View RSS Feed

Gamers Association

Official Blog from Gamers Association on HackHunters Community.

  1. Mass Effect 3

    Bioware recently just released this pretty awesome CG trailer

    Updated 02-20-2012 at 09:58 PM by Moreno (Seems like a bug, when posting blogs.)

    News , Videos
  2. Network Security+ Discussion Topics and Answers - Part Two

    Security+ Guide to Network Security Fundamentals
    ================================================== =======
    For this blog topic, I will be posting discussions about Network Security and provide answers to them. This is for studying purposes only, mainly for me to keep track of. But feel free to read the questions and answers for yourself.
    ================================================== =======

    11. How would you manage resetting passwords for those that forgot theirs?

    Set up security questions, or send a reset link to their email.

    12. How often would you require your users to update their password?

    I would recommend every 90 days, not to short or too long.

    13. In your own words, how does the AES algorithm work?

    Advanced Encryption Standard (AES) is now the official standard for encryption by the U.S. Government. For every block of 128 bits, AES does a three step process for plaintext. Multiple rounds could be performed depending on the key size. Such as the 128-bits performs nine rounds, and 192-bits performs 11 rounds, and 256-bits also know as AES-256, uses 13 rounds. For each round, the bites are substituted and rearranged, and then special multiplication is done based on the new arrangement. AES was designed to be secure for previous, present and the future. AES is also known as Rinjdael.

    14. What are the limitations of the AES algorithm?

    Some limitations of AES would be if you use any bits higher then 128-bits then you are limited to only the US.

    15. Is the algorithm symmetric or asymmetric?

    AES would be symmetric.

    Source: VeriSign Trust Network

    16. What are some of the restrictions they are establishing?

    All subscribers are required to re-authenticate at least every three years unless they meet the requirements. You can find this under Section 3.2.3. If they do meet the requirements they have Operational periods up to six years.

    If the subscribers are unable to complete re-authentication procedures when required, the CA will revoke the Suscribers Certificate.

    Certificates issued by CAs to end-user Subcribers may have Operational Periods longer than two years, up to six years, if the following requirements are met.

    17. Does the policy outline the rules for key management? If so, what does it cover?

    They have private key back up procedures, incident and compromised procedures, etc.

    18. What methods can be used to raise awareness on the importance of business continuity?

    I would have mandatory trainings, one per month. This would allow each employee to have an idea or procedures on what to expect, and how to handle it just in case. Have dedicated team leaders or employees to oversee the security of the business. These trainings could be a simulation of a break in, hacker attempting to get into personal files or financial information, a virus shutting down our network and infecting it. Could possibly send out newsletters as a reminder of the importance of business continuity.

    19. Which types of disasters are likely for your area? How would you plan for these to ensure business continuity?

    With a business, all sorts of potential disasters can occur. You building could be on fire, a flood happens because a pipe broke, etc. I believe every business needs to have a backup or emergency plan for the unexpected. Each employee should have knowledge of it and do drills. Sort of like when in school, the school has fire drills unexpectly so that the teachers and students know what to do just in case something happens for real. Employees should setup some sort of backup system to save important files or information or have something that auto allows an upload of it daily. To prevent even more damage that could possibly cripple a business.

    20. Why is it important to implement and enforce information security policies, acceptable use policies, and backup policies?

    It is important to implement and enforce security policies to protect your network and for employees or users to learn security requirements in case of a breach. Implementing security policies reduce the chance of loss or risk. Also with the policies implemented, the company can insure their business is running properly.

    21. What could potentially happen if these were absent?

    If security policies were absent, hackers could access your network and personal/business/financial information could be compromised and used for identity theft or more reasons such as natural disasters to prevent data loss.

    All answers to these discussion questions are answered by Andrew Moreno.
  3. Network Security+ Discussion Topics and Answers - Part One

    Security+ Guide to Network Security Fundamentals
    ================================================== =======
    For this blog topic, I will be posting discussions about Network Security and provide answers to them. This is for studying purposes only, mainly for me to keep track of. But feel free to read the questions and answers for yourself.
    ================================================== =======

    1. Why do you think there is a significant demand for IT professionals who know how to secure networks and systems from attacks?

    There is a high demand for IT professionals that know how to secure a network and systems from attacks because it is highly important to protect the important information and or data that companies, businesses, and people store into their networks and systems. These could be personal information such as social security numbers, bank account statements, identity information, and even passwords. Without an IT professional to secure their networks, it can cost the companies lots of money if an unauthorized hacker/attacker has gained access.

    2. Hacking into a computer system is illegal; in spite of this, businesses that fail to protect electronic data may face legal consequences. Do you think this is fair? Why or why not?

    I would say that this is fair, as a person who trusts these companies and businesses with my personal information and data; they are responsible in keeping that information secure. If someone where to get access to this personal information, they can ultimately take over someone
    Attached Thumbnails Attached Images
Hosting by CSR Web Services