Type above and press enter or press close to cancel.
Our documents are based on successfully executed projects which save you time and money.
PRINT PAGE Img
  1. Home
  2. Blog

Tag Archives: Security (1500)

Our documents are based on successfully executed projects and IT solutions.

application

Oracle 8 -9 Vulnerabilities Patches

February 6, 2011

Priority Oracle 8 -9 Vulnerabilities Patches Security Alert Number And Description   MetaLink Note ID   Latest Version/Date Alert 68, Oracle Security Update 281188.1 Rev 4, 2 March 2005 Alert 67, Unauthorized Access Vulnerabilities in Oracle E-Business Suite 274356.1 Rev 1, 3 June 2004 Alert 66, Security Vulnerabilities in Oracle Application...

Tags: , , , , Img
information-rights-management

Role Based Access Controls – SUDO suggestions

January 10, 2011

Sudo: A Unix command enabling accounting for root actions Sudo (superuser do) intends to replace su; it allows certain users (or groups of users) to run some (or all) commands as root while logging all commands and arguments. Create appropriate Web, Application and Service dedicated Groups to sandbox priveleges. Create...

Tags: , Img
networking

eHealth – Corelating Interface Indexes to Interface Names

January 9, 2011

Alarms may be generated in Spectrum by either Spectrum itself or eHealth that reference interfaces that seem to have no tie to the device itself. This is because eHealth might refer to the interface using the MIB Index instead of the name.  The MIB indexes can be quickly correlated...

Tags: , Img
networking

Sample Network Management Project requirements

January 8, 2011

First Tier Network Management Solution support Support Datacenters, Main sites / Disaster Recovery Sites: Graphically configuring and monitoring all equipment Firewalls, Routers, Switches, Modems, Servers, SAN’s, NAS’s, PC’s Network Printers, UPS… etc, Issue periodical reports: Daily, weekly, monthly… Device, configurations & connectivity    Network Fault Management: Network connectivity between...

Tags: , , , Img
application

Web Server Security – Suggestions

January 7, 2011

Common Web Vulnerabilities Buffer Overflow Attacks Denial of Service Attacks on vulnerable scripts URL Manipulation Sniffing / Spoofing Credentials Client Parameter Manipulation Brute Force Attacks Web Server Fingerprinting Web Defacements Take web servers seriously, server security is essential for web security, recommendations: Harden servers from attack • Use a...

Tags: , , , , Img
compliances , networking

Network categories of System Monitoring

January 5, 2011

Monitoring System Configuration Changes This category includes monitoring for changes in hardware and software configurations that can be caused by an operating system upgrade, patches applied to the system, changes to kernel parameters, or the installation of a new software application. The root cause of system problems can often...

Tags: , Img
application , compliances , networking , security , web-services

Web Server Security Guidelines

January 2, 2011

A web server is a program, which listens for http requests on a TCP/IP port (normally either port 80 or port 443) and serves html pages in response. There are several web servers currently in the market. The most popular are: Apache SunONE Internet Information Server (IIS 6/7/8) NCSA...

Tags: , , Img
o-s

Windows 2000 Internet Information Server

December 25, 2010

IIS Components File transfer Protocol (FTP) Server World Wide Web (WWW) Server Simple Mail Transfer Protocol (SMTP) Service Network News Transport Protocol (NNTP) Service FrontPage 2000 Server Extensions Internet Services Manager (HTML) Internet Information Services Snap-in Visual InterDev RAd Remote Deployment Support Indexing Service Certificate Services Windows 2000 Professional...

Tags: , , , Img
application

System and Application Unit Testing

December 20, 2010

Testing must be an on-going activity throughout all phases of a project and should be an integral component of quality assurance efforts. A complete testing strategy cannot be developed until after vendor selection, so this section contains suggestions for possible activities that could be included in a testing strategy,...

Tags: , , , , Img
business , itil

ITIL – Change and Patch Management

December 15, 2010

A set of processes executed within the organization’s IT organization designed to manage the enhancements, updates, incremental fixes and patches to production systems, which include: · Infrastructure changes (routers, firewalls, proxies, cabling, etc) · System upgrades (servers, operating systems, , applications, databases) · Application code revisions (development and testing)...

Tags: , , Img
application

SDLC – Application System Definition Model

December 14, 2010

Audience: Application & System Services Communication & Collaboration Service: Database Administration Desktop Computer Services Disaster Recovery & Business Continuity Services Facilities A formal model of a complete system All information pertinent to deployment and operations Machine-readable, capturing intent of developers and administrators System topology Developer constraints IT policy Installation...

Tags: , , , , Img
application

Testing Approach and Strategy

December 13, 2010

Testing Approach and strategy helps you prepare the list of testing requirements and the testing strategy for supporting the new corporate procurement and application module. Included are descriptions of the target audience, delivery method, and objectives. In addition, the testing approach and strategy identify: The high level objectives and...

Tags: , , , , Img
application

Sample SDLC Development Project Deliverables

December 12, 2010

Deliverables and Combined Processes Discovery Project Roadmap Planning Customer & Stakeholder requirements prioritization & signoff Internal Services Catalog Project Risks Identified UI Models List of Alternative Solutions Selection of Best Solutions for further research Hardware Solutions Demos Financial Approval Potential Solutions Modeled in Test Lab  Initial Security Requirements Definition...

Tags: , , , , Img
compliances

Questions for: Configuration Management and change control

December 12, 2010

Does the configuration management plan address identification, status accounting and audit? Does the configuration management plan address the configuration of all system and configuration items? Is the configuration management integrated into the structure of an organization? Is there version control of all configuration items? Is configuration management and version...

Tags: , , Img
application

Basic Oracle Hardening

December 11, 2010

Disable install and demo accounts: Disallow default user/password PUBLIC has execute System privilege PUBLIC has execute Object privilege PUBLIC has execute UTL_FILE privilege PUBLIC has execute UTL_SMTP privilege PUBLIC has execute UTL_HTTP privilege PUBLIC has execute UTL_TCP privilege PUBLIC has execute DBMS_RANDOM Password complexity Restrict number of failed login...

Tags: , , , , Img
application

Datacenter – Application Lifecycle Considerations

December 10, 2010

Service Monitoring • Availability• Logging• Auditing• Performance Metrics• Debugging & Tracing• Synthetic Transactions Exception Management • Error Trapping• Root Cause Analysis• Notification Services Version Management • Data Contracts• Message & Operation Contracts• Endpoints (Addresses)• Policies• Internal Dependencies• Claims• Service Retirement• Dependency Analysis Service Delivery • Methodology• Standardized Service Delivery...

Tags: , , , , Img
security

Sample Word – VPN Configuration Documents

December 6, 2010

Free Word document download Sample VPN Configuration Worksheet.doc https://www.bestitdocuments.com/Samples

Tags: , , Img
compliances , policies , sample-it-spreadsheets

Sample Excel – Comparison Between Old and Revised ISO 17799 Standards

December 4, 2010

Free – Excel document download An Excellent comparison excel matrix. www.bestitdocuments.com

Tags: , , , Img
security

Sample Support System Security Plan

December 1, 2010

Sample Support System Security Plan System Identification · General Information · System Name / Title · Unique Identifier & Name Given to the System. Responsible Organization · List organization responsible for the application o Name: o Title: o Address: o Phone: o E-mail: Information Contact(s) · Name of person(s) knowledgeable about, or the owner of, the system. More than...

Tags: , , Img
security , visio-stencils

Sample Visio – NFS Security Architecture

November 18, 2010

Sample NFS Visio NFS Security Architecture Visio https://www.bestitdocuments.com/Samples

Tags: , Img
o-s , visio-stencils

Sample Visio – Unix Kernal Layer

November 12, 2010

Free Sample Document download Unix Kernal Visio Sample  Unix Kernal Layer  https://www.bestitdocuments.com/Samples

Tags: , Img
o-s

Sample Word – Cyclades ACS Appliance – Out of Band Management

November 9, 2010

One possible solution for Out of Band Network Management. Cyclades_ACS_Appliance.doc https://www.bestitdocuments.com/Samples

Tags: , Img
security

Secure your servers

November 8, 2010

Review and implement my company’s security policies as they relate to web security. Implement a secure network infrastructure by controlling access to/from your web server by using: Firewalls, Routers and Switches. Implement a Network Intrusion Detection System to monitor attacks against the web server. Patched servers. Implement load-balancing /fail...

Tags: , , Img
security

Web Server Pieces

November 7, 2010

Server OS + Hardware •Web Server Database Server Web application framework or language Scripting language or Application Client & Browser Security •Authentication and Session Management Web Server •Apache and IIS 6 / 7 are not secure OTB •Configurations can become complex over time –Look for unused modules or paths...

Tags: , , Img
email

Exchange Pre-Migration Data Collection considerations

November 6, 2010

Accounts and Mailboxes How many mailboxes are there? How many exceed the 200MB limit? Please list. How many contacts and custom recipients are there? Which mailboxes have no quotas set? How many lists and distribution lists are there? What clients are in use? • Outlook 200x • Outlook 2003...

Tags: Img
security

Web Security Attacks

November 5, 2010

•Abuse of Functionality •Brute Force •Buffer Overflow •Content Spoofing •Credential/Session Prediction •Cross-site Scripting •Denial of Service •Directory Indexing •Format String Attack •Information Leakage •Insufficient Anti-automation •Insufficient Authentication •Insufficient Authorization •Insufficient Process Validation •Insufficient Session Expiration •LDAP Injection •OS Commanding •Path Traversal •Predictable Resource Location •Session Fixation SQL Injection •SSL...

Tags: , , Img
security

Top 10 Web Security Vulnerabilities

November 4, 2010

1.      Poorly validated Input 2.      Broken Access Control 3.      Broken Authentication and Session Management 4.      Cross Site Scripting 5.      Buffer Overflow 6.      Injection Flaws 7.      Improper Error Handling 8.      Insecure Storage 9.      Application Denial of Service 10.  Insecure Configuration Management How to counteract these issues: Test existing web applications...

Tags: , , Img
sample-it-spreadsheets

Sample Excel – Performance Reference Model Sample Descriptions

November 3, 2010

Free Excel document download Performance Reference Model Sample Descriptions.xls https://www.bestitdocuments.com/Samples

Tags: , Img
sample-it-spreadsheets

Sample Excel – Data Reference Model Sample Descriptions

November 2, 2010

Free Excel document download Data Reference Model Sample Descriptions.xls https://www.bestitdocuments.com/Samples

Tags: , Img
sample-it-spreadsheets

Sample Excel – Service Reference Model Sample Descriptions

November 1, 2010

Free Excel Document download Service Reference Model Sample Descriptions.xls https://www.bestitdocuments.com/Samples

Tags: , Img
o-s

Imperva – Port Usage

October 23, 2010

Imperva – Port Usage Port Protocol Description 443 TCP HTTPS – Web console 80 TCP HTTPS – Imperva Update Server 22 TCP SSH – Remote Management 8083 TCP Proxy – Appliance Agent communications 53 UDP DNS Server 123 UDP NTP Server 514 UDP Syslog Server 162 UDP SNMP Trap...

Tags: , Img