Professional Documents
Culture Documents
CompTIA Security+
Get Certified Get Ahead
By Darril Gibson
• Trusted OS
GetCertifiedGetAhead.com © 2017 YCDA, LLC
Using Master Images
• Provides
secure
starting
point
• Reduces
costs
• Compliance violations
– Licenses
• EMI • EMP
– Electromagnetic – Electromagnetic pulse
interference – Short burst of
– Interference from electromagnetic energy
various sources – Electrostatic discharge
– Motors (ESD)
– Power lines – Lightning
– Fluorescent lights – Military weapons
• On-premise
– Cloud resources owned, operated, and maintained by an
organization for its employees
• Hosted
– Resources rented and managed by another organization
– Typically accessed via the Internet Internet
• Cellular
• Wi-Fi
• SATCOM
• Bluetooth
• NFC (near field communication)
• ANT
• Infrared
• USB (Universal Serial Bus)
GetCertifiedGetAhead.com © 2017 YCDA, LLC
Mobile Device Management (MDM)
• Application management
• Full device encryption
• Storage segmentation
• Content management
• Containerization
• Passwords and PINs
• Biometrics
• Screen locks
GetCertifiedGetAhead.com © 2017 YCDA, LLC
Mobile Device Management (MDM)
• Remote wipe
Geolocation
• Geolocation
• Geofencing
• GPS tagging
• Context-aware authentication
Geofence
• Push notification services
• Unauthorized connections
– Tethering
– Wi-Fi Direct
– Ad hoc
– Keep up-to-date
• Implement patch management processes
• Data in transit
– Data in motion
– Any data traveling over a network
• Software-based encryption
– Full disk encryption
– Database column
encryption
– File/folder
encryption
• Windows encryption
– Full disk
encryption
– Database
column
encryption
– File/folder-
level
encryption
GetCertifiedGetAhead.com © 2017 YCDA, LLC
Permission Issues & Access Violations
Demo
• Chmod
GetCertifiedGetAhead.com © 2017 YCDA, LLC
File System Security
• Windows permissions
– Read
– Read & Execute
– Write
– Modify
• Data exfiltration
– Unauthorized transfer of data outside an
organization
• Cloud-based DLP
– Can protect PII and PHI
GetCertifiedGetAhead.com © 2017 YCDA, LLC
Chapter 5 Summary
• Implementing secure systems
• Labs http://gcgapremium.com/501labs/