WℜITING-TO-LEAℜN

What is Access Control in cybersecurity?? Lets learn about that in simple terms, Access control is restricting access to a place or any resource, while access management defines the process how to do. If we want to enter any resource, place we need permission. The permission to access that particular resource, getting into the particular place is Authorization . Example: While accessing any bank account we have to give the right credentials, or else the website would restrict your access to the server. Only the authorized would be able to login with the credentials. Access Control is a security term used to maintain who or what can access or view the computer resources. This could restrict the entry to the limited. Access control to any organization is of 2 types Physical Access Electronic Access Control (EAC) Physical Access limits the access of the persons to the security rooms, IT server Buildings, other departments. Electronic access control (EAC) is the limitation of access of r...

What are SSL and TLS?? What is the difference between SSL and TLS?? What is SSL? SSL (Secure Sockets Layer) is networking protocols which helps in securing the network. Transport Layer Security (TLS)  is the upgrade version of SSL. SSL is a digital document that secure the identity of any website. Basically it encrypts the data by using cryptographic key pairs which consists of public and private key. The public key is present in the certificate and allows the web browser to start off the communication given to the server. The private key is on the server and is used to digitally retrieve or sign the web pages and other files such as images, videos, scripting files. In SSL certificate we can see much information also which includes identifying information about the website, its domain name and identifying information about the site's owner. We could also see expiry information, serial number, company issued also about the certificates. To keep the website secure one should buy the...

 Have you ever heard about DLP?? What is it ?? DLP also known as Data Loss Prevention . It is a Software which detects the data breaches transmissions and prevents them by monitoring, detecting and also blocking the data in motion means in network traffic. Data loss, information leakage, Content filtering are the terms mostly used in the prevention system. In the tech industry employees dealing with data leakage are mainly divided into categories standard security measures, advanced security measures, access control and encryption and designated DLP systems.  Standard security measures are using antivirus software, IDS intrusion detection systems and using firewalls. Firewalls prevents from outsider to access any data inside of the organization. IDS - intrusion detection system detects intrusion attempts by outsiders.  Advanced security measures detect abnormal access to data by using the algorithms, abnormal  email exchange,  honeypots for detecting authorized...

 What Does Payload Mean? A payload is a computer virus that executes a malicious activity. Basically the speed in which a virus spreads, the threat level of that virus is defined by the damage it makes. Viruses with high and most powerful  payloads would create more harm to the systems. Not all viruses carry a payload, few are dangerous would destroy the system, send spam messages, destroy the data etc., that harm the system or individual. A payload is also called as a destructive payload . Some viruses steal the data by unauthorized access, and destroy data by sending lots of payloads. Payloads are the small portion of the malware which performs malicious action. some Malware also has typical overhead code aimed at simply spreading itself, or avoiding detection.  In Programming sending of  the payload data is mostly sent in JSON Format and XML Format. Hackers send the payload through the emails by links or they bind with any other application, when installed could e...

 How does DNS works? Firstly  What is DNS? DNS is defined as the Domain Name System . Domain name system translates domain names into ip addresses, which is loaded by the browser. Every website, every domain has ip address. It is required for the functioning of the internet. How DNS works? Web browser (Client) sends request to the web server, and the web server contains the files of only authorized clients. To determine whether the client is on the authorized list or not, it sends a query to the DNS server and ask for mapping an address to the name. Then DNS resolver sends a request to the DNS server to obtain the IP address of a hostname. DNS resolver is a piece of software code. DNS resolver sends requests to the root server, then root server directs the DNS resolver to the correct TLD server for the requested domain. DNS resolver again redirects to the Top Level Domain (TLD) server, TLD server shares information of all the domain names that shares the extensions such has .c...

What is HTTP? HTTP is a protocol. HTTP stands for Hypertext standard protocol . It is defined as a set of rules used for communicating with servers while transmitting any message from client to server. then, what is HTTPS? HTTPS is a secure version of HTTP. "s" is Secure in HTTPS. In HTTPS the data sent is encrypted, so that people don't see the message transmitted over the network. By using the secured version the data sent or received is completely encrypted and no one can impersonate it. When we access a website, our browser sends requests to the server and then the server gives the response in the form of web pages. webpages consist of images, audio, video, html files, and more. How do we access a website? When we access a website, the browser sends a request to a web server and downloads the responses. You need to tell the browser specifically from where to access the resources, this is where the URLs help. URL is a uniform Resource Locator which gives instructio...

 How many of know google hacking?? Yes, A search engine google helps in hacking. Google Hacking or google dorking is a search hacking technique that uses advanced queries to find the information. google dorks refer to specific search commands which is written in URL to find the information. A dork comprises of combination of parameter and search operators that are written in search bar. ethical hackers use this advanced search to find the crucial information. With the help of google dorking, any information hidden on public websites and vulnerabilities and sensitive information of any website is exposed. savvy criminals and security analysts also use  dorking for finding the information. osint and security professionals use the whole database and find the vulnerabilities. The Google Hacking Database (GHDB) was initially started by Johnny Long. but is now maintained and updated at Exploit Database. The Google Hacking Database (GHDB) is  categorized index of Internet sea...