Kategorier: Alle - security - infrastructure - continuity - privacy

av Gerson Varela 1 år siden

100

Security Managment

In the realm of organizational preparedness, several critical areas demand attention. Security management encompasses the safeguarding of assets through various models and principles, ensuring the confidentiality, integrity, and availability of data.

Security Managment

Security Managment

Security Operations

Incidents
Response

SOAR

Monitor

Synthetic

Passive

Logs

Configuration and system managment

Antimalware

IDS / IPS

Asset managment
Patching and vulns

Vulnerability scan

Vulnerability Managment

Patch Managmente

System to manage

Configuration Managment

Automation

Baseline ( images)

EOS
EOL
Applying people
Travel
Priviledge Account Manager
Mandatory Vacations
M of N
Two Person control
Need to know and least priviledge

IAM

Protection Methods
Logon notification
Lockout
Masking
MFA
Salt and pepper
Access control
Access Controls
Atritube based
Rule Based
Role Base
Mandatory
Discretionary
Implementing SSO internal
RADIUS
TACACS+
SESAME
Kerberos
Access Review
Account Maintenance
New Role
Deprovisioning
Provisioning
Implementing SSO External
Federal
OIDC
Oauth
OpenID
SAML
Factors
Something you are
Something you have
Something you know

Laws Regulations and Compliance

Authorize to operate
Regulations
GDRP
SOX
HIPPA
PCI
Policies
Procedures
Policie

Data store

Privacy policie

NIST or ISO27000

Guideline
Baseline
Standard
Privacy
Import / Export
Licenses
Intelectual property

Disater Recover

Maintenence
Lesson learned
Full interrumpt
Parallel
Simulation
Structured Walk- trough
Read-Through
Development
Escrow arragment
Backups
Personnel and communications
Emergency response
Strategy
DB recovery
Sites
Workgroup recovery
Emergency communications
Crisis Managment
Bussenss priorities
Fault Tolerance
Power sources

UPS

Servers

Load Balancer

Clusters

Hard drive

RAID

Bussiness Continuity

Approval and Implementation
Excercise
Emergency
Vital Records
Statment of urgency
Statment of importance
Cp Goals
BCP documentation
Continuity Plan
Provisions and process

Buldings / Facilities

Warm site

Hot Site

Cold site

People

Strategy develpment
Bussiness Impact Analysis
Project scope and planning
Legal and regulation
Resources requeriments
BCP team Selection
Originitional review

Risk Assessment

Monitoring
Mitigate
Technical
Administrative

Directive

Recover

Corrective

Compensating

Detective

Deterrent

Preventive

Physical
Threat Modeling

Priorization and response

Ignoring

Aceptance

Avoidance

Transfer

Mitigation

Reduction Analysis

Detemining and diagramming potential attack

Identify threats

Identify
Supply Chain
Qualitative

Impact

Likehood

Quantitative

Anualized loss of ocurrance

Annualized rate of ocurrance

Single loss expectation

Exposure Factor

Asset Value

Application

Memory
Pointer reference
Resource exhaustion
Code security
API
Practices

Hard code credential

Erros Handling

Comments

Resilence

Elasticiiy

Scalability

Integrity measurement
Se diversity
Reuse
Signing
Controls
Parameter pollution
Metcharacter
Input

Software Devolpment

DB
Security

Obfuscation and camuflage

Parameterized

ODCB
ACID

Inference

Agregation

Concurrency

Devlop
Scrum
PERT
Gant
Models
Agile
Cascade
SAM
IDEAL
CMM
Lifecycle
Maintence
Testing
Code review
Coding
Desing Review
Control Specification
Functional requeriments
Conceptual

Secuity Asssessment and Testing

Security Managment process
KPI
Train and Awarness
Disaster Recovery and Bussiness Continuity
Account Manager
Log review
Testing code
Test coverage
Misue Case
Interface
Code review ( Fagan)
Assessment
Compliance check
Pentest

Black

Gray

White

Vulnerabilities

Infraestructure

Website

Communication and Network Security

Other technologies
NFC
RFID
Bluethoot
Secure Comunication

SPF

DKIM

PGP

Endpoint

MSSP = XDR Central + Premise and cloud + SOC

XDR = EDR + MRR + EPP + NTA + NIDS + NIPS

EPP = ERR with IPS / IDS

MDR = SIEM + NTA + EDR + TDS

EDR = AV + IDS+ FW

Switching

Virtual

Packet

Firewall

Circuit

Statefull

Next Gen

WAF

Static

Protocols

TLS

SSH

Kerberos, Radius, TACACS

Components

Screened subnet

Bastion host

Screened host

Architectures
VPN
Proxy
VxLAN
SDN
CDN
Load balancing

Active vs pasive

Active vs active

Wireless
Secure

NAC

WIDS

VoIP
RTP
SIPS

Security Architecture

Site and Facilities
Fire Prevention
Restricted Work Area security
Evidence store
Media Store
Acces Abuse
Camares
IDS
Data Center
Wiring closet
Equipment Failure
Security Models
Take Grant
Brewer Nash
Clark Wilson
Bell La Padula
Biba
Cryptography
Certificates
PKI
Hashing
Asymetric
Symetric
Ensuring CIA
Trust and assurance
Access controls
Isolation
Bounds
Confinement
Secure Design Principles
Trust but verify
Privacy by design
Zero Trust
Keep it simple
Fail Secure
Secure Defaults
Open and close
Object and subject

Security Assets

Roles
Custodian and admins
Data processor and controllers
Bussiness Owner
Asset Owners
Data Owners
Data protection Mechanism
Maskering
Anonymization
Tokenization
Pseudonymization
Cloud access security Broker
Digital Right Managment
Data classification
Requiriments
Destruction

Shredding

Destroy

Purging

Erasing

Data Location
Collect Limitation
Handling sensitive
Labeling
DLP

Host

Network

Data Maintenance

Personnel Security

Offboarding
Offboarding process

Publish fired

Reuse place

Chat

Card

Email

Network access

Mobile

Transfer
Oversight
Train & Awarness
Need to know
Separation of duties
Mandatory Vacation
Job Rotation
Onboarding
Least Priviledge
No Disclosure Agreement
Sign Security Policies
IAM and provisioning