Hello and welcome back to Cy Berries Conti. A certified van secreted practice. Tres certification Preparation course.
This is Marja number five. We're just tired of whole security controls
in the previous video. Highlight the objective, which encompasses this particular module
literally. What we gonna do now is continue our discussion of whole security controls,
which is sexual one.
These objectives for section number one.
Let's begin by discussing securing the operating system software. When we look at patches, patches can sometime create new problems. So as a result of that bender ship 30 tests before employ and in fact, you as a future certified advance security pact district. She also test him out before you reform.
One way we contest amount of Stuart deplored him within. What a virtual environment testing them out, making sure that it works before we deploy within our enterprise environment.
We can also implore automated Patch update service, which again allows us to manage patch locally whether they rely on the vendors online updates service is opposite. It has some advantages and they are as follows. Administrator can force updates installed by specific dates.
Additionally, administrators can approve updates for the attention on Lee and allow them to see which computer will require the update
without actually installing it.
When you go into the process and let me operate systems up the opposite Desam advantages particularly look at automated patch updates. We going down with the patches from the local service that we use in the vendor Online updates service. We can specify the type of updates of the organization does test can be automatically install,
and also you sicken just cannot disable or circumvented of these.
So again, obviously has some advantages of you realize an automated update. Patch Update Service.
We want to make sure again we're looking at installing Protecting our computers. Wouldn't make sure Starr only unnecessary software computer system must have ah design goal.
All install software supports to go some of the operating system. Our pact is better for on Lee necessary software. Good example. Be linens, which is packaging small packages. It's easiest like only those would you need it and nothing more.
We'll make sure we secure it that necessary system there. Opposite two choices. We can disable the operating system in terms of deficit's or systems. Start up. We can also in implement all configure
do constraints through TCP rappers. We analyze application specific. Opposite may not be possible game. When we looking at these in terms of configuration and constraint,
we're gonna make sure we install on Lee to software we need to perform. The service is that we need to do, ah, perform in our particular organization.
We can secure a week default settings. We're gonna make sure we investigate and change week default settings like, for example, when you purchase your typical Wyler's Roddy has a default security settings. We want to make sure we change. Those were to make sure, in this case, Julie specific to operate system. We think about these default settings.
They're numerous guidelines. They're available through the Sands Institute
nous as well assert as well. So we're gonna make sure we look at these various publications and guys to guide us through this process.
Additionally, when we secure the operating system, we might want to secure it to design.
We thought about hard in this system all the words locking down the system. We only started the necessary service is or that we need to perform on that computer. We're gonna make sure we tightened security settings doing the design and the coding operates system will make sure we look at trusted operating systems, which again is an operation that has been his onto operating system.
Other words hardening. In other words,
we can also enhance all while security about you, like some for my entire man, where third part of it and I meant what suffered pack to provide added security. The at an anti member suffer includes Anna virus, anti spam, pop up blockers, anti spyware spyware as well as host based type firewalls.
Now this brings us to another interesting topic. Malicious software. We think about Melissa software sometime. Call Mayor where this is suffer designed to infiltrate or fate. A computer system without the owner's informed consent. It use associate with viruses, worms, Trojan horses, spyware. You have your root kits
as well as your Dennis honest at where
we look at a virus. It is a program that can copy a seven infected computer without that uses consent or knowledge. So in fact, a virus is a binary pattern, a scream of ones and zeros that identifies a specific virus by checking a program of file against a list of virus definition
antivirus software can determine if the program of file contains a virus
on the next flight will take a look again. These are some symptoms of the probability you having a virus. For example, poor system performance. Your system has less available memory than it's sure you also incur poor performance. Computer. Your puta. Stop responding frequently and taking long. Let's start up.
The browser closes unexpectedly stopped responding. Your default home. A default search pace change in your browser. You have unexpected pop ups
adverse adverse in Windows advertising windows. Unexpected or additional toolbox added to your to your browser. Unexpected programs. That automatic startup. You cannot start a pro. Jesus actually symptoms off viruses and I next slide. We have some additional ones. Components of the winners. Other program No longer work.
You're the UN user message displayed on your martyr.
Unusual sound of music is played on the Brandon time, so these obviously our list off indicators that you have a virus.
Then we come to what is a virus. Holes
is a email that provides a warning about a virus, worm or special or some other disaster and urges US recipient afford a message.
These hosts emails often sent from what appears to be a reliable source, which can make determining whether to heat that makes it difficult for the recipient. Although such hopes are usually benign, they suggest that recipient that lead important files from the computer or download an infected attachment.
This is a form of social engineer that place on people's ignorance as well as their fear.
Now, when you look at a worm, a warm is a type of malicious software man where that replicates while moving across computers, leaving copies of itself in the memory of each computer in its path.
And that's what a spyware programs that be even more dangerous. They up there both forms of malicious. I've also called Mayor, where spyware software that is, stalling computer either directly or inadvertently. Our Children Horse on hand is a program is similar. Spire, except that is packaged as another program
and appears to be a desirable, useful program to use, is tricked into loading and executed program on this system. Begin. We're looking at a Children horse,
then we look at root kits and back doors are bagged. Oh is a way of accessing computer without going through the normal access routine, such as Internet name and password. It could be stalled by a virus or even by a legitimate program. A root kit can be used to open a back door. Line a hacker into the system.
The first step to be taken to protect yourself against marijuana is to keep your system up to date with the latest service pacts and other critical fixes for Windows, as well as Microsoft products such as in explore as well. It's Microsoft office
now. Anna Vera Software basically examines a computer for infection. It scans your new doctor that might contain viruses. It search for known virus patterns. Opposite is on weakness of the anti virus in its most content. Must contain the search for new viruses. Update and describe it. This signatures to the user. Obviously, if that software that you
purchase from a vendor life was apprehended bars is not kept up to date is not really gonna do you too much good
opposite at some alternative approach to co what we call immolation. Basically, what happens is it possible code is executed. A virtual vomited determine if it is a virus, so that's an alternate approach
toe move looking at antivirus.
Then we have anti spam basis. Families can describe it. Mayor. What do with email attachment Spam can be used for social engineering attacks. Spam filter method You again. There are different methods that we have dismissed It. Here,
in this case, will create a list of approved and none approved cinders. Other words of blackness is not approved. Centers off Whiteness is approved centers We can also block certain file attachment types is work. That's one way we can actually protect myself.
Then we have pop ups is again. It's a small one appearing over your website. Use it. Created by ad versus advertisers. Ah, Papa Block is a separate program is part of what we call the end. I'm everywhere program and incorporate within a browser.
It allows you to limit or block most pop ups. Alerts could be displayed in the browser. It gives the user option display pop ups.
Lastly, anti malware or anti spyware is it helps prevent computers from becoming infected by different types of spy. Well,
we can also implore whole space type firewalls. Off fire was designed to prevent malicious package from Internet l, leaving a computer sometimes call a packet filter, Maybe hardware software Base Host based software is firewall. It runs as a program on their local system to protect it
for securing esthetic environment devices, which which in which additional hardware cannot easily be added or attach first. These are common devices in this category we have M. Bennett have embedded systems. We have game console where smart was again. It's advices, in which addition salt. We cannot easily be attached.
This brings us to a post assessment question, and the question is as follows. What Mayor recollect that uses personal information or details about your brows and have without your knowledge, is a Paris be Children horse, sea worm or D spyware.
If you see like the D, you're absolutely correct. Because spyware is the type of male word that is installing computer to collect the user's personal information or details about your browsing habits. Often use would that be uses knowledge.
Doing this particular presentation, we discuss securing the operating system software, securing with anti made aware,
protected against me aware
papa blockers, anti spare, where
whole space firewalls and lastly, securing static environments in the upcoming presentation will be moving on discussing processing number two
dealing specifically with application development. Security. Look forward to seeing you in the next video.