Please enable JavaScript.
Coggle requires JavaScript to display documents.
Protecting the organization - Coggle Diagram
Protecting the organization
Cybersecurity Devices and Technologies
Firewalls
Look into the networktraffic
Firewalls
Context aware layer firewall
Proxy server
Application layer firewall
Reverse proxy server
Transport layer firewall
Network address translation (NAT) firewall
Network layer firewall
Host-based firewall
Routers
Basic traffic filtering
IPS
Block malicius traffic
Antivirus
Alalysis and block
Other
VPN
Secure encrypt tunnel
Intrusion Detection and Prevention Systems
IDS
Looks for malicius traffic
Log detection and create allert
It slow down the network
IPS
Block or deny traffic based on positive signature
Port
Port number
Port scanning
Protecting Against Malware
Incidence responce team
Threat intelligence team
Secure operation center team
Security infrastructure engeneer team
Security Best Practices
Perform a risk assessment
Create a security policy
Physical security measures
Human resources security measures
Perform and test backups
Maintain security patches and updates
Employ access controls
Regularly test incident response
Implement a network monitoring, analytics and management tool
Implement network security devices
Implement a comprehensive endpoint security solution
Educate users
Encrypt data
Behavior Approach to Cybersecurity
Behavior-Based Security
Honeypots
Lures attackerto analyze their behavior
Cisco cyber thred defencre
aim to know whose carryinh the attack and the type
NetFlow
Gather information about data flowing through a network
Penetration Testing
Gaining access
Launch exploit
Breaching physical barrier
exploit vulnerability
Breaching access
Cracking weak encrypter Wi-Fi
Maintaining access
Find out where the system is vulnerable
Scanning
Port scanning
Vulnerability
establishing a connetcion
Analysis and reporting
Planning
Gathers information
Impact Reduction
Provide the details
Find the cause
Applay lessons learned
Check ad chek again
Be sincere and accountable
Educate
Communicate the issue
What Is Risk Management?
Frame the risk
Identify the theads that increase risk
Assess the risk
Determine the severity that eack threat poses
Respond to risk
Develop an action plan
Monitor the risk
Review any risk reduced throught elimination, mitigation or transfer action
Cisco's Approach to Cybersecurity
Security Playbook
Highlight how to identify the response to common thearts
Describe, define inbound and outbond traffic
Provide summary information: trends, statistic and counts
provide quick access to key statistic
Correlate event across data surces
Tools for Incident Detection and Prevention
SIEM
Collect and analyzes security alerts
Security information and event management
DLP
Data loss prevetion
Designed to stop sensitive data from being stolen
IPS
Block or denies traffic based on a positive signature
IDS
Scan data against a database of rules or attack signature