System Security

System Security https://www.cybrary.it/skill-certification-course/fundamental-system-security-certification-training-course

This course provided a good introduction to system security. For those with an IT background this course may not be necessary but I thought it was useful. 

Notes

Appropriate procedures to establish host security 

Application Security

Anti-Malware -takes care of viruses, worms, and trojans

-software has been designed to find the specific signatures of the malware on a system; track, identify, deactivate 

-regularly update the signature/definition files to keep the anti-malware software effective 

Anti-Spam -organizations will use spam filters on emails and messages to prevent spam from getting to the users inbox 

-prevents/limits servers from congestion  

Anti-Spyware -spyware can track your activity online by reviewing your cookies

-anti-spyware eradicates tracking cookies from your system 

Pop-up blockers- pop ups are usually how you get adware, you can turn on pop-up blockers by going to your internet options page 

Host-based firewalls -a firewall that resides on a computer system that protects traffic coming in or leaving the system 

-this is something to monitor periodically to prevent intrusion into the system and to facilitate the generation of alerts 

Patch management -patches are produced to fix flaws that exist within software

-individuals in an organization should be responsible for validating the source of a patch, testing it for sufficiency, and migrating the patch to the production systems once it has been found to be robust

-never download a patch and install it directly on your real system 

Hardware Security

-cable locks- prevent rearrangement of the infrastructure you have; most likely used for laptops

-safe -lock away spares, documents

-locking cabinets -used for servers, switches, patch panels, and server racks to prevent unauthorized access and modification

-unauthorized access could change config = loss of integrity 

-mobile device -screen lock, strong password

-devices should support encryption so that keys are required before anyone has access

-this way if you lose your device, you know that nobody else has access to the content 

-encryption is the best form of security for mobile devices

-another option is remote wipe which allows your providers or device administrators to send a script to the phone that can either erase or cause damage to the content on the phone so that it cannot be accessed anymore 

-devices should be returned to IT before they are shared between users; sanitization is very important 

-voice encryption is another best practice 

-one voice solution is VoIP (Voice over internet protocol) 

-a malicious person can packet sniff our transmission, when we use voice encryption our packets are encrypted as they move on data lines which prevents eavesdropping 

-another best practice is GPS tracking on mobile devices

-if GPS is disabled, you can still sync the picture content with your email to try to identify the location of the device 

Virtualization

-a hypervisor is the software environment within which we build virtual machines

-it shares resources with your host PC such as memory, processor, ports etc

-virtualization is different from multi booting where you have multiple operating systems on the host PC, but can only run one at a time

-with virtualization we can run all the machines at the same time provided there is sufficient memory and a reliable processor that supports virtualization  

Benefits -allows for maximum utilization of hardware, cost saving (buy less machines, less space, less licenses)

Data Security

-data loss prevention -financial, medical, trade secret, PII(personal identifiable information)

Data in motion -email, network, chat sessions 

Data at rest -database, file sharing, desktop or laptop

Data in use -copiers, printer, removable media, screen, clipboard

storage area networks -devoted to storage and useful during disaster recovery situations 

handling big data -some companies now employ security incidents events managers so that data that is of concern can be put on one management interface

Data Encryption

-this is required to ensure confidentiality 

-encrypting data changes it from plain text to cipher text

Full disk encryption -you encrypt the entire content of the hard drive, unless unauthorized users provide encryption keys, they don't have access to the data

Database encryption -unless keys are provided, no access to database

Individual files -moving a file off an encrypted disk can make it vulnerable, if you want to sent one file or a group of files, encrypting them ensures that they are still encrypted while in transit or storage