Tutcyber

IT Infrastructure Library (IITL)

ITIL is a best practice framework that has been drawn from both the public and private sectors internationally It describes how IT resources should be organized to deliver Business value. It models how to document processes,functions and roles of IT Service Management (ITSM). Service Strategy Service Portfolio Management. Financial Management. Demand Management. Business Relationship Management. Service Design Service Catalogue Management. Service Level Management. Information Security Management. Supplier Management. Service Transition Change Managemen…

Server management with Windows Admin Center

Active Directory Groups Security groups are used to collect user accounts,computer accounts and other groups into manageable units. 1. For Active Directory,there are two types of administrative responsible: Service Administrators. Data Administrators. 2. There are two types of groups in Active Directory: Distribution groups: Used to create email distribution lists. Security groups: Used to assign permission to shared resources Group scope: Groups are characterized by a scope that identifies the extent to which the group is applied in the domain tree o…

Restrict and protect sensitive domain accounts

Separate administrator account from user accounts. Privilege account: Allocate administrator accounts to perform the following administrative duties only.    1.Minimum: Create separate accounts for domain administrators,enterprise administrators or the equivalent with appropriate administrators.    2.Better: Create separate accounts for administrators that have reduced administrative rights,such as accounts for workstation administrators and accounts with user rights over designated Active Directory Organizational Units (OUs).    3.Ideal: Create multip…

Baics of Endpoint Protection

Endpoint protection management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources. Endpoint security management systems,which can be purchased as software or as a dedicated appliance discover.manage to the corporate network. Endpoint security systems work on a client/server model in which a centrally managed server or gateway hosts the security program and an accompanying client program is installed on each network device. Unified Endpoint Man…

The PCI Data Security standard

It was introduced in 2004 by American Express,Discover,MasterCard, and Visa in response to security breaches and financial losses within the credit card industry. Since 2006 the standard has been financial losses maintained by the PCI standards council , a "global organization,(IT) maintains,evolves and promotes payment card industry standards for the safety of cardholder data across the globe. Now comprised of American Express,discover,JCB International,MasterCard, Visa Inc. Applies to all entities that store,process and/or transmit cardholder dat…

SOC Reports

Why SOC Reports? Some industry require SOC2 or local compliance audit. Many organizations who know compliance, know SOC2 Type 2  consider it a stronger statement of operational effectiveness than ISO 27001 (Continuous Testing). Many organization's client will accept SOC2 of the right to audit. SOC2 security Name: Trust services Principles and criteria for security - The system is protected against unauthorized access. Governance: AICPA Purpose: Assist service organization management in reporting to customers that it has established security criter…

US Cybersecurity Federal Law

Computer Fraud and Abuse Act (CFAA) The computer Fraud and Abuse Act is a US cyber security bill that was enacted in 1984. Federal Information Security Management Act of 2002 ( FISMA ) Federal Information Security Modernization Act of 2014 ( FISMA 2014 ) FISMA assigns specific responsibilities to federal agencies, the NIST and the office of management and Budget ( OMB ) in order to strengthen information security system. --------------------------------------------------------------------------------------------------------------------------------------…

Cyber Security

Security Event An event on a system or network detected by a security device or application. Security Attack A security event that has been identified by correlation and analytics tools as malicious activity that is attempting to collect,disrupt,deny,degrade or destroy information system resources or the information itself. Security Incident An attack or security event that has been reviewed by security analyst and deemed worthy of deeper investigation. Compliance Basics Security Designed protection from theft or damage,disruption or misdirection. Phys…