IT Security and Data Protection Overview

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course
Time
8 hours 25 minutes
Difficulty
Advanced
CEU/CPE
9
Video Transcription
00:00
>> Folks, we find ourselves at domain
00:00
for the last domain of C risk certification course.
00:00
So domain 4 is information,
00:00
technology, and security.
00:00
Now remember, this domain does
00:00
talk a little bit about technical elements,
00:00
but it is not a highly technical section.
00:00
It's more about having
00:00
a broad understanding of the various devices and
00:00
technologies and knowing when
00:00
they may be appropriate and how they're used.
00:00
Nothing underneath the hood.
00:00
It's that 30,000 foot introduction.
00:00
Don't get too worried if you're not a technical person.
00:00
But, the topics we're going to cover in this section,
00:00
we're going to start off by protecting our data.
00:00
That's a really good place to
00:00
start because that's what's important to us.
00:00
We'll talk about how we protect
00:00
our data throughout its life cycle.
00:00
We'll talk about the various states of data,
00:00
and we'll talk about how we make
00:00
sure we have secure disposal of data.
00:00
Then we're going to mitigate some external risks.
00:00
So we're going to look at
00:00
firewalls and segmenting our network.
00:00
Then we'll talk about
00:00
some additional devices like switches,
00:00
routers, VLANs, layer 3 switches.
00:00
We move on then to configuration and change management,
00:00
making sure that we control
00:00
the stability of our environment because
00:00
it's easier to secure
00:00
a stable environment and an unstable one.
00:00
It's as easy as that. Vulnerability and patch management,
00:00
making sure that we understand where our network
00:00
stands in relation to
00:00
existing vulnerabilities and when available,
00:00
taking the patches that the vendors offer
00:00
us and patching that environment.
00:00
Then we'll move on to identity and
00:00
access management again at a high level,
00:00
but understanding how user
00:00
accounts and the identities created on
00:00
their network are used to provide access to that network.
00:00
How can we regulate that access so that
00:00
only the appropriate people
00:00
have access at the appropriate times?
00:00
Now, following that, we're going to move
00:00
into audits so that we can make sure
00:00
the policies and procedures that we have in place
00:00
are being followed and working and are effective.
00:00
Vulnerabilities and penetration tests,
00:00
looking a little bit deeper
00:00
into how we assess our networks.
00:00
Then we'll cover endpoint security,
00:00
making sure that our hosts are secure and
00:00
last but not least, third party governance.
00:00
That's the direction that we're headed.
00:00
Let's go ahead and get started.
00:00
Now with data protection.
00:00
Like we've said, that is the asset that we're
00:00
most concerned about in information security.
00:00
We think about protection from the confidentiality,
00:00
integrity, and availability perspective.
00:00
What we have to realize, though,
00:00
is that data exists in
00:00
multiple phases throughout data's life cycle.
00:00
We go into the creation of data space where we begin,
00:00
we open up a new file,
00:00
we enter a transaction,
00:00
whatever that may be, however we create.
00:00
This is the beginning of the life cycle.
00:00
But we almost immediately move into storing data
00:00
because as we create that is stored temporarily in RAM.
00:00
That's primary storage.
00:00
Then later we'll move it into permanent storage,
00:00
storing on our hard drive or
00:00
some other device or a network share.
00:00
But, create and store go very quickly together.
00:00
Even if it's just that primary storage and RAM.
00:00
I will also mention for create, it's also modify.
00:00
If you create something from scratch, absolutely.
00:00
But also when you open a file and make a modification
00:00
and then of course that modification is happening in RAM,
00:00
and then when you save,
00:00
it'll go into storage as well.
00:00
So that create store can look a
00:00
little bit differently than
00:00
maybe necessarily you think about it.
00:00
But, those are our first stages of the life cycle.
00:00
Then of course, the data is going to be in use.
00:00
We're going to process the data or
00:00
we may use it or manipulate it,
00:00
however that may be,
00:00
then we share the data.
00:00
So put it out on the network, upload, download,
00:00
transfer, archival, and then destruction.
00:00
Throughout all of these phases of the life cycle,
00:00
we have to provide
00:00
an adequate degree of security throughout.
00:00
Of course, very important
00:00
that we consider all these phases.
00:00
If you look at the phases, of course,
00:00
the sharing phase is going to be
00:00
the one that is most significant,
00:00
most vulnerable,
00:00
because the very nature of sharing
00:00
>> is to make available.
00:00
>> Of course, if we're trying to lock it down,
00:00
so to speak, that's just in contrast to sharing.
00:00
A lot of our focus of this class and a lot of focus and
00:00
information security is protecting
00:00
data in motion on the network.
Up Next