Unlock the full potential of your projects.
显示完整思维导图
复制和编辑思维导图 复制

IT18361728

其他
I1
IT 18361728
马上开始. 它是免费的哦
注册 使用您的电邮地址
类似的思维导图 思维导图概述
IT18361728 作者: Mind Map: IT18361728

1. Vulnerabilities and mitigations

1.1. Vulnerabilities

1.1.1. Hardware

1.1.1.1. Humidity

1.1.1.2. Dust

1.1.1.3. unprotected storage methods of the hardwares

1.1.1.4. Keep network devices like servers publicly available without restricting access

1.1.2. Software

1.1.2.1. Outdated or unpatched softwares

1.1.2.2. Installing untrusted softwares

1.1.2.3. Unconfigured operating systems

1.1.2.4. SQL injection

1.1.2.5. Missing or broken authentication

1.1.2.6. Cross site scripting

1.1.2.7. Buffer overflow

1.1.3. Network

1.1.3.1. Unconfigured firewalls

1.1.3.2. Not understanding which ports must remain open and keeping unused ports open

1.1.3.3. Using legacy services

1.1.3.4. Unavailability of malware detection softwares

1.1.3.5. not using proper packet filtering softwares

1.1.3.6. Using weak passwords

1.1.3.7. Using the same password for different online platforms

1.1.3.8. Using common passwords

1.1.3.9. people are not aware of visiting insecure URLs

1.1.4. Physical

1.1.4.1. environmental disasters

1.1.4.2. unstable power supply

1.2. Mitigations

1.2.1. Reconnaissance attack mitigation

1.2.1.1. Implement authentication to ensure proper access

1.2.1.2. Use encryption to render packet sniffer attacks useless

1.2.1.3. Use anti-sniffer tools to detect packet sniffer attacks

1.2.1.4. Implement a switched infrastructure

1.2.1.5. Use a firewall and IPS

1.2.2. Access attack mitigations

1.2.2.1. Strong password security

1.2.2.2. Principle of minimum trust

1.2.2.3. Cryptography

1.2.2.4. Properly configure,upgrade and apply patches to OS and applications

1.2.3. DOS attack mitigations

1.2.3.1. Use anti spoofing technologies

1.2.3.2. Keep patches up-to-date by installing them weekly or daily to prevent buffer overflow attacks

1.2.3.3. Provide enough bandwidth for the network

1.2.4. Securing network devices

1.2.4.1. Edge Router Security Approaches

1.2.4.2. Provide physical security for the routers

1.2.4.3. Router operating System Security

1.2.4.4. Router Hardening (Eliminate potential abuse of unused ports and services)

1.2.5. Security awareness programs

1.2.5.1. Awareness campaigns

1.2.5.2. Training and education

1.2.6. Operations security

1.2.6.1. Perform security audits to test the network

1.2.6.2. Perform backups and test the backed up files on a regular basis

1.2.6.3. Use strong passwords and change them often in the systems

1.2.6.4. Encrypt and password-protect sensitive data

1.2.6.5. Implement security hardware and software

2. Policies

2.1. Security policy objectives

2.1.1. What do you have that others want?

2.1.2. What processes, data or information systems are critical to you, your company or your organization?

2.1.3. What would stop your company or organization from doing business or fulfilling its mission?

2.2. Identification and authentication policy

2.3. Password policies

2.4. Acceptable user policies

2.5. Remote access policies

2.6. Network maintenance procedures

2.7. Incident handling procedures

3. Attacks

3.1. Malware

3.1.1. Traditional

3.1.1.1. Virus

3.1.1.2. Worm

3.1.1.3. Trojan horse

3.1.2. Modern

3.1.2.1. Ransomware

3.1.2.2. Spyware

3.1.2.3. Adware

3.1.2.4. Rootkits

3.2. RECONNAISANCE

3.2.1. Packet Sniffing

3.2.2. ICMP sweeping

3.2.3. Port scanning

3.2.3.1. Ping scan

3.2.3.2. TCP syn flood

3.2.3.3. TCP connect

3.2.3.4. UDP

3.2.3.5. Stealth Scanning (NULL/FIN/XMAS)

3.3. ACCESS

3.3.1. Password attacks

3.3.1.1. Dictionary attacks

3.3.1.2. Bruteforce attacks

3.3.1.3. Network sniffing

3.3.1.4. Social engineering attacks

3.3.2. Trust exploitation

3.3.3. MITM

3.3.4. Spoofing attacks

3.3.4.1. DHCP spoof

3.3.4.2. ARP spoof

3.3.4.3. MAC spoof

3.3.4.4. IP spoof

3.3.5. VLAN hopping attacks

3.3.6. TCP hijacking

3.4. Social engineering

3.4.1. Pre-texting

3.4.2. Phishing

3.4.2.1. Deceptive

3.4.2.2. Spear

3.4.2.3. Vishing

3.4.2.4. Smishing

3.4.2.5. Pharming

3.4.2.6. Whaling

3.5. DOS

3.5.1. CAM table attack

3.5.2. DHCP starvation

3.5.3. STP attacks

3.5.4. TTL BASED attacks

3.5.4.1. TTL expiry

3.5.4.2. TTL based evasion

3.5.5. FRAGMENTATION based attacks

3.5.6. PING of death

3.5.7. SMURF attack

3.5.8. TEARDROP attack

3.5.9. ROUTING attacks

3.5.9.1. ROUTING table overflow

3.5.9.2. ROUTING table poisoning

3.5.10. Buffer overflow

4. Security Scans

4.1. Vulnerability scanning

4.2. Network scanning

4.3. Penetration testing

4.4. Virus detection

4.5. Integrity checks

4.6. Log review

4.7. Password cracking

4.8. Network Testing tools

4.8.1. Nmap/Zenmap

4.8.2. Super scan

4.8.3. SEIM

4.8.4. GFI languard

4.8.5. Tripwire

4.8.6. Nessus

4.8.7. Metasploit