?


What is the concept: Key Escrow?


What are DES, AES, RSA, Private key cryptography, Public Key Cryptography?


What is the Advanced Encryption Package?


Give some details on how Message Digests are used in securing and also in hacking?


What is PKI?


What is Splunk?


By


Sayed Ahmed




Linkedin: https://ca.linkedin.com/in/sayedjustetc




Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com 

Online and Offline Training: http://Training.SitesTree.com 


If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide 


Affiliate Links:

Hottest Deals on Amazon USA: http://tiny.cc/38lddz



Hottest Deals on Amazon CA: http://tiny.cc/bgnddz



Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz


Reference: Certified Ethical Hacker Guide, S. A. Rahalkar


						
						
						
		

		
			




 


                



		
	

    
    			    	

            

            	Nov
                19
                            

                    

            
		        

			
				Must know for an Information Security Professional (A CISSP professional will know these in general)            
			        

		
					    
    		
				

			
													
							
												
								
Must know for an Information Security Professional (A CISSP professional will know these in general) . Want to be a security professional, learn these as well.


What is a security policy?


What are policies in general?


What are the different types of Security Controls?


Give examples of Audit Trail.


Give examples of security guard.


Difference between authentication and authorization


Can SSO be decentralized? How can you implement that? Just examples are good.


What is the least privilege policy?


What is a job rotation policy?


TACAS, RADIUS what are these? Does your organization need to use these? In what cases? Is it a good fit?


Give examples of access control attacks?


Give examples of Social Engineering?


What is your experience with reviewing the access configurations?


What TCP/IP, OSI, ATM, QoS?


Give examples of Network Access Control Devices?


Give examples on how Network Access Control Devices are used in your organization? How can you configure them?


Is Endpoint security a good practice? What is Endpoint security anyway?


POTS, PBX, VoIP – does your organization use these? What are the related security risks?


How can attackers inject data into video stream (video conferencing)?


Give examples of Tunneling Protocols? esp. the secured ones?


Is VPN a tunneling concept? What protocols are used on VPN?


How is IpSec data formatted? What is AH ? What is ESP?


What is the primary purpose of SSL and TLS?


What is a Syn Flood Attack.


What is spoofing?


What is VLAN? Will you implement VLAN in your organization? When?


What is the concept of Risk when it comes to organizational IT resource security?


Can your security measures mitigate all risks?


What is the relation between a security policy and local laws and regulations?


Does your organization conduct Due care and Due diligence for security?


How do you ensure confidentiality, integrity, and availability?


How is managing information lifecycle important for an organization?


To which organizations HIPAA apply?


What are Risk Avoidance, Risk transference, Risk Mitigation, Risk Acceptance?


Can Risk Acceptance be acceptable policy? Give examples…


How can you apply and ensure security in the software development lifecycle?


What are backdoors in software?


What is XSS security risk? How can you prevent XSS?


What is security testing?


Can you use white box testing as a security measure?


Should you encrypt all sensitive – data files?


Define Symmetric and Asymmetric cryptography? Give examples. Which one is more secure?


What is Hybrid cryptography, What is Hashing?


What is Social Engineering for Key Discovery?


What is a rainbow table attack?


What is PKI? How does PKI work?


What are security models?


What is Bell-Lapadula model?


What is Biba model?


what is Clark-Wilson access model.


How can XML traffic be protected?


OWASP what is it? Who sponsors OWASP?


How can Separation of duties and responsibilities help with security?


What is the last step in incident response?


What is root cause analysis?


What is change management?


How do software configuration, and configuration management help with security?


What you know About RAID? Describe in your own way.


Give example ways you can make your servers fault tolerant.


Give an example of a backup strategy for a hypothetical organization.


Give types and examples of computer crimes.


What is Shrinkwrap contract?


Give some example guidelines from ISC code of Professional Ethics.


Give examples of forensic procedures.


Give examples of Site and facility design considerations for security?




By





































Online and Offline Traininghttp://Training.SitesTree.com 


 


If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide   


 


Affiliate Links:


Hottest Deals on Amazon USA: http://tiny.cc/38lddz




Hottest Deals on Amazon CA: http://tiny.cc/bgnddz




Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz