Professional Documents
Culture Documents
Last Minute Reminder For CC ISC2 1665986335
Last Minute Reminder For CC ISC2 1665986335
Reminder
CC – Certified in
Cyber Security
CIA
Security Cores
MFA
SFA
Pin Number
these combination
methods of these
methods (at
least two) Something
You know
Fingerprint Face
By
Key Card
Retina
Something Something
You have You are
Badge
Tokens
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Method of Authentications
• Estimate/prioritise
Risk • Likelihood x Impact
• Qualitative (H/M/L) Risk
Assessment • Quantitative ($) Treatment
Likelihood
Risk Priorities / Risk Tolerance
Low Med
Impact
Security Controls
Security Controls
Policies (Broad)
• AUP Policy
• Access Control Policy
• To keep critical
operation running
Breach Incident
Goal of during the right of
BC personnel to control
their information
Intrusion Event Vulnerability disaster
•To get
Exploit Threat operation back
DR
to normal state
Zero-Day
during disaster
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Contain
Lesson
Prepare Detect Remediate
Learned
Recovery
Response Communication
BCP Team
procedures (1st /2nd ) (Call tree)
External
BCP Announcement Communication
(Who/When) (emergency services,
customers, vendors)
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
BCP Plans
Strategy
BIA Develop Plan Testing Maintenance
Development
Technical-related
Develop plan Role/Responsibilities Checklist Maintenance
procedures
• Service/System
Objects requested by subject
• Passive
• Entity that request to
Subjects access
• Active
Access Control
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Asset/ Objects
Defence in Depth
Multiple layers of Administrative
controls for
increasing security
Technical
Physical
Control Assessment –
to measure the
effectiveness of
control (as intended)
Environmental Biometric
Design Reader
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Access Control methods
• Discretionary Access • Mandatory Access
Control Control
• Grant right Subject • Clearance required
• Ex. System Owner > • Specific permission
Write Administrators • Permission is up to Level 4
Owner
permission
Read Execute Level 4 Level 4
Subject
Subject
Analyst
permission
Analyst Object’s
RBAC ABAC
Role list
•Attribute-based Access
• Role-based Access Control
Subject Control •Require specific attributes
• Assign based on Role •Location, department, age
and job function Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
•Zero Trust
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
232 IPV4
Domain 4 : Networking Network
Address
192.168.1 .1
TCP/IP OSI Network
Layers
DATA
Private IP Address
Data
L7:
Application
Data
DATA 10 172 192 Host Address
Encapsulation
Application
Picture ( JPEG L6: Picture ( 10.0.0.0 172.16.0.0 192.168.0.0
Layer
DATA
PNG) Presentation JPEG PNG)
Transport
Layer
L4: Transport TCP/UDP
DATA
Internet
Layer
L3: Network Packets DATA 127.0.0.1 Loopback
Frames
Network
Interface
L2: Data Link Frames
DATA fc00:: to fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Layer
Network
Interface L1: Physical Bits Internal Address
Layer
DATA
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
2128 IPV6
21 • FTP 22 • SFTP
Physical Ports
25 • SMTP 587 • SMTP
CAT5E Fiber optic CAT6 37 • Time 123 • NTP
1 (Mbit/s) 1 1 • DoT
53 • DNS 853
ACK
3 ways Hand Shake
Wireless Network Threat
Spoofing
DOS/DDOS
Attacks
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Cyber Threat
Side-
Worm Trojan On-path
Channel
Insider
APT Ransomware
Threat
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Preventing/Detecting Threats
Intrusion Detection System (IDS) Firewall
Security Information and Event Management (SIEM) Security Information and Event Management (SIEM)
Correlate/Analyse/Alert Detect (Monitoring) Correlate/Analyse/Alert Detect (Monitoring)
Redundancy
Fire Suppression
(UPS / Generator)
Measured Service
• Pay as you go
On-Demand Self-Service
Broad
Rapid Measured
Network
Elasticity Service
On-Demand
Self-Service
• Manage without contacting vendors
Access
Resource Pooling
Private
Private Public Hybrid
Hybrid Community
Private Cloud
Infrastructure as a Service (IaaS) •Solely own by one organisation using own resources
DMZ
Network Segmentation Demilitarised Zone (DMZ) Virtual Local Area Virtual Private Network
Network (VLAN) (VPN)
Create
Labelling
• Tagged Label based on
Classification level
• Should be done once data
Disposal Store created
Data Retention
• Record of data
• Retain as needed but not longer
Archive Use •(business requirement/Regulations/Laws)
Logs
USER Activities
SYSTEM Activities
Time must
Events
be synced
Authentication
Raw
Alerts Configuration Changes
Logs
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Common Log Sources
Network
Firewall IDS/IPS
Devices
Threat
Anti Malware Proxy Intelligence
Feeds
Created by Puchong Ngammoh CISSP-ISSMP®| CCSP | CRISC®|
CISM®| CCSK | CASP+ | CySA+| CC℠ | Sec+
Encryption Algorithm
• 1-way
• Integrity
Check
Plain
Hashing • Ensure
Plain Cipher that
Text Text Text
message is
not altered
Cipher
Text
• Authenticity
• Non-
repudiation
Digital • Sign with
Key Key Signature private key
of sender
Encryption Decryption
Symmetric / Asymmetric
Key formular Performance
(n(n-1))2 2(n) Fast Slow
Key Use
Website/TLS/Access
Same Key Private/Public Key pair Storage/IPsec/TLS
Control
Smiley
Cipher
Text
• Must be
Apply baseline • Address
tested and
Inventory all based on vulnerabilities
Inventory Baseline classification Update accepted Patch
related asset • Work as
• Improve
level functionality
required
Verify impact/Test/
Change Approve
BYOD Privacy Policy management
Policy Rollback Roll back if it does not work as planned
or just in case of incident occurred
Security Awareness