Professional Documents
Culture Documents
Security Devices and Services
Security Devices and Services
Security Devices and Services
Firewalls: These are essential network security appliances available in hardware and
software forms. They separate internal networks from the Internet, block specific connections,
and deny incoming traffic by default, enhancing network security.
Intrusion Protection Systems (IPS): IPS systems proactively monitor network traffic
using profiles, signature detection, AI, and anomaly detection. They can detect various
intrusions and can work with firewalls to isolate infected devices.
Unified Threat Management (UTM): UTMs combine firewall, intrusion detection, and
prevention systems into one device, simplifying security management. However, they pose a
single point of failure risk.
Network Access Control: This function ensures secure network access by linking
authentication with endpoint device status, such as security updates.
Email Security Gateways: These devices or services monitor email traffic for spam,
viruses, phishing, and anomalies, enhancing email security.
Web Application Firewalls (WAF): WAFs selectively allow, or block web traffic based
on predefined criteria, protecting web applications from vulnerabilities and attacks.
VPN Gateways: VPN devices enable secure access to internal resources from
anywhere, improving remote work security and productivity.
Network Device Backup and Recovery: It includes centralized backup and recovery
tools, simplified configuration management and recovery for network devices.
SECURITY SERVICES: Security services are services or practices that defends computers,
servers, mobile devices, electronic systems, networks, and data from malicious attacks. It
includes managed security services, penetration testing and vulnerability assessment, incident
response services, security consulting and risk assessment, and security awareness training.
Managed Security Services (MSS): MSS providers continuously monitor and manage
security devices and systems. They respond to security threats in real-time, ensuring
organizations maintain a robust security posture.
SOCIAL ENGINEERING
a. What are the three methods used in social engineering to gain access to
information?
The three methods used in social engineering to gain access to information are
electronic access, physical access, and social media. Electronic access includes
phishing, spear phishing, and baiting while physical access includes pretexting,
tailgating, and quid pro quo.
b. What are three examples of social engineering attacks from the first two
methods in step 2a?
The examples of the first two methods includes phishing, spear phishing, and
baiting for electronic access and pretexting, tailgating, and quid pro quo for
physical access.
c. Why is social networking a social engineering threat?
Social networking is a social engineering threat because it usually encourages
people to extensively share their personal information such as full name,
address, birthdates, and bank details. These details, when shared, can cause
identity theft, phishing, and other attacks.
d. How can an organization defend itself from social engineering attacks?
An organization can defend itself from social engineering attacks by performing a
multi-faceted approach that combines technology, policies, and creation and
utilization of security awareness training. Security awareness training includes
phishing exercises, and social engineering workshops.
e. What is the SANS Institute, which authored this article?
SANS Institute is n organization that is prominent in the field of cybersecurity
education, training, and research. The organization provides a wide range of
cybersecurity training courses and programs with highly regarded cybersecurity
certifications. The institute is also involved in cybersecurity researches and hosts
conferences and events, as well as, encourage community involvement to
cybersecurity.
ANATOMY OF MALWARE