O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×

CyberSecurity Assignment.pptx

Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Carregando em…3
×

Confira estes a seguir

1 de 15 Anúncio
Anúncio

Mais Conteúdo rRelacionado

Mais recentes (20)

Anúncio

CyberSecurity Assignment.pptx

  1. 1. [ A Deemed to be University ] Name :- Vinay Pratap Roll :- MCA / 40015 / 21 Sem :- 3rd Sub :- Cyber Security Presented To :- Dr. Amrita Priyam Ma’am.
  2. 2. INDEX Unauthorized Access by Outsider Anti-Malware Software Network Traffic Analysis
  3. 3. UNAUTHORIZED ACCESS BY OUTSIDER A person gains logical or physical access without permission to a network, system, application, data, or other resource.
  4. 4. PREVENT UNAUTHORIZED ACCESS Strong Password Policy Two Factor Authentication (2FA) and Multifactor Authentication Physical Security Practices Monitoring User Activity Endpoint Security
  5. 5. 1. STRONG PASSWORD POLICY Enforce best practices for user passwords—force users to select long passwords including letters, numbers and special characters, and change passwords frequently. Educate users to avoid using terms that can be guessed in a brute force attack, inform them about routine password updating, and to tell them to avoid sharing passwords across systems.
  6. 6. 2. TWO FACTOR AUTHENTICATION (2FA) AND MULTIFACTOR AUTHENTICATION Credentials based on user names, passwords, answers to security questions, etc. Are known more generally as knowledge-based security factors. Knowledge-based factors are an important authentication method, but they are inherently weak and easy to compromise. One of the best ways to prevent unauthorized access in your organization is to supplement knowledge-based factors with additional authentication methods:  Possession factors — authentication via objects possessed by the user. For example, a mobile phone, a security token or a physical card.  Inherence factors — authentication via something the user is or has. This includes biometric authentication using fingerprints, iris scans or voice recognition.
  7. 7. 3. PHYSICAL SECURITY PRACTICES As important as cybersecurity is, don’t neglect physical security. Train users to always lock devices when walking away from their desks, and to avoid writing down passwords or leaving sensitive documents in the open. Have a clear policy about locking office doors and ensure only authorized parties can enter sensitive areas of your physical facility.
  8. 8. 4. MONITORING USER ACTIVITY It is crucial to monitor what is happening with user accounts, to detect anomalous activity such as multiple login attempts, login at unusual hours, or login by users to systems or data they don’t usually access. There are several strategies for monitoring users and accounts:  Log analysis — security analysts can gain visibility into logs of sensitive enterprise systems and uncover suspicious activity  Rule-based alerts — security tools can alert security staff to suspicious activity patterns, such as multiple login attempts or incorrect login to sensitive systems  Behavioural analytics — user and event behavioural analytics (UEBA) monitors users and systems, establishes a baseline of normal activity, and detects any behavior that represents an anomaly and may be malicious.
  9. 9. 5. ENDPOINT SECURITY Historically, most security breaches were a result of penetrating the network perimeter. Today, many attacks circumvent network defences by directly targeting endpoints, such as employee workstations, servers, cloud instances. Installing antivirus on every endpoint is the most basic security measure. Beyond antivirus, many organizations are deploying comprehensive endpoint protection measures that include:  Next-generation antivirus (NGAV) – able to detect malware and other threats even if they don’t match known patterns or signatures.  Endpoint detection and response (EDR) – provides visibility and defensive measures on the endpoint itself, when attacks occur on endpoint devices.
  10. 10. ANTI – MALWARE SOFTWARE Anti-malware resources are comprehensive solutions that maintain computer security and protect sensitive data that is transmitted by a network or stored on local devices. Anti-malware tools often include multiple components, including anti-spyware and phishing tools, as well as antivirus solutions for prominent viruses, which are isolated and identified by security resources. Anti-malware tools may employ scanning, strategies, freeware or licensed tools to detect rootkits, worms, trojans and other types of potentially damaging software. Each type of malware resource carries its own interface and system requirements, which impact user solutions for a given device or system.
  11. 11. USES OF ANTIMALWARE The value of antimalware applications is recognized beyond simply scanning files for viruses. Antimalware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. Antimalware programs can also detect advanced forms of malware and offer protection against ransomware attacks. Antimalware programs can help in the following ways:  Prevent users of from visiting websites known for containing malware;  Prevent malware from spreading to other computers in a computer system;  Provide insight into the number of infections and the time required for their removal; and  Provide insight into how the malware compromised the device or network.
  12. 12. NETWORK TRAFFICANALYSIS Network traffic analysis (NTA) is a method of monitoring network availability and activity to identify anomalies, including security and operational issues. Common use cases for NTA include:  Collecting a real-time and historical record of what’s happening on your network  Detecting malware such as ransomware activity  Detecting the use of vulnerable protocols and ciphers  Troubleshooting a slow network  Improving internal visibility and eliminating blind spots.
  13. 13. THE KEY BENEFITS OF NETWORK TRAFFIC ANALYSIS  Improved visibility into devices connecting to your network (e.G. Iot devices, healthcare visitors)  Meet compliance requirements  Troubleshoot operational and security issues  Respond to investigations faster with rich detail and additional network context.
  14. 14. THE IMPORTANCE OF NETWORK TRAFFIC ANALYSIS The rise of ransomware as a common attack type in recent years makes network traffic monitoring even more critical. A network monitoring solution should be able to detect activity indicative of ransomware attacks via insecure protocols. Remote desktop protocol (rdp) is another commonly targeted application. Monitoring traffic inside your firewalls allows you to validate rules, gain valuable insight, and can also be used as a source of network traffic-based alerts. Telnet is an unencrypted protocol, session traffic will reveal command line interface (cli) command sequences appropriate for the make and model of the device. CLI strings may reveal login procedures, presentation of user credentials, commands to display boot or running configuration, copying files, and more.
  15. 15. THANK YOU

×