Alex's Cyber Security Website

Security is in the details. In this article I am paraphrasing a book titled: Hands-On Ethical Hacking and Network Defense Copyright 2017 Cengage Learning.

Gallery picture 2
Implement technology that can inspect network packets for example a firewall which can be configured to block many vulnerabilities.

Add network packet inspection for example an intrusion prevention system (IPS) and intrusion detection systems(IDS). Develop rules for SNORT on Security Onion.

Implement Group policies from a Windows server to set security configurations for large networks. Write group policies for organizational units. Some things to consider when using windows Group Policies (GPOs) are:

  • Disabling guest accounts.
  • Disabling administrative accounts on local machines.
  • Creating password Policies for all accounts.
  • Checking for password complexity and length.
  • Restricting the quantity of Apps that are executed on a computer in the network.
  • Deleting trial applications and unused software.
  • Checking for the existence of default passwords, configurations, and permissions.
  • Implement file-integrity checking tools to monitor modifications to files that are unauthorized.
  • Delete unnecessary file shares and default shares that are hidden on a Windows Active Directory server.
  • Reduce the quantity of users with administrative privileges and remove discharged users.
  • Use subnetting segmentation or other methods. 
  • Use VPN tunneling service to encrypt traffic through the unprotected network of the internet.
  • Implement tools to evaluate and test the system. Some tool examples include Zenmap and wireshark to evaluate system and network security.
  • Use software to prevent or check if personally identifiable (PI) or sensitive information is exiting the network and implement encryption for PI.
  • Create a program of security awareness and inform employees of security policies.
  • Check for emerging threats on tech websites.
New Screen Services picture

CyberDefense

New Defensive Protection

logo

The seven domains of information technology can be inspected to identify and evaluate relevant vulnerabilities. This can be done through documentation review, system logs, audit trails, and intrusion detection outputs. Furthermore, penetration testing, system testing, functionality testing, access control testing, and applications testing can be done.

Automation of Business

logo

Are you working too much to be able to enjoy your computer too? I have learned how to write code that can add automated business solutions to give you the freedom to enjoy your job. No project is too small!

Need your computer screened or just a small repair?

Call us today