Time
1 hour 53 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
logical security controls are another type of security control that you can put in place
00:06
to prevent the bad guys from accessing valuable information that you don't want him to access.
00:12
Ah, form of logical security control would be active directory. We talked a little bit about active directory earlier. Part of domain service is it's a good way to manage your users from one location and only allow them to access the necessary resource is
00:27
and prevent them from accessing things they shouldn't. Some things that you may want to keep in mind
00:34
is threat actors within your organization maybe have some, uh, employee that works in your company who had a rebuttal with the manager,
00:43
and now he wants to get back at the company because he's mad
00:46
or he's gonna be fired. Those situations can be quite treacherous because the user knows three organization. He may, he or she may know the organization, and they're vulnerable points. And so having an a directory that you can manage and prevent the user from accessing those informations that are valuable
01:06
is very handy. So this is considered a logical security control for that reason
01:11
Mobile device management, or mdn is something you may come across if you're dealing with a lot of portable devices, this here is actually an example of Iraqis and the M I A visa. Several times it's very, very good.
01:25
You can install an agent on the device, which tracks the devices. Location prevents applications from running on it if you choose to,
01:34
you can apply antivirus or anti malware software. Thio. Catch anything that might be malicious and prevented or mitigated by removing it. You can restrict access by preventing the user from performing certain tests that could be harmful to the organization or to the user.
01:53
All these things can be done through a mobile device management tool,
01:57
and port security is another logical security control. Yes, that is a piece of hardware that is a switch, but with port security. What you're doing is you are using software. You are preventing
02:13
sir imports from being access, so, yes, you can plug the cable into it. But logically or within the software,
02:20
it is disabled, so the user can't actually ah, sniff any packets or do anything malicious if they were to actually plug their laptop directly into that port. Another thing that you can do is you can filter by Mac Address.
02:34
Mac addresses are the addresses that's are registered with the Ethernet cards, the WiFi cards that are plugged into your devices. They are unique. There is no other Mac address like your Mac address,
02:47
and so you can filter to make sure that only certain Mac addresses have access to certain Resource is
02:54
and prevents all other all other Mac actresses from accessing those resource is explicitly. Each port has a setting or configuration that can be applied and restrict the access in other way that we just talked about. And you can do this with a lot of the more expensive Ah, switches and routers,
03:13
um, that are available to you for both your home and your enterprise.
03:17
So talking a little bit more about Mac addresses. As you see here in the picture, these are examples of Mac addresses. If you go and take your network and security plus, you'll learn more about these. But this is what it looks like.
03:30
These addresses air like I p addresses, except they are specifically dedicated to the networking hardware that's plugged into your computer.
03:38
They're in your phones, things like that they're distributed by the company that manufactured who made the hardware so they're going to be distributed. And, ah, there is a way to identify the manufacturer by, ah, certain Mac address the first few keys and the Mac address.
03:59
They actually distinguish who the manufacturer is.
04:01
I don't remember which one goes with which. But if you were to look them up, you could find that out.
04:08
Uh, yes, you can do Mac filtering to prevents certain Mac addresses from accessing. Resource is and so in turn, this is a logical security control for that reason.
04:19
Antivirus, which you are probably very familiar about, is considered a logical security control. Why? Because it prevents earn applications that are malicious from running on the computer it runs on your computers. You can run on your phone and updates regularly, and it performs scans.
04:36
Ah, based on the virus database that it has installed on the operating system. So very important to make sure that the database is up to date
04:45
companies. Typically, we use an enterprise level antivirus, uh, and it can figure that centrally and distributed all tore workstations that way is easy to manage and handle from there some really good ones or semantic,
04:57
and there are several others out there. But I do encourage you to go out there and take a look. If you are interested in cyber security or system security, you can learn a little bit more about anti bars.
05:06
That way
05:08
we talked a little bit about firewalls. What we did not talk about us, that there's host base and network based firewalls. You do have a hardware network firewall, which is a piece of hardware device. Kind of looks like a switch. The appliance your network
05:20
that can act as a network based firewall that blocks incoming and outgoing ports and traffic and monitor certain type of content from being accessed in the network. In your enterprise.
05:32
What we did cover. We're host based virals, which are installed on the operating system you can. It's the other software based firewalls on your workstation that will prevent a certain information from being passed Certain ports of being access stuff like that. But you know, that all depends on
05:50
what level of security you're trying thio. Implement into your organization and into your systems
05:59
and last but not least, strong passwords. I consider this to be a lot logical security control because it's something that we don't think of as much as we should. Strong passwords are very important because passwords are very easy to brute force. You can come up with a list of
06:16
passwords based on the user's information that they, you know an attacker may be able to find on Facebook or some social media site.
06:25
Um, usually passwords contain personal information like birthdates or a dog's name or child's name, something like that. So
06:35
hacker theoretically could aggregate all this information together in a brute force list or a rainbow table of some sort and run the list through the user profile until they finally get a match and attack it. So,
06:49
logically speaking, you can prevent these things by implementing strong, very complicated passwords, and you can use a strong password policy within the enterprise to keep up with that corporate password. Policies should include extended character length like eights or 12 characters.
07:10
Ah, you should have variable characters, so you should have letters and numbers
07:15
both, you know, capitalized on on capitalized, and you should have some complex lettering such as exclamation points, you know, symbols hashtag things like that within your passwords. You should have a password rotation policy where you change it out every three months or every month, depending on how,
07:32
however, your organization, unless you can figure that.
07:35
And one of one of a more recent logical security controls when with regards to strong passwords is comparing the password to an exploited password database like Have I been Poland, where you can check to see if any of your passwords have been compromised in it in one of the product data breaches that we hear about on the news all the time?
07:55
All right, that's about wraps up this lecture. If you have any questions, please feel free to reach out to me. If not, I'll see you guys in the next lecture.

Up Next

CompTIA A+ 220-1002

In this course, you will learn the fundamentals of operating systems, security, software troubleshooting, and operating procedures. This course will prepare you to take and pass the CompTIA A+ 220-1002 exam.

Instructed By

Instructor Profile Image
Nicolas Moy
Senior Cloud Security Engineer
Instructor