https://atrc.net.pk/dokuwiki/ 2026-04-12T09:24:29+00:00 https://atrc.net.pk/dokuwiki/ https://atrc.net.pk/dokuwiki/lib/tpl/dokuwiki/images/favicon.ico text/html 2024-03-30T11:12:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:an_overview_of_each_of_the_osi_model_and_the_nist_security_framework&rev=1711797120&do=diff An overview of each of the OSI Model and the NIST security framework 1. OSI Model (Open Systems Interconnection Model): * The OSI model is a conceptual framework used to understand and standardize the functions of a networking or telecommunication system. text/html 2023-02-04T19:24:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:application_level_gateways&rev=1675538640&do=diff Application Level Gateways What is the difference between application level gateway and hardware level gateway in information security? text/html 2024-03-30T15:18:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:authentication_fundamentals&rev=1711811880&do=diff Authentication fundamentals involve verifying the identity of users or entities attempting to access a system, application, or resource. Authentication typically relies on one or more factors to confirm the identity of the user. The three primary factors of authentication are: text/html 2022-06-25T11:14:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:basics&rev=1656155640&do=diff Security Basics: 101 The 5 network security basics you need to know What is Cybersecurity? Network Security: What Is It, Why Does It Matter and What Can You Do to Make Networks More Secure? Internet Security Basics Network Security Tutorial For Beginners | Network Security Basics | Cybersecurity Training Cyber security fundamentals | Understanding Cybersecurity Basics | Edureka Rewind - 4 An Introduction to Cyber Security Basics for Beginner What Are Network Security Basics? In… text/html 2023-09-21T05:43:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:bs_7799&rev=1695274980&do=diff BS 7799, also known as British Standard 7799, was a set of information security standards published by the British Standards Institution (BSI) in the late 1990s and early 2000s. It was later adopted and developed into the ISO/IEC 27000 series of international standards for information security management systems (ISMS). BS 7799 played a significant role in shaping modern information security practices and standards. Here's a detailed explanation of BS 7799: text/html 2023-09-21T05:45:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:bsi_standard_100-4&rev=1695275100&do=diff BSI Standard 100-4, also known as “BS 100-4,” is a British standard published by the British Standards Institution (BSI) that provides guidelines and recommendations for business continuity management (BCM). Specifically, BS 100-4 focuses on the strategies and techniques for business continuity planning and the development of a business continuity management system (BCMS). Here's a detailed explanation of BSI Standard 100-4: text/html 2023-01-21T22:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:burp_suite&rev=1674341340&do=diff Burp Suite text/html 2023-09-21T13:33:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:ccop&rev=1695303180&do=diff CCoP can stand for various things, depending on the context. One common interpretation is “Cross-Chain Proof of Possession,” which is often related to blockchain technology and interoperability between different blockchain networks. However, without more specific context, it's challenging to provide a detailed explanation. text/html 2023-06-19T20:58:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:cis_center_for_internet_security&rev=1687208280&do=diff CIS (Center for Internet Security) is an organization that focuses on enhancing cybersecurity and promoting best practices for securing information systems. CIS provides a variety of resources and frameworks to help organizations improve their security posture. One of the well-known offerings from CIS is the CIS Controls. text/html 2023-06-19T22:18:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:common_criteria&rev=1687213080&do=diff About The Common Criteria Certified Products SUSE Linux Enterprise Server, Version 15 SP2 Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.3 Certificate text/html 2022-04-26T09:19:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:converged_plantwide_ethernet&rev=1650964740&do=diff Building converged plantwide ethernet architectures Connected Factory Architecture Theory and Practice text/html 2023-02-04T20:48:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:cracking_windows&rev=1675543680&do=diff Cracking Windows let’s play with a ZERO-DAY vulnerability “follina” Fake Windows exploits target infosec community with Cobalt Strike Cobalt Strike Custom Profile Attack With .LNK Exploit VS Windows Defender 11 With Custom UAC Bypass. Technical Advisory: CVE-2022-30190 Zero-day Vulnerability “Follina” in Microsoft Support Diagnostic Tool How to Intercept & Decrypt Windows Passwords on a Local Network Chapter 23. samba domain controller 5. Browsing and Advanced Disk Shares Finally… text/html 2022-05-11T12:15:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:crest&rev=1652271300&do=diff CREST Practitioner Security Analyst And CREST Registered Tester Technical Syllabus CREST Registered Security Analyst (Penetration Testing) CREST Registered Security Analyst Syllabus CREST Certified Tester Technical Syllabus text/html 2022-11-08T08:54:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:cyber_attack_examples&rev=1667897640&do=diff How Hackers Stole $1.000.000.000 From Banks (Carbanak) Documentary IHG hack: 'Vindictive' couple deleted hotel chain data for fun IHG hack: 'Vindictive' couple deleted hotel chain data for fun By Joe Tidy Cyber reporter Holiday Inn logo and signImage source, Getty Images Hackers have told the BBC they carried out a destructive cyber-attack against Holiday Inn owner Intercontinental Hotels Group (IHG) text/html 2023-04-07T15:46:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:cybersecurity_kpis&rev=1680882360&do=diff Cybersecurity Risk Management for Tech Companies text/html 2022-04-26T09:19:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:defence_in_depth_model&rev=1650964740&do=diff Defense in depth defined Defense-in-Depth Defense in depth (computing) What is defense in depth? Cybersecurity Spotlight – Defense in Depth (DiD) text/html 2022-11-11T11:33:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:defense-in-depth&rev=1668166380&do=diff defense-in-depth text/html 2023-05-02T07:07:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:defensive_security&rev=1683011220&do=diff Computer Science 203: Defensive Security text/html 2023-06-19T20:49:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:disa_defense_information_systems_agency&rev=1687207740&do=diff DISA, or the Defense Information Systems Agency, is an agency of the United States Department of Defense (DoD). It was established in 1960 and serves as a combat support agency responsible for providing information technology (IT) and communications support to the military services, combatant commands, and other DoD components. text/html 2023-01-12T12:29:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:eal_7_systems&rev=1673526540&do=diff SiFive and ProvenRun Collaborate to deliver Best-in-Class Security for RISC-V Microprocessors ProvenCore An ultra-secure Operating System Gemalto receives EAL7 certification for smart card embedded software Gemalto: eCovers & OS for Taiwanese electronic passports What is Common Criteria? What is Common Criteria? Common Criteria (CC) is an international set of specifications and guidelines designed to evaluate information security products and systems. Common Criteria, officially kno… text/html 2023-06-19T21:08:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:eal7_discussion_1&rev=1687208880&do=diff From : <https://news.ycombinator.com/item?id=9953283> Hacker News new | past | comments | ask | show | jobs | submit login tptacek on July 27, 2015 | parent | context | favorite | on: Hacking Team: a zero-day market case study Frankly: this EAL7 stuff has basically no applicability to the real world. People get EAL6-EAL7-EAL6+ certification for things where they're (a) willing to spend 2x the implementation dollars just for the privilege of selling a product (or part) to a tiny subset of all GS… text/html 2024-03-30T15:17:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:federated_identity_management_considerations_for_cloud_based_services_and_hybrid_environments&rev=1711811820&do=diff Federated identity management plays a crucial role in enabling secure access to cloud-based services and hybrid environments, where resources are distributed across on-premises and cloud-based infrastructure. Here are some considerations for implementing federated identity management in such environments: text/html 2024-03-30T15:15:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:federation_standards_and_protocols&rev=1711811700&do=diff Federation standards and protocols define the mechanisms and specifications for secure identity federation, authentication, and authorization across different domains and systems. Here's an overview of some common federation standards and protocols: text/html 2022-05-25T15:21:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:financial_security_china&rev=1653492060&do=diff China regulator proposes cybersecurity review for some Hong Kong IPOs Regulations For The Implementation Of The Standardization Law Of The People’s Republic Of China China Financial Standards Technical Committee China Cybersecurity Law. A bigger change than Y2K? China Cyber Threat Overview and Advisories Cybersecurity concerns arising from China’s new Securities Law Cyber security in China China Cybersecurity and Data Protection: Monthly Update January 2022 Issue China’s cybersecurit… text/html 2022-05-25T13:40:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:financial_security_pakistan&rev=1653486000&do=diff SEC GUIDELINES ON CYBERSECURITY FRAMEWORK FOR INSURERS 2020 SEC Directive on Cybersecurity Framework for Insurance Sector 2019 (Draft)-08012019 Comments on SEC Guidelines on Cybersecurity framework for insurers text/html 2023-06-19T20:43:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:fips_140-2&rev=1687207380&do=diff FIPS 140-2 (Federal Information Processing Standards Publication 140-2) is a standard developed by the National Institute of Standards and Technology (NIST) in the United States. It defines the security requirements for cryptographic modules used in protecting sensitive information. text/html 2023-09-21T05:41:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:fips_140&rev=1695274860&do=diff FIPS 140, or the Federal Information Processing Standard Publication 140, is a U.S. government standard that defines security requirements for cryptographic modules. These modules are used in a wide range of information technology products and systems to protect sensitive information through encryption and other cryptographic techniques. FIPS 140 is particularly important in the government and regulated industries, such as finance and healthcare. Here's a detailed explanation of FIPS 140: text/html 2024-03-30T11:15:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:frameworks_for_designing_and_implementing_security_controls_cobit_itil_iso_27001_27002&rev=1711797300&do=diff Frameworks provide structured approaches for designing and implementing security controls within an organization. Here's an overview of some commonly used frameworks: 1. COBIT (Control Objectives for Information and Related Technologies): * Purpose: text/html 2024-03-30T11:19:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:implementing_secure_email_protocols&rev=1711797540&do=diff Implementing secure email protocols such as S/MIME (Secure/Multipurpose Internet Mail Extensions) and PGP (Pretty Good Privacy) helps ensure the confidentiality, integrity, and authenticity of email communication. Here's an overview of each protocol and how they are implemented for secure email communication: text/html 2024-03-30T15:09:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:implementing_sso_solutions_across_multiple_domains_and_applications&rev=1711811340&do=diff Implementing Single Sign-On (SSO) solutions across multiple domains and applications can streamline authentication processes, improve user experience, and enhance security. Here's a general approach to implementing SSO across multiple domains and applications: text/html 2023-09-21T13:35:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:isa_iec_62443&rev=1695303300&do=diff ISA/IEC 62443 Cybersecurity Fundamentals This is a 4-day Cybersecurity IEC 62443 training course. The ISA/IEC 62443 standards define requirements and procedures for implementing electronically secure automation and control systems and security practices, and assessing electronic security performance. The cybersecurity standards, and the resulting training, certification, and certificate programs, cover the complete lifecycle of cybersecurity protection. Developed by a cross-section of interna… text/html 2023-09-21T05:40:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:iso_17799&rev=1695274800&do=diff ISO/IEC 17799, also known as ISO/IEC 27002, is an information security standard that provides a comprehensive set of best practices and guidelines for establishing, implementing, maintaining, and improving an Information Security Management System (ISMS). The standard offers a framework for managing information security risks and protecting sensitive information assets. Here's a detailed explanation of ISO/IEC 17799: text/html 2023-09-21T05:23:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:iso_27001&rev=1695273780&do=diff ISO 27001 is an internationally recognized standard for information security management systems (ISMS). It provides a systematic approach for organizations to manage and protect their sensitive information by establishing, implementing, maintaining, and continually improving information security controls and processes. The goal of ISO 27001 is to ensure the confidentiality, integrity, and availability of information assets while managing associated risks. text/html 2023-09-21T05:42:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:iso_27002&rev=1695274920&do=diff ISO/IEC 27002, formerly known as ISO/IEC 17799, is a widely recognized international standard that provides guidelines and best practices for information security management. It is part of the broader ISO 27000 series, which covers various aspects of information security, including risk management, security controls, and best practices for implementing and maintaining an effective Information Security Management System (ISMS). Here's a detailed explanation of ISO/IEC 27002: text/html 2023-09-21T05:44:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:iso_iec_15408_common_criteria&rev=1695275040&do=diff ISO/IEC 15408, commonly referred to as Common Criteria (CC), is an international standard used for evaluating and certifying the security features and capabilities of information technology products and systems. The Common Criteria is designed to provide a consistent and globally recognized framework for assessing the security of software, hardware, and other IT components. Here's a detailed explanation of ISO/IEC 15408 Common Criteria: text/html 2023-06-19T20:44:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:iso_iec_15408&rev=1687207440&do=diff ISO/IEC 15408, also known as the Common Criteria for Information Technology Security Evaluation, is an international standard that defines a framework for evaluating and certifying the security of IT products and systems. It provides a standardized approach to assessing the security features and capabilities of products across different countries and organizations. text/html 2023-06-19T20:52:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:libgcrypt&rev=1687207920&do=diff Libgcrypt is a free and open-source cryptographic library that provides cryptographic functions and algorithms for software applications. It is a part of the GNU Privacy Guard (GnuPG) project and is primarily focused on symmetric encryption, cryptographic hashing, and random number generation. text/html 2022-06-25T08:51:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:linux_hardening&rev=1656147060&do=diff 40 Linux Server Hardening Security Tips 2021 edition Grsecurity provides a full suite of synergistic defenses, from security-enhanced compilation and our world-class memory corruption defenses to access control. text/html 2022-06-15T13:41:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:linux&rev=1655300460&do=diff Five things you need to know about Linux container security text/html 2022-11-18T14:16:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:malware&rev=1668780960&do=diff Stuxnet | The Computer Virus That Caused World War 3 Nitro Zeus Nitro Zeus is the project name for a well funded comprehensive cyber attack plan created as a mitigation strategy after the Stuxnet malware campaign and its aftermath.[1] Unlike Stuxnet, that was loaded onto a system after the design phase to affect its proper operation, Nitro Zeus's objectives are built into a system during the design phase unbeknownst to the system users. This built-in feature allows a more assured and effectiv… text/html 2022-06-16T20:05:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:managed_security_services&rev=1655409900&do=diff Managed Security Services Managed Security Services- An Opportunity for Carriers by Vincent Giordano Carriers looking for new sources of revenue, and new ways of solidifying customer loyalty, should consider adding managed security services to their offerings. Equally important, they should consider outsourcing these services themselves to realize the greatest benefits for themselves and their customers. text/html 2023-09-21T05:39:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:nist&rev=1695274740&do=diff NIST, or the National Institute of Standards and Technology, is a federal agency within the United States Department of Commerce. NIST plays a crucial role in the development and promotion of standards, guidelines, and best practices across various fields, including science, technology, and cybersecurity. Here's a detailed explanation of NIST and its significance: text/html 2023-01-21T22:46:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:nmap&rev=1674341160&do=diff Nmap Vulnerability Scanning Made Easy: Tutorial text/html 2023-01-21T21:18:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:opensource_testing_methodology&rev=1674335880&do=diff [OSSTMM 3 – The Open Source Security Testing Methodology Manual] text/html 2023-06-19T20:55:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:openssl_and_libgcrypt_compared&rev=1687208100&do=diff Libgcrypt and OpenSSL are both cryptographic libraries used to implement encryption, decryption, hashing, and other cryptographic operations in software applications. While they share similar goals, there are notable differences between the two libraries. text/html 2023-06-19T20:51:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:openssl&rev=1687207860&do=diff OpenSSL is an open-source software library that provides cryptographic functions and protocols to secure communications over computer networks. It is one of the most widely used cryptographic libraries and has been adopted by numerous applications and systems for implementing secure protocols such as SSL/TLS (Secure Sockets Layer/Transport Layer Security). text/html 2022-05-10T17:42:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:oscp&rev=1652204520&do=diff PEN-200 The official OSCP certification course Penetration Testing with Kali Linux Penetration Testing with Kali Linux Syllabus | Updated February 2020 Penetration Testing with Kali Linux Syllabus | Updated February 2020 Table of Contents 1 Penetration Testing with Kali Linux: General Course Information 1.1 About The PWK Course 1.1.1 PWK Course Materials 1.1.2 Access to the Internal VPN Lab Network 1.1.3 The Offensive Security Student Forum 1.1.4 Live Support 1.1.5 OSCP Exam Attempt 1.2 Overa… text/html 2023-06-19T20:51:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:oval_open_vulnerability_assessment_language&rev=1687207860&do=diff OVAL (Open Vulnerability Assessment Language) is a standardized language used for describing and assessing the security vulnerabilities present in computer systems and applications. It provides a platform-independent method to represent and exchange vulnerability and configuration information. text/html 2024-03-30T11:08:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:overview_of_common_security_models&rev=1711796880&do=diff An overview of some common security models used in information security 1. Bell-LaPadula Model: * The Bell-LaPadula (BLP) model is a formal model for enforcing access control policies, particularly in government and military settings. * It is based on the principles of confidentiality and integrity. text/html 2023-10-19T09:43:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:owasp&rev=1697708580&do=diff The Open Web Application Security Project (OWASP) is a global community-driven organization that focuses on improving the security of software and web applications. OWASP provides a plethora of resources, tools, guidelines, and best practices to help organizations and developers build, deploy, and maintain secure web applications. In this comprehensive explanation of OWASP, we will delve into its history, mission, key projects, methodologies, and its significance in the field of application secu… text/html 2022-06-12T08:41:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:parameter_tampering&rev=1655023260&do=diff Mitigation Techniques Solving URL manipulation problems takes planning. Different techniques can be used in different situations. The best solution is to avoid putting parameters into a query string (or hidden form field). When parameters need to be sent from a client to a server, they should be accompanied by a valid session token. The session token may also be a parameter, or a cookie. Session tokens have their own special security considerations described previously. In the example above, t… text/html 2023-09-21T05:38:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:pci_dss&rev=1695274680&do=diff Introduction to PCI-DSS Course An Introduction to PCI-DSS Requirements A basic understand of enterprise IT functions Description Thus course is designed to give an overview of the standard and to provide guidance on the requirements and key considerations when implementing a PCI-DSS compliance programme. Whether your business is a large enterprise or small business the course provides relevant advice and guidance. Your instructor Graeme Parker uses his expertise and experience of implemen… text/html 2022-11-11T11:31:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:principle_of_least_privilege&rev=1668166260&do=diff What is the Principle of Least Privilege? text/html 2024-03-30T11:21:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:principles_of_secure_instant_messaging_and_collaboration_tools&rev=1711797660&do=diff Secure instant messaging and collaboration tools play a crucial role in facilitating communication and collaboration while ensuring the confidentiality, integrity, and availability of sensitive information. Here are some principles of secure instant messaging and collaboration tools: text/html 2024-03-30T11:14:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:role-based_access_control_rbac_and_attribute-based_access_control_abac_models&rev=1711797240&do=diff Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) are two popular access control models used in information security to regulate access to resources. Here's an overview of each: 1. Role-Based Access Control (RBAC): * Definition: text/html 2022-05-15T10:11:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:rsa_archer&rev=1652609460&do=diff A Detailed RSA Archer Tutorial The RSA Archer GRC is the platform which helps the business-level administration of massive business administration, hazard the executives, and consistence (GRC). As the establishment for all RSA Archer GRC arrangements, the stage allows you to adjust each and every item to your necessities, construct your very own applications, and incorporate with different frameworks without contacting code. Archer administrators who are responsible for building and managing th… text/html 2024-03-30T11:17:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:secure_communication_protocols&rev=1711797420&do=diff Secure communication protocols play a critical role in ensuring the confidentiality, integrity, and authenticity of data transmitted over networks. Here's an overview of some commonly used secure communication protocols and their roles: 1. SSL/TLS (Secure Sockets Layer/Transport Layer Security): text/html 2024-03-30T11:21:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:secure_file_transfer_protocols&rev=1711797660&do=diff Secure file transfer protocols such as SFTP (SSH File Transfer Protocol) and FTPS (FTP Secure) are used to transfer files securely over a network. Here's an overview of each protocol and how they provide secure file transfers: 1. SFTP (SSH File Transfer Protocol): text/html 2023-05-02T07:05:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:secure_programming&rev=1683011100&do=diff Secure programming Secure Programming: Purpose & Methods Secure coding practices every developer should know Secure coding Defensive programming Offensive programming OWASP Secure Coding Practices-Quick Reference Guide OWASP Secure Coding Practices Quick Reference Guide Go Language - Web Application Secure Coding Practices is a guide written for anyone who is using the Go Programming Language and aims to use it for web development. text/html 2022-11-09T18:11:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:security_seminar_14_nov_2022_preparation&rev=1668017460&do=diff Computer Security Seminar Date : Monday 14 November 2022 Time : 14:00 - 16:00 ( Pakistan Time ) GMT+5 Location : Online Meeting link : Provided to registered participants. Registration contact : khawar@atrc.net.pk Sponsor : Karachi Computer Services text/html 2023-01-21T21:17:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:security_simplified&rev=1674335820&do=diff Interactive Controls The Class A Interactive Controls make up exactly half of all the operation controls. These controls directly influence visibility, access, or trust interactions. The Class A categories are Authentication, Indemnification, Subjugation, Continuity, and Resilience. text/html 2022-06-16T20:07:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:services&rev=1655410020&do=diff ... unfortunately, the reality of building effective web solutions isn't quite so straightfoward. The Internet is fast becoming an accepted part of everyday life - millions of people now use it for commercial and business activities. Ever changing customer requirements dictate successful e-commerce solutions adapt quickly to stay ahead of the competition. However, evolving systems need to satisfy key architecture considerations - security, availability and performance. text/html 2022-11-28T10:25:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:siem&rev=1669631100&do=diff What is SIEM? A Beginner’s Guide What Is Security Information and Event Management (SIEM)? Security information and event management (SIEM) is a set of tools and services that combine security events management (SEM) and security information management (SIM) capabilities that helps organizations recognize potential security threats and vulnerabilities before business disruptions occur. SIM focuses on collecting and managing logs and other security data while SEM involves real-time analysis an… text/html 2022-11-10T14:48:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:singapore_course&rev=1668091680&do=diff SMU Advanced Certificate in Cybersecurity Singapore cyber security laws Cybersecurity Act, PDPA, IM8, MAS TRM Participants will build awareness of the cybersecurity landscape, gain insights into how emerging technologies are harnessed in cybersecurity. Cybersecurity Landscape & Adoption of Emerging Technologies in Cybersecurity text/html 2024-03-30T15:12:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:single_sign-on_sso_principles_and_benefits&rev=1711811520&do=diff Single Sign-On (SSO) is an authentication process that enables users to access multiple applications and systems with a single set of credentials. Here are the principles and benefits of SSO: Principles: 1. Unified Authentication: SSO allows users to authenticate once with their credentials (such as username and password) and gain access to multiple applications and systems without having to re-enter their credentials. text/html 2022-11-13T12:56:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:soc2&rev=1668344160&do=diff Free PDF download: SOC 2 Audit Readiness Assessment case study How to implement SOC2 compliance for containers and cloud SOC 2 Compliance text/html 2023-01-21T10:10:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:ssl_and_tls&rev=1674295800&do=diff TLS vs SSL: What’s the Difference? Which One Should You Use? How to Install Let’s Encrypt SSL on Ubuntu with Certbot Certbot Instructions text/html 2022-04-26T09:19:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:textbook&rev=1650964740&do=diff Top 7 Cyber Security Books for Beginners in 2020 Cyber Security Policy Guidebook TOC Cybersecurity EFFECTIVE CYBERSECURITY: A Guide to Using Best Practices and Standards EFFECTIVE CYBERSECURITY CONTENTS text/html 2024-03-09T14:04:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:ttc_intro_to_cybersecurity_course&rev=1709993040&do=diff Topics Top Certifications Certified Information Systems Security Professional (CISSP): Offered by (ISC)², CISSP is one of the most globally recognized certifications in the field of cybersecurity, focusing on security management practices and principles. text/html 2022-05-11T13:27:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:uk_laws&rev=1652275620&do=diff Computer Misuse Act 1990 Human Rights Act 1998 Data Protection Act 1998 Police and Justice Act 2006 text/html 2023-09-21T05:39:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:ul_2900&rev=1695274740&do=diff UL 2900 is a set of cybersecurity standards and guidelines developed by Underwriters Laboratories (UL), a global safety certification organization. These standards are specifically designed for evaluating the security of network-connectable products and systems, such as medical devices, industrial control systems, and Internet of Things (IoT) devices. UL 2900 provides a framework for assessing the cybersecurity of these products to ensure they meet established security criteria. Here's a detaile… text/html 2024-03-30T15:13:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:understanding_identity_federation_concepts_and_architectures&rev=1711811580&do=diff Identity federation is a mechanism that allows users to access resources and services across multiple domains or organizations using a single set of authentication credentials. It enables seamless authentication and authorization processes by establishing trust relationships between identity providers (IdPs) and service providers (SPs). Here's an overview of identity federation concepts and architectures: text/html 2022-10-28T19:00:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:vulnerability_analysis&rev=1666983600&do=diff Vulnerability Assessment Report Top 19 Kali Linux tools for vulnerability assessments Kali Linux – Vulnerability Analysis Tools vulnerability assessment (vulnerability analysis) Tips For Creating a Strong Vulnerability Assessment Report 5 Steps of Vulnerability Assessment Report and How to Write an Assessment Report? Vulnerability Assessment Reporting: The Complete Guide for Beginners Sample Network Vulnerability Assessment Report How To Write a Vulnerability Assessment Report … text/html 2023-02-04T19:16:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:vulnerability_assessment&rev=1675538160&do=diff Vulnerability Assessment A vulnerability assessment is done to check a computer system, network, or web application to evaluate its security. The goal of the assessment is to identify vulnerabilities that an attacker could exploit and to assess the potential impact of a successful attack. An assessment typically involves the following steps: text/html 2023-01-21T21:33:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:web_security_testing_guide&rev=1674336780&do=diff Web Security Testing Guide WSTG - v4.1 Penetration Testing Methodologies Summary OWASP Testing Guide PCI Penetration Testing Guide Penetration Testing Execution Standard NIST 800-115 Penetration Testing Framework Information Systems Security Assessment Framework (ISSAF) Open Source Security Testing Methodology Manual (OSSTMM) text/html 2023-11-01T11:32:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://atrc.net.pk/dokuwiki/doku.php?id=products:ict:security:zero_trust&rev=1698838320&do=diff Zero Trust Security Explained: Principles of the Zero Trust Model ---------- Zero Trust is a cybersecurity framework that has gained prominence in recent years as organizations increasingly face complex and evolving threats to their digital assets. This concept challenges the traditional security paradigm, which relied on the assumption that threats primarily originate from external sources and that once inside the network, all traffic and users can be trusted. In contrast, Zero Trust assumes …