Flashcards in Part 8 Deck (39)
Even with the most robust security tools in place, it is important to ____ your systems.
All security products are ____ and can ____ or be ____.
manmade, fail, compromised
As with any other aspect of technology, one should ____on simply one product or tool.
Enabling ____ on your systems is one way to put your organization in a position to identify problem areas.
The problem is, ____
what should be logged?
Logging mechanisms and the ability to track ____ are critical.
The presence of logs in all environments allows thorough tracking and analysis if something does go wrong. Determining the cause of a compromise is very difficult without ____:
system activity logs
Invalid ____ access attempts
Record at least the following ____ for all system components for each event:
● User identification
● Type of event
● Date and time
● Success or failure indication
● Origination of event
audit trail entries
____ or name of affected data, system component, or resource
____ for all system components at least daily. ______ must include those servers that perform security functions like intrusion detection system (IDS) and authentication, authorization, and accounting protocol (AAA) servers (for example, RADIUS).
Note: Log harvesting, parsing, and alerting tools may
be used to achieve compliance.
Fortunately, there are tools that will collect and ____ log files from a variety of sources. All these tools have the ability to notify individuals of a particular event.
Hire a ____ to Audit Security
Regardless of how talented your staff is, there is always the possibility that they ___ something or inad- vertently misconfigured a device or setting.
For this reason it is very important to bring in an extra set of “eyes, ears, and hands” to ____ your organization’s security posture.
Though some IT professionals will become paranoid having a third party review their work, intelligent staff members will recognize that a security review by outsiders can be a great ____.
The advantage of having a ___review your systems is that the outsiders have experience reviewing a wide range of systems, applications, and devices in a variety of industries.
They will know what works well and what might work but cause problems in the future. They are also more likely to be up to speed on new ____ and the latest product updates. Why? Because this is all they do.
What is heartbleed
They are not encumbered by administrative duties, inter- nal politics, and help desk requests. They will be more ____ than in-house staff, and they will be in a position to make recommendations after their analysis.
The ---- analysis should involve a two-pronged approach: They should identify how the network appears to attackers and how secure the system is, should attack- ers make it past the perimeter defenses.
Don’t Forget the ____
Many organizations spend a great deal of time and money addressing ____ and overlook some fundamental security mechanisms, as described here.
Default Account Passwords
Nearly all network devices come ___ with a password/username combination.
If these ____ are not changed upon configu- ration, it becomes a trivial matter for an attacker to get into these systems.
Use ___ Passwords
Close Unnecessary ____