Did you know that attitude counts in every aspect of life?
There once was a woman who woke up one morning, looked in the mirror, and noticed she had only three hairs on her head.
"Well," she said, "I think I'll braid my hair today?" So she did and she had a wonderful day.
The next day she woke up, looked in the mirror and saw that she had only two hairs on her head. "H-M-M," she said, "I think I'll part my hair down the middle today?" So she did and she had a grand day.
The next day she woke up, looked in the mirror and noticed that she had only one hair on her head. "Well," she said, "today I'm going to wear my hair in a pony tail." So she did and she had a fun, fun day.
The next day she woke up, looked in the mirror and noticed that there wasn't a single hair on her head. "Yea!" she exclaimed, "I don't have to fix my hair today!"
Attitude is everything. Be nice to yourself and extra nice to others. Have a Good Day!
Be kinder than necessary, for everyone you meet is fighting some kind of battle.
Live simply,
Love generously,
Care deeply,
Speak kindly.......and
Leave the rest to God!
Did you know that attitude counts in every aspect of life?
There once was a woman who woke up one morning, looked in the mirror, and noticed she had only three hairs on her head.
"Well," she said, "I think I'll braid my hair today?" So she did and she had a wonderful day.
The next day she woke up, looked in the mirror and saw that she had only two hairs on her head. "H-M-M," she said, "I think I'll part my hair down the middle today?" So she did and she had a grand day.
The next day she woke up, looked in the mirror and noticed that she had only one hair on her head. "Well," she said, "today I'm going to wear my hair in a pony tail." So she did and she had a fun, fun day.
The next day she woke up, looked in the mirror and noticed that there wasn't a single hair on her head. "Yea!" she exclaimed, "I don't have to fix my hair today!"
Attitude is everything. Be nice to yourself and extra nice to others. Have a Good Day!
Be kinder than necessary, for everyone you meet is fighting some kind of battle.
Live simply,
Love generously,
Care deeply,
Speak kindly.......and
Leave the rest to God!
Terve tuho - tietä tuottaville työpaikoille ja kasvulleevathinktank
Terve tuho on seurausta innovaatioista ja kilpailusta. Ilman tehottomien työpaikkojen tuhoa ja rakennemuutosta, innovaatiot ja teknologinen kehitys eivät muunnu parantuneeksi työn tuottavuudeksi eivätkä talouskasvuksi. Näin toteavat tutkimuspäällikkö Antti Kauhanen (ETLA) ja tutkimusjohtaja Mika Maliranta (ETLA) tänään julkaistussa EVA Analyysissään ”Terve tuho – tietä tuottaville työpaikoille ja kasvulle”
Lowering business costs: Mitigating risk in the software delivery lifecycleIBM Rational software
This paper explores the relationship between risk management and requirements management, describing how improved project success rates require teams to focus on business outcomes, become as productive as possible, and mitigate risks with proven tools and techniques.
eBook "UC Customer Success Stories" - case studies from other SMBs who have successfully put UC to work in their organizations - saving thousands of dollars, while also improving business operations and customer service.
The beginning of spring haven’t brought any singnificant changes in Facebook demographics trends. We still can observe small loses of users in the youngest age group (below 18) in USA, Canada, Australia, China and Mexico. However, these losses are recompensated by the growths of users in older age groups in almost every analyzed country. From the 19 analyzed countries, the most dynamic was China, where we noted 16,67% more new users from 19 to 24 and over 13% of new users from 25 to 34. Moore at: www.catvertiser.com
Terve tuho - tietä tuottaville työpaikoille ja kasvulleevathinktank
Terve tuho on seurausta innovaatioista ja kilpailusta. Ilman tehottomien työpaikkojen tuhoa ja rakennemuutosta, innovaatiot ja teknologinen kehitys eivät muunnu parantuneeksi työn tuottavuudeksi eivätkä talouskasvuksi. Näin toteavat tutkimuspäällikkö Antti Kauhanen (ETLA) ja tutkimusjohtaja Mika Maliranta (ETLA) tänään julkaistussa EVA Analyysissään ”Terve tuho – tietä tuottaville työpaikoille ja kasvulle”
Lowering business costs: Mitigating risk in the software delivery lifecycleIBM Rational software
This paper explores the relationship between risk management and requirements management, describing how improved project success rates require teams to focus on business outcomes, become as productive as possible, and mitigate risks with proven tools and techniques.
eBook "UC Customer Success Stories" - case studies from other SMBs who have successfully put UC to work in their organizations - saving thousands of dollars, while also improving business operations and customer service.
The beginning of spring haven’t brought any singnificant changes in Facebook demographics trends. We still can observe small loses of users in the youngest age group (below 18) in USA, Canada, Australia, China and Mexico. However, these losses are recompensated by the growths of users in older age groups in almost every analyzed country. From the 19 analyzed countries, the most dynamic was China, where we noted 16,67% more new users from 19 to 24 and over 13% of new users from 25 to 34. Moore at: www.catvertiser.com
Best practices for upgrading patches and versions .... Dutch
Indien U een persoonlijke presentatie of demonstratie wens kan je mij altijd contacteren via LinkedIn of via regine.deleu@oracle.com
Deze checklist voorziet in stappen ter vermindering van kwetsbaarheid bij cyberaanvallen en is gebaseerd op zwakke plekken in netwerkbeveiliging die John Bumgarner en Scott Borg, respectievelijk Research Director Security Technology en Director bij de US-CCU, tijdens hun werk zijn tegengekomen.
Synergie in systeemintegratie -TOPdesk Symposium 2012TOPdesk
Systeemintegratie is onmisbaar voor bijvoorbeeld het up-to-date houden van uw CMDB. Aan de hand van een aantal cases bespreekt consultant Pouyan Daddeh hoe u uw systemen zó koppelt dat u dataredundantie beperkt, informatie direct toegankelijk maakt en registratie automatiseert.
Identity & Access Governance - Ervaringen uit de praktijk (Roundtable Event 2...Thomas van Vooren
Presentatie over ervaringen uit de praktijk van Identity & Access Governance implementaties (Roundtable van Everett en Verdonck, Klooster & Associates op 11 december 2012 voor klanten)
13. Management informatie (maandrapportage) Wat moet het management weten om beslissingen te kunnen nemen? Welke zaken moeten daartoe gemeten worden? Daarna moet de informatie systematisch gemeten worden. voettekst 5
18. Coso ERM Monitor IT performance moetpassen in het enterprise monitoring systeem. Real-time monitoring framework is het start punt in de bewegingnaar best practice organisatie. Na implementatiewordt de focus continue verbetering.
19. ITIL logging is the second step in the incident management process. It ensures a full historical record of each issue is captured.
20. NIST SP 800-92 Sep 2006 Guide to Computer Security Log ManagementSamengevat: Log management policy, procedures and technology, Log generation, Log retention and storage, Log analysis, Log protection and security.
22. Normen voor logging (operations) Logging voldoet aan de volgende eisen: Minimaal wie deed wat, waarmee, wanneer? a. Inloggen (pogingen) mislukt, uitloggen b. het toewijzen van speciale bevoegdheden c. het gebruik van speciale bevoegdheden d. het wijzigen en uitgeven van autorisaties e. pogingen tot niet geautoriseerd handelen f. het starten en beëindigen van batchjobs, serivces, (handmatig en cron) Er is een goedgekeurde actuele lijst (log besluit) wat als relevante gebeurtenis wordt gezien in het kader van logging (bijvoorbeeld: event, ID, date, time, welk commando). Beperkingen van het logsysteem zijn bekend (knownunknows) met tegenmaatregelen. Computer events (start stop, runlevels, hardware events, performance, changes) Analyse (automatische) van het audit-logbestand op relevante gebeurtenissen en trends, bijvoorbeeld onrechtmatige activiteiten. Wanneer een logging tot een relevante gebeurtenis leidt, wordt daarvan een melding voor de beheerder gegenereerd met een automatische kopie van de melding naar een security functionaris. De analyses en trends worden besproken in IT team meetings en gerapporteerd in maandrapportages. Een audit-log mag niet meer worden gewijzigd (readonlyaccess). Uitzetten van de geprogrammeerde loggings in toepassingsprogrammatuur geschiedt uitsluitend met toestemming van de eigenaar van het informatiesysteem waartoe de toepassingsprogrammatuur toe behoort. De (audit) logs worden volgens een vastgestelde bewaartermijn bewaard. voettekst 10
23. Logs logslogsbeautiful logs Authentication server or system logs may include successful and failed authentication attempts. System logs may include system and service startup and shutdown information, installation of unauthorized software, file accesses, security policy changes, account changes (e.g., account creation and deletion, account privilege assignment), and privilege use. Intrusion detection and prevention system logs may include malicious activity and inappropriate use. Firewall and router logs may include outbound connections that indicate compromised internal devices (e.g., rootkits, bots, Trojan horses, spyware). Firewall logs may include unauthorized connection attempts and inappropriate use. Application logs may include unauthorized connection attempts, account changes, use of privileges, and application or database usage information. Antivirus logs may include update failures and other indications of outdated signatures and software. Security logs, in particular patch management and some IDS and intrusion prevention system (IPS) products, may record information on known vulnerable services and applications. voettekst 11
24. Deel 2: de security audit dmv pentest voettekst 12
26. Penetratie test Evaluatie methode om de security van een computer system of netwerk te testen door een aanval te simuleren. Het proces bestaat uit een analyse van het systeem voor potentiële kwetsbaarheden bijvoorbeeld door onjuiste configuratie van systeem instellingen, software fouten, of fouten in procedures of tegenmaatregelen. De analyse wordt uitgevoerd vanuit de positie van een potentiële aanvaller en probeert security kwetsbaarheden actief uit te buiten. Kwetsbaarheden worden aan de systeem eigenaar gepresenteerd met prioriteit en waar mogelijk een oplossing. Het doel van de penetratie test is om de slaagkans van een aanval te testen en impact van een kwetsbaarheid te beoordelen. voettekst 14
27.
28. Identificeren van operating systemen, applicaties, services, en (onveilige) protocollen, (telnet) en ongeautoriseerde protocollen (p2p).
33. Op een specifiek netwerk segment, om de versleutelde protocollen te valideren.voettekst 15
34. Kwetsbaarheidscategorieën Misconfigurations. Misconfigured security settings, particularly insecure default settings, are usually easily exploitable. Kernel Flaws. Kernel code is the core of an OS, and enforces the overall security model for the system—so any security flaw in the kernel puts the entire system in danger. Buffer Overflows. A buffer overflow occurs when programs do not adequately check input for appropriate length. When this occurs, arbitrary code can be introduced into the system and executed with the privileges—often at the administrative level—of the running program. Insufficient Input Validation. Many applications fail to fully validate the input they receive from users. An example is a Web application that embeds a value from a user in a database query. If the user enters SQL commands instead of or in addition to the requested value, and the Web application does not filter the SQL commands, the query may be run with malicious changes that the user requested—causing what is known as a SQL injection attack. Symbolic Links. A symbolic link (symlink) is a file that points to another file. Operating systems include programs that can change the permissions granted to a file. If these programs run with privileged permissions, a user could strategically create symlinks to trick these programs into modifying or listing critical system files. File Descriptor Attacks. File descriptors are numbers used by the system to keep track of files in lieu of filenames. Specific types of file descriptors have implied uses. When a privileged program assigns an inappropriate file descriptor, it exposes that file to compromise. Race Conditions. Race conditions can occur during the time a program or process has entered into a privileged mode. A user can time an attack to take advantage of elevated privileges while the program or process is still in the privileged mode. Incorrect File and Directory Permissions. File and directory permissions control the access assigned to users and processes. Poor permissions could allow many types of attacks, including the reading or writing of password files or additions to the list of trusted remote hosts. voettekst 16