Scribd Logo
Upload

Welcome to Scribd!

  • 1 views

    Security Devices and Services

    Uploaded by

    Grace Guinoran
    About security devices and services for the defense of our computers

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Security Devices and Services

    Uploaded by

    Grace Guinoran
    1 views3 pages
    About security devices and services for the defense of our computers

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    About security devices and services for the defense of our computers

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    1 views3 pages

    Security Devices and Services

    Uploaded by

    Grace Guinoran
    About security devices and services for the defense of our computers

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    SECURITY DEVICES AND SERVICES

    SECURITY DEVICES: Security devices are typically physical or virtualized hardware


    appliances, with vendor specific software installed. Security devices include firewalls, intrusion
    protection system (IPS), unified threat management (UTM), network access control, email
    security gateways, web application firewalls (WAF), VPN gateways, and network device backup
    and recovery.

    Firewalls: These are essential network security appliances available in hardware and
    software forms. They separate internal networks from the Internet, block specific connections,
    and deny incoming traffic by default, enhancing network security.

    Intrusion Protection Systems (IPS): IPS systems proactively monitor network traffic
    using profiles, signature detection, AI, and anomaly detection. They can detect various
    intrusions and can work with firewalls to isolate infected devices.

    Unified Threat Management (UTM): UTMs combine firewall, intrusion detection, and
    prevention systems into one device, simplifying security management. However, they pose a
    single point of failure risk.

    Network Access Control: This function ensures secure network access by linking
    authentication with endpoint device status, such as security updates.

    Email Security Gateways: These devices or services monitor email traffic for spam,
    viruses, phishing, and anomalies, enhancing email security.

    Web Application Firewalls (WAF): WAFs selectively allow, or block web traffic based
    on predefined criteria, protecting web applications from vulnerabilities and attacks.

    VPN Gateways: VPN devices enable secure access to internal resources from
    anywhere, improving remote work security and productivity.

    Network Device Backup and Recovery: It includes centralized backup and recovery
    tools, simplified configuration management and recovery for network devices.

    SECURITY SERVICES: Security services are services or practices that defends computers,
    servers, mobile devices, electronic systems, networks, and data from malicious attacks. It
    includes managed security services, penetration testing and vulnerability assessment, incident
    response services, security consulting and risk assessment, and security awareness training.

    Managed Security Services (MSS): MSS providers continuously monitor and manage
    security devices and systems. They respond to security threats in real-time, ensuring
    organizations maintain a robust security posture.

    Penetration Testing and Vulnerability Assessment: Security services include


    penetration testing, where ethical hackers try to exploit vulnerabilities to uncover weaknesses in
    a system's security. Vulnerability assessments involve scanning systems to identify known
    vulnerabilities.
    Incident Response Services: These services assist organizations in planning and
    executing a coordinated response to security incidents or data breaches. Their goal is to
    minimize damage and facilitate recovery.

    Security Consulting and Risk Assessment: Security consultants offer expertise in


    evaluating an organization's security posture, identifying risks, and recommending security
    strategies and policies to mitigate those risks.

    Security Awareness Training: Cybersecurity services encompass educating


    employees and users about best practices and potential threats to enhance their awareness and
    reduce the likelihood of security breaches.

    SOCIAL ENGINEERING

    a. What are the three methods used in social engineering to gain access to
    information?
    The three methods used in social engineering to gain access to information are
    electronic access, physical access, and social media. Electronic access includes
    phishing, spear phishing, and baiting while physical access includes pretexting,
    tailgating, and quid pro quo.
    b. What are three examples of social engineering attacks from the first two
    methods in step 2a?
    The examples of the first two methods includes phishing, spear phishing, and
    baiting for electronic access and pretexting, tailgating, and quid pro quo for
    physical access.
    c. Why is social networking a social engineering threat?
    Social networking is a social engineering threat because it usually encourages
    people to extensively share their personal information such as full name,
    address, birthdates, and bank details. These details, when shared, can cause
    identity theft, phishing, and other attacks.
    d. How can an organization defend itself from social engineering attacks?
    An organization can defend itself from social engineering attacks by performing a
    multi-faceted approach that combines technology, policies, and creation and
    utilization of security awareness training. Security awareness training includes
    phishing exercises, and social engineering workshops.
    e. What is the SANS Institute, which authored this article?
    SANS Institute is n organization that is prominent in the field of cybersecurity
    education, training, and research. The organization provides a wide range of
    cybersecurity training courses and programs with highly regarded cybersecurity
    certifications. The institute is also involved in cybersecurity researches and hosts
    conferences and events, as well as, encourage community involvement to
    cybersecurity.
    ANATOMY OF MALWARE

    MALWARE DESCRIPTION HOW IT IS IMPACTS


    TRANSMITTED
    RANSOMWARE: A ransomware strain Distributed through It caused data
    Sodinokibi also known as REvil, it exploit kits, malicious encryption and financial
    encrypts files and ads, emails. loss
    demands a ransom
    for decryption.
    TROJAN HORSE: A banking Trojan It is disseminated It causes financial
    DarkTequila primarily affecting through malicious theft, identity theft
    users in Latin websites and data exfiltration and
    America, known for phishing. potential banking
    stealing sensitive fraud.
    financial information.
    HOAX: 419 Scams It is also known as It preys on victims' It can cause financial
    Nigerian Prince greed and gullibility loss, identity theft,
    scams; they involve and was spread via and victim deception
    fraudulent emails email or social
    claiming to offer large engineering tactics
    sums of money.
    EXPLOIT KIT: An exploit kit used to It utilizes drive-by It can cause malware
    Magnitude deliver various types download attacks on infections, data
    of malwares, often vulnerable systems breaches and
    through malvertising and can also delivered compromised systems
    campaigns. via malicious
    advertisements on
    compromised
    websites.

    You might also like