For more information about the site, see the Site Index

• PJ also answers questions submitted to the Security Policy Exchange discussion forum
• SirCam remedy
• The difference between a virus and a worm
• How do mail servers work?
• Generic PKI CA threat model
• What is malware?
• Port connections used by VPNs
• When to approach security during a requisition
• Closing a port
• Possible bug in Windows NT 4.0
• Managing infosec personnel
• Protecting a network from revenge hacks
• Dynamic Host Configuration Protocol and security
• How to approach a company-wide upgrade
• Disabling the option to save a password on Internet Explorer
• What makes a good firewall
• Implementing SSH
• Removing an e-mail virus
• The difference between a VPN box and Firewall VPN
• Removing ActiveX controls
• Using Java to access databases
• How to approach security management after a merger or acquisition
• Looking for a secure database
• Browser-supplied encryption vs. user-created keys
• Encrypting traffic between Windows and Solaris servers
• Installing a second email server
• The risks of deploying distributed firewalls
• Strong passwords with Win2k
• Good and bad back doors
• Logging sensitive fields across all platforms
• Ecommerce software standard
• Factors to consider before implementing single sign-on
• PKI breaches
• How firewalls work
• Stripping VBS script from e-mail
• Protecting a network from DoS attacks
• The length of public and private keys
• Securing a home PC running W2K
• Firewall configuration
• Fingerprint recognition chips and algorithm bio-id software
• Best practices for determining the number of needed security professionals
• Firewall policy for a finance institution
• Security risks of TCP/IP
• Firewall recommendation for a Westell modem
• Legal issues associated with logon banners
• The pros and cons of using a honeypot
• Encryption beyond national borders
• Securing HTML files
• Encryption card for Windows 2000
• How single sign-on works
• Market leader in biometrics
• Encryption feature on Windows 2000
• Developing security applications with Java
• The difference between IPSEC and PPTP
• Determining when an employee is a security risk
• Searching the Web for security policies
• Resources for learning about PKI
• Writing a report on digital signatures
• Clarification on digital signatures
• Identifying information assets in a security policy
• Data integrity authentication scheme
• User awareness of social engineering
• Split tunneling in a VPN environment & the security of 3DES encryption
• Common encryption algorithm on Windows NT & Unix
• Preventing unauthorized downloads
• What is a digital signature?
• Web browsers & smart cards
• Mainframe vs. client server
• Logging resources and products
• Problems installing antivirus software
• Limiting Internet access from a wireless LAN
• Awareness campaign for all system users
• Basic security issues
• Configurating the Axent Enterprise Security Manager
• Identifying open port
• Strange firewall log entries
• Keeping unauthorized executables off the network
• Where to terminate a VPN
• Firewall solutions
• Configuring Web servers
• Warning banners on routers
• Trusted Web servers
• Signing mail in Netscape 6
• Web browser buttons
• Selection factors for remote access solution
• Recovering lost passwords
• Participants in the policy development process
• Disseminating policies
• ActiveX controls in Internet Explorer
• Security methods vs. technologies
• Vulnerabilities in Checkpoint firewall
• Outsourcing security management
• Intrusion detection on a UNIX system
• Categorizing hacker tools
• Globally recognized certifications
• What is encryption
• How to approach a wireless policy
• Restricting e-mail attachments
• Guidelines for "complete" security
• Debugging permissions



• More