Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security_Plus - Coggle Diagram
Security_Plus
Web Server
Web spoofing
Services
LDAP
RDP
SIP
SRTP
STP
ActiveX
Buffer Overflow Attacks
Bufferstack
Buffer Heap
Logging Activity
Performing backups
Active Server Pages
Protection at the Network level
Protection at the Client level
Cookie Threat
CGI wraper
FTP Bounce Attack
3ٌWay Handshake
Proxy Server
Forward Proxy
Reverse Proxy
Risk Assessment
شناسایی دارایی ها
شناسایی تهدیدات
ارزیابی آسیب پذیری ها
تجزیه و تحلیل ریسک
اولویت بندی ریسک
اجرای کنترل ها
نظارت و بررسی
VA: Vulnerability Assessment
PT: Penetration Testing
Traceroute
Data leakage
Devices based security
Firewalls
Packet Filtering Firewalls
Application Layer Gateway
Stateful inspection
Host Based Firewall
Network Based Firewall
Stateful Inspection Firewall
Stateless Firewall
Web Application Firewall
Unified Thrcat Management Firewall
Net Generation Firewall
Security Zones
DMZ
Layered DMZ implementation
Multiple interface Firewall implementation
Subnets
IDS
NIDS
HIDS
IPS
NIPS
HIPS
Hardening
System Hardening
Network Hardening
Application Hardening
PORTS
SMTP: 25
HTTP: 80
HTTPS: 443
FTP:20,21
SMB:445.139
SSH:22
POP3:110
IMAP: 143
DNS:53
NFS :256
Telenet:23
NNTP:119
NAT
SNAT
DNAT
NAT static
NAT dynamic
NAT Limited port
Honeypot
Low Interaction Honeypot
High Interaction Honeypot
Cryptography
Symmetric encryption
Asymmetric encryption
difference between encryption and hashing
Digtal Signaturesِ
PKI: Public Key Infrastructure
Digtal Certificates
Certificate Authorities
Registration Authorities
Certificate Policies
CPS: Certificate Practice Statements
CRLS: Certificate Revocation List
OCSP: Online Certificate Status Protocol
encryption
SSL
TLS
Type of Certificate
Self-Signed Certificate
Wild Card Certificate
Domain Validation
SAN: Subject Alternative Name
Code Signing
Computer/Machine
User
EV: Extended Validation
Policies
Who/What/When/Where/Why/How
Disaster Recovery
Remote Access
Remote Access Security
Remote Access Sevice
استاندارد 802.1x
Protocol EAP
VPN
Carrier Protocol
Encapsulating Protocol
Passenger Protocol
PPTP/L2TP
RADIUS/TACASCS+
Nework Attached Storage
SSH
Other
Fload Guard
NetBIOS
Kerberos
Penetration Testing
Rules of Engagement
Client Contact
Scope
Black Box
White Box
Gray Box
IT Team Notification
Data Handiling
Web Applications
Regular Client Meeting
Cleanup
Bug Bounty
Pivoting
Lateral Movement
Persistence
Escalation of Privilege
Different Teams
Red Team
Blue Team
Purple Team
White Team
green Team
SCAN
Common Vulnerabilities and Exposure:CVE
Common Vulnerability Scoring System:CVSS
Credentialed Scan
Non Credentialed Scan
INtrusive
Non INtrusive
Network Scans
Application Scans
Web Application Scans
Configuring Review
Load Balancer
E-Mail Security
MIME
S/MIME
PGP
Chosen ciphertext Attack(CCA)
SMTP Relay Attack
Wireless technology
WAP
WLAN
Bluetooth
WEP
WPA
WPA2
WPA3
Virtual Machine
Container
Virtual Switch
Sandboxing
Snapshot
VM Escape
VM Escape Protection
Information security
Confidentiality
Integrity
Availability
Access Control List
Attack
Active attacks
Spoofing
Mac Spoofing
IP Spoofing
ARP Spoofing
Man-in-the-Middle (MitM)
Replay attack
TCP Hijacking
DDOS
DOS
Scocial Engineering
Phishing
Vishing
Dumpster Diving
Spear Phishing
Whaling
Smishing
Pretexting
Credential Harvesting
Shoulder Surfing
Hoax
Wardriving
Passive attacks
Vulnerability scanning
Sniffing
Eavesdropping
Password attacks
Brute force
dictionary
password policy
Malicious code attacks
Malware
Viruses
Parasitic
Bootstrap Sector
Multi Partite
Trojan Horses
Back Orifice
Net Bus
Logic Bombc
Worms
Love bug worms
Nimda worms
Back Door
Root Kit
Ran Somvare
what is AAA
Access Control
مدل اجباری MAC
مدل اختیاری DAC
مدل مبتنی بر نقش RBAC
Authentication
احراز هویت از طریق دانش
احراز هویت از طریق مالکیت
احراز هویت از طریق مشخصات
احراز هویت دو عاملی
Auditing