Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 10 - Risk Management, image, image, image, image - Coggle Diagram
Module 10 - Risk Management
Prevention Methods
Keypad, or cipher lock - Requires the entry of a code to open the door; which can reduce the inherent risk of lost keys.
Biometrics - Involves biorecognition access in which a device scans a individual's unique physical characteristics (called biometrics) such as an iris color patterns or hand geometry to verify the person's identity.
Access badge - Identifies the person by name and perhaps includes a photo, title, and other information. When the smart card is swiped through a badge reader, the door unlocks and the person's access to the secured area is time stamped and logged in a database
Access control vestibule - Previously known as a mantrap, creates a confined space between two locking doors where eone door must lock closed before the other can open
Locking rack and locking cabinet - Provides a final layer of physical defense should an attacker gain access to a data room or some other controlled space.
Locking rack - Restricts physical access to servers, routers, switches, and firewalls installed on the rack to prevent an intruder from making configuration changes to these devices.
Locking cabinets might be used to store hardware not in use, such as spare devices, radio equipment, or tools.
Smart locker - Allows controlled access to equipment, computers, packages, hardware in need of repair, or even to written account credentials stored for emergency access.
Device Hardening - Securing the device from network- or software- supported attacks
Process of properly managing and applying security patches includes the following:
Vulnerability reporting - Identifying and prioritizing relevant security issues and patch releases is essential
Implementation - Implementing patches includes validating prioritizing, testing, and applying them.
Defense in depth - Refers to applying multiple layers of defense.
Assessment - You evaluate the success of patch implementation
Standardization - Updating OS and application versions consistently across the network will simplify the change process for future updates
Risk mitigation - To lessen the resulting risk, you should apply other layers of protection to the affected devices and applications.
Discovery - Investigation of what's on your network so you can protect it.
Security precautions that might be taken for administrative accounts include the following:
Limited duration - Priviledged accounts should be carefully accounted for and disabled as soon as they're not needed, such as when an employee is terminated
Limited access - The passwords for these accounts should be especially secure and difficult to crack. Passwords should also be stored securely, and when possible, multi-factor authentication should be required.
Limited location - Many companies require the privileged account be accessed only on location so that no one, not even a legitimate network administrator, can access the device remotely and make high-level changes from outside the protected network
Limited privacy - A privileged account can be used for destructive activity, whether malicious or not. For that reason, every user action in these accounts should be logged and monitored by someone other than the owner of that account.
Limited use - Should only be used when those higher privileges are necessary to accomplish a task
To protect devices from these threats, follow such guidelines:
Disable unneeded services - Stop any running services on a computer or network that are not needed. You can Google your OS and "unneeded services" to determine which services are most likely good candidates for disabling
Declutter software - Disable or uninstall applications that are no longer needed
Reduce start-up processes - Minimize the number of start-up programs to include on those apps that you really need.
Streamline the network - Remove the network segments that are no longer needed.
Choose secure protocols - Use secure protocols, such as SSH and SFTP, instead of insecure protocols like Telnet and FTP
Close unused ports - Close TCP/IP ports on the local firewall and network firewall that are not used for ongoing activities.
Reduce access paths - Disable unneeded connection technologies, such as Bluetooth, Wi-Fi, NFC, and IR
Detection Methods
Tamper detection - Identifies physical penetration, temperature extremes, input voltage variations, input frequency variations, or certain kinds of radiation.
Asset tags - Monitor the movement and condition of equipment, inventory, and people.
Cameras - Placed in data centers, computer rooms, data rooms, and data storage areas, as well as facility entrances. The camera feeds are centrally managed through a video surveillance system, called CCTV (closed-circuit TV) to monitor activity in these secure areas
Motion detection - Triggers an alarm when it detects movement within its field of view.
