9 hours 49 minutes
Okay, folks, we're doing terrific and moving on to Chapter six,
we are moving on to Chapter six, so the end is near.
My personal favorite of all the modules is Chapter six because we talk about network security.
That's a subject that's near and dear to my heart.
I think it's such a critical focus of the world today that we really need to pay attention to and become more cyber security minded.
We start off with some ideas about physical security because, as important as cybersecurity is and we don't lock your doors doesn't really matter.
Then we'll talk about controlling access to resources. One of the main ways that we control access to resources is through authentication.
Before you gain access to a resource, not only do you have to identify yourself, but you have to provide some sort of proof of authentication,
and we'll talk about different types as well as single sign on and what we mean when we say Federated Services.
The next topic we're going to look at is common network based attacks, types of malware definitely look for those to be on the exam,
and we'll cover things that we have to be aware of, and we're trying to protect our resources on a day to day basis.
Then we'll talk about access controls, which is going to be how we control what a subject can do to an object.
What are the ways that we can enforce security within our environment? So we have a better chance of mitigating risks that we talked about earlier
with prevention devices. We're going to put controls in place that you have to pass through in order to access the resources.
Maybe you need a badge to allow you in a certain room or you have to provide a thumbprint.
We've also got smart cards, memory cards.
You can see a key fob as a one time token generator, where you have a one time password and, of course, door locks.
Those are all proactive means of physical security.
Detection controls are after the fact.
This is where we get our alarm systems, motion detectors and video surveillance.
This is also our burglar alarms tamper detection asset tracking in any sort of after the fact control
CC TVs, for instance, would be after the fact.
We also want to talk about surveillance with surveillance this is often a detective control.
We might surveil an area, then pull the tapes after an event has happened
a lot of times looking at correlation with an event. But it's often offered to the fact
we keep in mind that a threat to physical security can be devices that end users, employees, contractors or anyone brings in to conduct surveillance internally.
A lot of organizations don't allow smartphones because they have the cameras in the word quarters.
We have to think about using surveillance to help us, but also be aware that it can introduce the threat into our network.
We've got to track our assets and know where our devices are.
We keep inventories and verifier inventory from time to time.
You make it easy for employees to check out equipment if that's within their rights. Sometimes we use barcodes and let them scan devices out
or R F. I. D. S. We can track our assets with tags that we can have a global positioning systems that can locate a specific asset anywhere on the globe. This is just part of an inventory management system.
Badges are how we control access in and out of buildings, often with swipe card badges or perhaps proximity badges
you don't actually have to swipe. You just have to put it up to the reader.
These devices are a good step towards physical security.
Over and over, we see employees piggy back in and on somebody else's cards wide.
To add to this, we might have a security guard who monitors aggressing ingress traffic.
We might have to set up a man drop, which is that area of dead space. Before you enter a building,
you go through a set of doors. There's some dead space. Then you go into the actual building. These in and of themselves are fairly easy to get around because many people just hold the door for the person behind you.
We want to add a little additional security with the badges
locks. They don't really make prick proof locks. They make pick resistant locks. The amount of money we're going to spend on locks depends on what we're protecting.
We have the traditional pen and tumbler locks. We have cipher locks. We have cable locks for specific devices or locks cater to a specific form factor.
Physical locks are good security mechanism.
We keep in mind that most any law can be compromised at any point in time.
It's all about how we use the lock and what our goals and expectations are.
It's just another single layer of defense or old joke. Used to be. What's the weakest part of any lock? The answer is the person that holds the key. That's so true, he's gonna be lost. He's gonna be shared so good. Key management is important as well.
The big takeaways with physical security. There are devices that we put in place to prevent and deter crime theft. Compromise. Our preventative mechanisms we have are locked doors. We ever surveillance systems we have are locked doors, man trapped security guards. We think of fencing.
These are some of the things that are designed to prevent with deterrence. We have our signs like Keep out! Beware of the pug.
There is no sign out there that says, Beware of pug. I have a pug and they're quite harmless creatures. A well lit building is a deterrence. Attackers want to see a darkened area so they feel safer for detection and correction. At that point in time, Those are the things that are after the fact. So burglar alarms, motion detector systems,
any of these devices that let us know an attack has happened. Now a security guard is generally for deterrence, but they can also detect that a crime or compromise has happened and can also be involved in correlation. A lot of these devices may have multiple purposes.
Don't underestimate the importance of physical security. Without it, all the other controls that we put in place really don't matter because our devices will be stolen, misplaced or vandalized.