The document discusses securing hosts, applications, and data. It describes securing the host by protecting physical devices, securing the operating system software, and using antimalware software. Securing the operating system involves developing security policies, baselining the OS configuration, configuring security settings, deploying security settings using tools like group policy, and implementing patch management. Antimalware software like antivirus, antispam, and firewall programs provide additional security for the host.
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
Understand and apply concepts of confidentiality, integrity and availability, Apply security governance principles,
Understand legal and regulatory issues that pertain to information security in a global context, Develop and implement documented security policy, standards, procedures, and guidelines, Understand business continuity requirements
Contribute to personnel security policies, Understand and apply risk management concepts, Understand and apply threat modeling, Integrate security risk considerations into acquisition strategy and practice, Establish and manage information security education, training, and awareness
Cyber security and demonstration of security toolsVicky Fernandes
Presentation on Cybersecurity and demonstration of security tools, conducted by Vicky Fernandes on 10th September 2019 at Don Bosco Institute of Technology, Mumbai.
USER AUTHENTICATION
MEANS OF USER AUTHENTICATION
PASSWORD AUTHENTICATION
PASSWORD VULNERABILITIES
USE OF HASHED PASSWORDS – IN UNIX
PASSWORD CRACKING TECHNIQUES
USING BETTER PASSWORDS
TOKEN AUTHENTICATION
BIO-METRIC AUTHENTICATION
This training creates the awareness of the security threats facing individuals, business owner’s, and corporations in today’s society and induces a’ plan-protection’ attitude. It enriches individuals, students’, business owners’ and workers’ approach to handling these threats and responding appropriately when these threats occur.
Understand and apply concepts of confidentiality, integrity and availability, Apply security governance principles,
Understand legal and regulatory issues that pertain to information security in a global context, Develop and implement documented security policy, standards, procedures, and guidelines, Understand business continuity requirements
Contribute to personnel security policies, Understand and apply risk management concepts, Understand and apply threat modeling, Integrate security risk considerations into acquisition strategy and practice, Establish and manage information security education, training, and awareness
Cyber security and demonstration of security toolsVicky Fernandes
Presentation on Cybersecurity and demonstration of security tools, conducted by Vicky Fernandes on 10th September 2019 at Don Bosco Institute of Technology, Mumbai.
USER AUTHENTICATION
MEANS OF USER AUTHENTICATION
PASSWORD AUTHENTICATION
PASSWORD VULNERABILITIES
USE OF HASHED PASSWORDS – IN UNIX
PASSWORD CRACKING TECHNIQUES
USING BETTER PASSWORDS
TOKEN AUTHENTICATION
BIO-METRIC AUTHENTICATION
This training creates the awareness of the security threats facing individuals, business owner’s, and corporations in today’s society and induces a’ plan-protection’ attitude. It enriches individuals, students’, business owners’ and workers’ approach to handling these threats and responding appropriately when these threats occur.
What's New In CompTIA Security+ - Course Technology Computing ConferenceCengage Learning
What's New In CompTIA Security+ - Course Technology Computing Conference
Presenter: Mark Ciampa, Western Kentucky University
The new CompTIA Security+ exam (SY0-401) is projected to be rolled out in the late spring of 2014. This exam will have several significant changes from the previous exam. These include an expanded emphasis on topics such as securing mobile devices, cloud computing, cryptography, and threats and vulnerabilities. In addition, CompTIA is continuing to use performance-based questions on Security+ exams, requiring test-takers to configure firewall access control lists, match ports with services, and analyze log files. What exactly will the new Security+ exam cover? How will the updated Cengage Security+ Guide to Network Security Fundamentals 5th Edition address these changes? And what are the best ways to help students be prepared for the new Security+ exam with its performance-based questions? This session will look at what's new in CompTIA Security+ and how we can teach security to our students.
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Effective Security Monitoring for IBM i: What You Need to KnowPrecisely
Defending against the increasing sophistication and complexity of today’s security threats requires a comprehensive, multi-layered approach. The key is to maximize the strength of each layer of your defenses, and then ask yourself “If this layer is breached, what do I have in place to prevent further damage?”
Even if you have implemented the proper layers of protection, effective security still requires a thoughtful and comprehensive approach to monitoring and reporting. Monitoring plays a critical role in any effective IT security strategy. It's like having a security guard constantly patrolling your digital infrastructure, vigilantly watching for suspicious activity and potential threats. Security monitoring allows you to detect threats as soon as possible, giving you a better chance of responding quickly and effectively.
Join us for this webinar we will cover:
• The best practices for monitoring your IBM i environment.
• The benefits of combining your IBM i monitoring with other IT systems
• A demonstration of a new Assure Security Monitoring and Reporting interface
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
Today’s world of complex regulatory requirements and evolving security threats requires you to find simple ways to monitor all IBM i system and database activity, identify security threats and compliance issues in real time, produce clear and concise reports, and maintain an audit trail to satisfy security officers and auditors.
IBM i log files and journals are rich sources of system and database activity. However, they are in their own proprietary format, and they are not easy to manually analyze for security events. View this webinar on-demand to learn more about:
• Key IBM i log files and static data sources that must be monitored
• Automating real-time analysis of log files to identify threats to system and data security
• Integrating IBM i security data into SIEM solutions for a clear view of security across multiple platforms
SecureIoT MVI use case pitch presentationMariza Konidi
The scenario focuses on plant networks for operations and support and enterprise networks connected to IoT platforms providing support for automation and supply chain collaboration. The technical approach of the industrial IoT use case is twofold as reliability and availability of real world production must not be brought at risk.
Learn about some of the details of the Intacct datacenters and measures of security that Intacct takes to protect the cloud they provide to house your accounting and finance data. See why industry experts say that very few - if any - small to medium businesses could spend this kind of money and takes these measures to protect their data and systems.
Making PCI V3.0 Business as Usual (BAU)ControlCase
ControlCase GRC (CC-GRC) is a flexible platform that provides an integrated solution to managing all aspects related to Governance, Risk Management and Compliance Management in any sized organization. The platform consists of several integrated modules that enable various aspects of GRC management such as Compliance Management, Vendor Management, Audit Management, Policy Management, Asset Management and Vulnerability Management.
CC-GRC allows organizations to implement one or all modules at their own pace.
Inductive Automation’s Co-Director of Sales Engineering Kevin McClusky (presenter) and Chief Strategy Officer Don Pearson (moderator) discusses a prevention-focused approach that encompasses physical security as well as cybersecurity. As you’ll learn, an effective SCADA security plan doesn’t just safeguard the platform itself but also each network, device, and database connection.
Learn more about:
- Phishing and other common attack vectors
- Guarding against internal threats
- Locking down your operating system
- Leveraging encryption effectively
- Using Java safely
- Applying security guidelines in the Ignition industrial application platform
- And much more
Inductive Automation’s Co-Director of Sales Engineering Kevin McClusky (presenter) and Chief Strategy Officer Don Pearson (moderator) discusses a prevention-focused approach that encompasses physical security as well as cybersecurity. As you’ll learn, an effective SCADA security plan doesn’t just safeguard the platform itself but also each network, device, and database connection.
Learn more about:
- Phishing and other common attack vectors
- Guarding against internal threats
- Locking down your operating system
- Leveraging encryption effectively
- Using Java safely
- Applying security guidelines in the Ignition industrial application platform
- And much more
Thinking of getting a dog? Be aware that breeds like Pit Bulls, Rottweilers, and German Shepherds can be loyal and dangerous. Proper training and socialization are crucial to preventing aggressive behaviors. Ensure safety by understanding their needs and always supervising interactions. Stay safe, and enjoy your furry friends!
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Delivering Micro-Credentials in Technical and Vocational Education and TrainingAG2 Design
Explore how micro-credentials are transforming Technical and Vocational Education and Training (TVET) with this comprehensive slide deck. Discover what micro-credentials are, their importance in TVET, the advantages they offer, and the insights from industry experts. Additionally, learn about the top software applications available for creating and managing micro-credentials. This presentation also includes valuable resources and a discussion on the future of these specialised certifications.
For more detailed information on delivering micro-credentials in TVET, visit this https://tvettrainer.com/delivering-micro-credentials-in-tvet/
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
MATATAG CURRICULUM: ASSESSING THE READINESS OF ELEM. PUBLIC SCHOOL TEACHERS I...NelTorrente
In this research, it concludes that while the readiness of teachers in Caloocan City to implement the MATATAG Curriculum is generally positive, targeted efforts in professional development, resource distribution, support networks, and comprehensive preparation can address the existing gaps and ensure successful curriculum implementation.
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition
Chapter 4
Host, Application, and Data Security
Objectives
List the steps for securing a host computer
Define application security
Explain how to secure data
Securing the Host
Securing the host involves:
Protecting the physical device
Securing the operating system (OS) software
Using antimalware software
Securing Devices
Security control - any device or process that is used to reduce risk
Two levels of security controls:
Administrative controls - processes for developing and ensuring that policies and procedures are carried out
Technical controls - controls that are carried out or managed by devices
There are five subtypes of controls (sometimes called activity phase controls) described on the following slide
External Perimeter Defenses
External perimeter defenses are designed to restrict access to equipment areas
This type of defense includes:
Barriers
guards
Motion detection devices
External Perimeter Defenses
Barriers
Fencing - usually a tall, permanent structure
Modern perimeter fences are equipped with other deterrents such as proper lighting and signage
Barricade - large concrete ones should be used
Guards
Human guards are considered active security elements
Video surveillance uses cameras to transmit a signal to a specific and limited set of receivers called closed circuit television (CCTV)
External Perimeter Defenses
Motion Detection
Determining an object’s change in position in relation to its surroundings
This movement usually generates an audible alarm
Table 4-3 Motion detection methods
Internal Physical Access Security
These protections include:
Hardware locks
Proximity readers
Access lists
Mantraps
Protected distribution systems for cabling
Internal Physical Access Security
Hardware locks
Standard keyed entry lock provides minimal security
Deadbolt locks provide additional security and require that a key be used to both open and lock the door
Cipher locks are combination locks that use buttons that must be pushed in the proper sequence
Can be programmed to allow a certain individual’s code to be valid on specific dates and times
Internal Physical Access Security
Recommended key management procedures
Inspect locks regularly
Issue keys only to authorized users
Keep track of issued keys
Master keys should not have identifying marks
Secure unused keys in a safe place
Establish a procedure to monitor use of locks and keys
Mark master keys with “Do Not Duplicate”
Change locks after key loss or theft
Internal Physical Access Security
Proximity Readers
Uses an object (physical token) to identify persons with authorization to access an area
ID badge emits a signal identifying the owner
Proximity reader receives signal
ID badges that can be detected by a proximity reader are often fitted with RFID tags
Badge can remain in bearer’s pocket
Internal Physical Access Security
Figure 4-4 RFID tag
Internal Physical Access Security
Access list
Record of individuals who have permission to enter secure area
Records time they entered and left
Mantrap
Separates a secured from a nonsecured area
Device monitors and controls two interlocking doors
Only one door may open at any time
Internal Physical Access Security
Protected Distribution Systems (PDS)
A system of cable conduits used to protect classified information that is being transmitted between two secure areas
Created by the U.S. Department of Defense (DOD)
Two types of PDS:
Hardened carrier PDS - conduit constructed of special electrical metallic tubing
Alarm carrier PDS - specialized optical fibers in the conduit that sense acoustic vibrations that occur when an intruder attempts to gain access
Hardware Security
Hardware security - the physical security protecting the hardware of the host system
Most portable devices have a steel bracket security slot
A cable lock can be inserted into slot and secured to device and a cable connected to the lock can be secured to a desk or chair
Locking cabinets
Can be prewired for power and network connections
Allow devices to charge while stored
Hardware Security
Figure 4-7 Cable lock
Securing the Operating System Software
Five-step process for protecting operating system
1. Develop the security policy
2. Perform host software baselining
3. Configure operating system security settings
4. Deploy and manage security settings
5. Implement patch management
Securing the Operating System Software
Develop the security policy
Security policy - a document(s) that clearly define organization’s defense mechanisms
Perform host software baselining
Baseline - the standard or checklist against which systems can be evaluated
Configuration settings that are used for each computer in the organization
Securing the Operating System Software
Configure operating system security and settings
Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline
Typical configuration baseline would include:
Changing insecure default settings
Eliminating unnecessary software, services, protocols
Enabling security features such as a firewall
Securing the Operating System Software
Deploy and Manage Security Settings
Tools to automate the process
Security template - collections of security configuration settings
Group policy - Windows feature providing centralized computer management; a single configuration may be deployed to many users
Securing the Operating System Software
Implement Patch Management
Operating systems have increased in size and complexity
New attack tools have made secure functions vulnerable
Security patch - software security update to repair discovered vulnerabilities
Hotfix - addresses specific customer situation
Service pack - accumulates security updates and additional features
Securing the Operating System Software
Patches can sometimes create new problems
Vendor should thoroughly test before deploying
Automated patch update service
Manage patches locally rather than rely on vendor’s online update service
Advantages of automated patch update service
Administrators can force updates to install by specific date
Administrators can approve updates for “detection” only; allows them to see which computers will require the update without actually installing it
Securing the Operating System Software
Advantages of automated patch update service (cont’d)
Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time
Specific types of updates that the organization does not test can be automatically installed
Users cannot disable or circumvent updates
Securing the Operating System Software
Figure 4-8 Automatic patch update service
Securing the Operating System Software
Security Through Design
OS hardening - tightening security during the design and coding of the OS
Trusted OS - an OS that has been designed through OS hardening
Table 4-4 OS hardening techniques
Securing with Antimalware
Third-party antimalware software packages can provide added security
Antimalware software includes:
Antivirus
Antispam
Popup blockers
Antispyware
Host-based firewalls
Antivirus
Antivirus (AV) - Software that examines a computer for infections
Scans new documents that might contain viruses
Searches for known virus patterns
Weakness of anti-virus
Vendor must continually search for new viruses, update and distribute signature files to users
Alternative approach: code emulation
Questionable code is executed in virtual environment to determine if it is a virus
Antispam
Spammers can distribute malware through email attachments
Spam can be used for social engineering attacks
Spam filtering methods
Bayesian filtering - divides email messages into two piles: spam and nonspam
Create a list of approved and nonapproved senders
Blacklist - nonapproved senders
Whitelist - approved senders
Blocking certain file attachment types
Pop-up Blockers and Antispyware
Pop-up - small window appearing over Web site
Usually created by advertisers
Pop-up blockers - a separate program as part of anti-spyware package
Incorporated within a browser
Allows user to limit or block most pop-ups
Alert can be displayed in the browser
Gives user option to display pop-up
Antispyware - helps prevent computers from becoming infected by different types of spyware
Host-Based Firewalls
Firewall - designed to prevent malicious packets from entering or leaving computers
Sometimes called a packet filter
May be hardware or software-based
Host-based software firewall - runs as a program on local system to protect it
Application-based
Securing Static Environments
Static environment - devices in which additional hardware cannot easily be added or attached
Common devices in this category:
Embedded system - a computer system with a dedicated function within a larger electrical system
Game consoles
Smartphones
Mainframes
In-vehicle computer systems
SCADA (supervisory control and data acquisition)
Application Security
Besides protecting OS software on hosts, there is a need to protect applications that run on these devices
Aspects of application security:
Application development security
Application hardening and patch management
Application Development Security
Security for applications must be considered through all phases of development cycle
Application configuration baselines
Standard environment settings can establish a secure baseline
Includes each development system, build system, and test system
Must include system and network configurations
Application Development Security
Secure coding concepts
Coding standards increase applications’ consistency, reliability, and security
Coding standards allow developers to quickly understand and work with code that has been developed by different members of a team
Coding standards useful in code review process
Example of a coding standard:
To use a wrapper function (a substitute for a regular function used in testing) to write error-checking routines for preexisting system functions
Application Development Security
Errors and Exception Handling
Errors - faults that occur while application is running
Response to the user should be based on the error
The application should be coded so that each error is “caught” and effectively handled
Improper error handling in an application can lead to application failure
Application Development Security
The following may indicate potential error-handling issues:
Failure to check return codes or handle exceptions
Improper checking of exceptions or return codes
Handling all return codes or exceptions in the same manner
Error information that divulges potentially sensitive data
Fuzz testing (fuzzing) - a software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a program
Application Development Security
Input Validation
A specific type of error handling is verifying responses that the user makes to the application
Improper verification is the cause for XSS, SQL, or XML injection attacks
Cross-site request forgery (XSRF) - an attack that uses the user’s web browser settings to impersonate the user
To prevent cross-site scripting, the program should trap for these user responses
Application Development Security
Input validation generally uses the server to perform the validation (server-side validation)
It is possible to have the client perform the validation (client-side validation)
In client-side validation all input validations and error recovery procedures are performed by the user’s web browser
An approach to preventing SQL injection attacks is avoid using SQL relational databases
NoSQL - a nonrelational database that is better tuned for accessing large data sets
Application Hardening and Patch Management
Application hardening
Intended to prevent attackers from exploiting vulnerabilities in software applications
Table 4-6 Attacks based on application vulnerabilities
Application Hardening and Patch Management
Patch management
Rare until recently
Users were unaware of the existence of patches or where to acquire them
More application patch management systems are being developed to patch vulnerabilities
Securing Data
Work today involves electronic collaboration
Data must flow freely
Data security is important
Big Data - refers to a collection of data sets so large and complex that it becomes difficult to process using traditional data processing apps
Data loss prevention (DLP)
System of security tools used to recognize and identify critical data and ensure it is protected
Goal: protect data from unauthorized users
Securing Data
DLP examines data as it resides in any of three states:
Data in use (example: creating a report from a computer)
Data in-transit (data being transmitted)
Data at rest (data that is stored on electronic media)
Securing Data
Most DLP systems use content inspection
A security analysis of the transaction within its approved context
Looks at security level of data, who is requesting it, where the data is stored, when it was requested, and where it is going
DLP systems can also use index matching
Documents that have been identified as needing protection are analyzed by DLP and complex computations are conducted based on the analysis
Securing Data
Three types of DLP sensors:
DLP network sensors - installed on the perimeter of the network to protect data in-transit by monitoring all network traffic
DLP storage sensors - designed to protect data at-rest
DLP agent sensors - installed on each host device and protect data in-use
When a policy violation is detected by the DLP agent, it is reported back to the DLP server
Different actions can then be taken
Securing Data
Figure 4-9 DLP architecture
Securing Data
Figure 4-10 DLP report
Summary
A security control is any device or process used to reduce risk
Hardware locks for doors are important to protect equipment
Hardware security is physical security that involves protecting the hardware of the host system
In addition to protecting hardware, the OS software that runs on the host also must be protected
Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline
Summary
OS and additional third-party antimalware software packages can provide added security
Protecting applications that run on hardware
Create configuration baselines
Secure coding concepts
Data loss prevention (DLP) can identify critical data, monitor and protect it
Works through content inspection