Consulting, training, design, implementation, maintenance and development of Cyber Security Management Systems and Independent or Integrated Systems for Quality Management (ISO 9001), Information Security Management (ISO 27001), IT Service Management (ISO 20000-1), Business Continuity Management (ISO 22301), EU Global Data Protection Regulaton (GDPR) Contacts: +359 886 655 315; infosecservicebg@gmail.com; http://infosecservicebg.wix.com/study-security
Translate
събота, 7 декември 2019 г.
Инструменти за тестове и самообучение по информационна сигурност
The Secure Socket Layer (SSL) configuration lab
This is a cybersecurity lab that is offered by Wormly. You can refer to it at
https://www.wormly.com/test_ssl
It allows you to conduct a deep analysis of the SSL configuration of a web server. This is an important test since misconfigured SSL can introduce security vulnerabilities that can be exploited by cybercriminals to steal data that is stored, sent, or received by the server or can be exploited to carry out Denial of Service (DoS) attacks.
Additionally, a misconfigured SSL web server can slow down websites, thereby degrading a user's experience.
In this lab, a cybersecurity expert can identify the security configuration weaknesses or errors in web servers. It is important to note that SSL certificates are vital for securing communication between web clients and web servers. The SSL certificate ensures that all data that is exchanged between a web server and a browser is kept private and secure through encryption. Wormly offers a simplified interface where you can enter either the URL or public IP address of the web application whose SSL server is to be scanned. You can then click on the Start SSL test button to begin the test.
The tool provides important information about the SSL certificate that is in use, such as validity duration and trust level. The report also includes security information such as whether the encryption ciphers in use are strong, the public key size, the security protocols in use, and their version and performance information, such as SSL handshake size, TLS stateless resume, and SSL session cache. This information allows you to identify any weaknesses in SSL configuration so that appropriate measures can be taken to correct the weaknesses before criminals can exploit them. A cybersecurity expert will easily interpret and fix the errors that this tool highlights.
Източник:
Cybersecurity: The Beginner'sGuide - Dr. Erdal Ozkaya
Абонамент за:
Коментари за публикацията (Atom)
Няма коментари:
Публикуване на коментар