Monthly Archives: October 2018

Scrum Guide Notes

Posted on by
Reply
  • The Product Owner discusses the objective that the Sprint should achieve and the Product Backlog items that, if completed in the Sprint, would achieve the Sprint Goal.
    • Goal vs Objective
  • During Sprint Planning the Scrum Team also crafts a Sprint GoalThe Sprint Goal is an objective that will be met within the Sprint through the implementation of the Product Backlog, and it provides guidance to the Development Team on why it is building the Increment.
    • The Product Owner propose an objective for discussion; the Scrum Team reach a consensus and turn the objective into the Sprint Goal. The Development Team commits to the Sprint Goal.
  • The Sprint Goal is an objective set for the Sprint that can be met through the implementation of Product Backlog. It provides guidance to the Development Team on why it is building the Increment. It is created during the Sprint Planning meeting. The Sprint Goal gives the Development Team some flexibility regarding the functionality implemented within the Sprint. The selected Product Backlog items deliver one coherent function, which can be the Sprint GoalThe Sprint Goal can be any other coherence that causes the Development Team to work together rather than on separate initiatives.
    • One coherent function as the Sprint Goal to work together
  • As the Development Team works, it keeps the Sprint Goal in mind. In order to satisfy the Sprint Goal, it implements functionality and technology. If the work turns out to be different than the Development Team expected, they collaborate with the Product Owner to negotiate the scope of Sprint Backlog within the Sprint.
    • The scope of Sprint Backlog
  • These strengths continue operating in single, several, many, and networks of teams that develop, release, operate and sustain the work and work products of thousands of people.
    • work product is a tangible or intangible output that is completed as part of a project.
    • deliverable is a tangible or intangible output of a project that is delivered to a customer.
    • Artifacts are either final or intermediate work products that are produced and used during a project. Artifacts are used to capture and convey project information
  • To participate in Daily Scrum vs To present in Daily Scrum

Suggested Reading for SCRUM

Posted on by
Reply
Scrum Framework

Scrum Framework

“I can tell you I came up with that word (Agile) because I was familiar with the book Agile Competitors and Virtual Organisations. We had proposed Adaptive, Essential, Lean and Lightweight.
– We did not want to use Adaptive because Jim Highsmith had given this to one of his works.
Essential sounded overly proud.
Lean had already been taken.
– Nobody wanted to be a lightweight.
We did this late in the second day and it took only a few minutes to decide on this.” ~ Mike Beedle

Bruce Passed EC-Council ECSA v10 Exam on 12th October

Posted on by
3

ecsa-v-10-900x400

I enrolled in the official ECSA v10 course from EC-Council on 4th Aug, attended the class delivered by Melvin Sandro from Sep 26 to Sep 30, and passed the ECSA exam today. The course ware, iLabs modules, and iWeek class are awesome. I am willing to recommend the official course before you sit for this exam.

The scope of ECSA is highly overlapped with the one of CEH. However, ECSA emphasizes the project management of penetration testing, the EC-Council LPT methodology, and specific penetration testing scenarios.

If you are a CEH already, I don’t think ECSA adds much value while OSCP, CEH (Practical), or ECSA (Practical) certification would be a better choice. ECSA, EC-Council Certified Security Analyst, as it literally denotes gives people positive image or impression compared with the CEH, Certified Ethical Hacker. Most people feel better or safer when they come across a Security Analyst than a Hacker. Of course, this is just my guess why EC-Council promotes the ECSA certification.

My milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
    • 2018/09/25 CISSP-ISSEP (bonus)
  • Milestone #4: EC-Council
    • 2018/10/09 CEH (originally scheduled on 2018/10/15)
    • 2018/10/12 ECSA (originally scheduled on 2018/10/29)

It’s about time to get some more bonus exams and than declare a success to achieving my annual goals!

Notes:

Open-Source Intelligence (OSINT)

Posted on by
Reply

ECSA Notes

Posted on by
Reply
  • A modus operandi (often shortened to M.O.) is someone’s habits of working, particularly in the context of business or criminal investigations, but also more generally. It is a Latin phrase, approximately translated as mode of operating.
  • Rules of Behavior
    • Penetration testing “Rules of Behavior” is a penetration testing agreement that outlines the framework  for external and internal penetration testing.
    • Prior to testing, this agreement is signed by representatives from both the target organization and the penetration testing organization to ensure a common understanding of the limitations, constraints, liabilities and indemnification concerns.
  • Release and Authorization Form
    • In addition to the “Rules of Behavior”, a “Release and Authorization Form” may be required that states the penetration testing will be held harmless and not criminally liable for unintentional interruptions and loss or damage to equipment.
  • Get-Out-of-Jail-Free Card
    • an element that helps people to emerge from an undesirable situation.
    • The agreement outlines the types of activities to be performed and indemnifies the tester against any loss or damage that may result from the testing.
    • entails a legal agreement signed by an authorized representative of the organization.
    • a part of the penetration testing contract and should include an incident response plan and appropriate customer contact that can be alerted should an issue arise.
  • Negligence Claim
    • Negligence is a tort and actionable in the civil courts. Essentially, negligence is typically the failure to act with due care causing harm to someone else. Harm can include personal injury, damage to property, and economic loss.
    • To succeed in a claim for negligence, the claimant must satisfy the following requirements on the balance of probabilities:1. The defendant owed a duty of care to the claimant;
      2. The defendant breached that duty of care;
      3. The defendant’s breach of the duty of care caused damage or harm to the claimant;
      4. The harm caused was not too remote.If a claimant can satisfy these requirements, they will have a valid claim. If proceedings are formally issued, the defense will either admit liability, or defend the claim.
  • Waivers/Exemptions
    • A waiver is the voluntary relinquishment or surrender of some known right or privilege. Sometimes, the elements of “voluntary” and “known” are established  by a legal fiction. Other names for wavers are exculpatory clauses, releases, or hold harmless clauses.
    • An example of a written waiver is a disclaimer, which becomes a waiver when accepted.
  • Legal Fiction
    • One example of a legal fiction occurs in adoption. The new birth certificate of the adopted child is a legal fiction.
    • One example of a legal fiction occurs in adoption. Once an order or judgment of adoption (or similar decree from a court) is entered, one or both biological (or natural) parents becomes a legal stranger to the child, legally no longer related to the child and with no rights related to him or her. Conversely, the adoptive parents are legally considered to be the parents of the adopted child; a new birth certificate reflecting this is issued. The new birth certificate is a legal fiction.
  • Tautology
    • the saying of the same thing twice over in different words, generally considered to be a fault of style (e.g. they arrived one after the other in succession).
    • SELECT * FROM users WHERE name = ” OR ‘1’=’1′;
  • Types of SQL Injection
  • Intrusion detection system evasion techniques
    • TCP Port Scanning: TTL < 64 or WINDOW size > 0 => Open Port
    • Stealth Port: A “Stealth” port is one that completely ignores and simply “drops” any incoming packets without telling the sender whether the port is “Open” or “Closed” for business.
  • Wireshark: Follow Streams
    • Follow TCP Stream: gzip content not decoded
    • Follow HTTP Stream: gzip content decoded
  • LAN Manager
  • ssl-enum-ciphers
  • ON-DEMAND SECURITY AUDITS AND VULNERABILITY MANAGEMENT
  • Fuzzing
  • Tutorial: Simple WEP Crack
    • Aireplay-ng
      • The classic ARP request replay attack is the most effective way to generate new initialization vectors (IVs), and works very reliably.
      • This attack, when successful, can decrypt a WEP data packet without knowing the key.
      • This attack, when successful, can obtain 1500 bytes of PRGA (pseudo random generation algorithm). This attack does not recover the WEP key itself, but merely obtains the PRGA.
      • The Hirte attack is a client attack which can use any IP or ARP packet. It extends the Cafe Latte attack by allowing any packet to be used and not be limited to client ARP packets.
  • Toil and Strife

Agility

Posted on by
1