Protecting OS

00:00

welcome back to intermediate endpoint Security. Course, in this lesson, I'm going to talk about protecting operating system. So in details, I'm going to talk about types of attacks saying that operating system and how to protect operating systems.

00:16

So what kind of attacks do we have? We have exploits one of the typical exploits that we had These like, I wanna cry. It has Bean known for pretty much everybody who is in security business. Wanna cry, is couple of years old and I mean in 20

00:37

you know, rogue in a couple of years old, it was used much, much for much longer. Period that and it's basically exploiting a vulnerability in Windows operating system.

00:48

Then we have Trojans and other Melber, and, uh uh, these are the main focus. So piracies and rent somewhere of whatever.

01:03

And these are two things that are aimed directly at the operating system. We're not talking about viruses infecting

01:11

programs. This is part of protecting applications section

01:15

eso here, we're going to talk just about these two.

01:19

So what is the protection? So 1st 1 is regular untimely OS updates and here we have a problem. Um, and

01:30

today and talking just about Windows operating system

01:36

and when those has one great thing, which can, for some companies, be also very bad thing,

01:42

which is that we have a major Windows update like twice a year.

01:47

And this is a cool because then, when those has new features, Windows has new security things that can help you protect your PC. But also, uh,

02:02

after a couple off major updates, it is no longer the same operating system like it was when you installed your

02:09

you see,

02:10

So what you have is a situation in which some of your applications might not work anymore.

02:20

So big companies, um,

02:23

and this is possible. If you have a Windows than enterprise version off operating system

02:29

is, they don't installed the first of all, they don't let the PC's. They have

02:36

install updates automatically.

02:38

Ah, they they completely blocked them. Then they

02:45

download the updates. They do the checkup if everything is working,

02:50

and after some time they released the update to entire network, and it's usually happening in just one day. From my experience, most of the companies do that over weekend so they don't have them.

03:07

Big problem with the network. Ben with over

03:10

on on weekdays, which would infect influence the performance off day to day business.

03:20

Um, in that situation,

03:23

regular, timely, always updates might be bad thing because, for example, some of your custom made applications thank you, my use and typical of example, of that our banks, who have their core banking application

03:36

If the core banking application doesn't work on on PCS, bank doesn't work.

03:42

Eso they delay these things, but anyway, at least security out that should be absolutely regular.

03:52

Then we have anti male where solutions, and regardless of which one you're using, you might have a problem that they are going to fail eventually.

04:03

But anyway, you have to make sure that you keep them updated, and the other most important thing is that you test them regularly

04:14

so that you have, ah, a couple off species that are not connected to a network or that are not used by anybody in particular. But there they have the same softer configuration, like everybody else in the company,

04:30

and then you hire people or you have people in your company who will do the penetration testing,

04:34

especially against viruses, and see something gets through. So if something new comes up in the world. You should test your anti malware and see if it's working. And if it's not, you should immediately be on high alert. Contact the anti Mel versus after manufacturer and

04:56

make sure that they include that in their protection.

05:00

So accept off regular testing off anti Melber. You also have to test or other things, so if you're using softer firewall on the device, you should test. If it's working, you should test the periodically if your users are clicking on links in phishing emails, so you should

05:19

be able to generate them by ourselves.

05:23

So you should basically use do periodical pen testing on a random sample of your users. My recommendation is that it is done twice a year.

05:35

Sometimes it's too much because it costs money, especially if you have to hire somebody from the outside to do it.

05:43

Uh, but that's Ah, this is the only way to know if your protection work because

05:49

it's like, for example, if you have uninterruptible power supply and

05:55

you say OK, I'm safe. If power goes out and then power goes out and you realize the battery in that ups is dead

06:02

and then you say, OK, that's bad. So when you have interruptible parts supply, you periodically checking batteries. Okay, here is the same thing you have. Ah ah, safety protocol and you have to test if it works. Otherwise, you don't know if you're protected or that.

06:21

So let's do a short learning trick.

06:24

Onda question is what is not a typical and point attack is a text always exploit is it will be in hacking. Or are those Trojans on the correct answer is

06:38

we be in hacking VPN Hacking is essentially not Indian point attack. It's a network deck.

06:45

So in this video, you have learned about how to protect operating system off a PC from different types of attacks.

06:51

This was a general view. I wasn't going into details because each of these types of protection require.

06:59

It's essentially a separate course, and this is this Can we can go into very details. I was just giving you the general idea