Professional Documents
Culture Documents
Authorization: Once the system knows who users are, policies can be applied that control
where the users can go, what the users can do, and what resources they can access. This is
called authorization
These hackers are able to gain illegal access to the systems and data and cause severe
damage Therefore, Cybersecurity vulnerabilities are extremely important to monitor for the
overall security posture as gaps in a network can result in a full-scale breach of systems in an
organization.
Examples of Vulnerabilities-
o A weakness in a firewall that can lead to malicious hackers getting into a computer
network
o Lack of security cameras.
o Unlocked doors at businesses
All of these are weaknesses that can be used by others to hurt a business or its assets.
There are many causes of Vulnerabilities like-
Complex Systems- Complex systems increase the probability of misconfigurations, flaws, or
unintended access.
Familiarity- Attackers may be familiar with common code, operating systems, hardware, and
software that lead to known vulnerabilities
Connectivity- Connected devices are more prone to have vulnerabilities
Poor Password Management- and reused passwords can lead from one data breach to several
OS Flaws- systems can have flaws too. Unsecured operating systems by default cangive users full
access and become a target for viruses and malware.
Internet- Internet is full of spyware and adware that can be installed automatically on computers.
Software Bugs- Programmers can sometimes accidentally, leave an exploitable bug in the
software.
Unchecked user input- Software or a website assumes that all input is safe, it may run unintended
SQL injection.
People- Social engineering is the biggest threat to the majority of organizations. So, humans can
be one of the biggest causes of vulnerability.
There are some important cyber security policies recommendations describe below-
Virus and Spyware Protection policy-
It helps to detect threads in files, to detect applications that exhibits suspicious behavior.
Removes, and repairs the side effects of viruses and security risks by using signatures.
Firewall Policy-
It blocks the unauthorized users from accessing the systems and networks that connect
to theInternet.
It detects the attacks by cybercriminals and removes the unwanted sources of network
traffic.
Intrusion Prevention policy-
This policy automatically detects and blocks the network attacks and browser attacks.
It also protects applications from vulnerabilities and checks the contents of one or more
datapackages and detects malware which is coming through legal ways.
Application and Device Control-
This policy protects a system's resources from applications and manages the peripheral
devices thatcan attach to a system.
The device control policy applies to both Windows and Mac computers whereas
application control policy can be applied only to Windows clients.