Hello and welcome back to the side. Berry 2019 Comp Tia Security Plus Certification Purpose. Of course,
we're going on a team I discussion of Marginal my three, which in fact, is domain three. And the top of discussion will be architecture and design.
Additionally, we have a brand new objective, which is 3.3 with simply states. Given a scenario, implement secure system design.
The first item on our agenda is a pre assessment quiz,
in fact, is a true or false statement, and it reads as follows.
Electromagnetic interference or Iemma
Electromagnetic fields emitted from technology devices can result in interference. Is this Achuar false statement?
In this case, if you send it to your absolutely correct,
as mentioned earlier, we have a brand new objective, which is 3.3. Giving her scenario. It meant secure system design
here, getting some sub categories, which encompasses this particular objective.
We could begin by first taking a look at hardware and firmware security.
In fact, we will take a look at four dis encryption or FTE e
self encrypting drives or SED drives.
We're taking a look. A trusted platform module or TPM
hardware security module, a or H s M
unified Extensible firmware interface, as well as the basic input output system or BIOS,
as well. A supply chain,
hardware root of trust and, lastly, electromagnetic interference as well as electromagnetic post
the very first item or agenda. Doing this particular video is hard work. In other words, firm where security
for these topics that focuses on the heart, where there, for example, you should be familiar with the hardware required to obtain specify outcomes.
With that being said, let's first take a look at the very first item, which is full disk encryption, basically surprises by which encryption protects all the data on your hard drive.
Then we have the self encrypting dry in this case that automatically encrypts nd Crips the data.
Then we have our trusted platform module, which in fact, is a chip or your mother board of a computer that provides cryptographic ALS services.
Then we have, ah, heart work. Security module. R. H s M is a dedicated cryptographic, a processor that provides protection for your cryptographic Okies.
Then we have the unified extensible firmware interface, which is a specifications for a software program that connects a computer firmware to its operating system. We also have
the BIOS basic input output. Eventually, at some point in time, the unified extensible firmware interface will replace the BIOS.
The last item we have is called a secure boot. Basic what it does. It allows the system to boot into what we call it a fine and trusted configuration.
Then we have a supply chain.
When you think about a supply chain is a network that moves a product from the supplier to the customer,
we have, ah, hardware root of trust basically is the heart was starting point in the chain of trust.
We have the electromagnetic interference or am I or let traumatic feel in minute from technology advices that can result in interference.
We also have the electromagnetic pulse, which is a short duration burst off. Energy by the source
continue our discussion of our scenario, which is 3.3 given a scenario implement secure system designed here again and some of dis objectives which we're gonna cover it doing. This particular video, such as network server workstation appliance kiosks as well as your mobile operating systems
in this section operates system refer to a general purpose computer operating system, such as your windows, your linen as well as purpose built operating system, such as those embedded in an appliance or a smartphone.
With that being said, let's take a look at the different types of operating systems.
First, we'll take a look. It's called Network. Your operating system are always software that runs on a network device like a firewall router or switch
a service operating system. Software that runs on a network server to provide resource is to your network users
your workstation bases. A software that man's Your heart went software on a client computer
appliances operating system in a firm where that is designed to manage a specific advice like a digital video recorder or a video game console,
we have a kiosk, which is a system and user interface software for interactive chaos.
The next one. Take a look. It's called your mobile operating system.
Now it's the operating system for your mobile phone's. Your smartphones or tablets and other hand held devices.
Continue on with this objective. 3.3. Given a scenario inference Secure system design here getting some additional objectives, such as patch management,
this same unnecessary ports and services
trusted operating system
application, black listen or white misting in other words, disabled default accounts and passwords.
So when it first, they want to take a look at this lot here, what we see, we see operating system and simply what happened? The heart one software. It's manipulated by the operating system.
For example, in order for your operating system to communicate with a hard drive, you need to have what a driver and what happens is the driver is the interface between the operating system and the hardware device itself. And in other words, it's a method by what you operates. Isn't is able to communicate with that particular hardware,
or martyr and so forth.
So the first, I don't want to take a little term. Call Patch Management
Patch Amanda is an aerial system management that involves acquiring, testing and installing multiple patches. Other words, cold changes to in minister software for computer system. In other words,
we also have a term called this saving unnecessary ports and devices
in this case was creative perspective. You want to turn off any services that's not being used. The reason for that is, the more service you have running, what happens? You increase the tax surface on that device.
Do you ever term called lease functionality?
It's a principle in which they use is given a minimum set of a mission required performed unnecessary tasks.
Then we have a term called secure configurations these air configuration that have been deemed secure either by your organization at the testing by Dennis, all by trusted third party advisors.
Then we have application white listen or black listing. It basically is creating a list of application that are permitted. Other words, white listing or they're not black listing to run.