Security is important to protect private information, company secrets, and equipment from threats. A chapter discusses security procedures like identifying threats, maintaining security through techniques like passwords and updates, and troubleshooting security issues. Potential threats include viruses, hacking, and loss of data or equipment. The document outlines various security methods and best practices for networks, data, wireless access, and hardware to maintain security.
Upon completion of this chapter, you will be able to:
1) Describe the operation of the Ethernet sublayers.
2) Identify the major fields of the Ethernet frame.
3) Describe the purpose and characteristics of the Ethernet MAC address.
4) Describe the purpose of ARP.
5) Explain how ARP requests impact network and host performance.
6) Explain basic switching concepts.
7) Compare fixed configuration and modular switches.
8) Configure a Layer 3 switch.
Upon completion of this chapter, you will be able to:
1) Describe the operation of the Ethernet sublayers.
2) Identify the major fields of the Ethernet frame.
3) Describe the purpose and characteristics of the Ethernet MAC address.
4) Describe the purpose of ARP.
5) Explain how ARP requests impact network and host performance.
6) Explain basic switching concepts.
7) Compare fixed configuration and modular switches.
8) Configure a Layer 3 switch.
While the COVID-19 pandemic has impacted the way the majority of us work and live our lives, cyber attackers have not taken a break. The pandemic has fuelled cyber-attacks as the attention may have shifted to the healthcare sector. Equipped with the correct monitoring tools, organizations may have noticed a dramatic increase in the number of cyber-attacks directed at its resources and staff. Not only are our organizations being targeted, but cybercriminals are targeting and attacking us as individuals.
COVID-19 has made remote work the norm in certain industries and this may remain in place even after we get over the pandemic.
we have made this like computer application course material which is so functionable and any one can use it to develop your technological concept skill.
We Belete And Tadelech
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
Work-in-Progress!
IoT Cyber+Physical+Social Security
An encyclopedic compendium of tools, techniques, and practices to defend systems that sit at the intersection of the cyber and physical domains; chiefly building automation systems and the Internet of Things.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Cisco Networking Academy program
IT Essentials 5.0
Chapter 10: Security
Chapter 10 Objectives
10.0 Explain why security is important
Technicians need to understand computer and network security. Private information, company secrets, financial data, computer equipment, and items of national security are placed at risk if proper security procedures are not followed.
10.0.1.1 Introduction
10.1 Security Threats
10.1.1.1 Adware, Spyware and Phishing
Malicious software (malware) is any software designed to damage or to disrupt a system:
Types of malware are; viruses, worms, Trojan Horses, adware, spyware, grayware, and other unwanted software.
10.1.1.2 Viruses, Worms, Trojan Horses, and Rootkits
10.1.1.3 Explain web security
Tools that are used to make web pages more powerful and versatile can also make computers more vulnerable to attacks.
ActiveX was created by Microsoft to control interactivity on web pages. If ActiveX is on a page, an applet or small program has to be downloaded to gain access to the full functionality.
Java is a programming language that allows applets to run within a web browser. Examples of applets include a calculator or a counter.
JavaScript is a programming language developed to interact with HTML source code to allow interactive web sites. Examples include a rotating banner or a popup window. Adobe Flash - used to create interactive media (animation, video and games) for the web.
Microsoft Silverlight -used to create rich, interactive media for the web, similar to flash.
To prevent against these attacks, most browsers have settings that force the computer user to authorize the downloading or use of ActiveX, Java, or JavaScript
10.1.1.4 InPrivate Browsing
10.1.1.5 Spam
Spam, also known as junk mail, is unsolicited e-mail. In most cases, spam is used as a method of advertising. However, spam can be used to send harmful links or deceptive content.
When used as an attack method, spam may include links to an infected website or an attachment that could infect a computer. These links or attachments may result in lots of windows designed to capture your attention and lead you to advertising sites. These windows are called popups. Uncontrolled popup windows can quickly cover the user's screen and prevent any work from getting done.
To combat spam and phishing, use anti-virus software and setting options in e-mail. Some spam still may get through, so look for these common indications of spam; no subject line, incomplete return address, computer generated e-mails, and return e-mails not sent by the user.
10.1.1.6 Explain TCP/IP Attacks
TCP/IP is the protocol suite used to control all communications on the Internet. The most common TCP/IP attacks are:
Denial of Service (DoS) is a form of attack that prevents users from accessing normal services, such as e-mail or a web server, because the system is busy responding to abnormally large amounts of requests. DoS works by sending enough requests for a system resource that the requested service is overloaded and ceases to operate.
Distributed DoS (DDoS) uses many infected computers, called zombies or botnets, to launch an attack. With DDoS, the intent is to obstruct or overwhelm access to the targeted server. Zombie computers located at different geographical locations make it difficult to trace the origin of the attack.
SYN Flood randomly opens TCP ports, tying up the network equipment or computer with a large amount of false requests, causing sessions to be denied to others
Spoofing - uses a forged IP or MAC address to impersonate a trusted computer.
Man-in-the-Middle - intercepting communications between computers to steal information transiting through the network.
Replay - data transmissions are intercepted and recorded by an attacker, then replayed to gain access.
DNS Poisoning - changing DNS records to point to imposter servers.
10.1.1.7 Worksheet – Security Attacks
10.1.2.1 Social Engineering
Social engineering occurs when an attacker tries to gain access to equipment or a network by tricking people into providing the necessary access information. Often, the social engineer gains the confidence of an employee and convinces the employee to divulge username and password information.
To protect against social engineering:
Never give out your password.
Always ask for the ID of unknown persons.
Restrict access to visitors.
Escort all visitors.
Never post your password in your work area.
Lock your computer when you leave your desk.
Do not let anyone follow you through a door that requires an access card.
How many people know someone who writes a password on a note and sticks it to the
monitor or under the keyboard?
10.1.2.2 Data Wiping, Hard Drive Destruction and Recycling
Methods are commonly used to either destroy or recycle data and hard drives:
Data wiping
Degaussing
Hard drive destruction
Hard drive recycling
10.2 Security Procedures
10.2.1.1 What is a Security Policy?
A security policy includes the following elements:
An acceptable computer usage statement for the organization.
The people permitted to use the computer equipment.
Devices that are permitted to be installed on a network, as well as the conditions of the installation. Modems and wireless access points are examples of hardware that could expose the network to attacks.
Requirements necessary for data to remain confidential on a network.
Process for employees to acquire access to equipment and data. This process may require the employee to sign an agreement regarding company rules. It also lists the consequences for failure to comply.
10.2.1.2 Worksheet – Answer Security Policy Questions
Teaching Strategy: Security policies describe what to do when faced with many emergencies. It is important to develop and distribute the security policy BEFORE the emergency happens. Local security policies may vary from company to company. They may also vary depending on the device to secure.
10.2.1.3 Security Policy Requirements
The security policy should also provide detailed information about the following issues in case of an emergency:
Steps to take after a breach in security
Who to contact in an emergency
Information to share with customers, vendors, and the media
Secondary locations to use in an evacuation
Steps to take after an emergency is over, including the priority of services to be restored
10.2.1.4 Usernames and Passwords
10.2.1.5 Password Requirements
10.2.1.6 File and Folder Permissions
10.2.1.7 Lab – Securing Accounts, Data, and the Computer in Windows 7
10.2.1.8 Lab – Securing Accounts, Data, and the Computer in Windows Vista
10.2.1.9 Lab – Securing Accounts, Data, and the Computer in Windows XP
10.2.2.1 Software Firewall
Every communication using TCP/IP is associated with a port number. HTTPS, for instance, uses port 443 by default. A firewall is a way of protecting a computer from intrusion through the ports. The user can control the type of data sent to a computer by selecting which ports will be open and which will be secured.
10.2.2.2 Biometric and Smart Cards
Biometric Security compares physical characteristics against stored profiles to authenticate people. A profile is a data file containing known characteristics of an individual such as a fingerprint or a handprint. Common biometric devices available include fingerprint readers, handprint readers, iris scanners, and face recognition devices.
Smart cards store private information such as bank account numbers, personal identification, medical records, and digital signatures. Smart cards provide authentication and encryption to keep data safe.
10.2.2.3 Data backups
Data backups are one of the most effective ways of protecting against data loss. Establish data backup procedures which account for frequency of backups, storage for data backups, and securing data backups using passwords.
10.2.4.7 Firewalls
A hardware firewall passes two different types of traffic into your network:
Responses to traffic that originates from inside your network
Traffic destined for a port that you have intentionally left open
There are several types of hardware firewall configurations:
Packet filter - Packets cannot pass through the firewall, unless they match the established rule set configured in the firewall. Traffic can be filtered based on different attributes, such as source IP address, source port or destination IP address or port. Traffic can also be filtered based on destination services or protocols such as WWW or FTP.
Stateful packet inspection - This is a firewall that keeps track of the state of network connections traveling through the firewall. Packets that are not part of a known connection are dropped.
Application layer - All packets traveling to or from an application are intercepted. All unwanted outside traffic is prevented from reaching protected devices.
Proxy - This is a firewall installed on a proxy server that inspects all traffic and allows or denies packets based on configured rules. A proxy server is a server that is a relay between a client and a destination server on the Internet.
Demilitarized Zone
A DMZ is a subnetwork that provides services to an untrusted network. An email, web, or FTP server is often placed into the DMZ so that the traffic using the server does not come inside the local network. This protects the internal network from attacks by this traffic, but does not protect the servers in the DMZ in any way.
10.2.4.8 Worksheet – Research Firewalls
10.2.4.9 Port Forwarding and Port Triggering
10.2.4.10 Lab – Configure Wireless Security
10.2.5.1 Physical Equipment Protection Methods:
When a computer is stolen, the data is also stolen. There are several methods of physically
protecting computer and network equipment:
Secured telecommunications rooms, equipment cabinets, and cages
Cable locks and security screws for hardware devices
Wireless detection for unauthorized access points
Hardware firewalls
Network management system that detects changes in wiring and patch panels
Disabling AutoRun
By disabling the AutoRun feature on Windows XP, a user can minimize the security risk from a malicious program running automatically when new media is connected to the computer.
Two-factor Authentication
Computer equipment and data can be secured using overlapping protection techniques to prevent unauthorized access to sensitive data. An example of overlapping protection is using a password and a smart card to protect an asset.
Teaching Strategy: Since stealing the whole PC is the easiest way to steal data; physical computer equipment must be secured.
10.3 Common Preventive Maintenance Techniques for Security
10.3.1.1 Operating System Service Packs and Security Patches
10.3.1.2 Worksheet – Operating System Updates in Windows
Teaching Strategy: Attackers methods are constantly changing. As new exploits are discovered, manufacturers create patches and new procedures. The technician must be able to install these and the user should know how to recognize when updates are needed.
10.3.1.3 Data Backup
10.3.1.4 Lab – Data Backup and Recovery in Windows 7
10.3.1.5 Lab – Data Backup and Recovery in Windows Vista
10.3.1.6 Lab – Data Backup and Recovery in Windows XP
10.3.1.7 Configuring Firewall Types
10.3.1.8 Lab – Configure a Windows 7 Firewall
10.3.1.9 Lab – Configure a Windows Vista Firewall
10.3.1.10 Lab – Configure a Windows XP Firewall
10.3.1.11 Maintaining Accounts
10.4 Applying the Troubleshooting Process to Security
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.1 Identify the Problem
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.2 Establish a Theory of Probable Cause
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.3 Determine the exact cause
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.4 Establish a Plan of Action to Resolve the Problem and Implement a Solution
If a quick procedure does correct the problem, you can go to step 5 to verify the solution and full system functionality.
Evaluate the problem and research possible solutions. Divide larger problems into smaller problems that can be analyzed and solved individually. Prioritize solutions starting with the easiest and fastest to implement.
Check:
Helpdesk repair logs
Other techs
Manufacturer FAQs
Technical websites
News groups
Computer manuals
Device manuals
Online forums
Internet search
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.5 Verify Solution and System Functionality
NOTE: Never ask a customer to reveal a password. If you need to access a computer and the customer cannot stay nearby, have the customer create a temporary password. Advise the customer to reset the password when the repair is complete.
10.4.1 Applying the Troubleshooting Process to Security
10.4.1.6 Document Findings
10.4.2.1 Identify common problems and solutions
[Direct the students to the curriculum to see all the charts explaining more common problems and solutions]
10.4.2.2 Worksheet – Gather Information from the Customer
Computer problems can be attributed to hardware, software, connectivity issues, or some combination of the three. You will resolve some types of computer problems more often than others. The worksheet is designed to reinforce your communication skills to verify information from the customer.