README.md

Security

Logical Security

• Logical security concepts:

  1. Microsoft Active Directory - centralized management; uses Organizational Units.
  2. Mobile Device Management (MDM) - set policies on apps, data, etc.
  3. Port security
  4. Certificate-based authentication
  5. Anti-virus and anti-malware
  6. Firewalls - host-based and network-based.
  7. Directory permissions
  8. VPN concentrator - Encrypt data traversing a public network.
  9. Data Loss Prevention (DLP)
  10. Access Control Lists (ACLs)
  11. Least privilege - permissions set to bare minimum.

Malware

• Common types of malware:

  1. Ransomware
  2. Crypto-malware
  3. Trojan horse
  4. Spyware
  5. Keyloggers
  6. Rootkits
  7. Virus
  8. Worms
  9. Botnets

• Anti-malware tools:

  1. Anti-virus and anti-malware
  2. Windows Recovery Environment
  3. End user education
  4. Firewalls
  5. Secure DNS

Security Threats

• Social engineering principles:

  1. Authority
  2. Intimidation
  3. Social proof
  4. Scarcity
  5. Urgency
  6. Familiarity
  7. Trust

• Social engineering types:

  1. Phishing
  2. Spear phishing (whaling)
  3. Impersonation
  4. Shoulder surfing
  5. Tailgating
  6. Dumpster diving

• Denial of service - force a service to fail by overloading; using design failure or vulnerability.

• DDoS (Distributed Denial of Service) - launch army of computers to bring down a service; uses botnets.

• Mitigating DDos attacks - filter out traffic patterns; anti-DDoS systems.

• Zero-day attacks - vulnerability not detected yet.

• Man-in-the-middle attacks - using traffic redirection, ARP poisoning.

• Mitigating MITM attacks - use encrypted protocols like HTTPS, SSH.

• Brute Force attacks - keep trying the login process; slow; dictionary attacks; rainbow tables (doesn't work for salted hashes).

• Spoofing - pretend to be something you aren't; MAC spoofing, IP address spoofing.