LAMP Stack System – Prepare Stage _ Organizational Level & System Level
- Start Date Sept. 25
- End Date Current
I. Prepare Stage:
A. Organizational Level
a. Task P-1: Risk Management Roles and their responsibilities
This task consists of identifying individuals that will hold key roles for executing the Risk Management Framework (RMF). The expected output is a documented RMF role assignments. The primary role in charge of this task is Head of Agency or Chief Information Security Officer (CISO). Some Supporting roles are the Authorizing Official, Risk Executive, and Senior Agency Information Security Officer(AISO). That said, I will be documenting as the Chief Information Security Officer (CISO) of TarbariTech Inc.
Using the NIST SP 800-37 Revision 2, appendix D we are going to identify these roles.
An AO is a senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organization operations and assets, individuals, other organizations, and the Nation. To do this, the AO relies primarily on: (i) the completed security plan; (ii) the security assessment report; and (iii) the plan of action and milestones for reducing or eliminating information system vulnerabilities
The Control Assessor is an individual, or group, or organization responsible for conducting a comprehensive assessment of implemented controls enhancements to determine the effectiveness of the controls (i.e. the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and organization)
The SAISO, also known as Chief Information Security Officer, is responsible for promulgating policies on security integration in the SDLC and developing enterprise standards for information security. This individual plays a leading role in introducing an appropriate structured methodology to help identify, evaluate, and minimize information security risks to the organization.
The System Owner is responsible for the procurement, development, integration, modification, operation, maintenance, and disposal of a system. The System Owner is responsible for addressing the operational interests of the user community (i.e. users who require access to the system to satisfy mission, business, or operational requirements) and for ensuring compliance with security requirements. In coordination with the System Security and Privacy Officers, the System Owner is responsible for the development and maintenance of the security and privacy plans and ensures that the system is operated in accordance with the selected and implemented controls.
The System Owner ensures that the system users and support personnel receive the requisite security and privacy training. The System Owner receives the security and privacy assessment results from the Control Assessors. After taking appropriate steps to reduce or eliminate vulnerabilities or security and privacy risks, the System Owner assembles the authorization package and submits the package to the authorizing official designated representative for ad-junction.
The Information System Security Officer is Responsible for ensuring the security of an information system throughout its life cycle
The System Security/Privacy Officer is an individual responsible for ensuring that the security and privacy posture is maintained for organizational system and works in close collaboration with the System Owner.
B. System Level
a. Task P-8: Mission or Business Focus
Organizational Mission
Our mission is to create a robust and secure system with stringent privacy requirements, tailored to meet the unique needs of the Department of Defense, ensuring seamless business operations. By prioritizing the highest standards of security and privacy, we strive to provide a trusted environment that safeguards sensitive information and enables the Department of Defense to carry out its vital mission with confidence and efficiency.
Purpose of the System
The purpose of this system is to deliver and manage training courses for the military personnel.
Metasploitable 2 is an intentionally vulnerable virtual machine built by metasploit. It’s goal is to allow hackers or penetration testers practice on existing vulnerabilities without impacting real world systems. To do so in our case, we are going to isolate the metaploitable 2 VM in our internal network protected by pfSense, our virtual firewall. Download the Metasploitable 2 VM following the link bellow:
https://sourceforge.net/projects/metasploitable
Login is msfadmin and password is msfadmin
PfSense is an open source router/firewall that we are going to use to protect our virtual environment (virtual machines) from the internet, and therefore avoid external attacks.
The steps to get this set up are the following:
Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Before we can add the vulnerable machines, we need to secure/isolate our internal network from the outside to avoid external attackers.
Fig. 9
Fig. 10
Now that we have the network set up, we are going to configure pfSense.
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Next Step is: Building A CyberLab: Setting up Metasploitable 2 VM
The objective of this project is to build a virtual cyberlab composed on many virtual machines. This virtual environment will allow us to mimic real life hacking scenarios and serve as the foundation of future projects. The environment we want to build will consist of seven (07) to virtual machines (VMs):
The objective of this project is to build a virtual cyberlab composed of many virtual machines. This virtual environment will allow us to mimic real life hacking scenarios and serve as the foundation of future projects. The environment we want to build will consist of seven (07) to virtual machines (VMs):
The topology below (Fig. 1) shows an overview of the lab environment.
Fig. 1
A. Setting Up VirtualBox
VirtualBox is a hypervisor, a program that will allow us to build the virtual machines/computers. To download Virtual VirtualBox for your computer (Windows, Linux, MacOS) follow the link below. In my case, I will download and install on a Ubuntu Linux machine.
The download link is the following: https://www.virtualbox.org//wiki/Downloads
For Linux users specifically Ubuntu, follow the steps below:
Fig. 2
Fig. 3
Fig. 4
To install VirtualBox on your machine, for my fellow Linux users, open your terminal and follow the steps bellow:
Sudo apt-get update
Enter your system’s password
Fig. 5
Go to the directory where you saved the VirtualBox download. In my case it’s in the Download directory. Once in the directory, do a quick ‘ls | grep “virtualbox” command to make sure your file is in the directory.
Fig. 6
Run the following command to install virtualbox. In my case I already have virtual box
sudo dpkg -i virtualbox-7.1_7.1.0-164728~Ubuntu~noble_amd64.deb
Fig. 7
IF THIS METHOD DOES NOT WORK FOR YOU, THE ALTERNATIVE SHOULD WORK:
Run the following command: sudo apt install virtualbox
The command should install the latest version of virtualbox for you.
Fig. 8
After installation, open the VirtualBox by running the command virtualbox. This will automatically open the App for you.
Fig. 9
In this lab, we experiment with environment variables and see how they affect programs. Specifically, how environment variables are shared (or not) between parent and child processes, with privileged (Set-UID) programs and non-privileged programs alike. All programs were compiled using gcc and output was redirected into their respective files using i/o redirection.
In this lab, the user SEED who has root privileges is in possession of a set-UID programcatall. However, there is an exploitable bug in the program that would give root privilege to a normal user. We will be exploiting different ways of getting root privilege with a
normal user Bob.
In this lab, we are exploring buffer-overflow vulnerability in the system. A buffer-overflow attack is a malicious code set in a program to go above the normal boundary of a buffer and manipulate the normal flow of this program. In recent/modern operating systems, there are many countermeasures established to avoid/reduce buffer-overflow attacks. In this lab, we will turn off these measures in order to be successful with our attack.
Metasploitable 2 is an intentionally vulnerable virtual machine built by metasploit. It’s goal is to allow hackers or penetration testers practice on existing vulnerabilities without impacting real world systems. To do so in our case, we are going to isolate the metaploitable 2 VM in our internal network protected by pfSense, our virtual firewall. Download the Metasploitable 2 VM following the link bellow:
https://sourceforge.net/projects/metasploitable
Login is msfadmin and password is msfadmin
PfSense is an open source router/firewall that we are going to use to protect our virtual environment (virtual machines) from the internet, and therefore avoid external attacks.
The steps to get this set up are the following:
Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Before we can add the vulnerable machines, we need to secure/isolate our internal network from the outside to avoid external attackers.
Fig. 9
Fig. 10
Now that we have the network set up, we are going to configure pfSense.
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Next Step is: Building A CyberLab: Setting up Metasploitable 2 VM
The objective of this project is to build a virtual cyberlab composed on many virtual machines. This virtual environment will allow us to mimic real life hacking scenarios and serve as the foundation of future projects. The environment we want to build will consist of seven (07) to virtual machines (VMs):
The objective of this project is to build a virtual cyberlab composed of many virtual machines. This virtual environment will allow us to mimic real life hacking scenarios and serve as the foundation of future projects. The environment we want to build will consist of seven (07) to virtual machines (VMs):
The topology below (Fig. 1) shows an overview of the lab environment.
Fig. 1
A. Setting Up VirtualBox
VirtualBox is a hypervisor, a program that will allow us to build the virtual machines/computers. To download Virtual VirtualBox for your computer (Windows, Linux, MacOS) follow the link below. In my case, I will download and install on a Ubuntu Linux machine.
The download link is the following: https://www.virtualbox.org//wiki/Downloads
For Linux users specifically Ubuntu, follow the steps below:
Fig. 2
Fig. 3
Fig. 4
To install VirtualBox on your machine, for my fellow Linux users, open your terminal and follow the steps bellow:
Sudo apt-get update
Enter your system’s password
Fig. 5
Go to the directory where you saved the VirtualBox download. In my case it’s in the Download directory. Once in the directory, do a quick ‘ls | grep “virtualbox” command to make sure your file is in the directory.
Fig. 6
Run the following command to install virtualbox. In my case I already have virtual box
sudo dpkg -i virtualbox-7.1_7.1.0-164728~Ubuntu~noble_amd64.deb
Fig. 7
IF THIS METHOD DOES NOT WORK FOR YOU, THE ALTERNATIVE SHOULD WORK:
Run the following command: sudo apt install virtualbox
The command should install the latest version of virtualbox for you.
Fig. 8
After installation, open the VirtualBox by running the command virtualbox. This will automatically open the App for you.
Fig. 9
I have been given this assignment by Dr. Roger Shore as my final exam to conduct a penetration test on a metasploitable 3 Virtual Machine in order to determine its exposure to a targeted attack. All activities are conducted in a manner that simulates a malicious actor engaged in a targeted attack against the VM with the goal: determine the password for each individual in the class. I have successfully been able to recover the passwords for each user using hashcat command.
rlogin or remote login is a Unix program or service that allows users to login to another host using a network. It works similarly like ssh. rlogin uses port 513.
On our metasploitable 2 machine, rlogin allows a remote host to login with root privilege with no password required (Fig. 6).
In each of the metasploitable virtual machine, we add new user “cyberraf” with a weak (easy-to-guess) password “chloe” The commands are the following:
sudo adduser cyberraf ← creates new user with username “cyberraf”
We are prompted to enter password, we type “chloe” (which is a password found in /usr/share/wordlists/rockyou.txt.gz )
Real time Currency converter using free API from FreecurrencyAPI.
Real time Currency converter using free API from FreecurrencyAPI.
I. Prepare Stage:
A. Organizational Level
a. Task P-1: Risk Management Roles and their responsibilities
This task consists of identifying individuals that will hold key roles for executing the Risk Management Framework (RMF). The expected output is a documented RMF role assignments. The primary role in charge of this task is Head of Agency or Chief Information Security Officer (CISO). Some Supporting roles are the Authorizing Official, Risk Executive, and Senior Agency Information Security Officer(AISO). That said, I will be documenting as the Chief Information Security Officer (CISO) of TarbariTech Inc.
Using the NIST SP 800-37 Revision 2, appendix D we are going to identify these roles.
An AO is a senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organization operations and assets, individuals, other organizations, and the Nation. To do this, the AO relies primarily on: (i) the completed security plan; (ii) the security assessment report; and (iii) the plan of action and milestones for reducing or eliminating information system vulnerabilities
The Control Assessor is an individual, or group, or organization responsible for conducting a comprehensive assessment of implemented controls enhancements to determine the effectiveness of the controls (i.e. the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and organization)
The SAISO, also known as Chief Information Security Officer, is responsible for promulgating policies on security integration in the SDLC and developing enterprise standards for information security. This individual plays a leading role in introducing an appropriate structured methodology to help identify, evaluate, and minimize information security risks to the organization.
The System Owner is responsible for the procurement, development, integration, modification, operation, maintenance, and disposal of a system. The System Owner is responsible for addressing the operational interests of the user community (i.e. users who require access to the system to satisfy mission, business, or operational requirements) and for ensuring compliance with security requirements. In coordination with the System Security and Privacy Officers, the System Owner is responsible for the development and maintenance of the security and privacy plans and ensures that the system is operated in accordance with the selected and implemented controls.
The System Owner ensures that the system users and support personnel receive the requisite security and privacy training. The System Owner receives the security and privacy assessment results from the Control Assessors. After taking appropriate steps to reduce or eliminate vulnerabilities or security and privacy risks, the System Owner assembles the authorization package and submits the package to the authorizing official designated representative for ad-junction.
The Information System Security Officer is Responsible for ensuring the security of an information system throughout its life cycle
The System Security/Privacy Officer is an individual responsible for ensuring that the security and privacy posture is maintained for organizational system and works in close collaboration with the System Owner.
B. System Level
a. Task P-8: Mission or Business Focus
Organizational Mission
Our mission is to create a robust and secure system with stringent privacy requirements, tailored to meet the unique needs of the Department of Defense, ensuring seamless business operations. By prioritizing the highest standards of security and privacy, we strive to provide a trusted environment that safeguards sensitive information and enables the Department of Defense to carry out its vital mission with confidence and efficiency.
Purpose of the System
The purpose of this system is to deliver and manage training courses for the military personnel.
Scenario: For the purpose of this project, we suppose we own a company TarbariTech Inc., and we have won a contract to support the Department of Defense (DoD). The contract requires TarbariTech Inc. to develop a cloud-based system to support the military personal training. The system will process, store, and transmit Controlled Unclassified Information (CUI), Electronic Protected Health Information (ePHI), and payment card information. We have chosen to leverage a L.A.M.P(Linux, Apache, MySQL, PHP) Stack for the development of the system.
Project Description: For the purpose of this project, we suppose we own a company TarbariTech Inc., and we have won a contract to support the Department of Defense (DoD). The contract requires TarbariTech Inc. to develop a cloud-based system to support the military personal training. The system will process, store, and transmit Controlled Unclassified Information (CUI), Electronic Protected Health Information (ePHI), and payment card information. We have chosen to leverage a L.A.M.P(Linux, Apache, MySQL, PHP) Stack for the development of the system.
For the planning, documentation, development, and monitoring of the system, we are going to follow the NIST Risk Management Framework (RMF).
The NIST RMF will help us manage the system we are developing from inception to disposal, in short the System Development Life-cycle (SDLC). The definition provided by NIST is “RMF provides a comprehensive, flexible, repeatable, and measurable 7-step process that any organization can use to manage information security and privacy risk for organizations and systems and links to a suite of NIST standards and guidelines to support implementation of risk management programs to meet the requirements of the Federal Information Security Modernization Act (FISMA).” The 7 steps from the RMF we are going to follow for the implementation of the project are:
** NOTE: For the SDLC methodology, I am currently thinking about the Prototyping model, that is ‘we are assuming that we are only developing an understanding of the system requirements without actually developing a final operational system.’ However, if I feel the time allows us, we will switch to the Waterfall model; meaning we will actually develop the system.
** Frameworks we will need to comply with:
NIST Risk Management Framework Exploration
Next Step: LAMP Stack System – Prepare Stage _ Organizational Level & System Level
Company: KAAHRA
Site: https://kaahra.com
Role: Founder & CTO
Tasks: Build and maintain the website.
Company: Flasky Labware
Site: https://flaskylabware.com
Role: GRC Analyst/Software Engineer
Company: Flasky Labware
Site: https://flaskylabware.com
Role: GRC Analyst/Software Engineer
Tasks:
Pluggins and Technologies Used:
These forms have been designed in Figma.
Login Form Design:
Registration Form Design:
GRC, as defined by OCEG, involves using a set of integrated capabilities to collaborate with stakeholders across an organization in order to ". . . achieve objectives, address uncertainty, and act with integrity.” In this course, AJ Yawn draws upon his 10+ years in the GRC industry to illuminate the fundamental skills and best practices of GRC.
Instructor Kevin Wallace delves into the purpose of networks, as well as how networking technologies benefit us in both our personal and business lives. He covers network addresses, including the structures of Internet Protocol (IP) version 4 and version 6 addresses. Plus, learn about switches, routers, fiber-optic cabling
One of the most effective ways to do this is by implementing a comprehensive security information and event management (SIEM) solution. SEIM integrates multiple functions into a single security management system, giving you the power to detect threats with real-time reporting and track analytics of data logs and events.
Spent great time catching up with my good friend/brother and exchanging
ideas, life lessons, and advise. It's the best feeling to be surrounded by
like-minded people.
I had an exceptional experience participating in the Official
Cybersecurity
Summit this Tuesday in Raleigh. The various presentations and discussions
with industry leaders provided valuable insights into Risk Assessment and
Management, the implications of AI in Cybersecurity, the critical importance
of data(“the new oil”), and Cybersecurity and AI Governance.
I had the pleasure of presenting our platform, kaahra.com, to more than 120
senior students at #CLNDT High School. As these students prepare for
college, it's crucial they make informed decisions about their career paths.
As a member and mentor on the Kaahra platform, I provide
guidance to high school students exploring college major options
and to college students with an interest in Technology, particularly
Cybersecurity. Additionally, I assist international students (F-1) with
their applications to U.S. universities and help them adapt to the
lifestyle in the U.S. I also offer support in reviewing resumes and CVs,
as well as translating resumes and cover letters from French to
English. I currently have 7 Kaahra mentees & 2 mentors.
I am the Founder and CEO of Kaahra, which I established in March
2020 during the COVID-19 pandemic. At that time, I was personally
struggling to choose a college major and a career path. My journey
involved countless Google searches that led me to numerous
websites and reaching out to many profiles on LinkedIn, most of
which went unanswered. Eventually, I decided to pursue a degree in
Computer Science with a focus on Cybersecurity at HPU.
After experiencing these challenges, I decidedto create Kaahra, a
career mentorship platform designed to leverage technology to
help students make informed career decisions. Kaahra assists
students in exploring the best universities for their fields, connecting
with current students, alumni, and career professionals, all on one
platform. On Kaahra, mentors post their availabilities in advance,
allowing mentees to book meetings accordingly.
Under the mentorship of Apple Co-Founder Steve Wozniak, my team
and I developed a groundbreaking software application that
interprets brainwaves via a headset and translates thoughts
into commands for controlling IoT devices in one's environment.
Leveraging the openBCI API, we successfully created a system
capable of turning lights on and off. This innovative project was
specifically designed to assist individuals with disabilities.
I was an active member (white belt) of the Durham Technical
Community College Aikido club. During my one year of membership
I had the opportunity to learn about self-defense techniques as well
as how to use the Katana.
Phishing attacks have long been a cornerstone of cybercrime, the first door to many systems. However, the advent of AI has taken these deceptions to unprecedented levels. Learn how AI tools are being leveraged by
What Made Me Write This Blog
My last post about how AI is being used in phishing attacks got a lot of interest from friends, family, and colleagues who wanted to know more. So, I decided to write this blog to dive deeper into how AI and phishing intersect, and share some tips on how to spot and protect yourself from these advanced threats.
Definition of Key Terms
– Phishing: A type of cyberattack where attackers impersonate legitimate entities to trick individuals into revealing personal information, such as passwords and credit card numbers.
– Artificial Intelligence (AI): The simulation of human intelligence in machines that are programmed to think and learn like humans.
– Chatbots: AI programs that simulate human conversation through text or voice interactions.
– Multi-Factor Authentication (MFA): MFA is an authentication system that enhances security by requiring multiple forms of verification before granting access to an account or system
Introduction
Phishing attacks have always been a prevalent threat in the digital world, aiming to deceive individuals into revealing sensitive information (username, email, password, address, SSN…). However, with the integration of AI, these attacks have become more sophisticated and harder to detect. In this blog, I will cover some ways AI enhances phishing tactics, making them more effective and dangerous, and discuss strategies to protect against these advanced threats.
The Basics of Phishing
Phishing typically involves fraudulent emails or messages that appear to come from legitimate sources, such as banks, social media platforms, or trusted companies. The goal is to trick recipients into clicking on malicious links, downloading harmful attachments, or providing personal information. Traditional phishing attacks often rely on social engineering techniques, exploiting human psychology to create a sense of urgency or trust.
AI: The New Weapon in Phishing
AI and machine learning have revolutionized many industries, and unfortunately, cybercrime is no exception. Here’s how AI is enhancing phishing attacks:
1. Personalized Phishing Attacks: AI can analyze vast amounts of data from social media(TikTok, Facebook, Instagram, Twitter (X), LinkedIn, Reddit, Medium…), public records (criminal records, voter registration lists…), and other sources to create highly personalized phishing messages. By mimicking the writing style, tone, and interests of the target, these messages can appear more convincing and harder to detect as fraudulent.
2. Voice Phishing (Vishing): We all are aware of how sweet and convincing Chat GPT can be especially with their new version GPT-40. AI can be used to clone real people’s voices, enabling more effective vishing attacks. By synthesizing the voice of a trusted individual or authority figure, attackers can deceive victims over the phone, convincing them to divulge sensitive information or perform specific actions.
3. Automated Phishing Campaigns: With AI, cybercriminals can automate the creation and distribution of phishing emails. AI can generate unique messages for each recipient by grounding the AI agents with personal data fetched from the internet (social media accounts), making it more challenging for traditional spam filters to identify and block them.
4. Advanced Chatbots: Tools can be used to develop sophisticated chatbots (just with a few clicks in Chat GPT premium you can create your own customizable chatbot) that engage with victims in real-time. These AI-driven chatbots can respond to queries, provide convincing explanations, and lead victims through the phishing process, increasing the likelihood of success.
Case Study
Imagine receiving an email from what appears to be your bank. The email is perfectly crafted, addressing you by name and referencing recent transactions. It even includes a chatbot link for “instant support.” You click the link, and the chatbot engages you in a realistic conversation. It answers your questions, provides reassuring responses, and eventually asks you to verify your account details. By this point, you’re convinced it’s legitimate, and you provide the requested information.
To show you how easy it is, I ran an example from my Chat GPT account:
Of course I would make small edits and add my malicious link in lieu of the chatbot link or add the link of my own designed chatbot that will retrieve the victim’s information.
Some Proposed Solutions
As phishing attacks become more sophisticated with AI, it’s crucial to enhance your defenses. Here are some practical solutions:
1. Verify Sources: Always verify the source of any unsolicited communication. Contact the organization directly using official channels (phone call the company, search official websites from google, login to the App to check for any communication) before clicking on links or providing information.
2. Use Multi-Factor Authentication (MFA): MFA adds an extra layer of security. Even if your credentials are compromised, an attacker would still need the second form of verification. MFA can come in different forms:
a. Something you know: It is the knowledge factor where you as a user provide information you know.
Example: Security questions, PINs
b. Something you have: This one involves a physical item you possess.
Example:
c. Something you are: This pertains to authentication that involves bio-metric verification
Example: Fingerprints, Facial Recognition, Iris or Retina Scans, Voice recognition
d. Something you do: This is very common on a lot of platforms. It involves behavioral bio-metrics.
Example: Mouse Movements (the ‘I am not a robot’ checkbox), Typing patterns, Image selection
e. Somewhere you are: Do you remember receiving a notification from your Bank or from your Streaming platform such as Netflix or Prime Video that someone just logged into your account somewhere(City, State, Country provided)? Well, this is another way of authentication. This factor uses the user’s geographical location for verification.
Example: IP Address, GPS Data
3. Regularly Update Passwords: Change your passwords periodically and ensure they are strong and unique for each account. Avoid using easily guessable information.
4. Educate and Train: Regularly train yourself and your organization on recognizing phishing attempts. Simulated phishing exercises can be an effective way to keep your skills sharp.
5. Deploy Advanced Security Solutions: Utilize AI-driven security solutions that can detect and mitigate AI-enhanced phishing attacks. These tools can analyze communication patterns and identify anomalies indicative of phishing.
6. Implement Email Filtering and Security Software: Advanced email filtering solutions can help identify and block phishing emails before they reach your inbox. Regularly update your security software to protect against new threats.
Conclusion
Phishing attacks are evolving, and the integration of AI is making them more dangerous than ever. By understanding these new threats and implementing robust security measures, you can protect yourself and your organization from falling victim to these sophisticated scams. Stay vigilant, stay informed, and ALWAYS VERY, NEVER TRUST
.
It is a framework or approach that organizations adopt to manage and align their cybersecurity practices with their business objectives, manage business risks, and comply with governmental regulatory requirements.
A. What is GRC
GRC stands for Governance, Risk Management, and Compliance. It is a framework or approach that organizations adopt to manage and align their cybersecurity practices with their business objectives, manage business risks, and comply with governmental regulatory requirements.
Governance focuses on establishing a framework of policies, procedures, and processes to ensure that cybersecurity activities are effectively managed and aligned with the organization’s goals. It involves defining roles and responsibilities, establishing decision-making structures, and implementing oversight mechanisms. The main components of a good governance are:
Risk management is the process of identifying, assessing, prioritizing, and mitigating risks to minimize potential negative impacts and maximize opportunities. It involves systematically evaluating the likelihood and potential consequences of risks, and then taking appropriate actions to manage or control them. Risk management is applied across various domains, including business, finance, project management, and cybersecurity. The main components of Risk management are:
Compliance refers to the act of conforming to laws, regulations, standards, guidelines, and internal policies that are applicable to an organization’s operations and activities. It involves ensuring that the organization and its employees adhere to the requirements and obligations set forth by external regulatory bodies, industry-specific frameworks, contractual agreements, and internal governance frameworks. Key aspects of compliance are:
B. Role and Importance of GRC in a company
GRC is crucial for organizations as it ensures strategic alignment, risk mitigation, compliance with regulations, operational resilience, stakeholder trust, cost optimization, and informed decision-making in the realm of cybersecurity.
My advice is “if you are a Computer Science/Engineering student you should, at the best of your abilities, learn the Linux CLI commands.” I know they might not seem attractive and convenient at first, but
Whenever you right-click and choose to open a folder or simply double-click, or select the folder and press “Enter” on your keyboard, you are changing your current working directory/folder to that new folder you are selecting.
Either you are on Desktop, Trash, My Computer, Downloads, Pictures, or Documents, you are inside a directory. These are just a graphical way to present what is happening behind the scenes (the white-on-black screen).
To be honest, it is pleasing and easier to navigate on my laptop without worrying about the hundreds and thousands of commands I must use to accomplish the same simple task. At least, these were my thoughts before I started discovering more Linux commands and evaluating how handy, fast, flexible, and convenient for me, especially as a cybersecurity student.
My advice is “if you are a Computer Science/Engineering student you should, at the best of your abilities, learn the Linux CLI commands.” I know they might not seem attractive and convenient at first, but trust me the more you use them, the easier they will become.
Before we start, I assume you already have a linux distribution like Ubuntu, Kali Linux, Parrot Security or you are using a MAC OS. If you are using Windows cmd or PowerShell, some of the commands may not be the same.
So let’s start with the basics:
“pwd” stands for “Print your Working Directory.” As you may have already understood it, pwd prints or outputs at the next line of your CLI the path to your current working directory.
/home/kali means we are in the directory called “kali” which itself is in the parent directory called “home”.
Now that we know in which directory we are (“kali”), we want to see all the files and sub-directories that are in our working directory. This is when the “ls” command comes into play.
ls stands for “list” and is quite an interesting command. It lists all the content(directories and files) of your current directory. Let’s explore the flags we can use with the ls command.
ls: lists the contents of the current or working directory (“kali”)
ls Desktop: lists the content of the directory “Desktop”
ls -a: list all files including hidden files like the ones starting with a dot “.”
ls -l: lists all files and directories with a lot more information about them.
We will cover more on what you see in a future project. For now, let’s take a look at the first char
d → stands for directory
– → stands for file
l → stands for line
Following are 9 characters composed of letters ‘r’ → read, ‘w’ → write , ‘x’ → execute.
Eg. for the directory “Desktop
owner | Group | rest of the world
d | r w x | r – x | r – x
owner: the user that creates and owns this directory.
r → means the user can read the content of the directory. It is their permission or privilege
w → means the user has the privilege to write/delete/edit/make changes in the directory
x → means the user has the privilege to execute/run the directory or program.
group: every linux account belongs to a group/groups that gives them certain privileges on programs in the system.
rest of the world: is anyone that is not part of the groups.
Also, you can see the size of the directory/file in bytes, the last date or time it was modified, and the name of the directory/file.
ls -R: this flag will list all directories’ and subdirectories’ content.
ls -t: lists the content of the directory by order of time. The most recent edited element is the first element in the list. ls -tv does the opposite.
ls -1: lists the content of the directory 1 element by line
Now that we know where we are working (pwd) and how to see/list the directory content, we want to be able to navigate and jump around our system. This is when the cd command comes into play.
cd stands for Change Directory.
cd directory_name: takes you into the directory directory_name.
cd ..: In every directory of linux system, a hidden directory “..” gets created that points to the previous directory. So, using the command cd .. takes you to the parent directory.
I am currently Open To Work. Connect with me via call or email.
Phone: +1(919)949-2798 Email: raf97.to@gmail.comHello