Hello and welcome back to Cyber is cop here certified advance security practice news certification, preparation course.
This is a continuation of margin number one, which deals with risk management.
We're gonna continue our discussion of understanding security concepts,
which again was still discussing Section one. Understanding security concepts,
these and objectives that encompasses again this section one. So we will continue on in our discussion.
Let's begin by taking a look at vulnerabilities. Vulnerable is a cybersecurity term that refers to a flaw in your system that can leave it open to an attack. Other words of vulnerability is a weakness. A vulnerability can be also referred to any type of weakness and your computer system itself,
and a set of your procedures or anything that leaves your security exposed to a threat
force the identification off risk. The first step is to generate a comprehensive list of threats sources. Yet to look at your risk or risk is a total bargain, certainly, and events that might impact the chief of each of the objectives have been identified in the definition of scope and framework.
When you look at a risk, it could be characterized by origin of the worst the activity event or incident.
Also, look at the consequence specific reason for the currents, where to look at what type of protective mechanism or controls that we have in place and also the time in place of occurrence. Now, one of the things that we often time overlooked and most people don't think about is a term called defence in depth.
That means implement what we call multiple layers of security. Defend your assets
that weight that even if a tackle, for example, he was to breach one layer defense, you have additional layers to keep that person out of the critical areas of your environment. So defence in depth isn't opposed to cyber skirting, which a series of defensive mechanism are layered in order to protect your value of data information.
And we met before they have one of those methods fail. Another steps up to take place
take its place. In other words, so how does defense and network? It's a layered approach to security. They can apply to all levels your I T system, from the loan laptop access to admit from the coffee shop to the 50,000 users enterprise. Other words that comprise your wife of your network.
You look at the first in depth can significantly improve your security profile.
No organization can ever be fully protected by a single layer of security.
While one door may be closed, others will be left open and hackers will find these vulnerable is very quickly, higher. But when you use a series of different defense that together, such as a firewall, your mayor well, Scanner's your intrusion. It takes and systems your data encryption and taking autumn in solution
What you do. In effect, you faked it. Close the gaps
that had created by relying on a single security solution.
This brings us to some key standards and guidelines, not opposite Jesus, different types of guidelines that come to play particular when we look at security, for example, on Mission A few. Here we look at the publication more 99 deals with security categorization. Then we have the next Special publication 800 as 30 deals With this assessment,
we have the next special kept publication, 837 which deal with system
risk, magic, tight framework. So you may act. What looking chose controls include any process policy device, practice or any other action that modify the risk. So what it does provide a reasonable assurance that business objectives are chief
and underside events or prevented they detected, and also there dressed as well.
Now for the count. Imagine account images, any action or method that is applied to prevent advert or reduce potential threats to your computer servers, your network, your operating system or your increases systems, condiment tools, inclusion, antivirus software as well as your firewalls and an I T system.
Multiple kind of measures May be applied for enhanced security
Protector. Can't imagine, maybe in a form of hardware or software. Some examples could be your routers. You can You can mash you again. You're in it protocol. Address I p address. You have your anti virus or anti spyware applications where they do they protect against malicious software. Mayor were
including the various viruses, Children's and at work.
We also have some behavior techniques applied by user to deter threats such as suspicious email attachments we have on file oil, which will facilitate authorized network access. We also implement what we call intrusion detection system that prevent and or block, not devise a system access.
We have physical security, especially enterprise.
If events the hackers and network again from obviously circumvent your various technical Joe's on security controls that you may have in place so again, it's any price I to serve to counter specific threats can be considered a target control. Out of worse, the gold is reduced internal threat.
You can also reengineer our modified to architect, or you can
implement with some type of awareness program for your employees. Now, despite all your best effort, you still go encounter what we call residual risk. Resisting arrest is risk that remain after you have apply controls. It's not feeds with limit all the wrist. Instead, you take steps to reduce the risk to acceptable level.
The risk that is left is considered what we call residual risk.
So basically residual risk any races left after we have mitigated risk using embarrassed controls and kind of marriage is that we mentioned in previous slide, and that turns into what we call risk acceptance.
Now I see your manager's response for any losses due to residual risk. Obviously seeing mandated side whether risks should be avoided, transfer, mitigated or accepted. They also decide what controls implement any resulting loss duty. A decision falls on their shoulders.
Now. Force the goals and physical security there. Several other goals to keep in mind when again designing your physical security plan. Now remember, we just cannot think about logical security. All said, the thing about physical security.
Physical security described Marriage is designed to ensure the physical protection of your assets, like your facilities, your equipment, your personal resources and other properties from damage and authorized physical accents access. In other words, we can you last communication
site security must address the need to identify and authenticate the user who is permitted to access an area.
We can also implement access gun show once that person. If I has been proven and authenticate the site, security must determine what areas that person has access to. We also want to implement some former oddity site security Must also about the billy toe Are active is within the facility.
This could be done by reviewing your camera footage. Take a look at your badge readers. Log your
visas, visitors, registration laws or other types of Magan ISMs, mechanisms that you can put in their place now. Fours are physical premises for the purpose of this lesson.
We're gonna break the physical problems into three nautical areas. We have our external perimeter. We have an internal permanent as well as your secure areas. The first woman begin discuss is external perimeter security.
Now your external perimeter security is a first line defense surrounding your office. Some common security Majesty may encounter with respect to organization. External permanence include May want to implement some security cameras,
parking lot, likes permanent fence Gatewood guard gate with access badge readers and also got patrols.
This brings us to internal security permanence
internal security permanent Start with the building walls and exterior walls include any internal security managers with the exception of secure areas within the building. Now some of the features you may use You have locks on the exterior doors. You have security cameras, badge readers
guard deaths and patrol smoke detectors. And so he also can imprint. We call man traps. So these what we call internal security perimeters
now forth our secure areas of concern these air than not restricted to external attacks but also limit to internal employers access
in this case what you want to invent some type of badge readers keep Ask biometric technology opposite very useful fingerprint scanners. You wrecked the scanners and so forth. You might want to implement some security doors, X ray scanners, metal detectors, cameras, all of these things again, areas that are not only these areas.
Other words to my security. These areas not only
do that's only script to external attacks, but also looking at protect that in turn, employees access. So again, we're looking employers within our organization. So we definitely look at our internal security access as well.
We also of events. An incidence now event is an action that occurs. Add resort. We use our order another source, such as a mouse being click or a oh, a key being press. In other words,
now for the incident. If you go back and look a Iittle 20 to 2011 it defines it as an unplanned interruption to an I T service or reduction in the quality of a nightie. So that's what you consider what we call an incident. I'll see an incident in an event a different lifetime. People didn't believe that
an event and menses oneness, saying that's not the case,
So an incident is an event or serious event that is unexpected. Usual, that poses some meaningful threat to the system, function, performance or security, while other hand Justin mention reiterate an event is Julie speaking? Is any meaningful change in the system state as both detectable and happens at a specific time?
This brings us now to our post assessment question, and the question is as follows
your owner's a Sense Recently implemented several new security policies in response to recent risk analysis. One of new policy states that controls must be configured to protect fouls from unauthorized or accidental deletions.
Which aspect of security does this new policy address does? It is a comfort of galley.
Is it see availability or de authorization?
If you selected Be, you're absolutely correct because Configure chose that would protect files from unauthorized or accidental deletion addresses. Data integrity.
During this particular course of instruction section one dealer would understand. In security concepts, we discuss the state of inmate security today.
That's what is the CIA triad. We learned to classify assets.
We also discussed qi standards and guidelines controls as well as kind of marriages.
Look at the goals and physical security and lastly defined what events mean as well as incidents
in the upcoming video.
We'll be moving on in our discussion off section number two. Again, we're still discussing marginal one which deal with risk management. But the next section would deal specifically with understanding, threats and vulnerabilities.
I look forward to seeing you in the next video.