2.18 Denial of Service

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

12 hours 48 minutes
Video Transcription
next concern we have to think about, and we've always had to think about it. Denial of service, gos. And, of course, you may see DDOS for distributed denial of service and the difference. There's the implication that with a DDOS distributed denial of service,
I'm commandeering a lot of other hosts to participate in this denial of service is a matter of fact. Most denial of service attacks you see today really
are distributed.
So you know the thing about it. The OS is I'm not really trying to compromise you, Dad. I'm not leaking information. My purpose is simply to render a service unavailable
to limit timely access to a resource. And a lot of times with organization, it causes significant financial damage. If you knock a company like Amazon off line for 20 minutes, you've done a significant amount of damage. So
that's often the purpose. Sometimes the purposes bragging rights, sometimes their other,
you know, reasons we see hacktivism, but a lot of times again, hacktivism is tied into financial loss, so denial service again, it's a popular attack type, the best we can do for an olive service attacks to mitigate those redundancy rather than having single servers.
We have multiple servers either in a cluster or
just as redundant. Stand alone's. Um, we also have to think about recovering our data,
archiving our data. You know, denial of service. Ransomware has been very, very common over the last couple of years. And if I have no way to get my systems or my data back,
well, then you know, all of a sudden paying a ransom doesn't look so bad.
So we won't. Redundancy backup, Dad, An archive data.
Um and really, we want comprehensive redundancy. So for data, we think about backups.
We think about archives. We also think about Dad a dispersion where our data isn't Singley located at any one facility. That makes it tougher to compromise all of our data. It could be used for confidentiality sake as well can be difficult to assimilate all that data for an attacker.
So for data, the standards hard drives, we think of rate servers and service is we think of clustering.
We need redundant links to our cloud service provider. We need multiple physical locations. Perhaps we need business continuity, planning, disaster recovery planning. Many times we use the cloud for that and as we move further into the material here,
we'll talk about the cloud as disaster recovery or we'll talk about disaster. Recovery
as a service, which really is just part of infrastructure, is a service. But yet redundancy is the main element that will help us mitigate denial of service attacks.
Now I did mention before, with retention and archival. Usually what drives our retention policy, how long we keep data? Usually it's driven by legal considerations, right? Certain industries were required to keep data for seven years. Other agencies
are going to scope out and try to keep that data
a very minimal period of time. Because if I don't have it, I don't have to protect it, right? So if I only keep this data on long enough to verify you are who you say you are, then we destroy that information. And a lot of times, that's how it's used. You know, let me have your full credit card number. Now I've got that.
That's what I have. I have a match
now that information's discarded, so
you know there is no set amount of timeto archive dad. It's driven by the industry, and usually it's driven by regulatory laws now testable an important consideration when you're determining a retention or archival plan
is you've gotta think about media types and application for months. The point that we would be trying to make with that statement would be, um
you know, if I go to recover a file and I've got it archived and I go into my archives and I have those two guys remember, there's little cassette tapes that were like this big from back in the nineties, this tiny little things. I'm not gonna be able to find a device to restore that information.
So I need a policy that from time to time checks the media and says, Well, wait a minute. We've got an update.
I don't know if any of you have any valuable videos on VHS,
but how are there was working for you today? Probably not so much, Right. Oh, look what I found. I found this great movie. What you gonna do with it?
So media formats, then application formats. If I've got, you know, lotus notes files from the seventies, that's not gonna be very helpful to me today. So that's a testable idea. Is that when we've got this idea of developing a long term retention strategy,
you've gotta think about media types as well as application formats.
All right, So, again, when we're archiving our files, we have to protect them in the same way that we would protect out At rest,
we have to encrypt. We have to monitor access and restrict access.
We might want to think about granular retrieval. Can I retrieve a single file at a time as opposed to restore the whole tape? And ultimately, we have to protect what we stormed back up, just like we have to protect it in their main systems. Um,
e discovery is mentioned here. And don't confuse that with data discovery data discoveries kind of making, um
understanding, making meaning at a big data. But once we say e discovery or Elektronik discovery now we're talking about evidence to prevent the prince to prevent to present in court. So we have to make sure that we have access to the information that we're legally required toe have. So
archiving and having good retention policies
is an important piece of that
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By