Information Security,

Five myths that are popular in India about Information Security:- 1.  Information Security is all about Hacking. Most of the students in India think that studying information security is nothing but learning ethical hacking. This is a very popular myth among youngsters.The reality is quite different,  Information security take care of  technology and compliance both, these includes information security audit of different security standards like PCI-DSS and ISO 27001 etc. It also includes things like Data Protection Act, Sarbanes-Oxley Act , IT Act 2000 etc. Vulnerability assessment and penetration testing is very popular ingredient of information security. To know more visit SANS Institute . 2. Vulnerability assessment and Penetration testing is only about technology. When i was in first year of my engineering schools and got to know about Vulnerability Assessment and Penetration Testing(VAPT) i thought it is just about hacking with technology, but the trut...

What one should learn before practicing Vulnerability Assessment and Penetration Testing. One should have thorough understanding of at least one of the operating system out there in the market. I prefer Linux based operating system but there are others also. Basic understanding includes knowing about, how does an operating system starts, when does kernel gets loaded, what is boot loader, what is 'init' process, when does network services start etc.  Knowledge of computer networks is also indispensable. You should know what is a network, network protocol, TCP/IP suite, what exactly happens when a network interface card is turned up etc. I mean you should be able to know how things work.   Learn about the database systems and get your hands dirty with query languages like  SQL and others. Having a functional knowledge of databases system, will make it easy for you to practice against web applications. One last point that i want to make is that if you have...