SlideShare a Scribd company logo

gkkwqdqqndqw2121234Security essentials domain 4

Anne Starr
Anne Starr

domain 4

Education
1 of 63
CCSD SECURITY ESSENTIAL CERTIFIED Operational Security Site Security Disaster Recovery Incident Response
Security Operations Overview Copyright © 2019 Logical Operations, Inc. All rights reserved. Focus Description Maintain Operational Resilience Keep core business functions operating even when a negative event occurs. Protect Valuable Assets Protect a wide range of assets and resources, from data to equipment to human. Control System Accounts Control users who have access to critical business systems. Effective Security Services Management Make sure that strong leadership is in place to keep security operations services consistent and effective.
• Give user exactly what they need to do job, and no more. • Cannot set and forget permission levels. • Privilege can slowly escalate. • Review periodically or set expiration times for user accounts. • Assign two accounts to IT personnel: • Common end-user account. • Administrative account. Least Privilege User 1 User 4 User 2 Data Entry Clerks User 3 Financial Coordinators Perform their jobs with fewer privileges Perform their jobs with more privileges Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Gates, fences, walls, doors, and other barriers. • Locks. • Guards. • Perimeter intrusion detection such as: • Infrared. • Fence vibration sensors. • Normal light and infrared CCTV. • Sound and motion detectors. • Any other system that can detect the presence of an intruder. • Alarm systems. • Logging and reporting of all physical access attempts. Perimeter Security Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Begin at the building. • Can include access control and monitoring at any point: • Access controls such as card readers. • Locks. • Mantraps. • Safes. • Vaults. • Other secure storage containers. • Guards. • Surveillance systems. • Alarm systems. • Logging and reporting of all physical access attempts. • Should be applied to sensitive or high-risk areas. Internal Security Copyright © 2019 Logical Operations, Inc. All rights reserved.
Layered Protection Perimeter Facility Copyright © 2019 Logical Operations, Inc. All rights reserved. Secured Area
• Fencing • Walls • Doors • Windows • Lighting • Bollards Physical Access Barriers Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Key lock • Deadbolt lock • Keyless lock or cipher lock • Combination lock • Intelligent keys • Device locks • Biometric or access card locks Lock Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Automatic access control • Card entry systems • Biometric entry systems • Man traps • Turnstiles Access Controls Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Container • Safe • Vault Secure Storage Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Can monitor critical checkpoints and verify identification. • Provide a visual deterrent. • Can apply their own knowledge and intuition, but also have human vulnerabilities. • Dogs extend guard effectiveness, but cannot exercise judgment. Guards and Dogs Copyright © 2019 Logical Operations, Inc. All rights reserved.
Senses changes in environment and alerts security. PIDS Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Motion sensor • Pressure-sensitive sensor • Heat detector • Proximity detector • Vibration detector • Magnetic detector • Photometric detector PIDS Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Physical security mechanism that monitors internal/external areas. • Monitors for unusual behavior/potential intruders. • Extend guard presence. • Video broadcast and recording devices. • Can include audio surveillance. Surveillance Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Audio • Video • Guard stations • Security dogs Types of Surveillance Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Lights • Bells and sirens • Local activation/local response • Local activation/remote response • Remote activation/local response • Remote activation/remote response Alarm Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Maintained by access control systems and by security guards. • Should clearly identify: • The name of the individual attempting access. • The date and time of access. • The access portal or entry point. • The user ID entered to attempt access. • The location of access to internal spaces, if required. • Unsuccessful access attempts, including those during unauthorized hours. Physical Access Logs Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Passive • Events are logged and examined after they occur. • Active • Events are both logged and responded to continuously in real-time. Continuous Security Monitoring Copyright © 2019 Logical Operations, Inc. All rights reserved.
Types of Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved. • IDS and IPS • Blacklisting and whitelisting • Sandboxing • Honeypots and honeynets • Anti-malware • Third-party security services
• Sensor • Detects unwanted or unexpected behavior and produces an alert. • Communication • The alert is transmitted to the proper recipient. • Enunciator • May adjust the alert for different recipient types. IDS and IPS for Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Blacklisting blocks known malicious sites, applications, services, and traffic. • Risk of false positives. • You can’t know every threat to block. • Whitelisting blocks everything except what you trust. • More secure than blacklists. • Might be too restrictive. Copyright © 2019 Logical Operations, Inc. All rights reserved. Whitelisting and Blacklisting Whitelisting Blacklisting
• The most fundamental security concept underlying virtualization. • You can virtualize and sandbox: • Operating systems. • Applications. • Desktops. Sandboxing Copyright © 2019 Logical Operations, Inc. All rights reserved.
Honeypots and Honeynets • Honeypot – decoy computer. • Honeynet – decoy network. • Challenging enough to keep hacker busy and away from real servers. • Allow you to collect information about intruder and take deterrent action. • Placed: • Outside the firewall. • Inside the DMZ. Attacker Launches scanning attack Honeypot Scan attack logged Copyright © 2019 Logical Operations, Inc. All rights reserved.
• One of the most basic preventive measures you can take. • You must keep it up-to-date. • No one product has proven to be 100% effective against all attacks. • Most end-user anti-malware products can’t be installed side-by-side on same machine. • Some enterprise products integrate multiple anti-malware engines for better coverage. Copyright © 2019 Logical Operations, Inc. All rights reserved. Anti-Malware
Firewalls for Attack Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved.
• One of the most common mechanisms for provisioning. • Can automatically inventory and track hardware and software assets. • Can deploy operating systems to “bare metal boxes.” • Can collect statistics about every system on the network. Copyright © 2019 Logical Operations, Inc. All rights reserved. Configuration Management
• Central repository that stores data about all significant items in your IT environment. • Significant items are known as “Configuration Items”: • IT assets that are related to IT processes. • Can include hardware, software, documents, models, plans, even people. • The CMDB tracks the interrelations between the CIs. CMDB Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Define how the CM process is carried out. • CM policies usually contain: • A list of configuration items that are under the CM's control. • How these items are named. • How these items are added and removed from the CM's control. • How the items are subject to change within the CM. • How the same item is versioned if it appears multiple times in the CM. • How the CM is enforced within the organization. CM Policies Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Identify CIs and any related assets that will be placed in control of the CM. • Describe each item's characteristics in the CM. • Implement configuration/change management processes for items controlled by CM. • Establish baselines for both internal and customer use. • Ensure that requests to change items are tracked. • Ensure any changes to items are controlled by the CM. • Audit the baselines established for the CM items. Copyright © 2019 Logical Operations, Inc. All rights reserved. CM Practices
• Desktop images. • Guest operating systems. • Virtual SANs. • Configuration files. • Software-defined networking capabilities. • Cluster resources. • Anything that is software-based. Virtual Assets VM Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Cloud services, like email, collaboration tools, etc. • Cloud storage. • Cloud-based virtual machines. • Cloud-based networking components. Cloud Assets Copyright © 2019 Logical Operations, Inc. All rights reserved.
Incident Response Process Detect a Problem Evaluate the Problem Mitigate the Damage Determine Lessons Learned Report Details Recover and Remediate Implement Preventive Controls Copyright © 2019 Logical Operations, Inc. All rights reserved.
IRT Roles and Responsibilities IT Information Security Physical/Corporate Security Executive Management Legal Internal Audit Human Resources Media/Public Relations Copyright © 2019 Logical Operations, Inc. All rights reserved. Incident Response Team
• Prevent a situation from becoming worse. • Ensure that first responders take correct action. • Provide the team with all of the tools and resources they need. Incident Response Management Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Volume of log entries and false positives can be overwhelming. • Adverse occurrence might not actually be a security incident. • Hardware failures. • Human error. • Use professional judgment. • Document all systems. • Set a baseline of normal behavior. • Retain logs from all sources. • Correlate events, alerts, and indicators from all sources. • Research reputable sources for information. • Filter out irrelevant or inconsequential sources. • Properly document analysis findings in a database. Copyright © 2019 Logical Operations, Inc. All rights reserved. Evaluation and Analysis
• Use triage method to determine priority by criticality. • Take care to not inadvertently contaminate a crime scene. • If you do not intend to prosecute: • Contain damage. • Discover the problem. • Bring systems back online. Response and Mitigation Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Can be as simple as restoring a single operating system or as complex as moving all personnel and operations to a new physical location. • Make sure the recovered system will not be vulnerable to the same attack. • Use a different team to perform a fresh vulnerability assessment on recovered system. • Stop or reverse the damage caused by the incident. • Discover root cause. Recovery and Remediation Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Report business impact of incident. • Report should include: • Source of incident. • Triggers. • Systems targeted. • Specific impacts. • Actions taken to mitigate incident. • Actions taken to recover systems and operations. • Actions taken to mitigate lingering effects. • Current state of the system. • Lessons learned. Reporting and Documentation Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Identify areas of security that need improvement. • Determine the best way possible to improve security. Lessons Learned  Actions taken.  Optimal solution.  How teams reacted/performed.  Cost in time and money.  How future response will be different.  Recommended changes to security policy. Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Seeking evidence from computers/networks that might pertain to criminal/civil matter. • Remember nearly anything done on computer/network leaves a trace. • Set of procedures/protocols that are: • Methodical. • Verifiable. • Auditable. Investigative Procedures Collect Evidence Present Findings Analyze Evidence Discover Evidence Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Keep asking "what was the immediate thing that allowed this to happen?” • With each answer, repeat the question until you find the root cause. • Most root causes can be uncovered in six questions. • There are likely to be several root causes. Root Cause Analysis Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Report findings to management, authorities, stakeholders. • Tailor report based on audience. Investigation Reports Copyright © 2019 Logical Operations, Inc. All rights reserved.
Disaster Recovery Planning Process Update and Maintain Identify Document Train Assess Copyright © 2019 Logical Operations, Inc. All rights reserved.
DRPs • Well-documented policy that defines: • How people/resources will be protected during disaster. • How organization will recover. • Plan should be tested for effectiveness and fine-tuned before a disaster strikes. • Train staff on policy so they can respond automatically in case of emergency. Copyright © 2019 Logical Operations, Inc. All rights reserved.
DRP Requirements Disaster Recovery Plan Consistent strategy Assess plan effectiveness Management and response team training Ownership of disaster recovery process Communicati on protocols Copyright © 2019 Logical Operations, Inc. All rights reserved.
Disaster Recovery Strategy Considerations Risks Personnel safety Essential items Relocation scheme Copyright © 2019 Logical Operations, Inc. All rights reserved. Cost vs. benefit Weigh goals and costs to ensure an effective DRP Prioritization Recover business critical processes first
Disaster Recovery Priority Levels Short term Mid term Long term Not required Copyright © 2019 Logical Operations, Inc. All rights reserved.
DRP Personnel Roles and Responsibilities Executive emergency management team Command center team Emergency management team Emergency response teams End users DRP Personnel Copyright © 2019 Logical Operations, Inc. All rights reserved.
Failure Metrics Time Event System Repaired System First Brought Online Event MTTF MTTR MTBF Copyright © 2019 Logical Operations, Inc. All rights reserved.
RPOs RPO Starting point for data recovery Time Event MTD Copyright © 2019 Logical Operations, Inc. All rights reserved.
RTOs MTTR Time RPO Event MTD RTO Business recovers if RTO is before MTD Copyright © 2019 Logical Operations, Inc. All rights reserved.
RPO/RTO Optimization Time RPO Event MTD RTO As close to zero as financially feasible Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Crisis leadership for senior management. • Business continuity training for department managers. • Technical training and logistics training for the technical teams. • "What to do and what NOT to do during a crisis" training for end-users. Copyright © 2019 Logical Operations, Inc. All rights reserved. DRP Training
• Testing scope and objectives. • What functions, processes, and systems will be tested. • An assurance that the test will not jeopardize normal business operations. • Expectations of the test process for all departments and lines of business. • A description of each test and how it will impact each department and business operations. • The level of involvement of the staff, technologies, and facilities. • Expectations of the test output. • A measurement to determine the success of each test. • Ability to identify any interdependencies (internal/external) that may impact success of test. • Be able to uncover and rectify gaps in the testing process itself. • Be able to tolerate deviating from the test script and injecting unplanned events such as the loss of key personnel, services, or equipment. • Use a sufficient volume and range of transactions to provide an adequate representative sample in the test output. Copyright © 2019 Logical Operations, Inc. All rights reserved. DRP Test Strategy
• A master schedule that lists all of the tests. • A description of the test objectives and methods. • A list of all test participants. • The roles and responsibilities of all test participants including support personnel. • The decision-makers and their successors. • Test locations. • Test escalation conditions. • Contact information. DRP Test Plan Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Read-Through. • Structured Walkthrough. • Simulation. • Parallel. • Full Interrupt. DRP Test Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Who are decision makers and how to contact them. • Where and how data is backed up. • Can any fault tolerance or redundancy mechanisms restore data. • Alternate site location, along with services and technologies at the site. • Travel and accommodation services. • Recovery strategy for the organization in each specific technology. • Where people should assemble if they cannot reenter the building. • The process for declaring a disaster for specific site. Copyright © 2019 Logical Operations, Inc. All rights reserved. Recovery Strategies
• Short-term • Mirrored site • Shared location • Long-term • Relocation • Rebuilding Copyright © 2019 Logical Operations, Inc. All rights reserved. Disaster Recovery Response Approaches
• Notify all stakeholders: • Employees and their families. • Vendors, contractors, and business partners. • Facility and site managers. • Department managers. • Senior managers and Board of Directors. • News media. • Law enforcement. • Emergency responders. • Insurance companies. Copyright © 2019 Logical Operations, Inc. All rights reserved. • Suppliers and distributors. • Customers. • Government regulators. • Competitors. • Unions. • Internet users. • The general public or line-of-business related communities. • Industry groups. Communication with Stakeholders
Communication Flow • Create a fault-tolerant call tree. • Put emergency numbers on badges or refrigerator magnets. Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Final part of disaster recovery. • Part of the DRP. • Primary working facility and environment is back to normal. • Part of staff might still be at alternate site for awhile. • Legal team and insurance agent will play a role. Copyright © 2019 Logical Operations, Inc. All rights reserved. Restoration
• What was the root cause of the disaster? • How can such a disaster be avoided in the future? • How did the DR/BCP team respond? • What lessons were learned? • What went well? • What could be improved? Copyright © 2019 Logical Operations, Inc. All rights reserved. Disaster Post-Mortem
END Copyright © 2019 Logical Operations, Inc. All rights reserved.

Recommended

Cybertopic_2security
Cybertopic_2securityCybertopic_2security
Cybertopic_2securityAnne Starr
 
The Loss of Intellectual Property in the Digital Age: What Companies can d…
The Loss of Intellectual Property in the Digital Age: What Companies can d…The Loss of Intellectual Property in the Digital Age: What Companies can d…
The Loss of Intellectual Property in the Digital Age: What Companies can d…Christopher Kranich
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessPrecisely
 
Intellinx.z watch
Intellinx.z watchIntellinx.z watch
Intellinx.z watchJim Porell
 
Intellinx overview.2010
Intellinx overview.2010Intellinx overview.2010
Intellinx overview.2010Jim Porell
 
Event Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsEvent Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsInfonaligy
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityKarthikeyan Dhayalan
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecuritySmartCompliance
 

Recommended

Cybertopic_2security
Cybertopic_2securityCybertopic_2security
Cybertopic_2securityAnne Starr
 
The Loss of Intellectual Property in the Digital Age: What Companies can d…
The Loss of Intellectual Property in the Digital Age: What Companies can d…The Loss of Intellectual Property in the Digital Age: What Companies can d…
The Loss of Intellectual Property in the Digital Age: What Companies can d…Christopher Kranich
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessPrecisely
 
Intellinx.z watch
Intellinx.z watchIntellinx.z watch
Intellinx.z watchJim Porell
 
Intellinx overview.2010
Intellinx overview.2010Intellinx overview.2010
Intellinx overview.2010Jim Porell
 
Event Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsEvent Presentation: Cyber Security for Industrial Control Systems
Event Presentation: Cyber Security for Industrial Control SystemsInfonaligy
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityKarthikeyan Dhayalan
 
Lock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecurityLock it or Lose It: Why Every Company Should be Concerned About Data Security
Lock it or Lose It: Why Every Company Should be Concerned About Data SecuritySmartCompliance
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk ManagementSam Bowne
 
Combating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think AboutCombating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think AboutIntellinx Ltd.
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security EngineeringSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)Sam Bowne
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...Andris Soroka
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)Sam Bowne
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security EngineeringSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)Sam Bowne
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyKevin Lloyd
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT deviceAbhijeet Rane
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...Black Duck by Synopsys
 
DTS Services
DTS ServicesDTS Services
DTS ServicesDavid A. Le Roy
 
199 baseline security
199 baseline security199 baseline security
199 baseline securityDarrin Jackson
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)Sam Bowne
 
Federal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal StandardsFederal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal StandardsSolarWinds
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowIBM Security
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringWaterfall Security Solutions
 
Secuntialesse
SecuntialesseSecuntialesse
SecuntialesseAnne Starr
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 

More Related Content

What's hot

1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk ManagementSam Bowne
 
Combating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think AboutCombating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think AboutIntellinx Ltd.
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security EngineeringSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)Sam Bowne
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...Andris Soroka
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)Sam Bowne
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security EngineeringSam Bowne
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)Sam Bowne
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyKevin Lloyd
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT deviceAbhijeet Rane
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...Black Duck by Synopsys
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)Sam Bowne
 
Federal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal StandardsFederal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal StandardsSolarWinds
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowIBM Security
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringWaterfall Security Solutions
 

What's hot (20)

1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
 
Combating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think AboutCombating Internal Fraud - 5 Points You Should Think About
Combating Internal Fraud - 5 Points You Should Think About
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security Engineering
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
 
CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)CNIT 125: Ch 2. Security and Risk Management (Part 1)
CNIT 125: Ch 2. Security and Risk Management (Part 1)
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security Engineering
 
CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)CNIT 125: Ch 2. Security and Risk Management (Part 2)
CNIT 125: Ch 2. Security and Risk Management (Part 2)
 
The Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your TechnologyThe Benefits of Having Nerds On Site Monitoring Your Technology
The Benefits of Having Nerds On Site Monitoring Your Technology
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT device
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access Management
 
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
FLIGHT Amsterdam Presentation - Open Source, IP and Trade Secrets: An Impossi...
 
DTS Services
DTS ServicesDTS Services
DTS Services
 
199 baseline security
199 baseline security199 baseline security
199 baseline security
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)
 
Federal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal StandardsFederal Webinar: Improve IT Service Management and help meet Federal Standards
Federal Webinar: Improve IT Service Management and help meet Federal Standards
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to KnowDefining Security Intelligence for the Enterprise - What CISOs Need to Know
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
 

Similar to gkkwqdqqndqw2121234Security essentials domain 4

Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3Anne Starr
 
IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM IntegrationPrecisely
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3Anne Starr
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Webinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWindsWebinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWindsSolarWinds
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowPrecisely
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterpriseGabriella Davis
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcingNicholas Davis
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityRohit Kapoor
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure OrganizationsHelpSystems
 
093049ov16.pptx
093049ov16.pptx093049ov16.pptx
093049ov16.pptxNguyenNM
 
Incident Response for the Work-from-home Workforce
Incident Response for the Work-from-home WorkforceIncident Response for the Work-from-home Workforce
Incident Response for the Work-from-home WorkforceChristopher Gerritz
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 

Similar to gkkwqdqqndqw2121234Security essentials domain 4 (20)

Secuntialesse
SecuntialesseSecuntialesse
Secuntialesse
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3
 
IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM Integration
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Webinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWindsWebinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWinds
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
U nit 4
U nit 4U nit 4
U nit 4
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterprise
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
LoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated CybersecurityLoginCat - Zero Trust Integrated Cybersecurity
LoginCat - Zero Trust Integrated Cybersecurity
 
7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations7 Habits of Highly Secure Organizations
7 Habits of Highly Secure Organizations
 
093049ov16.pptx
093049ov16.pptx093049ov16.pptx
093049ov16.pptx
 
Incident Response for the Work-from-home Workforce
Incident Response for the Work-from-home WorkforceIncident Response for the Work-from-home Workforce
Incident Response for the Work-from-home Workforce
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 

More from Anne Starr

I01letor20so201leutor2020
I01letor20so201leutor2020I01letor20so201leutor2020
I01letor20so201leutor2020Anne Starr
 
Iso27001leadauditor2020
Iso27001leadauditor2020Iso27001leadauditor2020
Iso27001leadauditor2020Anne Starr
 
Dncybersecurity
DncybersecurityDncybersecurity
DncybersecurityAnne Starr
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehAnne Starr
 
2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)Anne Starr
 
Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577Anne Starr
 
01wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-40001wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-400Anne Starr
 
uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00Anne Starr
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
CloudhnologysstecociatAnne Starr
 
Cmbysantocsddsh
CmbysantocsddshCmbysantocsddsh
CmbysantocsddshAnne Starr
 
Cddmbysantcsosh
CddmbysantcsoshCddmbysantcsosh
CddmbysantcsoshAnne Starr
 
Ccbysantsddosh
Ccbysantsddosh Ccbysantsddosh
Ccbysantsddosh Anne Starr
 
Ccsdbyhday1santodms
Ccsdbyhday1santodmsCcsdbyhday1santodms
Ccsdbyhday1santodmsAnne Starr
 

More from Anne Starr (20)

I01letor20so201leutor2020
I01letor20so201leutor2020I01letor20so201leutor2020
I01letor20so201leutor2020
 
Iso27001leadauditor2020
Iso27001leadauditor2020Iso27001leadauditor2020
Iso27001leadauditor2020
 
Ccsddm5days
Ccsddm5daysCcsddm5days
Ccsddm5days
 
Dayblic
DayblicDayblic
Dayblic
 
Day1cspbeblic
Day1cspbeblicDay1cspbeblic
Day1cspbeblic
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)2 slides(2ndvariadaystion)
2 slides(2ndvariadaystion)
 
Sec4
Sec4Sec4
Sec4
 
Securityic2
Securityic2Securityic2
Securityic2
 
)k
)k)k
)k
 
inte
inteinte
inte
 
Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577Awtitioneressentialsdeckscloudprac401-577
Awtitioneressentialsdeckscloudprac401-577
 
01wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-40001wslouAsentialsdeck2dpractitioneres-400
01wslouAsentialsdeck2dpractitioneres-400
 
uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00uderessAwscloentialsdeck1-2ion00
uderessAwscloentialsdeck1-2ion00
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
Cloudhnologysstecociat
 
Cmbysantocsddsh
CmbysantocsddshCmbysantocsddsh
Cmbysantocsddsh
 
Cddmbysantcsosh
CddmbysantcsoshCddmbysantcsosh
Cddmbysantcsosh
 
Ccbysantsddosh
Ccbysantsddosh Ccbysantsddosh
Ccbysantsddosh
 
Ccsdbyhday1santodms
Ccsdbyhday1santodmsCcsdbyhday1santodms
Ccsdbyhday1santodms
 

Recently uploaded

Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonJericReyAuditor
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxAnaBeatriceAblay2
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 

Recently uploaded (20)

Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lesson
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 

gkkwqdqqndqw2121234Security essentials domain 4

  • 1. CCSD SECURITY ESSENTIAL CERTIFIED Operational Security Site Security Disaster Recovery Incident Response
  • 2. Security Operations Overview Copyright © 2019 Logical Operations, Inc. All rights reserved. Focus Description Maintain Operational Resilience Keep core business functions operating even when a negative event occurs. Protect Valuable Assets Protect a wide range of assets and resources, from data to equipment to human. Control System Accounts Control users who have access to critical business systems. Effective Security Services Management Make sure that strong leadership is in place to keep security operations services consistent and effective.
  • 3. • Give user exactly what they need to do job, and no more. • Cannot set and forget permission levels. • Privilege can slowly escalate. • Review periodically or set expiration times for user accounts. • Assign two accounts to IT personnel: • Common end-user account. • Administrative account. Least Privilege User 1 User 4 User 2 Data Entry Clerks User 3 Financial Coordinators Perform their jobs with fewer privileges Perform their jobs with more privileges Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 4. • Gates, fences, walls, doors, and other barriers. • Locks. • Guards. • Perimeter intrusion detection such as: • Infrared. • Fence vibration sensors. • Normal light and infrared CCTV. • Sound and motion detectors. • Any other system that can detect the presence of an intruder. • Alarm systems. • Logging and reporting of all physical access attempts. Perimeter Security Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 5. • Begin at the building. • Can include access control and monitoring at any point: • Access controls such as card readers. • Locks. • Mantraps. • Safes. • Vaults. • Other secure storage containers. • Guards. • Surveillance systems. • Alarm systems. • Logging and reporting of all physical access attempts. • Should be applied to sensitive or high-risk areas. Internal Security Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 6. Layered Protection Perimeter Facility Copyright © 2019 Logical Operations, Inc. All rights reserved. Secured Area
  • 7. • Fencing • Walls • Doors • Windows • Lighting • Bollards Physical Access Barriers Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 8. • Key lock • Deadbolt lock • Keyless lock or cipher lock • Combination lock • Intelligent keys • Device locks • Biometric or access card locks Lock Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 9. • Automatic access control • Card entry systems • Biometric entry systems • Man traps • Turnstiles Access Controls Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 10. • Container • Safe • Vault Secure Storage Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 11. • Can monitor critical checkpoints and verify identification. • Provide a visual deterrent. • Can apply their own knowledge and intuition, but also have human vulnerabilities. • Dogs extend guard effectiveness, but cannot exercise judgment. Guards and Dogs Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 12. Senses changes in environment and alerts security. PIDS Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 13. • Motion sensor • Pressure-sensitive sensor • Heat detector • Proximity detector • Vibration detector • Magnetic detector • Photometric detector PIDS Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 14. • Physical security mechanism that monitors internal/external areas. • Monitors for unusual behavior/potential intruders. • Extend guard presence. • Video broadcast and recording devices. • Can include audio surveillance. Surveillance Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 15. • Audio • Video • Guard stations • Security dogs Types of Surveillance Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 16. • Lights • Bells and sirens • Local activation/local response • Local activation/remote response • Remote activation/local response • Remote activation/remote response Alarm Systems Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 17. • Maintained by access control systems and by security guards. • Should clearly identify: • The name of the individual attempting access. • The date and time of access. • The access portal or entry point. • The user ID entered to attempt access. • The location of access to internal spaces, if required. • Unsuccessful access attempts, including those during unauthorized hours. Physical Access Logs Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 18. • Passive • Events are logged and examined after they occur. • Active • Events are both logged and responded to continuously in real-time. Continuous Security Monitoring Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 19. Types of Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved. • IDS and IPS • Blacklisting and whitelisting • Sandboxing • Honeypots and honeynets • Anti-malware • Third-party security services
  • 20. • Sensor • Detects unwanted or unexpected behavior and produces an alert. • Communication • The alert is transmitted to the proper recipient. • Enunciator • May adjust the alert for different recipient types. IDS and IPS for Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 21. • Blacklisting blocks known malicious sites, applications, services, and traffic. • Risk of false positives. • You can’t know every threat to block. • Whitelisting blocks everything except what you trust. • More secure than blacklists. • Might be too restrictive. Copyright © 2019 Logical Operations, Inc. All rights reserved. Whitelisting and Blacklisting Whitelisting Blacklisting
  • 22. • The most fundamental security concept underlying virtualization. • You can virtualize and sandbox: • Operating systems. • Applications. • Desktops. Sandboxing Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 23. Honeypots and Honeynets • Honeypot – decoy computer. • Honeynet – decoy network. • Challenging enough to keep hacker busy and away from real servers. • Allow you to collect information about intruder and take deterrent action. • Placed: • Outside the firewall. • Inside the DMZ. Attacker Launches scanning attack Honeypot Scan attack logged Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 24. • One of the most basic preventive measures you can take. • You must keep it up-to-date. • No one product has proven to be 100% effective against all attacks. • Most end-user anti-malware products can’t be installed side-by-side on same machine. • Some enterprise products integrate multiple anti-malware engines for better coverage. Copyright © 2019 Logical Operations, Inc. All rights reserved. Anti-Malware
  • 25. Firewalls for Attack Prevention Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 26. • One of the most common mechanisms for provisioning. • Can automatically inventory and track hardware and software assets. • Can deploy operating systems to “bare metal boxes.” • Can collect statistics about every system on the network. Copyright © 2019 Logical Operations, Inc. All rights reserved. Configuration Management
  • 27. • Central repository that stores data about all significant items in your IT environment. • Significant items are known as “Configuration Items”: • IT assets that are related to IT processes. • Can include hardware, software, documents, models, plans, even people. • The CMDB tracks the interrelations between the CIs. CMDB Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 28. • Define how the CM process is carried out. • CM policies usually contain: • A list of configuration items that are under the CM's control. • How these items are named. • How these items are added and removed from the CM's control. • How the items are subject to change within the CM. • How the same item is versioned if it appears multiple times in the CM. • How the CM is enforced within the organization. CM Policies Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 29. • Identify CIs and any related assets that will be placed in control of the CM. • Describe each item's characteristics in the CM. • Implement configuration/change management processes for items controlled by CM. • Establish baselines for both internal and customer use. • Ensure that requests to change items are tracked. • Ensure any changes to items are controlled by the CM. • Audit the baselines established for the CM items. Copyright © 2019 Logical Operations, Inc. All rights reserved. CM Practices
  • 30. • Desktop images. • Guest operating systems. • Virtual SANs. • Configuration files. • Software-defined networking capabilities. • Cluster resources. • Anything that is software-based. Virtual Assets VM Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 31. • Cloud services, like email, collaboration tools, etc. • Cloud storage. • Cloud-based virtual machines. • Cloud-based networking components. Cloud Assets Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 32. Incident Response Process Detect a Problem Evaluate the Problem Mitigate the Damage Determine Lessons Learned Report Details Recover and Remediate Implement Preventive Controls Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 33. IRT Roles and Responsibilities IT Information Security Physical/Corporate Security Executive Management Legal Internal Audit Human Resources Media/Public Relations Copyright © 2019 Logical Operations, Inc. All rights reserved. Incident Response Team
  • 34. • Prevent a situation from becoming worse. • Ensure that first responders take correct action. • Provide the team with all of the tools and resources they need. Incident Response Management Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 35. • Volume of log entries and false positives can be overwhelming. • Adverse occurrence might not actually be a security incident. • Hardware failures. • Human error. • Use professional judgment. • Document all systems. • Set a baseline of normal behavior. • Retain logs from all sources. • Correlate events, alerts, and indicators from all sources. • Research reputable sources for information. • Filter out irrelevant or inconsequential sources. • Properly document analysis findings in a database. Copyright © 2019 Logical Operations, Inc. All rights reserved. Evaluation and Analysis
  • 36. • Use triage method to determine priority by criticality. • Take care to not inadvertently contaminate a crime scene. • If you do not intend to prosecute: • Contain damage. • Discover the problem. • Bring systems back online. Response and Mitigation Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 37. • Can be as simple as restoring a single operating system or as complex as moving all personnel and operations to a new physical location. • Make sure the recovered system will not be vulnerable to the same attack. • Use a different team to perform a fresh vulnerability assessment on recovered system. • Stop or reverse the damage caused by the incident. • Discover root cause. Recovery and Remediation Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 38. • Report business impact of incident. • Report should include: • Source of incident. • Triggers. • Systems targeted. • Specific impacts. • Actions taken to mitigate incident. • Actions taken to recover systems and operations. • Actions taken to mitigate lingering effects. • Current state of the system. • Lessons learned. Reporting and Documentation Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 39. • Identify areas of security that need improvement. • Determine the best way possible to improve security. Lessons Learned  Actions taken.  Optimal solution.  How teams reacted/performed.  Cost in time and money.  How future response will be different.  Recommended changes to security policy. Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 40. • Seeking evidence from computers/networks that might pertain to criminal/civil matter. • Remember nearly anything done on computer/network leaves a trace. • Set of procedures/protocols that are: • Methodical. • Verifiable. • Auditable. Investigative Procedures Collect Evidence Present Findings Analyze Evidence Discover Evidence Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 41. • Keep asking "what was the immediate thing that allowed this to happen?” • With each answer, repeat the question until you find the root cause. • Most root causes can be uncovered in six questions. • There are likely to be several root causes. Root Cause Analysis Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 42. • Report findings to management, authorities, stakeholders. • Tailor report based on audience. Investigation Reports Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 43. Disaster Recovery Planning Process Update and Maintain Identify Document Train Assess Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 44. DRPs • Well-documented policy that defines: • How people/resources will be protected during disaster. • How organization will recover. • Plan should be tested for effectiveness and fine-tuned before a disaster strikes. • Train staff on policy so they can respond automatically in case of emergency. Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 45. DRP Requirements Disaster Recovery Plan Consistent strategy Assess plan effectiveness Management and response team training Ownership of disaster recovery process Communicati on protocols Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 46. Disaster Recovery Strategy Considerations Risks Personnel safety Essential items Relocation scheme Copyright © 2019 Logical Operations, Inc. All rights reserved. Cost vs. benefit Weigh goals and costs to ensure an effective DRP Prioritization Recover business critical processes first
  • 47. Disaster Recovery Priority Levels Short term Mid term Long term Not required Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 48. DRP Personnel Roles and Responsibilities Executive emergency management team Command center team Emergency management team Emergency response teams End users DRP Personnel Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 49. Failure Metrics Time Event System Repaired System First Brought Online Event MTTF MTTR MTBF Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 50. RPOs RPO Starting point for data recovery Time Event MTD Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 51. RTOs MTTR Time RPO Event MTD RTO Business recovers if RTO is before MTD Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 52. RPO/RTO Optimization Time RPO Event MTD RTO As close to zero as financially feasible Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 53. • Crisis leadership for senior management. • Business continuity training for department managers. • Technical training and logistics training for the technical teams. • "What to do and what NOT to do during a crisis" training for end-users. Copyright © 2019 Logical Operations, Inc. All rights reserved. DRP Training
  • 54. • Testing scope and objectives. • What functions, processes, and systems will be tested. • An assurance that the test will not jeopardize normal business operations. • Expectations of the test process for all departments and lines of business. • A description of each test and how it will impact each department and business operations. • The level of involvement of the staff, technologies, and facilities. • Expectations of the test output. • A measurement to determine the success of each test. • Ability to identify any interdependencies (internal/external) that may impact success of test. • Be able to uncover and rectify gaps in the testing process itself. • Be able to tolerate deviating from the test script and injecting unplanned events such as the loss of key personnel, services, or equipment. • Use a sufficient volume and range of transactions to provide an adequate representative sample in the test output. Copyright © 2019 Logical Operations, Inc. All rights reserved. DRP Test Strategy
  • 55. • A master schedule that lists all of the tests. • A description of the test objectives and methods. • A list of all test participants. • The roles and responsibilities of all test participants including support personnel. • The decision-makers and their successors. • Test locations. • Test escalation conditions. • Contact information. DRP Test Plan Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 56. • Read-Through. • Structured Walkthrough. • Simulation. • Parallel. • Full Interrupt. DRP Test Types Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 57. • Who are decision makers and how to contact them. • Where and how data is backed up. • Can any fault tolerance or redundancy mechanisms restore data. • Alternate site location, along with services and technologies at the site. • Travel and accommodation services. • Recovery strategy for the organization in each specific technology. • Where people should assemble if they cannot reenter the building. • The process for declaring a disaster for specific site. Copyright © 2019 Logical Operations, Inc. All rights reserved. Recovery Strategies
  • 58. • Short-term • Mirrored site • Shared location • Long-term • Relocation • Rebuilding Copyright © 2019 Logical Operations, Inc. All rights reserved. Disaster Recovery Response Approaches
  • 59. • Notify all stakeholders: • Employees and their families. • Vendors, contractors, and business partners. • Facility and site managers. • Department managers. • Senior managers and Board of Directors. • News media. • Law enforcement. • Emergency responders. • Insurance companies. Copyright © 2019 Logical Operations, Inc. All rights reserved. • Suppliers and distributors. • Customers. • Government regulators. • Competitors. • Unions. • Internet users. • The general public or line-of-business related communities. • Industry groups. Communication with Stakeholders
  • 60. Communication Flow • Create a fault-tolerant call tree. • Put emergency numbers on badges or refrigerator magnets. Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 61. • Final part of disaster recovery. • Part of the DRP. • Primary working facility and environment is back to normal. • Part of staff might still be at alternate site for awhile. • Legal team and insurance agent will play a role. Copyright © 2019 Logical Operations, Inc. All rights reserved. Restoration
  • 62. • What was the root cause of the disaster? • How can such a disaster be avoided in the future? • How did the DR/BCP team respond? • What lessons were learned? • What went well? • What could be improved? Copyright © 2019 Logical Operations, Inc. All rights reserved. Disaster Post-Mortem
  • 63. END Copyright © 2019 Logical Operations, Inc. All rights reserved.