Time
2 hours 9 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
welcome back to acid security course, and in this lesson, I'm going toe. Continue talking about how to protect physical assets,
00:08
and in this lesson, I'm going to talk about just how the correct idea equipment on the physical side.
00:16
So when we talk about idea carpentry, just recalculate the types of fighting equipment, which are we going to talk about protecting? So first of all is
00:26
desktop PCs
00:28
and because of their size and, uh, the way they're there,
00:34
contained in the end of the office space,
00:37
they're hardly to be stolen unless somebody physically breaks into the office space, comes with the truck or when, and then start stealing PC's.
00:48
But that part is not focus of what we're talking in this course. So this is part of physical security, and the physical security is one completely different
00:59
field. And, uh, it's not so important from for from I t standpoint. But what is important from my standpoint, is that the configuration of the PC isn't change. So if somebody manages to sneak in the office or if it's a disgruntled employee or whatever,
01:19
they can take parts from the PC. For example, if a PC has eight gigabytes of RAM. It's usually
01:25
to the modules for gigabytes. So if there are 100 pieces in the in the office and they take one of these, PC will still work. They will, sometimes low slightly, works likely slower,
01:40
but they will work. But if you don't have anything to track it, you you might be ripped off without even noticing for quite a while.
01:52
The rial subject off I t security in terms off physical protection, our mobile devices. So no, by noble PC's tablets and mobile phones,
02:02
because they can be lost and they can be stolen. And there are two different approaches when you try to protect them from. Actually, they're not. Don't go to different approaches. There is one single approach, but two different things you're looking for in case if they're lost or if they're stolen.
02:23
As for service and networking equipment, they are usually saved a sit in in the server room unless they're not, in which case they should be.
02:32
But the situation in which they can be stolen is when when there is some kind of emergency. For example, if there's an air freight going on and everybody's leaving the building which is not so likely. But if there is a fire alarm, everybody will leave the building
02:51
and then the server room might stay
02:54
open.
02:55
Uh, it's usually why did, by having the door automatically close when they are
03:04
when there is nobody holding them. But also, there should be some kind of sensor checking if there are people inside the server room. And if there is nobody there and there is some kind of emergency you went happening inside the office,
03:21
then these or should be locked with some additional security. Usually the doors of server room are secured with some kind off card key or physical walk.
03:34
Uh, but there should be additional step to security if there is some kind off emergency situation happening off course, the main priority is to keep people safe. So if there is somebody in that room
03:49
or you are not sure if there is somebody in the room, no additional procedure should be there. So this person should be able to get out
03:57
easily.
03:59
Um, the other
04:00
component of fighting equipment our printers, network scanners, copiers, multi function devices, especially those that sit in the whole Andi, sometimes not sometimes but in quite a lot of cases, they were stolen by people pretending to be a repair crew,
04:20
and they come in this year on. We cannot repair it on site. We have to take it to the Service
04:26
Depot
04:28
and they just walk with it outside. So sometimes these things have deals and they could be just pushed, pushed outside. So it's Ah,
04:38
it's a thing.
04:40
Uh, if nobody's
04:42
careful enough in your company of security people, people at the reception, this might happen, but you should at least have a track off what has happened?
04:50
So we come to the
04:54
first thing about protecting right equipment, and it's some kind of asset management software. And basically, asset management software is a piece of software that usually sits on one of your servers. Or if you have just one on your server
05:09
and that software is there to track her old devices, I T devices in the company.
05:15
It's usually not happening because sometimes these Softwares air built just attract, for example, PC's. They could be no books. They can be desktop PC's, but, for example, printers, it's usually happening that people are using a difference off there for for
05:34
printing devices.
05:35
In those cases, you need both of them and these Softwares there should be able tow truck if they're there. If some device goes off line, it should be able to
05:47
notify some administrator about that.
05:51
And let me just show you, in short, how one of these Softwares work there. Quite a lot of them on the market. Some of them are really expensive, some of their free. Some of them can come with the operating system on the server itself.
06:10
But let's see just one example and how it can track the devices and what's inside devices.
06:17
Okay, so this is the example off
06:23
Asset Management's after this one. I'm showing you is called spice words there, quite a lot of them available on the market. Some of them are free. Some of them are paid. This one is hosted locally Sona Server that is hosting this thing network.
06:39
But the access to the Spice Works server is through Web interface through a browser. So this is the main consul off the Spice Works Asset Management tool. And what you
06:56
you can see here are the list of the devices that are
07:00
on the network in order for device to be seen here. It has toe have agent installed,
07:09
which is sending information to the server.
07:12
And here you can see the general information about the device so you can see the manufacturer. You can see the model device type, which is laptop. You have the purchase date, and when you click on configuration,
07:30
you see that this device has
07:31
core I seven processor. It has eight gigabytes of memory, and it has Windows 10 pro operating system anti viruses
07:44
Kaspersky
07:46
anti virus. So let's look at the other machine, some other machines. So let's choose, for example, this one.
07:57
And when you look at this one, it has been those defenders, so default with those anti virus. It has four gigabytes of memory,
08:07
and what we can do for each of these devices is Quicken notes. Here and here. We have the original configuration of this device, so it should have eight gigabytes of RAM. It should have one SST 240 plus
08:24
one hard driver is cereal 80 a drive
08:28
of 500 gigabytes, and it should have Woodrow 600 BC I express graphics card.
08:37
So when you click on configuration here, we can see that the hard drives air here. The size of the difference in size, you see, is because of the former thing. You see the
08:50
description of the devout, the network interface, and essentially everything thinks you. This the why should have is there except eight gigabytes of memory. So we can see now that this device has been tempered. Now, if the administrator or somebody from
09:11
service grew did that on purpose,
09:13
then it should be here in the notes. But because it isn't, we can now say, for example, that somebody has taken for gigabytes of RAM out of this machine.
09:26
So thistle is the way the asset management can monitor desktop machines, notebook machines.
09:37
Okay, you have seen how the software works, and you have seen, for example, that it can see all devices on the network. You can. You have seen how it shows the last time the server has been communicating with the rice
09:54
and you have also seen that we can see the exact configuration of the device
09:58
it's achieved by installing three agent on on PC, so we can see what the device, the West name, where it's located and of course, what's the configuration? So you can also see that when you have the supposed configuration and there is a difference between that
10:16
and what is actually in the device, the administrator can see these things and act appropriately. So
10:24
try to
10:26
notice when the change has happened and
10:30
and toe to see when somebody took some memory, for example,
10:35
out of the two ways.

Up Next

Asset Security Fundamentals

As a cybersecurity professional, it's often your responsibility to set security standards for your organization. In the Asset Security Fundamentals course, you will identify what types of assets need protection and the job roles that are involved.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor