Nov 17

Part-2: If you want to learn security, or if you already are a security professional/engineer, can you answer the following questions on Security? Do you know (and can do) the answers to the following questions on Security?

What are the important concepts to know and implement for Infrastructure security? Consider only the software side.

What are patching, hardening, enabling encryption, filtering connections in regards to network infrastructure? What is the relation with security? What will you do in regards to these?

How is software patching different for Network Hardware than the computers/servers?

How does patching differ for consumer grade and enterprise grade network infrastructure devices?

What is a service in a network device? What are the security risks with services for network devices? How will you ensure secure services?

what does nmap do?

How does SNMP help in security? What does SNMP stand for?

You DoS and DDos for sure? What are the differences?

Are network protocols encrypted in general? i.e. do they support encrypted communications? Will it be a great idea to have all Network Protocol supporting Encrypted Communications when it comes down to configuring and administering at least?

Bastion Hosts – what are they? How does they help in ensuring security? What are the disadvantages?

How important are configuring ACLs in routers for security? What are the important considerations? Can you provide examples on how you did implement these?

What is Egress Filtering?

Name sone tunneling Protocols?

What are Teredo, 6in4, 6to4, 6rd? Are they still in use?

What is TACAS+? Give examples of use cases and purpose?

To what extent Password management software are useful? What are the drawbacks? What can be the consequences when the password for the password manager is leaked? or Anyone having access to your workstation/PC can get easy access to your Password manager (probably shoulder surfing for pass, or could access your session from remote)?

What are encryption, Hashing, and Salting for securing passwords?

How will you enforce for Password Policies to ensure password security?

What is 2FA? What is multi factor Authentication? At least give some examples?

is 2FA sufficient enough for security? Why and why not?

How to ensure endpoint security?

What are the Endpoints/Endpoint devices in your organization? How do you or how will you ensure security for those devices?

How can you Harden the endpoints?

Is desktop firewall important to increase security?

Will you recommend full-disk encryption for security? What are the drawbacks? What can be the worst case if you use full-disk encryption for the endpoints? How can you mitigate those risks?

What can you use to encrypt entire disk in Windows and MacOs?

What is Bitlocker?

What is Filevault?

Is centralizing the keys for encrypted disks a great idea? what can go wrong? Is it always the best or feasible solution? What will you do or did?

What is the most secure operating system? Is there any such thing? Why — why not? Does it depend on how it is configured or there is something inherent to the operating systems that make them secure or not? more or less secure (provided after you tried your best)?

Is keeping software and services a very important aspect of securing operating systems i.e. servers?

How do you update software and services in Windows, MacOS, Linux, Unix? Give Linux/Unix commands to update software and services?

What is the difference update and upgrade in Linux/Unix?

How to update many many servers such as 1000s of them? What approach will you take?

What is SELinux for security in Linux/Unix?

What is mask?

How will you utilize chmod, chown, chroot for security in Linux/Unix?

How will you configure file permissions in Linux/Unix? Give example use cases?

How will you ensure file integrity?


What is Open Shares? How does it affect security?

What is EMET? What does EMET stand for?

What is SCCM? How can you use SCCM for Enterprise Deployment Strategies? What are the impact/related concepts for security?

How can you Physicall your your environment/organization?

What Physical security measures that you can take?

What is PCI-DSS? What does it have to do with Security?

Explain security considerations in relation to:
— Health Insurance Portability and Accountability Act
— Gramm-Leach Bliley Act
— Family Educational Rights and Privacy Act
— Sarbanes-Oxley Act

What is NIST Cybersecurity Framework?

What will you do to ensure that you do not lose data and information in case of security breach?

What are the disaster recovery approaches that you used or can use for IT Security?

What is Warm standby?

What are the backup approaches that you can use for Disaster recovery?


What will you use for Post-Incident (i.e. after security incident) Process?

Define, explain, give examples how will you use the following Post-Incident Tools and Technologies?
–Log Analysis
–Disk and File Analysis
–Memory Analysis
–PCAP Analysis

Does user education important to ensure organizational security? Why? How will you do that? How did you do that?

What are the User Education and Training strategies and Tools that you can use for security?

How will you track the impact of user education?

What do Policies, Standards, and procedures have to do with Security? How did you utilize them? What were the outcome? Any challenge in the process (i.e. related)?

How does asset management and documentation help with security? What procedure and steps you will follow for that?

How will you plan your organization’s security program? What are the team members and security functions that you will utilize?
Online and Offline Traininghttp://Training.SitesTree.com 
 
If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide   
 
Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz
Hottest Deals on Amazon CA: http://tiny.cc/bgnddz
Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz
 
Reference: Defensive Security handbook

Nov 16

If you want to learn security, or if you already are a security professional/engineer, can you answer the following questions on Security? Do you know the answers to the following questions on Security?

Defensive Security

If you want to learn security, or if you already are a security professional/engineer, can you answer the following questions on Security? Do you know the answers to the following questions on Security?

True or false, all email servers in the Internet are configured properly?

What can you used to check if an email server is configured properly? What tools, and software?

How will you use? What are the steps that you will follow?

What is MXToolbox?

Is MXToolBox still a good security tool? mxtoolbox.com?

When it comes to email server security can you explain what are the following and how they help in security? or what will you do with them when it comes down to Security?
–Open mail relay, server hello, mail reverse DNS, email aliases/group nesting, DNS Servers?

Is outsourcing email server is a great idea? when, when not? why, why not?

How can you secure a DNS server?

Should you allow DNS recursive queries in your organization’s DNS server?

What does segregation mean when it comes down to DNS servers? How will you use Segregation?

What is an internal DNS server? What is an external DNS server? Will you segregate them from security reasons? Why? Why not? What can go wrong?

What is passive DNS? Is it a good idea to implement passive DNS?

SinkHole DNS and Blackhole DNS what are these?

How can you obscure your organizations internal resources from the outside?

Can you configure your SMTP-SSL of 4043? Is it a good move?

What is logging?

What is monitoring?

What are the Logging software that might be great for security?

Did you use a software tool called Nagios? What is this for? How did you use this? Did you see any flaws? Is it easy to use?

What will you log? and why? What is your experience on your approaches?

Will you log everything or just the required stuff? why, why not? when? can you or will you switch to the other from one? What steps will you follow?

Where will you save/store the log data? and why? what are the risks? What are the related approaches?

What is SIEM?

What are the steps in SIEM?

What is log analysis when it comes down to security? What do you want to get out of Log Analysis?

Can you give the names of some important and/or common logging practices for security purposes?

What are user login logging, repeated login failures, login from unusual places/IPs/locations?

Proxy and Firewall logs — what are these?

What is log aggregation?

How can log help to identify brute force attack, data exfiltration, impossible or unlikely user movements, and ransomware?

What are IDS, IPS, and NIDS?

What are snort, suricata, bro?

What is Host Based IDS? How is it different from NIDS? What will you use and why? Will you use both? What are the drawbacks of each one of them?

Where do you put NIDS and IPS? and why? is there any particular strategy that worked for you?

Give some examples of encrypted protocols? How do they relate to NIDS/IDS/IPS?

What is defensive security?

What is offensive security?

What is purple teaming? What is read team and what is blue team?

What is OSINT i.e. Open Source Intelligence?

What are Dumpster diving, Shoulder surfing? What are the related security concepts?

What does the tool Maltego do? Is there any free version?

What is recon-ng? What is Metasploit? What are the different modules of recon-ng? What do they do? How can you use them for security?

What is the Harvester.py?

What is the Responder tool? hint. NetBios, Link Local Multicast Name Resolution

What is RAWr? What does it stand for?
Rapid Access Web Resources

What is the best programming language considering security i.e. when you are developing for your organization what programming language should you use?

Is PHP a secure programming language? How does it compare with Java or Python or C/C++?

Is security is integral to the programming language? or it might depend on the programmer as well? As PHP might be known to be not-a-very secure language: does it come from PHP or from the programmers who do not implement stuff in PHP considering security?

Can a Java/Python/C/C++ software be less secure than PHP?

What is security testing of a software? How does your organization do it?

What is penetration testing?

What is port scanning?

What is vulnerability scanning?

What is Network segmentation? What does it have to do with Security?

What are Physical and logical segmentation?

What is Demilitarized zone (DMZ)?

How VLANs, ACLs, NACs, VPNs help with security? What are risks/limitations in each cases?

What is SDN? Is it good considering security?

By

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Reference: Defensive Security Handbook

Nov 16

Misc. Statistics, Engineering, and Sensors

Learn more about Nonparametric Test
https://www.sciencedirect.com/topics/medicine-and-dentistry/nonparametric-test

Sensor Management for Large-Scale Multisensor-Multitarget Tracking," in Integrated Tracking, Classification, and Sensor Management: Theory and Applications
http://download.e-bookshelf.de/download/0000/7142/31/L-G-0000714231-0002366034.pdf

Approaches to Multisensor Data Fusion in Target Tracking: A Survey
https://www.computer.org/csdl/journal/tk/2006/12/k1696/13rRUxBa56w

Sensor fusion
https://en.wikipedia.org/wiki/Sensor_fusion

Sensor Fusion: Sensor fusion is the process of merging data from multiple sensors such that to reduce the amount of uncertainty that may be involved in a robot navigation motion or task performing.
https://www.sciencedirect.com/topics/engineering/sensor-fusion

Sensor Fusion Tutorials and Applications
http://fusion.isif.org/conferences/fusion2017/Tutorials.html

By

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Nov 13

Real Estate vs Stock Investment

Toronto Property Investors Take Note: Stocks Performed Better

https://www.bloomberg.com/news/articles/2019-11-07/toronto-property-investors-take-note-stocks-performed-better?srnd=premium-canada

Vancouver Real Estate Crackdown’s Next Step: A Big Watchdog

https://www.bloomberg.com/news/articles/2019-11-12/vancouver-real-estate-crackdown-s-next-step-a-big-watchdog

Nov 13

TFSA and Retirement income for Canadians

TFSA and Retirement income for Canadians

"In a decade the contribution room has grown to $63,500, or $127,000 for a couple."

"It will be only another five years or so before the aggregate TFSA room climbs to $100,000 per person. At that time a couple in their early forties holding the maximum amount and making yearly contributions growing at 7% will have $1.26 million in tax-free accounts at age 65. That will throw off an income of about $76,000 per year in retirement which will not be counted as income, allowing full CPP and OAS collection. In other words, a household income of at least $110,000, with zero tax.
"

From: https://www.greaterfool.ca/2019/11/12/the-f-factor/

Nov 09

Can you answer these random questions on Data Science Project Development

Questions to answer

1. What does a data science project usually involve? What is the common theme across data science projects?

2. Does industry projects and research projects differ? Why and to what extent?

3. What are the some dataset repositories? Where can you get them?

4. Are all public datasets perfect for doing a project?

5. Can you get one dataset with all required data?

6. if you have different datasets with part of the data that you need — what do you do? do you just abandon the project?

7. True or false. you get a dataset and then directly apply your algorithm to get the answer or to predict?

8. Is there any benefit to check the data details such as see the distribution of the data? mean and median and mode of the data?

9. What are the usual steps in a data science research project?

10. what is univariate analysis?

11. what is bivariate analysis?

12. is multivariate analysis?

13. Why do you do univariate, bivariate or multivariate analysis?

14. What is exploratory data analysis?

15. What are the two types of exploratory data analysis.

16. What are the pros and cons of visualizing the raw data?

17. Is there any need to use clustering while doing data exploration? or this can be more of a methodology of the research process?

18. what is data synthesis?

19. What is study selection?

20. What do the materials and methods section in a data science research project contain?

21. Difference between Methodology and experiment?

22. Difference between Exploratory analysis step and methodology step?

23. What makes a good experiment?

24. what is a regression analysis? Can it be an exploratory analysis? can it be as part of experimental analysis.

25. what is PCA?

26. What is Principal Component Analysis?

27. What is factor analysis?

28. True or false => PCA and Factor analysis do the same thing i,e. they are the same? why, why not explain

29. What is the measure name that indicates whether factor analysis is required or not

30. With PCA, you can always ignore the similar behaving/contributing features?

31. can you find out the purpose of decision trees, SVM, deep learning. is there an opportunity to apply those for the project in concern? to what extent and how? is ther any more work to do for the dataset preparation?

32. Can you write Python code to visualize a feature with a box plot? If not, can you google/startpage to find out the code and implement? What does the Boxplot for this feature saying?

33. what are the prediction methodology used in the project? Which one performed the best? Does the result make sense? Does the perfect result make sense? Do you think there can be bias and the code will not be able to give similar output for other datasets?

34. What are the measures used for prediction performance?

35. What was used for the project: Linear/Polynomial Regression or Logistics Regression. What is a better measure between these two for this project or in general?

36. True or false, Logistic regression is for Regression

37. True or false, Linear regression is for Classification

38. What is the significance of R square? Low or high values of R square is desirable to say that the Regression outcome is important?

39. What is f-score?

40. What is the train-test-split method in Python?

41. Did I use SQL in the project? Was that a must? What else could you do?

42. Can you join multiple dataframe (i.e. table) in Python? Do you have left, right, inner or similar joins in Python.

By

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Nov 08

Reindex magento data using PHP (Shell) and Command Line

You can go to the shell folder, and run the following to reindex everything

php indexer.php –reindexall

Magento 2 has similar command line features.

php bin/magento indexer:reindex


To reindex individually

php yourmagentofolder/shell/indexer.php -reindex catalog_product_attribute
php yourmagentofolder/shell/indexer.php -reindex catalogsearch_fulltext
php yourmagentofolder/shell/indexer.php -reindex catalog_category_flat
php yourmagentofolder/shell/indexer.php -reindex cataloginventory_stock
php yourmagentofolder/shell/indexer.php -reindex catalog_category_product php yourmagentofolder/shell/indexer.php -reindex catalog_product_price
php yourmagentofolder/shell/indexer.php -reindex tag_summary
php yourmagentofolder/shell/indexer.php -reindex catalog_url

Reference:https://magento.stackexchange.com/questions/162166/how-to-reindex-magento-1-x-by-using-command-line
Sure, I also executed these/similar myself…

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Nov 03

Example Health Condition Visualization

Example Health Condition Visualization. Only a doctor (related professional) can justify if the information is correct. Just the visualization. From: https://www.parathyroid.com/hyperparathyroidism-diagnosis.htm

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Nov 03

Robotics: growth potential

Robotics: growth potential doesn’t mean investment returns. Don’t get over excited when it comes to Investing.

https://lnkd.in/e5ZSX93

https://www.greaterfool.ca/wp-content/uploads/2019/11/DOUG-1.jpg

From: https://lnkd.in/e9tbFH5

Sayed Ahmed

Linkedin: https://ca.linkedin.com/in/sayedjustetc

Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com

If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide

Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz

Hottest Deals on Amazon CA: http://tiny.cc/bgnddz

Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz

Nov 03

Bangladesh Startup News


Future Startup Weekly