Advanced Security: Difference between revisions

From GCA ACT
Jump to navigationJump to search
No edit summary
Tag: Manual revert
No edit summary
Line 5: Line 5:
Network Segmentation
Network Segmentation
<br><br>
<br><br>
[[File:network-segmentation.png|frameless|40px|center]]
[[File:network-segmentation.png|frameless|40px|centera|link=Network Segmentation]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Divide networks into smaller, isolated segments to limit the impact of a potential breach.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Divide networks into smaller, isolated segments to limit the impact of a potential breach.</div>
Line 11: Line 11:
Intrusion Detection & Prevention Systems
Intrusion Detection & Prevention Systems
<br>
<br>
[[File:intrusion-protection.png|frameless|40px|center]]
[[File:intrusion-protection.png|frameless|40px|center|link=Intrusion Detection & Prevention Systems]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Deploy advanced systems to detect and prevent network intrusions.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Deploy advanced systems to detect and prevent network intrusions.</div>
Line 18: Line 18:
<br>
<br>
<br>
<br>
[[File:endpoint-protection.png|frameless|40px|center]]
[[File:endpoint-protection.png|frameless|40px|center|link=Endpoint Protection]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement robust antivirus and endpoint security solutions to safeguard individual devices.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement robust antivirus and endpoint security solutions to safeguard individual devices.</div>
Line 24: Line 24:
Security Information & Event Management
Security Information & Event Management
<br>
<br>
[[File:security-information-event-management.png|frameless|40px|center]]
[[File:security-information-event-management.png|frameless|40px|center|link=Security Information & Event Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Utilize SIEM tools to monitor and analyze security events across the network.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Utilize SIEM tools to monitor and analyze security events across the network.</div>
Line 31: Line 31:
Vulnerability Management
Vulnerability Management
<br>
<br>
[[File:vulnerability-management.png|frameless|40px|center]]
[[File:vulnerability-management.png|frameless|40px|center|link=Vulnerability Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Conduct regular assessments to identify and address system vulnerabilities.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Conduct regular assessments to identify and address system vulnerabilities.</div>
Line 38: Line 38:
<br>
<br>
<br>
<br>
[[File:penetration-testing.png|frameless|40px|center]]
[[File:penetration-testing.png|frameless|40px|center|link=Penetration Testing]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Simulate real-world attacks to evaluate the security of a system or network.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Simulate real-world attacks to evaluate the security of a system or network.</div>
Line 44: Line 44:
Incident Response Planning
Incident Response Planning
<br>
<br>
[[File:incident-response.png|frameless|40px|center]]
[[File:incident-response.png|frameless|40px|center|link=Incident Response Planning]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Develop and test an incident response plan to efficiently handle cybersecurity incidents.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Develop and test an incident response plan to efficiently handle cybersecurity incidents.</div>
Line 50: Line 50:
Secure Configuration Management
Secure Configuration Management
<br>
<br>
[[File:configuration-management.png|frameless|40px|center]]
[[File:configuration-management.png|frameless|40px|center|link=Secure Configuration Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Establish and maintain secure configuration settings for all systems and devices.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Establish and maintain secure configuration settings for all systems and devices.</div>
Line 58: Line 58:
<br>
<br>
<br>
<br>
[[File:change-management.png|frameless|40px|center]]
[[File:change-management.png|frameless|40px|center|link=Change Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement structured processes to manage changes in a controlled and efficient manner.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement structured processes to manage changes in a controlled and efficient manner.</div>
Line 64: Line 64:
Identity & Access Management
Identity & Access Management
<br>
<br>
[[File:identity-access-management.png|frameless|40px|center]]
[[File:identity-access-management.png|frameless|40px|center|link=Identity & Access Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement proper user access controls, management processes, and regularly review user privileges.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Implement proper user access controls, management processes, and regularly review user privileges.</div>
Line 71: Line 71:
<br>
<br>
<br>
<br>
[[File:patch-management.png|frameless|40px|center]]
[[File:patch-management.png|frameless|40px|center|link=Patch Management]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Establish processes to apply patches and updates to systems and applications in a timely manner.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Establish processes to apply patches and updates to systems and applications in a timely manner.</div>
Line 77: Line 77:
Security Awareness Training & Testing
Security Awareness Training & Testing
<br>
<br>
[[File:security-awareness.png|frameless|40px|center]]
[[File:security-awareness.png|frameless|40px|center|link=Security Awareness Training & Testing]]
<br>
<br>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.</div>
<div style="text-align: left; font-weight: normal; font-size: 75%;">Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.</div>
|}
|}

Revision as of 22:42, 11 August 2023

Elephants.png

Network Segmentation

centera

Divide networks into smaller, isolated segments to limit the impact of a potential breach.

Intrusion Detection & Prevention Systems


Deploy advanced systems to detect and prevent network intrusions.

Endpoint Protection


Implement robust antivirus and endpoint security solutions to safeguard individual devices.

Security Information & Event Management


Utilize SIEM tools to monitor and analyze security events across the network.

Vulnerability Management


Conduct regular assessments to identify and address system vulnerabilities.

Penetration Testing


Simulate real-world attacks to evaluate the security of a system or network.

Incident Response Planning


Develop and test an incident response plan to efficiently handle cybersecurity incidents.

Secure Configuration Management


Establish and maintain secure configuration settings for all systems and devices.

Change Management


Implement structured processes to manage changes in a controlled and efficient manner.

Identity & Access Management


Implement proper user access controls, management processes, and regularly review user privileges.

Patch Management


Establish processes to apply patches and updates to systems and applications in a timely manner.

Security Awareness Training & Testing


Provide regular training and education on cybersecurity best practices to all personnel; and periodically test that knowledge.