Hello and welcome back. The cyber is 2019 comp t A Security plus certification preparation course
we continue on with this particular module, which is martyr to, and the topic of discussion will be domain to technologies and tools.
We have a brand new objective to discuss during this particular video, which is tied at 2.4. Giving a scenario.
Analyze and interpret output from security technologies.
This brings to our first pre assessment quiz or question
what you need to determine here at this point. Time. Determine whether this statement here is either true
or is it, in fact, false.
And it reads as follows. A file interviewed checker can determine whether foul has been altered by an application or is corrupt.
Is that true or false?
If you send a chill, you're absolutely correct.
As mentioned earlier, we begin in a brand new again objective here,
and its title. Given us an error. Analyze interpret output from security technology. He again other sub topics of interest, which will be discussing doing this particular video, ranging from host based intrusion Texas system. It was prevention system all way down to the topic Off patch management,
her again and some of dis objectives. Taking a look at U T M
A DLP data loss prevention data execution prevention as well as Web application type firewall.
The first item we will take a look is called
a whole Space intrusion detection system versus a host base and choosing to prevention system obviously, deaths of differences when you think about the to.
In fact, we think about a host base intrusion detection system. It's in choosing the Texans system that is incapable of monitoring and analyzing the internal kernels of a computer system as well as the network packages on the network interface.
Your host Base Intrusion prevention system is a system or program implored to protect critical computer systems containing critical data against viruses and other intimate male wear.
A foul integrity check
can, obviously what it can do. It could determine whether foul that you have has what had been altered by an application or, in fact, whether or not that file is deemed to be corrupt.
Ah, whole space firewall is a power that's built into your desktop operations, such as your Wonder Stand operating system.
A host based Fowler typically output three things alerts update. Martin notification as well as your logs
application. White listing.
Basically, it determines the rules
on which advocates allowed to be run on a computer. We can add application X, Cuba file names or DLL. Buying their is to that particular whiteness
now. Whiteness application. Typically, do not go through a security check up on launch. In some cases, only white listed application this case can run.
Then we have removable media control.
I had a very high risk, as it's easier still data you lies in these what we call removal media, ranging from your serial. Parallel your firewall fire while your USB, Bluetooth and so forth.
There we come to the topical advanced mayor. Well, twos.
The utilization of advanced network can analyze theater tack life cycle and glean important forensic details to enhance their threat. Intelligence
Mirror to move. Put whether they find marijuana as well as where they were able to remove, block or quarantine. That Manuel
Another process that we opted to be engaged in what we call patch management
now Patch manager tools. Basically, a patch is a set of changes to your computer program or supporting data designed to update, fix
now Patch Man's where your updates are downloaded that tested on an isolated system such as a sandbox in which we discuss it later on what that entails and when they have been thoroughly tested, their then road out to your I T system. This is sure that the I t system have no vulnerabilities,
so really, what, you want a sandbox that before, before you actually roll it out? You wanna test that, obviously,
in a virtual type environment, whether in your production environment,
then we have a U. T. M. With stands for Unified Threat Management, which is again, is a firewall that can also prevent your l feel to another word. Universal resource filtering content filter in the world as male, where inspection
When you combine the solution. Some network features into a single device that provides a network based security such as proxy, reverse proxy and firewall. You can turn on very verbose logging, reviewed log files and trumps your rules. As part of your troubleshooting type scenario,
DLP stand for data loss prevention basis, a scrappage of making sure that in use that do not send out that system or critical information outside of your corporate network. The term also is used to describe software products. They help a network minister to control what data and uses, in fact, that they can transfer
data execution prevention. That this is a security feature can help prevent damage to your computer from viruses and other security type threats. This again, this is a technology and protect your memory for malicious code. There's, ah, hardware based type, what we call the data execution prevention and on software based one as well.
You can predict individual application would again with
with data execution prevention. Or you could protect an entire computer as well.
Web Application Firewall
basis. An application filed for HCP application. It applies a set of rules to an http type conversation.
At this point in time, we have ah post assessment quiz,
and this, in fact, is a chew off false statement.
What you need to do is determine whether or not it's either true or false.
So the statement reasons follows. Host Base Firewall is an application foul that's not built into the desktop operating systems such as Windows 10 operating system.
The correct response have been falls because of a host base. Firewall is in fact, an application firewall that's built into the desktop operations of such a Windows 10 operating system.
This brings us to our key takeaways from this particular video, and they are as follows. We learned that a unified threat management, or UTF, is a foul that can also prevent Uriel filtering content. Hilton, as well as mayor, worked inspection.
We also learned that at patches sort of changes to a computer program or supporting data designed to update, fix or improve it.
We also learned that removing media are at very high security risk, as is easy to steal data using these particular type of media,
we learned the application whiteness and determines the rules on what applicants allow to run on a computer.
We learned also that a unified threat management, or you tm
is a firewall that can also prevent Azeri mentioned prevent Iorio type filter in as well,
and our upcoming video will be moving on to a brand new objective, which, indeed within margin number two. We just title 2.5, giving a scenario deplore mobile devices securely
look for the Syrian. The very next video