Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Published byLisandro Lassetter Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1."— Presentation transcript:

1 Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1 Chapter 11: Cyber Security Essentials for Small Business

2 Anti-Malware Protection Malware includes viruses, worms, rootkits, spyware, and many other forms Basic anti-malware includes anti-virus and host-based software firewall Anti-malware should be rigorously kept up to date Advanced anti-malware features include –Internet browser filtering for Drive-By-Malware –Anti-spyware –In memory scans – new forms of malware 10/12/2014 DRAFT2 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

3 Updating Operating Systems If the system is on the Internet it should be configured to auto-update Regularly check if updates are required, e.g. Windows Update menu command Important to update every Patch Tuesday 10/12/2014 DRAFT3 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

4 Updating Applications Applications, even when configured to auto- update, may not unless they are running – manual update checks are essential –Use same approach as for operating systems, e.g. Windows Update Application updates overall represent a more significant vulnerability than operating systems Updates should include plug-ins as was well as standalone applications, e.g. Flash, Java 10/12/2014 DRAFT4 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

5 Change Default Passwords Virtually all software and devices come configured with default passwords –This represents a very significant vulnerability, attackers will try defaults first There are online lists of default passwords, e.g. www.cirt.net/passwords Change the default account’s password or disable that account entirely 10/12/2014 DRAFT5 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

6 Educate End-Users People represent the most significant vulnerability of all –See You Can’t Patch Dumb in Chapter 2 All users, anyone who touches a computer-driven device should have thorough Internet Safety education –See Chapter 10 –Or go online www.gcflearnfree.org/internetsafety 10/12/2014 DRAFT6 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

7 System Security Administration Some basics for your in-house system admin to greatly reduce susceptibilities –Subscribe to security alerts e.g. https://forms.us- cert.gov/maillists/https://forms.us- cert.gov/maillists/ –Backup your systems regularly –Have documented system restore procedures –For web applications, particularly customized, use benchmarks to harden them, e.g. https://benchmarks.cisecurity.org/downloads/multifor m/index.cfm https://benchmarks.cisecurity.org/downloads/multifor m/index.cfm –Have your IT environment professionally Pen Tested – See Chapter 9 10/12/2014 DRAFT7 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

8 Wireless Security Basics Assuming this WAP is for staff use, not customers… Change the default WAP password Configure encryption at highest level Disable SSID public broadcast Enable WEP or WPA protections Reduce wireless signal strength to within space you control –War Driving is the practice of finding unprotected WAPs by driving around 10/12/2014 DRAFT8 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

9 REVIEW CHAPTER SUMMARY Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions 10/12/2014 DRAFT9

Download ppt "Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1."

Similar presentations

Your Definitive Lockdown Guide

Your Definitive Lockdown Guide
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Computer Security at HomeSlide 1 Computer Security Major Security and Privacy Threats Using The Internet At Home.

Computer Security at HomeSlide 1 Computer Security Major Security and Privacy Threats Using The Internet At Home.
Windows Vista Serious Challenges for Digital Investigators Authors: Darren Hayes Shareq Qureshi Presented By: Prerna Gupta.

Windows Vista Serious Challenges for Digital Investigators Authors: Darren Hayes Shareq Qureshi Presented By: Prerna Gupta.
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.

Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
DVG-N5402SP.

DVG-N5402SP.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Enterprise Network Security Accessing the WAN Lecture week 4.

Enterprise Network Security Accessing the WAN Lecture week 4.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
MS System Setup Securing A System. Use Automatic Updates For a workstation or server, schedule the updates to occur regularly. –Control panel click on.

MS System Setup Securing A System. Use Automatic Updates For a workstation or server, schedule the updates to occur regularly. –Control panel click on.
Securing a Wireless Network

Securing a Wireless Network

Similar presentations

Ads by Google