Time
10 hours 19 minutes
Difficulty
Intermediate
CEU/CPE
12

Video Transcription

00:05
rented of tools are aimed at preventing stopping or blocking attacks.
00:09
These tools can be placed on the network and order Prevent were blocking network based attacks or they can be directly installed on a host system in order to prevent malicious files or actions.
00:18
Firewalls, proxies and intrusion protection systems i PS are examples of tools that can be used to prevent network based attacks.
00:25
Antivirus host intrusion prevention systems and host based firewalls are examples of preventive tools it can be is directly on a system to monitor activities and actions that the user or system takes
00:37
intrusion protection systems. Such a source fire can be used to make decision based upon traffic. Detective
00:43
I. P s different from ideas and that they can do more than simply alert on traffic patterns. The both can detect intrusions based on signatures.
00:51
Actions might include simply alerting, blocking or allowing a certain type of activity. Basic point rule is provided by a user.
00:58
Many ideas slash i PS platforms were you snort,
01:02
which is open source and can't be installed on a variety of operating systems as the underlying sensor and detected an engine.
01:08
I think this can be placed on the network or directly on a host as an application and can't take preventative measures against malicious or other actions and matching no signature or anomaly. Such is receiving a large number of ping requests from an unknown source.
01:23
Firewalls are common network based preventative tool that either allows or blocks network traffic based upon a set of rules that security professional must create.
01:30
In order to do this, firewalls are typically placed as a border device between two or more networks, so that the fire will can inspect all traffic between these networks.
01:41
The most common placement of a firewall is that the public were Internet facing border with the internal network.
01:47
Traffic can be allowed or blocked based on source, destination board protocol or even pay lug. In the case of more advanced firewalls,
01:56
it is important to remember that the far wall is only as good as the rules set provided,
02:00
and these rules must be maintained and revised as operations change.
02:04
Host based fire was accidentally to network based firewalls by inspecting all traffic on a specific system or host
02:09
anti virus or anti. Mauer is a commonly known preventative tool used on many systems
02:15
by using a set of signatures, antivirus and an time our toes monitor or scan various operating system files for known matches to malicious files or software.
02:25
Should've matched me, found
02:28
the file is typically removed or quarantine for later inspection.
02:31
Similarly to the other tools In this topic, antivirus software is only as good as the known signatures. To check against
02:38
a V cannot prevent unknown where zero day malicious files were software if it does not know about him.
02:45
Proxies or wet proxies or firewall like systems and air, sometimes part of a hardware based network. Firewall,
02:51
a proxy makes Web connections on behalf of an internal system says not to directly exposed to the eternal client to the Internet. For Web destination
03:00
application. Proxies can prevent certain types of Web content that might be malicious, such as Web sites that have been known to host. Malware we're having flagged is dangerous
03:07
Web content that simply might not be allowed,
03:10
such as ***, social media or gambling sites.
03:15
Invented of tools are any tool that effectively works to stop intrusions or incidents as they happen, or even before they happen
03:22
Well, these tools can be incredibly useful to a security professional, it is important to remember that they can only prevent what they know about what they're told to look for.
03:29
Only one combined with additional layers of security tools and practices in a best defendant network, its systems and its data further told, demos in this course module are listed an attempt to provide more insight and how these various stores operate and are not meant to advocate for anyone told over another or to test the operations of any specific tools.

Up Next