Scribd Logo
Upload

Welcome to Scribd!

  • Cqure Academy Checklist

    Uploaded by

    olfa0
    153 views4 pages
    sdd

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    sdd

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    153 views4 pages

    Cqure Academy Checklist

    Uploaded by

    olfa0
    sdd

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    ACADEMY

    INFRASTRUCTURE SECURITY CHECKLIST


    By Paula Januszkiewicz & CQURE Academy
    INFRASTRUCTURE SECURITY CHECKLIST
    ACADEMY By Paula Januszkiewicz & CQURE Academy

    Defense Strategy Should Become A New Black

    Each year in the security summary reports provided by vendors present the conclusion that from year to year
    the security breaches are becoming more sophisticated and multifaceted. The challenge is also there for
    the companies that must maintain and keep up to date cyber security defense strategy.

    Unfortunately during the hundreds of security audits performed we have noticed that in the organizations
    there are committed all the time the same mistakes. Sometimes they relate to the architecture and design
    where as a mistake we consider some solution missing, in most cases though these are solutions used that
    lacked good practices during the implementation or they suffer a time-effect where the more we use them the
    more they are getting miscongured.

    Everlasting key to the success is to develop multi-pronged approach


    to cyber security defense.
    This approach can be translated into several technical points that describe areas of focus and then related
    chosen branded solutions that help to achieve these goals and that varies in between companies. Many of them
    though are not in compliance with the latest security updates and standards or they do not have a complete
    thought through plan of cyber security defense execution. As an example we give companies that have not
    implemented any code execution prevention mechanism yet, in the era of ransomware this poses a great risk
    of being attacked and infected. Having the opportunity to ask questions to large session or training attendees
    or simply by relationships with our Customers, we see that statistically everyone knows someone being
    attacked by the ransomware, approximately have received to the email system an email containing
    ransomware data, a bit over experienced the ransomware attack. This is truly scary, especially because
    solutions are just around the corner.

    The lesson from these breaches suggest that all organizations need to look at their policies, procedures
    and infrastructure with an eye on adopting the most rigorous and modern approaches to cyber security. Since
    the objective of the security assessment is to identify security risk exposure and provide mitigation strategies
    to reduce risk to critical business processes and provide secure conductivity for IT operations we would like
    to present you with the comprehensive technical list of areas that should be well thought through
    in the organizations and step-by-step be effectively implemented in order to prevent the common and
    uncommon threats. If you wonder why we did not mention for example Pass-The-Hash prevention etc. it is
    because code execution prevention stands a bit higher in the attack prevention hierarchy and these 14 steps
    present the complete solution preventing pretty much all the interesting examples of the attacks.

    Our list refers to what is missing and needed in most of the enterprises, we have delivered security penetrations
    tests and audits for.

    FOR MORE SECURITY


    FACEBOOK
    https://www.facebook.com/CQURE/ YOU TUBE
    https://www.youtube.com/channel/UCWIEIMHXyJ62RF4aVmU30og
    TWITTER
    https://twitter.com/PaulaCqure https://telegram.me/cqure
    TELEGRAM
    WISDOM FOLLOW US ON:
    INFRASTRUCTURE SECURITY CHECKLIST
    ACADEMY By Paula Januszkiewicz & CQURE Academy

    INFRASTRUCTURE SECURITY CHECKLIST

    1 Ofine access protection on workstations, laptops and servers when necessary (BitLocker etc.).

    2 Implementation of the process execution prevention (AppLocker, BeyondTrust, Avecto, Viewnity etc.).

    3 Log centralization, log reviews - searching for the anomalies, certain log error codes. Performing
    the regular audits of code running on the servers (Sysmon, Splunk etc.).

    4 Maintenance: Backup implementation and regular updating (vendor specic solutions, WSUS, etc.).

    5 Review of the services settings running on servers and workstations (examples: using the accounts
    that are not built in, that are too privileged, reviewing service les locations, changing permissions
    where necessary Security Description Denition Language, changing accounts to gMSAs where
    possible, limitation of the amount of services running on the servers (SCW and manual activities).

    6 Implementation of the anti-exploit solutions (EMET etc.) and anti-virus solutions


    (McAfee, Symantec, NOD32 etc.).

    7 Reviewing the conguration of the client-side rewall and enabling the programs that can
    communicate through the network only. Currently in most of the companies outgoing trafc
    from workstations is all allowed.

    8 Management of the local administrators password (Local Administrator Password Management etc.).

    9 Identity management (example: smart card logon) and centralization, password management (Public
    Key Infrastructure, Microsoft Identity Manager etc.). In approx. of the companies there is a PKI
    implemented but almost everywhere it is not done according to the best practices (to be sincere we
    have never seen it done well) and not in the alignment with the business needs. Almost every company
    we have cooperated with expressed the need of using certicates somewhere and technically it was a
    reasonable need.

    10 Implementation of the Security Awareness Program among employees and technical training
    for administrators.

    11 Implementation of scoping (role management) for permissions and employee roles


    (SQL Admins, Server Admins etc.).

    12 Implementation of the network segmentation (VLANs, IPSec Isolation, 802.1x etc.).

    13 Implementation of the data protection (ADRMS etc.).

    14 Periodical conguration reviews and penetration tests (internal and external) performed by
    the internal team and 3rd party company.

    FOR MORE SECURITY


    FACEBOOK
    https://www.facebook.com/CQURE/ YOU TUBE
    https://www.youtube.com/channel/UCWIEIMHXyJ62RF4aVmU30og
    TWITTER
    https://twitter.com/PaulaCqure https://telegram.me/cqure
    TELEGRAM
    WISDOM FOLLOW US ON:
    INFRASTRUCTURE SECURITY CHECKLIST
    ACADEMY By Paula Januszkiewicz & CQURE Academy

    One can imagine that these 14 points may look too overwhelming, but do not worry.
    Focus on one point, do it well and prioritize and plan the rest. The list above presents
    the most important areas to verify and implement in the typical enterprise.
    GOOD LUCK!

    FOR MORE SECURITY


    FACEBOOK
    https://www.facebook.com/CQURE/ YOU TUBE
    https://www.youtube.com/channel/UCWIEIMHXyJ62RF4aVmU30og
    TWITTER
    https://twitter.com/PaulaCqure https://telegram.me/cqure
    TELEGRAM
    WISDOM FOLLOW US ON:

    You might also like