2 hours 27 minutes
welcome back to intermediate endpoint Security. Course, in this lesson, I'm going to talk about protecting operating system. So in details, I'm going to talk about types of attacks saying that operating system and how to protect operating systems.
So what kind of attacks do we have? We have exploits one of the typical exploits that we had These like, I wanna cry. It has Bean known for pretty much everybody who is in security business. Wanna cry, is couple of years old and I mean in 20
you know, rogue in a couple of years old, it was used much, much for much longer. Period that and it's basically exploiting a vulnerability in Windows operating system.
Then we have Trojans and other Melber, and, uh uh, these are the main focus. So piracies and rent somewhere of whatever.
And these are two things that are aimed directly at the operating system. We're not talking about viruses infecting
programs. This is part of protecting applications section
eso here, we're going to talk just about these two.
So what is the protection? So 1st 1 is regular untimely OS updates and here we have a problem. Um, and
today and talking just about Windows operating system
and when those has one great thing, which can, for some companies, be also very bad thing,
which is that we have a major Windows update like twice a year.
And this is a cool because then, when those has new features, Windows has new security things that can help you protect your PC. But also, uh,
after a couple off major updates, it is no longer the same operating system like it was when you installed your
So what you have is a situation in which some of your applications might not work anymore.
So big companies, um,
and this is possible. If you have a Windows than enterprise version off operating system
is, they don't installed the first of all, they don't let the PC's. They have
install updates automatically.
Ah, they they completely blocked them. Then they
download the updates. They do the checkup if everything is working,
and after some time they released the update to entire network, and it's usually happening in just one day. From my experience, most of the companies do that over weekend so they don't have them.
Big problem with the network. Ben with over
on on weekdays, which would infect influence the performance off day to day business.
Um, in that situation,
regular, timely, always updates might be bad thing because, for example, some of your custom made applications thank you, my use and typical of example, of that our banks, who have their core banking application
If the core banking application doesn't work on on PCS, bank doesn't work.
Eso they delay these things, but anyway, at least security out that should be absolutely regular.
Then we have anti male where solutions, and regardless of which one you're using, you might have a problem that they are going to fail eventually.
But anyway, you have to make sure that you keep them updated, and the other most important thing is that you test them regularly
so that you have, ah, a couple off species that are not connected to a network or that are not used by anybody in particular. But there they have the same softer configuration, like everybody else in the company,
and then you hire people or you have people in your company who will do the penetration testing,
especially against viruses, and see something gets through. So if something new comes up in the world. You should test your anti malware and see if it's working. And if it's not, you should immediately be on high alert. Contact the anti Mel versus after manufacturer and
make sure that they include that in their protection.
So accept off regular testing off anti Melber. You also have to test or other things, so if you're using softer firewall on the device, you should test. If it's working, you should test the periodically if your users are clicking on links in phishing emails, so you should
be able to generate them by ourselves.
So you should basically use do periodical pen testing on a random sample of your users. My recommendation is that it is done twice a year.
Sometimes it's too much because it costs money, especially if you have to hire somebody from the outside to do it.
Uh, but that's Ah, this is the only way to know if your protection work because
it's like, for example, if you have uninterruptible power supply and
you say OK, I'm safe. If power goes out and then power goes out and you realize the battery in that ups is dead
and then you say, OK, that's bad. So when you have interruptible parts supply, you periodically checking batteries. Okay, here is the same thing you have. Ah ah, safety protocol and you have to test if it works. Otherwise, you don't know if you're protected or that.
So let's do a short learning trick.
Onda question is what is not a typical and point attack is a text always exploit is it will be in hacking. Or are those Trojans on the correct answer is
we be in hacking VPN Hacking is essentially not Indian point attack. It's a network deck.
So in this video, you have learned about how to protect operating system off a PC from different types of attacks.
This was a general view. I wasn't going into details because each of these types of protection require.
It's essentially a separate course, and this is this Can we can go into very details. I was just giving you the general idea
in next lesson, I'm going to talk about protecting programs and applications on your device