1. All Categories
  2. Information Security

Information Security : Recent Questions and Answers (Page 4)

Find answers to your questions about Information Security or help others by answering their Information Security questions.

Is running software in Docker an allowable way to bypass FIPS 140-2 issues?

Someone has a service that uses a FIPS non-compatible hash in a protocol signature. When FIPS 140-2 compatibility is enabled on the hosts the service crashes (due to the...

Asked on 12/15/2021 by anon289837

1 answer

Why did TLS 1.3 drop AES-CBC?

I was watching this video about TLS 1.3: "Deploying TLS 1.3: the great, the good and the bad...

Asked on 12/12/2021 by Joel Gibson

6 answer

School manages Google accounts, what can they do or see?

My school started using Google Meet for online classes. The accounts we use are managed by them and they told us that they know the IP of the device that...

Asked on 12/12/2021 by throwaway3201923

1 answer

How email sent with S/MIME are stored?

I use Outlook to send email. In order to encrypt them, I use S/MIME with a signed certificate. I don't find the answer on how the storage of the email...

Asked on 12/12/2021 by Blafarus

1 answer

Are FaceID/passcode logins secure over public WiFi/hotspots?

Unfortunately, I find myself serving a 14d COVID-19 self-isolation period in a hotel which only offers unsecured public WiFi. This has me wondering if all the financial apps on my...

Asked on 12/12/2021

1 answer

Format for data & symmetric key exchange/storage

Is there a standard format for storing/exchanging encrypted data along with the key needed to decrypt it (data is encrypted with a single use symmetric key and the symmetric key...

Asked on 12/10/2021

3 answer

Is it OK to store the user's plain-text password in a claim?

For customer reasons, my web app authenticates the user against a proprietary user database using a simple API like bool authenticate(string username, string password) In case the user changes his...

Asked on 12/10/2021

1 answer

Visual Studio Issues in shellcode delivery

I am learning shellcode development and payload delivery.I have been trying to do some exercises from a lab whereby unmanaged memory is injected with Shellcode using .NET, below is...

Asked on 12/10/2021 by user3857710

0 answer

MSTG-ARCH-7: All security controls have a centralized implementation

In the OWASP Mobile Application Security Checklist there is a requirement MSTG-ARCH-7 which reads: "All security controls have a centralized implementation". Now I'm struggling a bit by...

Asked on 12/10/2021 by A security researcher

1 answer

Oauth2.0 | How to manage user session in Single Page application running in an iframe?

I'm new to security domain, and recently I have learned about Oauth2.0/OpenID connect and JWT tokens. I have an existing REST based web application where I need to implement security....

Asked on 12/10/2021 by A.Huzaifa

0 answer

Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP