Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,880 --> 00:00:05,440
In our next section we will talk about the key security concepts
2
00:00:08,150 --> 00:00:10,460
let's start with the cyber threats.
3
00:00:10,460 --> 00:00:19,190
Cyber threats or simply threats refer to cyber security circumstances or events with the potential to
4
00:00:19,250 --> 00:00:23,330
cause harm by way of their outcome.
5
00:00:23,330 --> 00:00:31,100
A few examples of common threats include as social engineering are phishing attack that leads to an
6
00:00:31,160 --> 00:00:38,180
attacker installing a Trojan and stealing private information from your applications.
7
00:00:38,180 --> 00:00:46,340
Political activists need those seeing your Web site an administrator accidently leaving data unprotected
8
00:00:46,370 --> 00:00:54,560
on a production system causing a data breach or soon flooding your ISP data center.
9
00:00:54,560 --> 00:01:03,680
Cyber security threats are actualized by threat to actors Skye's threat actors usually refer to persons
10
00:01:03,710 --> 00:01:12,650
or entities who may potentially initiate at threat while natural disasters as well as other environmental
11
00:01:12,650 --> 00:01:16,790
and political events do constitute threats.
12
00:01:16,850 --> 00:01:21,590
They are not generally regarded as being threat actors.
13
00:01:21,590 --> 00:01:29,900
Examples of common threat actors include financially motivated criminals which are known also as cyber
14
00:01:29,900 --> 00:01:39,050
criminals guys and politically motivated activists and these guys are known as the hacktivists and competitors
15
00:01:39,080 --> 00:01:44,810
careless employees and nation state attackers.
16
00:01:44,810 --> 00:01:53,090
Cyber threats can also become more dangerous if threat to actors leverage one or more vulnerabilities
17
00:01:53,420 --> 00:02:03,400
to gain to a system often including the operating system yeah let's go ahead with the one notable TS
18
00:02:04,090 --> 00:02:13,000
vulnerabilities simply refer to our weaknesses in our system they make threat the outcomes possible
19
00:02:13,030 --> 00:02:16,360
and potentially even more dangerous.
20
00:02:16,600 --> 00:02:21,040
A system could be exploited through a single vulnerability.
21
00:02:21,040 --> 00:02:29,290
For example let's say as a single ask fuel injection attack could go to an attacker full control over
22
00:02:29,290 --> 00:02:39,970
sensitive data an attacker could also chain several exploits together and taking advantage of more than
23
00:02:39,970 --> 00:02:44,070
one vulnerability to gain more com control.
24
00:02:44,080 --> 00:02:53,680
Examples of common vulnerabilities are as cruel injections cross site scripting server mis configurations
25
00:02:54,010 --> 00:02:58,680
sensitive data transmitted in plain text and more
26
00:03:01,360 --> 00:03:02,470
exploitation.
27
00:03:02,500 --> 00:03:11,740
Exploitation is the next step in attackers playbook after finding a vulnerability on the system exploits
28
00:03:11,800 --> 00:03:20,310
are the meals through which vulnerability can be leveraged for malicious activity by hackers.
29
00:03:20,450 --> 00:03:31,870
And these include pieces of software sector analysis of comments or even open source exploit kids so
30
00:03:31,900 --> 00:03:32,200
yeah.
31
00:03:32,260 --> 00:03:39,660
We have threads and we have vulnerabilities we have exploits saw how we can mitigate it.
32
00:03:39,670 --> 00:03:48,490
All of these things and we have some mitigation techniques and their training and awareness patch management
33
00:03:48,820 --> 00:03:53,380
policies and procedures and incident response.
34
00:03:53,380 --> 00:03:56,800
Let's start with the training and awareness.
35
00:03:56,800 --> 00:04:03,900
It is constituted as the most convenient and comfortable form of the security guys.
36
00:04:04,090 --> 00:04:11,980
User training is considered as the least expensive and the most effective mitigation technique.
37
00:04:11,980 --> 00:04:19,360
Actually it is the best way to keep the users from making mistakes that will lead to success of the
38
00:04:19,810 --> 00:04:25,050
social engineering attack is educating how to handle them.
39
00:04:25,120 --> 00:04:33,790
It is important to know the procedures protocols and the policies for the security of a network or else
40
00:04:33,790 --> 00:04:34,910
training users.
41
00:04:34,900 --> 00:04:40,260
Skew a real advantage of the relatively low cost guys.
42
00:04:40,390 --> 00:04:43,390
And the second thing is the pitch management.
43
00:04:43,390 --> 00:04:52,710
When an application or an operating system is released it is not perfect far from the security perspective
44
00:04:52,720 --> 00:04:53,890
guys.
45
00:04:53,890 --> 00:05:02,560
Then after Dooley's updates and security patches are released on the ongoing basis which can add to
46
00:05:02,580 --> 00:05:09,130
as software to make them more secure or provide it's more functionality.
47
00:05:09,130 --> 00:05:17,770
And the third thing is policies and procedures the security procedures and policies must be outlined
48
00:05:17,770 --> 00:05:26,920
clearly in writing in the organization guys and it should define acceptable behaviors on networks and
49
00:05:27,160 --> 00:05:29,470
organization computers.
50
00:05:29,470 --> 00:05:38,200
Who uses the computers has to read the procedures and policies and also sign the form for agreeing it.
51
00:05:39,070 --> 00:05:47,760
And the last thing is the incident response when the intruder has enacted an attack on the network.
52
00:05:47,800 --> 00:05:56,030
Then the first instinct gets you the user back to work regardless of what that takes.
53
00:05:56,110 --> 00:06:05,220
It makes more sense in the short run but in case of long run it might be a wrong move surely guys.
54
00:06:05,260 --> 00:06:13,180
The rails tall software which is damaged by the attack then this rare installation may covered the threat
55
00:06:13,270 --> 00:06:19,950
of an attacker and prevent it from persecuting and finding it.
56
00:06:20,110 --> 00:06:29,170
Also it is essential to understand these security threats which affect the networks and be familiar
57
00:06:29,170 --> 00:06:38,500
with the affecting networks like those attacks warms viruses social engineering and men in the middle
58
00:06:38,500 --> 00:06:39,450
attacks.
59
00:06:39,730 --> 00:06:46,050
It is necessary to learn each type of these attacks operates and how to secure it.
60
00:06:46,660 --> 00:06:55,270
Additionally understand the mitigation techniques such as incident response procedure and policies patch
61
00:06:55,270 --> 00:07:03,580
management and training and awareness understand efficient and effective methods of protecting against
62
00:07:03,640 --> 00:07:13,030
these social engineering threats and also other network weaknesses as software security physical security
63
00:07:13,030 --> 00:07:22,690
is also so important infrastructure locations such as network closets and data centers should remain
64
00:07:22,690 --> 00:07:25,550
securely locked badge.
65
00:07:25,570 --> 00:07:34,040
Access to sensitive locations is a scalable solution offering an audit trail of identities and time
66
00:07:34,040 --> 00:07:37,540
stamps when access is granted.
67
00:07:37,540 --> 00:07:46,270
Administrators can control access on a granular basis and quickly remove access when an employee is
68
00:07:46,390 --> 00:07:46,960
dismissive.
7779
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.