3 hours 20 minutes
really good. Important countermeasures. Besides, humans are following good cyber practices.
This is very, very important because, you know, the cyber practices there for a reason. Standards exist for a reason, and it's because they work. You know, No one. No one has a cyber practice simply because they won't want. You know what I mean? So important things
when it comes to start practice our understand your security policies,
understand the things that you're allowed to do, what you're not allowed to do and that that right there, if you follow the security policies in your organization, you will be fairly safe.
Definitely backup your data. Most organizations and computers kind of back up their data automatically if you're in like a work environment. But even if you're in the home environment, you want to make sure your data is backed up. You know, if you're at home, you have a computer. Either get a flash drive, flash drives on fair, expensive, and you can just back up your data.
Me look on a weekly basis monthly basis, whatever you want to dio
this way from the captain's your computer if it gets infected, If everything has to get deleted or something happens, you still have your data update when updates are available. You definitely want to update
when updates are available because they're there for a reason. Usually, updates contain security fixes and security patches
that can really keep you safe. So if you don't update, then that's when you start getting into problems. And obviously, last good cyber practices toe have good password management. This is one of the most important cyber practices,
because passwords are used for pretty much everything when it comes to be there logging onto a network
doing something on the Web accessing restricted areas it's usually a password is what is required to get in. And unfortunately, most people don't have good password management.
So let's talk about password management. Why is it so important? Um, well, because of this picture of this infographic right here now, these times and everything are obviously changing. Was computers get faster? Stronger? But this is why it's important to have good password management here.
So this is the logic behind having a password. That's 8 to 16 characters long, you know, upper case, lower case one number one symbol, And it's because because because of brute force. So
password, password, crackers. They can definitely try hundreds, millions of passwords, a second, different combinations.
So that's why you need large character size. And then you need the length this Well, so as you can see from this infographic,
if you have a password length but a small character size really doesn't take too long.
When you start increasing the character set
and you start increasing the length it creates mawr and Mawr combinations, which will take longer and longer to try to figure out.
So password management, I understand, is difficult. But thankfully,
it doesn't. It doesn't have to be right. You condemn it. We choose a good password without, you know, using password using password as your password. Right. I like to follow this password creation technique here on the right. It's where I pick a phrase. So, for example, I like the phrase I was born at night, but it wasn't last night.
so you can take that phrase and then you can take the first letter of each word. So then you get this weird. I will bun oven in
whatever that means. Right? Does it doesn't mean anything to anyone if they're just looking at it. But it means something to you because, you know it represents the freeze. I was born at night, but it wasn't last night. And then from there you can either Sprinkle in some numbers or symbols. At the end. You can put the time of day you were born, or you can use,
you know, some type of symbol or the date you got married or some something like that.
And then from there you're good to go. It's password. It doesn't make any sense to anyone who's there. Um,
and you know, it only means something to you. And obviously it's random. It's got the length, and it has upper case. Lower case number symbols, etcetera.
So with matter where countermeasures,
sometimes even the best laid plans go haywire. So sometimes things do get past humans and you know, But that's OK. That's OK. Humans. Humans are not perfect, and this is why we have security products. Security products air there as the backup for human beings,
so the 1st 1 is known as a firewall. This is the obviously one of the most widely used and most widely recognized um,
security devices that Siddle networks sit on computers, and basically firewalls are devices which restrict Web traffic between the network and the Internet.
So information are, you know, Internet information and Web traffic. They have to come through. A firewall on a far wall is really just one big thieve it as like a big warehouse where information comes through the warehouse and you know that the object is to get through the warehouse.
But the firewall determines
what is allowed in
what is allowed out
what's going on and then from there. If something is allowed to go through, it can forward that information to the correct spot.
Another security product is honeypot. Honey pots are a network resource, which are set up to attract Attackers. So honey pots are like tempting devices are easy, low hanging fruit targets that kind of sit on your network. Um, the whole point of a honeypot
is to trick Attackers into thinking they are accessing. Good resource is one of reality.
They are not. So if you put a honey pot on the network and then nobody touch. So this is like a tempting machine. This is some type of unprotected server. This is something that you pretended, you quote unquote pretend like you forgot about and to the attacker. If someone breaks into your network, they see it. There I go. Oh, my gosh, look at this.
Wow, these guys, there's no There's no security on this device.
So then they try to start pulling information from that device, while in reality, you see that information, you see them, someone's playing around the honey pot. And that's how you know that someone that's not supposed to be on your network is on your network.
A couple more really good countermeasures are proxy servers, which is a server, which gets Internet Resource is without exposing the client to the Internet. So it's kind of like 1/3 party, which does all the work for you. So if you want to get some sort of information from the Internet,
you go to the proxy server. Okay, proxy.
Can you get me the latest information from anywhere, right? The latest sports information of your favorite team proxy server goes, Oh yeah, sure, not a problem. And then the proxy server will go to the Internet, pull that information from the Internet,
and then it'll pass it back to you. So this protects you from the Internet, and the Internet has no idea that you even exist. So proxy servers keeping to keep information and make information requests on your behalf. Our proxy servers also have.
They also cashed the information that they receive.
So if you ask for the same request later and the data hasn't changed, it will just send you. It's copy of the information that I got for you the last time.
There's also anti virus. This is your basic generic software, which tries prevent malware from installing or executing on a network.
In this video, we discussed different types of malware,
good cyber practices and common security products.
This type of malware tries to spread across the network by cloning itself.
Is it a virus?
Be a Trojan,
see a worm or D a logic bomb.
If you said see, then you are correct. Remember, worms are self contained programs that don't need any other programs in order to work. So when they want to clone themselves, they just make a copy and boom, they're off across the network on to the next machine.
I hope you guys learned a lot in this lesson, and I'll see you next time
CompTIA A+ 220-1001
This CompTIA A+ training covers the 220-1001 exam components needed to earn the CompTIA A+ ...
12 CEU/CPE Hours Available
Certificate of Completion Offered
Penetration Testing and Ethical Hacking
The Penetration Testing and Ethical Hacking course prepares students for certifications, like CEH. This course ...
7 CEU/CPE Hours Available
Certificate of Completion Offered