Advanced Security: Difference between revisions

From GCA ACT
Jump to navigationJump to search
No edit summary
No edit summary
Line 1: Line 1:
{| class="wikitable" style="border: none; background-color: transparent; width: 100%;"
{| class="wikitable" style="border: none; background-color: transparent; width: 100%;"
|-
|-
| colspan="3" style="border: none; background-color: transparent; text-align: center; vertical-align: middle;" | [[File:Elephants.png|frameless|225px|center|link=Advanced_Protection]]
| rowspan="3" style="border: none; background-color: transparent; text-align: center; vertical-align: middle; width: 20%;" | [[File:Elephants.png|frameless|225px|center|link=Advanced_Protection]]
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:network-segmentation.png|frameless|60px|center]]
'''Network Segmentation'''
<br>
<br>
'''Network Segmentation'''
[[File:network-segmentation.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Divide networks into smaller, isolated segments to limit the impact of a potential breach.</div>
<div style="text-align: left;">Divide networks into smaller, isolated segments to limit the impact of a potential breach.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:intrusion-protection.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Intrusion Detection & Prevention Systems'''
<br>
<br>
'''Intrusion Detection & Prevention Systems'''
[[File:intrusion-protection.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Deploy advanced systems to detect and prevent network intrusions.</div>
<div style="text-align: left;">Deploy advanced systems to detect and prevent network intrusions.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:endpoint-protection.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Endpoint Protection'''
<br>
<br>
'''Endpoint Protection'''
[[File:endpoint-protection.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Implement robust antivirus and endpoint security solutions to safeguard individual devices.</div>
<div style="text-align: left;">Implement robust antivirus and endpoint security solutions to safeguard individual devices.</div>
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:security-information-event-management.png|frameless|60px|center]]
'''Security Information & Event Management'''
<br>
<br>
'''Security Information & Event Management'''
[[File:security-information-event-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Utilize SIEM tools to monitor and analyze security events across the network.</div>
<div style="text-align: left;">Utilize SIEM tools to monitor and analyze security events across the network.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:vulnerability-management.png|frameless|60px|center]]
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Vulnerability Management'''
<br>
<br>
'''Vulnerability Management'''
[[File:vulnerability-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Conduct regular assessments to identify and address system vulnerabilities.</div>
<div style="text-align: left;">Conduct regular assessments to identify and address system vulnerabilities.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:penetration-testing.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Penetration Testing'''
<br>
<br>
'''Penetration Testing'''
[[File:penetration-testing.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Simulate real-world attacks to evaluate the security of a system or network.</div>
<div style="text-align: left;">Simulate real-world attacks to evaluate the security of a system or network.</div>
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:incident-response.png|frameless|60px|center]]
'''Incident Response Planning'''
<br>
<br>
'''Incident Response Planning'''
[[File:incident-response.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Develop and test an incident response plan to efficiently handle cybersecurity incidents.</div>
<div style="text-align: left;">Develop and test an incident response plan to efficiently handle cybersecurity incidents.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:configuration-management.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Secure Configuration Management'''
<br>
<br>
'''Secure Configuration Management'''
[[File:configuration-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Establish and maintain secure configuration settings for all systems and devices.</div>
<div style="text-align: left;">Establish and maintain secure configuration settings for all systems and devices.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:change-management.png|frameless|60px|center]]
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Change Management'''
<br>
<br>
'''Change Management'''
[[File:change-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Implement structured processes to manage changes in a controlled and efficient manner.</div>
<div style="text-align: left;">Implement structured processes to manage changes in a controlled and efficient manner.</div>
|-
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:identity-access-management.png|frameless|60px|center]]
'''Identity & Access Management'''
<br>
<br>
'''Identity & Access Management'''
[[File:identity-access-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Implement proper user access controls, management processes, and regularly review user privileges.</div>
<div style="text-align: left;">Implement proper user access controls, management processes, and regularly review user privileges.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:patch-management.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Patch Management'''
<br>
<br>
'''Patch Management'''
[[File:patch-management.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Establish processes to apply patches and updates to systems and applications in a timely manner.</div>
<div style="text-align: left;">Establish processes to apply patches and updates to systems and applications in a timely manner.</div>
| style="border: none; background-color: transparent; vertical-align: top; text-align: center;" | [[File:security-awareness.png|frameless|60px|center]]
| style="border: none; background-color: transparent; vertical-align: top; text-align: center; width: 20%;" |
'''Security Awareness Training & Testing'''
<br>
<br>
'''Security Awareness Training & Testing'''
[[File:security-awareness.png|frameless|40px|center]]
<br>
<br>
<div style="text-align: left;">Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.</div>
<div style="text-align: left;">Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.</div>
|}
|}

Revision as of 00:20, 7 August 2023

Elephants.png

Network Segmentation

File:Network-segmentation.png


Divide networks into smaller, isolated segments to limit the impact of a potential breach.

Intrusion Detection & Prevention Systems

File:Intrusion-protection.png


Deploy advanced systems to detect and prevent network intrusions.

Endpoint Protection

File:Endpoint-protection.png


Implement robust antivirus and endpoint security solutions to safeguard individual devices.

Security Information & Event Management

File:Security-information-event-management.png


Utilize SIEM tools to monitor and analyze security events across the network.

Vulnerability Management

File:Vulnerability-management.png


Conduct regular assessments to identify and address system vulnerabilities.

Penetration Testing

File:Penetration-testing.png


Simulate real-world attacks to evaluate the security of a system or network.

Incident Response Planning

File:Incident-response.png


Develop and test an incident response plan to efficiently handle cybersecurity incidents.

Secure Configuration Management

File:Configuration-management.png


Establish and maintain secure configuration settings for all systems and devices.

Change Management

File:Change-management.png


Implement structured processes to manage changes in a controlled and efficient manner.

Identity & Access Management

File:Identity-access-management.png


Implement proper user access controls, management processes, and regularly review user privileges.

Patch Management

File:Patch-management.png


Establish processes to apply patches and updates to systems and applications in a timely manner.

Security Awareness Training & Testing

File:Security-awareness.png


Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.
Retrieved from ‘https://act.globalcyberalliance.org/index.php?title=Advanced_Security&oldid=1269