Advanced Security: Difference between revisions
From GCA ACT
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 3: | Line 3: | ||
| colspan="3" style="border: none; background-color: transparent; text-align: center; vertical-align: middle;" | <div style="display: flex; justify-content: center;"><div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">[[File:Elephants.png|frameless|225px|center|link=Advanced_Protection]]</div></div> | | colspan="3" style="border: none; background-color: transparent; text-align: center; vertical-align: middle;" | <div style="display: flex; justify-content: center;"><div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">[[File:Elephants.png|frameless|225px|center|link=Advanced_Protection]]</div></div> | ||
|- | |- | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:left; font-weight:bold; z-index: 1;">Network Segmentation</div><br><br><div style="position:relative; text-align: left;z-index:1;">Divide networks into smaller, isolated segments to limit the impact of a potential breach.</div><div style="padding: 5px;">[[File:network-segmentation.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Intrusion Detection & Prevention Systems</div><br><br><div style="position:relative; text-align: left;z-index:1;">Deploy advanced systems to detect and prevent network intrusions.</div><div style="padding: 5px;">[[File:intrusion-protection.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Endpoint Protection</div><br><br><div style="position:relative; text-align: left;z-index:1;">Implement robust antivirus and endpoint security solutions to safeguard individual devices.</div> <div style="padding: 5px;">[[File:endpoint-protection.png|frameless|60px|left]]</div> | ||
|- | |- | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Security Information & Event Management</div><br><br><div style="position:relative; text-align: left;z-index:1;">Utilize SIEM tools to monitor and analyze security events across the network.</div> <div style="padding: 5px;">[[File:security-information-event-management.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Vulnerability Management</div><br><br><div style="position:relative; text-align: left;z-index:1;">Conduct regular assessments to identify and address system vulnerabilities.</div> <div style="padding: 5px;">[[File:vulnerability-management.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Penetration Testing</div> <div style="padding: 5px;">[[File:penetration-testing.png|frameless|60px|left]]</div> | ||
|- | |- | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Incident Response Planning</div><br><br><div style="position:relative; text-align: left;z-index:1;">Develop and test an incident response plan to efficiently handle cybersecurity incidents.</div> <div style="padding: 5px;">[[File:incident-response.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Secure Configuration Management</div><br><br><div style="position:relative; text-align: left;z-index:1;">Establish and maintain secure configuration settings for all systems and devices.</div> <div style="padding: 5px;">[[File:configuration-management.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Change Management</div> <div style="padding: 5px;">[[File:change-management.png|frameless|60px|left]]</div> | ||
|- | |- | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Identity & Access Management</div><br><br><div style="position:relative; text-align: left;z-index:1;">Implement proper user access controls, management processes, and regularly review user privileges.</div> <div style="padding: 5px;">[[File:identity-access-management.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Patch Management</div><br><br><div style="position:relative; text-align: left;z-index:1;">Establish processes to apply patches and updates to systems and applications in a timely manner.</div> <div style="padding: 5px;">[[File:patch-management.png|frameless|60px|left]]</div> | ||
| style="border: none; background-color: transparent; text-align: | | style="border: none; background-color: transparent; text-align: left; vertical-align: middle;" | <div style="position:relative; text-align:center; font-weight:bold; z-index: 1;">Security Awareness Training & Testing</div><br><br><div style="position:relative; text-align: left;z-index:1;">Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.</div> <div style="padding: 5px;">[[File:security-awareness.png|frameless|60px|left]]</div> | ||
|} | |} | ||
Revision as of 23:57, 16 July 2023
 | ||
Network Segmentation Divide networks into smaller, isolated segments to limit the impact of a potential breach.
|
Intrusion Detection & Prevention Systems Deploy advanced systems to detect and prevent network intrusions.
|
Endpoint Protection Implement robust antivirus and endpoint security solutions to safeguard individual devices.
|
Security Information & Event Management Utilize SIEM tools to monitor and analyze security events across the network.
|
Vulnerability Management Conduct regular assessments to identify and address system vulnerabilities.
|
Penetration Testing
|
Incident Response Planning Develop and test an incident response plan to efficiently handle cybersecurity incidents.
|
Secure Configuration Management Establish and maintain secure configuration settings for all systems and devices.
|
Change Management
|
Identity & Access Management Implement proper user access controls, management processes, and regularly review user privileges.
|
Patch Management Establish processes to apply patches and updates to systems and applications in a timely manner.
|
Security Awareness Training & Testing Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.
|
