Professional Documents
Culture Documents
Dict Cert
Dict Cert
• First three hex pairs = vendor; next three hex pairs = ID for the card
networks
Switch Switch
Originating Address
144.217.166.26
Destination Address
112.53.112.38
Network Address Translation (NAT)
Originating Address
Destination Address
112.53.112.38
Attn: Your Computer
(192.168.1.20)
Network Address Translation (NAT)
Sample Network Address
Translation Table
Common Ports
• Weakness of a system
IMPACT Internal
External
PROBABILITY
EXTERNAL VS. INTERNAL THREATS
• INSIDERS vs INVADERS
• External threats, or invaders, act from outside the company and must overcome
your exterior defenses
• Internal threats, or insiders, work within the company and can thus bypass
exterior defenses
THREE ELEMENTS OF RISK
THREATS • Technical
Software Failure
PROBABILITY
Network Failure
THREE ELEMENTS OF RISK
IMPACT 5. Major
4. Serious
PROBABILITY 3. Moderate
2. Minor
1. Negligible
THREE ELEMENTS OF RISK
THREATS • Likelihood
5. Probable
IMPACT 4. Likely
3. Possible
PROBABILITY 2. Unlikely
1. Very unlikely
Vulnerability Management
PROCEDURES IN
Identify Asset Vulnerability
HANDLING
VULNERABILITY
Analyze Detected Vulnerabilities
PROCEDURES IN Fix Detected Vulnerability
HANDLING
VULNERABILITY Repeat All Steps Regularly
IT Asset Management
Procedures in Handling Vulnerability
• Create a full IT inventory to gain visibility into all the IT assets that exist in
the organizational IT landscape – network, data center, remote sites, user
workstations, etc.
• Not all IT assets are created equal. Determine what constitutes a critical
asset. It may be a specific type of hardware. It may be certain software
titles.
• In terms of software audits, a key thing to keep in mind is to know what
you are entitled to have deployed. More often than not, organizations fall
short in their software audits for failing to do so.
• Attack Vector
• Network, Adjacent, Local, Physical
• Attack Complexity
• Low, High
• Privilege Required
• None, Low, High
• User Interaction
• None, Required
• Scope
• Unchanged, Changed
• Confidentiality
• None, Low, High
• Availability
• None, Low, High
• Integrity
• None, Low, High
• Monthly
• Quarterly
• Semestral
• Annual
Cyber Kill-Chain
Cyber Kill-Chain • A commonly used model in cyber-
security.
– Example:
➢ IP Address
➢ Domains
➢ Open ports
➢ Plugins and services
Cyber Kill-Chain
• Preparing the malwares & hacking-
tools for the attack
– Example:
➢ Known malware
➢ Customized
malware
➢ 0 day
Cyber Kill-Chain
• Delivering the first stage of the malware to one
of the victim’s endpoints / servers
• Example:
➢ File attachment on email
➢ External devices
➢ Malicious website
Cyber Kill-Chain
• The action of making use of and
benefiting from vulnerabilities.
– Example:
➢Exploiting legacy system.
➢Exploiting old versions of
software.
Cyber Kill-Chain
MAILING ADDRESS
49 Don A. Roces Ave.,
Brgy. Paligsahan, Diliman,
Quezon City