If you will remember, each layer in the OSI model wraps the message from the layer above in its own envelope – this process is called data encapsulation. The resulting message from each layer has its own name. Before the message gets to the transport layer, it is simply called ‘data’. One of the strange things is that when the transport layer wraps

BCP policy must then be constructed that contains its scope, mission, principles, guidelines and standards. Project management is crucial for BCP to ensure it does not run out of funds, and management of scope is one of the key responsibilities of this management. A SWOT analysis is helpful, which looks at the following four areas: Strengths (or

A process can be a block of code executing in-memory, and therefore a vulnerability in a process is also a software vulnerability.

If data is transmitted over baseband, then the entire channel is being used. If the channel has been split up into sub-channels, we are communicating over broadband – this allows us to send different types of data simultaneously.

Sometimes a computer will send out an explorer packet to a destination that will return the path it took, and the computer will insert instructions into the packet header telling the bridge or router the exact path the frame or packet should travel. This is called source routing, and is very much frowned upon – we should let the network devices

Beyond creating and maintaining certificates, CAs are also responsible for revoking certificates, by adding the certificate to a certificate revocation list, or CRL. Unfortunately, browsers do not always check CRLs when setting up an SSL/TLS connection, which represents a significant security concern. The online certificate status protocol, or

AH and ESP can be used together or separately, but only ESP can provide encryption (confidentiality). When two routers want to communicate over IPSec, they must first agree on a number of options such as hashing algorithms, encryption algorithms, tunnel modes, etc. When a router receives these parameters, they are stored in a security association

There are four components to managing risk: The Frame component defines the assumptions, constraints, priorities and the amount of risk the organization can tolerate. The Assess component determines threats, vulnerabilities and attack vectors. The Respond component matches the available resources against a prioritized list of risks. The Monitor

If any encryption algorithm is closely analyzed, weaknesses can be discovered. An algebraic attack exploits any mathematical weaknesses found in an algorithm, such as the original RSA algorithm always encrypting a ‘0’ as a ‘0’. An analytic attack looks for structural weaknesses in the algorithm, which is how 2DES was broken, and why we went from