CIS212 U1 Discussion - Essay Example

Security Management Process Insert Insert Security management entails ensuring that the integrity, confidence and consistency in theavailability of services and data in an organization. It is inclusive of how the security controls are. It has to be in a manner that advances the security and integrity of the data in the organization. It also ensures that users are not services that should be available at all times. Testing will ensure a smooth operation and prevent attacks that take advantage of obsolete concepts.

Further, management of intrusions is crucial (Poulsen & LaPage, 2011). The mission is to identify and counter attacks. These should level to a situation that is accommodating to the organization at least. The preceding is with reviewing of the security mechanisms to ascertain and ensure that frequent testing is done on them and maintained as well.There are various common means of authentication. The notion is to get the victim known to be what they allude to be. Essentially there is user authentication and entity authentication.

As a result, we have form authentication that entails passing in a username and password on web pages to gain access. Cookies are authentication mechanisms as a means to achieve entity authentication. It accomplishes this through the use of sessions. Authentication at the infrastructure will involve the use of DNS names. They are applicable where applications need to allow access to other hosts. In addition, there is spoofing of IP addresses. To make it more viable, integrate with the use of SSL.

Using authentication mechanisms that use usernames and passwords is all time favorite. Despite the method being familiar and readily available, it is also weak and easier to penetrate (Ciampa, 2012). Due to its user-friendliness, if precautions are into account like the inclusion of symbols and letters within the text then it is the cheapest.A number of issues psyche hackers. First is the fun and satisfaction they attain by hacking. Secondly, they do so to gain some finances. By getting information to third parties, they are paid highly for their services thus it is a means of livelihood to some.

They use means like phishing, brute-force attack, dictionary attack, and SQL injection for site hacking. Further cross-site scripting is also applicable. They accomplish this through establishing a plan of execution. Foot printing deals with comprehension of the system they wish to hack just the way a physical gang will prepare to attack a bank.ReferencesCiampa, M. (2012). Security+ guide to network security fundamentals. Boston, MA: Course Technology, Cengage Learning.Poulsen, T., & LaPage, A. (2011). CompTIA security+ certification.

[Fairport, NY]: Axzo Press.