35 hours 10 minutes
Hello and welcome to Cyber is Conti a certified advanced security practice Tres certification preparation course.
This is a continuation on marginal or two in its title. Bonham Early Management.
These are the letter objectives, which encompasses margin number two.
In the previous video, we begin to price the discussing Bonneville assessment.
In fact, we can continue our discussion in this particular video.
Now I've only assesses, actually Title Section two Bottom reassessment, which again is a continuation.
These are the little objectives at that particular section. In the previous video, we define vulnerably assessment, explain why it's important. We also explain the difference between vulnerably scanning and penetration testing. So let us now continue our discussion by first of all, described the security implications off integration with third parties
and also listed techniques for
mitigate. And it turned those attacks
So we look at third party integration. Essentially, what it is is combining systems and data with outside entities. A lot of times it because maybe you don't have the necessary necessary technical resource is or whatever the case may be, and you may side to join or have a partnership with an outside entity.
Obviously, there's some risk involved in that process. For example, you have there on boarding and off boarding. Now, when you think about on boarding, that's essentially started relation that exists between the partners again it can, opposite being high speed in that service provider or some other entity.
That, for example, provides a service that perhaps you don't have to techno skills in house to perhaps provide. We have off boarding. Essentially, that's the termination of such an agreement. We also have applications, social networking sharing. It also involves privacy as well as Rhys awareness and also data considerations.
Now, when we go into the process of this third party integration, remember, it's a means by which parties can reach an understanding of their relationship and responsibilities to an inter operability type agreement there. These are some examples off those agreements we have this service never agreements or s. L. A's.
We have our blanket purchase agreement or B P. A's.
We have our memorandum of understanding oftentimes referred to as m o use, and then we have the interconnection security agreement on my essays.
We're going to the process of mitigating, and it turned those attacks. We have standard techniques for mitigating deterring those attacks. One of the first thing they're gonna do is create a security posture. We also want to select and configure those various controls will make sure that we engage in process of hardening as well as reporting.
When you go into the prices of creating executed posture. It basically describes an approach, a philosophy or strategy with guarding security levels that make up the screw. That pasta includes having an initial baseline type configurations. You want to make sure you have a static security check list put together
as well. Systems are evaluate against that actual baseline.
We also have continuous security. Monty Security Montaigne perhaps, is the most important aspect of that process because required regular, you observe those systems and networks
else survives remediation. Obviously, as vulnerable is or exposed, we need to have process in place to address those particular vulnerabilities and to try to mitigate them or minimize the impact.
Where you going to reprise it? Configure those various controls you to make sure you properly configure controls is a key to mitigate and turning those attacks because, believe it or not, a majority of most of the security risk to organization is due to miss configuration on behalf of a user.
Some medical chose offer detection. You have security cameras. We also have some controls over prevention like, for example, you have a properly position security guard. We also have some information security controls. These controls can be configured to detect those attacks and sound alarms or prevent those attacks altogether.
Now, when you go into the prices obstacle configuration chose, there obviously are some additional considerations when a normal function is interrupted by failure.
Why is that? Which of the product, which is a hire, private security or safety? That's a course in that obviously you should consider doing that. Process
fell open. Lot unlocked doors remain open on failure. They also think about fail safes, locked the ornament. You know, automatic a lot. They have a high security
level as well.
In this case, we'll have to look at firewalls. Firewalls could be configured in a fail safe or fell open state. So these things that literally we have to think about, particularly when we think about the various controls when we get into hard me, we don't think about what's the purpose of hard opposites, the process and limited as many risks as possible.
In other words, a lot of time we think about they often refer to, the harder it is. Lock it down.
Other words on your operating system or server if you have. If you don't have, you have a service within your computer and there's no reason to have it up. Have it running, then you need to what you did. Make sure you disable that service because that's essentially what we want to do is a lot down or minimize
as much as possible or other words. Reduced attack surface. Do the process of hardening.
Now they're different types of heart and techniques that we can actually implore, such as protected password accounts with passwords you wanna dysentery disabled. Those unnecessary accounts as well as service is you also protect management in the face as well as those various applications.
Now we turn our attention to war reporting. It's important information regarding events that occur so that action can be taken. Other words. We need to have some process in place to record these events. We need to have make sure we have the various alarms or alerts because we'll make sure these alarms sound a warning if a specific situation is occurring,
for example, alert. If too many fail passwords or dip it,
we won't all make sure we have process in place. That reporting from about information on the various trends it can indicate Odysseus seriously impending situation. Some example. Multiple user counts, spirits and multiple password attempt. These are things that we have to think about in that particular process. Now this brings us to our post assessment question,
but its particular section here
and the question is as follows.
Construct scenarios of types of threats that is that asset skin face in order to learn who is attacker are why they're attacked and what types are tax may occur. So the course is this. You wouldn't construct scenarios off the type the types of threats that you ask that skin face
in order to learn who attacked our
why they're attacking, what type are tax, they may occur. And what is This isn't a normally pro prototyping, is it be risk assessment or that sea attack assessment or D threat model it?
The correct response is threat modeling.
Not doing this particular course of destruction
we discussed, probably assessment. We learned that it's a mythological evaluation of exposure of access to risk. It's a methodical evaluation. Other words We learned their steps. Involvement, assessment. We learned that there's one tool use assist in determining potential threats is a process known as threat modeling.
Well discussed. Several techniques could be used in Bombay assessment.
We learned that port skinning banner, Gabin Protocol Analyzer, honey pots and honey nests are used as assessment tools.
We also learned in front of us can can search your sister for known security weaknesses and report those finance and regards to penetration testing. They're designed to explore any discover system. Weakness tested, may have various levels off system knowledge. Then we look at standard technique is used of mitigating the terror attacks
again we want first. I have a healthy security positive
makes you have proper configuration of controls and hardening as well as reporting
in the upcoming presentation, we continue our discussion of Section three and the title. This particular section is vulnerable. Imagine again. I look forward to seeing you in the next video
The CompTIA CASP+ Practice-Lab will provide you with the necessary platform to gain hands-on skills ...
Become a SOC Analyst - Level 3
This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career ...