Time
4 hours 51 minutes
Difficulty
Beginner
CEU/CPE
5

Video Transcription

00:00
So I mentioned evaluating network traffic in performance, So I'm just some tools that we can use to do that. Solar winds is one that's popular along with wire shark. That will kind of take a look at today and then cast a packet on analyzers. Well, so essentially what we're doing is we're taking the information. We're capturing it,
00:17
looking at it, you know, we're having our computer systems, look at it
00:21
and then you flag it for alert, depending on what we're seeing in that particular package
00:27
back up. So I mentioned there's different types of backups. You know that you'll see out there for most organizations performing a full back up like every single day. It's not, you know, pragmatic, you know, as far as resource is and costs etcetera. So you'll think you see things like incremental backups would back up from the last change, and then you'll see things like differential backups Will will actually back up
00:47
everything since the last full backup. So
00:49
you know what's nice to change something today and I change something tomorrow. But the last book up back in my day, it was a month ago. It's gonna basically back up all that stuff and not just a change from today to tomorrow.
00:59
And of course, full backup, you know, is the name applies way back up everything. You know, it's a fullback.
01:03
It doesn't mention cost is a huge factor for companies in determining how they back up their data.
01:11
So politicians and regulations. So you know, of course, any type of legislation that you need to follow internal policies, you know, or, you know, industry regulations. So things like PC idea says, You basically just need to make sure that whatever you're doing with your network, that's your, you know, doing the right things right now. And that sounds like an easy answer. But that's reality.
01:30
We need to make sure we're following. So, for example, if I work for a hospital, I need to make sure that whatever I'm doing as faras network traffic that I'm encrypting patient data. So that way it's not there for you, Joe or myself to grab. Assuming we were criminal hackers, which were not. But, you know, we want to make sure that the data is encrypted
01:49
because if we don't and auditing comes in or a regulatory body comes in the, you know, the organization could face fines. We could potentially look at criminal charges, depending on you know, the circumstances of what we were doing,
02:01
what the law is actually say, stating we have to do so there could be potential violations of actual criminal law there as well. So no sense in getting your messed up in all that stuff. Just do the right thing. So, you know, having never security policies to talk about data encryption, you know, hardware, encrypted data. Are we doing it in transit and at rest, which we should be doing?
02:21
What data are we encrypting? Because if I'm just, you know,
02:23
sending Joe the latest like Taylor Swift songs, we don't necessarily need a script that. But if I'm sending Joe, you know, like my using prospered for some reason via email, I don't know why, but if I am, you know, or if I'm sending him, like, you know, patient data that we obviously want to make sure that's more secure,
02:38
having, you know, policies on data, retention of destruction. So specifically since my background is primarily healthcare, you know, you have to retain Davis for a certain amount of time So we have to maintain that patient records in some capacity, like a paper level in some institutions, like a physician's office, for example, and then that
02:58
those records then have to also be stored.
03:00
You know, they could be stored offsite for purity time as well before they can actually be destroyed. Now, there are some records that can never be restored. Destroyed, Right. So we have to understand all those components as even as a network engineer. So that way, as we're, you know, dealing with this data that's trout traversing our network. We could make sure we're making the appropriate decisions.
03:20
Then, of course, you know, acceptable.
03:23
Are we letting people just access everything. You know, Anybody take a look at never traffic or people accessing servers that shouldn't be etcetera. Center. A couple of regulations said that I pulled up there. So gpr is one that most people have probably heard about in the media the past few years. So basically that just opens up in the U. It opens up people, too,
03:43
be able to have more control over their data. I'll just summarize it like that
03:46
because I could be a whole entire session on. Absolutely. I believe we have a class coming up about the Judy PR. We do, we D'oh! It's gonna be coming up in the next few months s O that will allow you to take a deeper dive. If that's a passionate subject for you, you could take a deep dive into that and understand it a little better
04:01
on then. Of course, you know state regulations as well. So not just at the federal level. Or, you know, even the international level with, like, GDP, our state and local level. So, you know, House Bill 11 28 in Colorado, which you know, adjusted time to report for, like, reaches and stuff like that. So, you know, and there's a recent with California's well, so
04:20
just understanding from the concept with laws and regulations and, you know, policies that we didn't make sure we're staying abreast of all these things. Now, as a network engineer, you're probably not gonna know every single regulation that's available in every single state. But that's where you put the burden on your legal team or, you know, your compliance team to guide you in the right direction.
04:42
Security of our network so things like the CIA triage, confidential, a season confidentiality, integrity, availability of our data. Data loss prevention is a big thing. So that way, you know, if I'm if I'm a bad person and I'm working at your hospital, I'm not, you know, taking out a bunch of patient data and you have no clue about it. So things like limiting file size that could be taken out,
05:00
things like monitoring for after hours,
05:02
file transfers or people e mailing to their private email addresses, or even just blocking that type of stuff blocking social media, blocking personal email access. So all those things air components of data loss prevention,
05:16
having firewalls, right? So that's part of our defense in depth that we kind of talked about the very, very first session firewalls, you know, interesting detection systems, intrusion prevention systems. And most in most cases, those were combined antivirus sent and malware on our host systems and on our servers
05:32
honey pots. So that way we can see, you know, and different networks. If you want to use those, we could see what the bad actors are potentially doing, you know? What data are they going after? How are they doing it? And that way we can potentially mitigate those issues. Now, I will say on that point. And Joe Top probably talk about this a little more when we do the pen test module. But
05:50
a good skilled criminal hacker won't really fall for honey. Or if they do, they're doing delivering things toe
05:57
to confuse you. And then they will attack you some other way. So
06:00
we could definitely for the average honeypot, I will definitely agree. I have seen some truly impressive ones out there. But by and large, honey, potting is ah is a very tricky art.
06:11
Yes, yes. And that's why I like that. I like that description. Heart? Yes, definitely. Yes.
06:15
I kind of like a fuss. Using a father simply
06:18
Absolutely, never. Segmentation is a huge thing for security on That helps significantly. So I mentioned v Lance earlier on. That's one way to do that. And that separation of duties. Right? So if Joe and I were both network engineers, you know, at Cyberia, for example, and you know, we both had the keys to the kingdom. That's probably not a good thing
06:36
or just one of us had keys to the kingdom. That's probably not a good thing. So each of us should
06:41
have to check the other in the process. For example, if I wanna, you know,
06:46
do some work on this particular database server who should be a check and balance where Joe has to come put his credentials and as well to verify that I'm actually, you know, doing what I'm supposed to be doing and not just leading all the date on the server very often, especially if you work in the government. You're going to hear that referenced as a two person integrity,
07:02
that is, that is a core part of security and a lot of places where data
07:06
did integrity and data Security is extremely important. Say you're gonna hear about T. P I all over the place again, especially if you work in the public sector.
07:15
Yes. Yeah, and many of these foundational things joking. Attest to it. Many of these foundational things you get kind of drilled into your skull in the military or government sector to make sure you're doing the right thing, because obviously the data, you know, it's a little more,
07:30
you know, a meaningful for a bad person. to get that data versus, like, pictures of my cat. Right? So, you know, I think that's most important pictures of my cat, but still gotta protect the cat. Yeah, exactly.
07:43
So just just understand all that components. You know, there's there's a lot more that goes into the security network, but these were some common themes that you probably see if you decide to take this career.

Up Next

Introduction to IT & Cybersecurity

In this FREE IT and cybersecurity training for beginners, you will learn about the four primary disciplines of information technology (IT) and cybersecurity. This introduction to IT course is designed to help you decide which career path is right for you.

Instructed By

Instructor Profile Image
Joe Perry
Senior Technical Instructor at FireEye, Inc
Instructor
Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor