Layered Security Introduction (Cyber Security Part 4)
Ғылым және технология
Support Silicon Dojo at:
www.donorbox.org/etcg
www.silicondojo.com/
Layered Security Introduction
Layering Security
Got Root?
Site Survey and Initial Audit
What are we looking at?
Verify what you are told is true is in fact true.
Communicate with all parties and make sure everyone is on the same page.
Security is as much ART as it is a Science.
“Good Security” is in the eye of the check writer…
Operational Security
Securing HOW your organization runs
Physical Security
Locks
Doors
Walls
Patch Management
Update OS, Software, Firmware on computers, servers AND DEVICES
Patch Management Solutions
Software Privileges
Keep people from modifying records
Accounts Within
Quickbooks
Database Apps
Security Policy
OS Level Security
Active Directory is AMAZEBALLS
Lock down abilities to:
Change network settings
Install Software
Use USB ports
Sharing Permissions
Do you have permission to delete the folder that contains the database that you don’t have permission to login to?
Password Policy / Multi Factor Authentication
DON’T CHECK YOUR EMAIL WITH AN ADMIN ACCOUNT!!!
Expiration Time Period
Password Reuse
Password Complexity
Antivirus / Antimalware/ Antispyware
Verify what your solution does
Central Management
Proper License?
Scaleable?
Standardization
Firewalls
Make sure you don’t break something
Make sure you understand your environment
Should you use a Firewall, or turn off server services (Should SSH be available?)
Layered Networking
Siloing Servers
Subnet Logical Business Units or Physical Locations
Parallel Networking in “Converged” Environments
Understand how VLANs work and Vulnerabilities in your equipment
Services
Server Services
FTP
HTTP
VPN
Administrative Services
SNMP
ICMP
Backups
Not necessarily to tape
Backup of Database tables
Disaster Recovery
How long until services are accessible?
Failover
DRaaS
Intrusion Detection
Honey Pots
Systems to detect intrusions and issues
Service Agreements
HELP!!!
Auditing
Never Stop Auditing!
Пікірлер: 15
Eli, watching your videos is like getting advice straight from a mentor. I keep hearing those exist in the corporate world, but I've yet to run into one. Subbed for the price of a decent beer a month.
0:40. I was the one who cracked the joke. Funny that it was apparently an unconscious thing. I think you should keep the trademark shirt thing going. : )
Thank you for the great security lesson Eli.
Thank you, Eli the computer guy. Keep going forward and never stop making videos.
This Layered Security is really interesting. Also the shirt is nice too. Wear whatever comfortable shirt you want, when making these vids.
All this is really good advice. I'm learning some things - I know very little about Windows licensing. Oracle licensing is fun enough, thank you - especially with the JDK licensing.
Awesome Eli ❤️
Outstanding lecture, thank you, Eli!
Welcome back (in b4 comment remov'd)
I feel so bad every time I consume quality content for free from people and they say, "maybe you consider giving a dolar"/"maybe you want to subscribe to patreon" because I would love to do so and I know the creators deserve even more for the content the give, but I can't because I don't have even that dollar :(. Mainewhile the professors and doctors and the rest of the idiots with all their fancy degrees from my university get big checks got from me 30k euro from me (I know is cheap but i don't live in US). Eli thank you for your videos :D
Active Directory. Is the Blockchain ok seems logical to me. Using Immutable records sure beats the hell out of book keepers and accountants and a lot less legal fees to boot. Just a thought . I agree with you on cryptos but the blockchain technology if used in business can solve and save time and money.
love you man.
Why is Eli looking like Thor
Do a video on NIST SP 800-171 compliance.
😂😂😂