Security breaches

-

Organizational security procedures
-          - Access control for physical entry
-         -  Computer based access control
-         -  Visitor notifications
-         -  System logs
-        -   System auto lock policy user permissions
-        -   Starter and leaver
-       -    Clear desk policy and documentation handling
- Does knowing popular security breaches beneficial for an organization?

Security breaches
-          Happen when someone access without permission
-          When confidential information is exposed

Types of security breaches

1.       Denial of service
-          When a website is overwhelmed with requests, which blocks other users from the site

2.       Malware
-          Example of malware is adware, viruses, Trojans, crime ware, spyware, worms

Malware symptoms
-          System slow down
-          Annoying ads and pop up messages
-          Browser homepage keeps changing
-          Unexpected error messages
-          Antivirus gets disabled automatically

3.       Ransom ware
-          Hacker gains control of the company system and locks it from use
-          A ransom ware note is left within the virus
-          The company or user is extorted to pay money

4.       Password attacks
-          A combination of brute force attacks that are used to gain access to insecure passwords

5.       Phishing
-          Email or phone calls that seem official to gain access or personal information is called phishing
-          They frequently take the guise of known, credible entities – such as a person’s bank

How to prevent security breaches?

-          Regularly back up files
-          Keep systems and applications updated
-          Enforce the principle of least privilege
-          Secure email gateways Example firewall
-          Implement defense in depth
-          Foster a culture of security in the workplace






Comments

Post a Comment

Popular posts from this blog

Log Review

-
Image
Describe the test and purpose of the test Log analysis is the term used for analysis of computer-generated records for helping organizations, businesses or networks in proactively and reactively mitigating different risks.  Log analysis helps in reducing problem diagnosis, resolution time and in effective management of applications and infrastructure. Checking all the log to find if there ordinary problem Discuss how it works Logs are usually created by network devices, applications, operating systems, and programmable or smart devices. They comprise of several messages that are chronologically arranged and stored on a disk, in files, or in an application like a log collector. Provide example Discuss the solution of there is vulnerability after a test If there is 
Read more

Organizational security types

-
1.        Business Continuance -           Business have come to recognize that some services of the organization have to be delivered continuously without interruption -           Create an IT Business Continuity plan( Backup business Plan) -           Focus on getting the network and systems up and running as quickly as possible. Business continuity and disaster recovery planning -           Management leadership, goals and requirements, business impact analysis, team building and implementation Backup alternatives -           Hardware and software approaches, electronic vaulting Recovery and testing -           Strategies for executing recovery, carrying out drills and types of plan testing Emergency Response -           Preserving assets and life, reducing fraud, theft and vandalism 2.        Backup / Restoration of Data -           When we think of backup, we generally think of secure, offsite tape storage that will be available should we accide
Read more

Network planning - Proof of concept

-
How to design a secured network (methods, the steps) The different types of network security design that will aid good network security 1. Identify the assets such as hardware, software, employee 2. Identify the budget of the company 3. Analyze security risk with the solution (virus- install anti virus) 4. Analyze security requirements 5. List down all the software that can be installed in the network 6. List all the asset (Security hardware for example VPN, firewall, antivirus, DMZ) 7. Identify the secure connection (cable or wire) 8. Design or sketch a network 9. Ask other colleague or approval by the organization or the client An organizations need to update their system frequently, because hackers are discovering new flaws in security network and coming out with new methods to gains access to unauthorized networks. 1.     Network access control -        It is for controlling which users can access you network -        Identifying which users and devices a
Read more