Auto, pros, set it and forget it, cons, latest update conflicts with other apps, remedy, lab server, after business hours
Workstation update managment, WSUS
track changes, keep a log, hard log reccomended, record decisions and changes that affect access rights to, users, groups, include list of, all software installed, version #'s, backups, backup schema, restore procedures, keep it simple use a singe reference, paper log, comp book for each critical system, removed pages obvious, easy to, take with you, carry, software, 3rd party packages exist, WSUS, free, microsoft, be a team player, keep comm, clear, concise, people move on, what will the next person find when they inherit a system you left behind?
existing/needed services, configure properly, Examples, ACL, File safegaurds, ext3, bitlocker, NTFS
Server, system files, files should be stored on a separate disk or partition to ensure these system files are not accidentally accessed or removed, Do, apply, security patch, hotfix, service pack, check vender website frequently for news and updates, secure behind locked door, cage, install HIDS, Don't, Surf Web, install software from fly by night company, install patch, production hours, without testing on a lab server 1st, Server admins, activate security options, Know, specific apps and hardware, equal unique vulnerabilities, view venders FAQ, common ports, 1023, Logs, review, ACL, take responsibility, harden your system, research, Know thyself do you, like things easy?, security conscience?, are you balanced?, Be very familiar with different types of security vulnerabilities inherent with each type of Internet server and know how to prevent them from being exploited., balance, be reasonable, be security minded but allow info to be access easily to help make your coworkers more productive
start with nothing and add as needed, not the other way around, least privledge
history of past security vulnerabilities, compile, time intensive, length, longer eqauls better, 2-3 weeks minimum, nights and weekends
industry security standards
info gather, organizations, associations, other admins, don't be shy talk!
Tools, MicroSoft, Microsoft Baseline Security Analyzer (MBSA)
group policies, accounting, financial data, salaries, marketing, Sales, pricing, HR, confidential data, health issues, sexual orientation, each grop policy uniqe based on role, be mindful that if employee moves to a diff dept rights must be added/taken away, Role based access control, most popular, highly customizeble, fairly secure, inferior to Mandatory access control, centraly administered
prohibit, P2P, Limewire, UTorrent, Torrent apps, IM, for corporate communications, vulnerable to packet sniffers, certain email attachements, .exe, torrent search engines, most outlawed
set it up
PrettyGood Privacy, email, popular, strong
teach, Hoaxes, emotional strings, pull, new virus, end of world, chain mails, social engineering
Windows firewall, heavily critized, too integrated with OS I think, other examples of app heavily integrated into OS, Windows Media Player, Internet Explorer
versions, email, regular
parts, engine, stays the same, not altered during updates, signature files, viruses contain or create a specific binary code detectable by the signature file, unique identifier, engineers make the signature files, do they get disgruntled?, have they planted logic bombs in the past?
Price, about $40, military next to nothing or free
if when installing an app and the install program prompts you to turn of your AV be weary!
If you turn off AV in order to install a program or to make some change remember to turn it back on!
due to limited about of free maps I will start a different topic here.
Mitigation, DRP, OFFsites, backup schemes, fire resistance
Attacks, syn flood, DOS, DDOS, masters, managers, zombies, MITM, DNS Poisening, prevent, Update, BIND, MS DNS, TCP/IP Hijacking, SMURF, blue jacking
Communication protocols, File transfer
Device Security, network devices, switch, router, legacy, telnet enabled, AP (wireless), WEP, 15 min crack, superceded, WPA2
Intrusion Detection, Sensor, connected via tap, types, based, signature, Network, active, reccomend this first, passive, Host, active, passive, behavior, Network, active, passive, Host, active, false positive prone, most proactive, passive, venders, Norton