Notes on Cybersecurity

  There are number of physical security threats faced by an organisation. Thieves and threat actors might break in and steal the IT equipment, plug in their devices, cut off company’s cables or connect to a company network with their device. Measures exist to protect the IT equipment and company data from physical access. It is recommended to lock the rooms where the IT equipment is stored and particular attention should be paid to the server room. A smart card, a swipe card system or a biometric identification system should be considered as this would allow to monitor the behaviour of each user. With the above implemented, any suspicious behaviour could be swiftly investigated. It is also advisable to install CCTV cameras monitoring who has entered the IT equipment room and who is in it an any given time. That is because smart cards can stop working or tailgating technique could be used. To prevent break-ins, alarms should be installed that will alert security when ...

GDPR, short for General Data Protection Regulation, mandates that data breaches be reported within 72 hours after they have been discovered. Therefore, an organisation requires a plan of an incident response before an incident actually happens. To mitigate damage after the breach has occurred, the first step is containing the breach. In order to do that, network security staff must learn exactly how the incident happened. This is to be able to take necessary action and prevent any future damage. Often that means disconnecting the company systems from the Internet but it is not always the case. After the incident has been contained, the next step is to assess the risks. This stage includes investigating the type of data breached, the level of data sensitivity, how many individuals were affected, which categories of people were affected, if any financial or other high-risk data was involved, if the data was encrypted and if the data was backed up. Depending on the scope of...

Backing up data is important because the data is on is deleted, device is hacked or corrupted, the data can be accessed and restored from another medium. It is recommended to backup anything of value, be it family member photos, CVs, reports or invoices. Data could be backed up to the cloud or to a local removable media. When backing up data to the cloud, it could be easily be accessed from the Internet. Apple iCloud, Google Drive and Microsoft OneDrive offer between 5GB and 15 GB free storage space that could be used for backups. It is suitable to back up the most important data but not enough to back up many large files. It is crucial to have fast and stable Internet connection to make successful backups to the cloud. Another consideration is that if using metered Internet connection, data backups to the cloud might be too expensive to perform. It is essential to protect access to the cloud with a strong password and enable multi-factor authentication in order to keep the data confid...

I installed the UWF firewall on the Kali Linux system using sudo apt install uwf command Then I configured the UWF firewall rules using the following commands to allow traffic from the IP addresses 192.168.1.1, 192.168.1.2, 192.168.1.3, 192.168.1.4 sudo ufw allow from 192.168.1.1 sudo ufw allow from 192.168.1.2 sudo ufw allow from 192.168.1.3 sudo ufw allow from 192.168.1.4 After the rules have been configured I enabled the UWF firewall using sudo ufw enable command. Below is the screenshot of an Open University course chapter on firewalls

  1. Windows Defender Firewall is a host-based firewall and  like other host-based firewalls it is easy to configure compared to a hardware-based firewall . It allows to add and remove programs and ports on different network domains. An administrator is able block all inbound connections for maximum security in case a system is under attack. Windows Defender Firewall also supports IPSec, which can enforce device authentication prior to any communication. To configure a Windows Defender Firewall on Windows 11 , go to Settings, then to Update & Security and to Windows Security . To configure a Windows Defender Firewall, go to Control Panel, then change to Large Icon View, go to Windows Defender Firewall and finally, Advanced settings. To add a program in the firewall , click Inbound Rules and then New Rule . Following that s elect Program from the Rule Type . Then b rowse to select the program executable file .  Tick Allow and choose what network do...

  Robust password is computationally impossible to crack using automated password cracking tools. To create one, user must use a variety of symbols that include both lowercase and capital letters, numbers and special characters. In addition to that a password must be at least 12 characters long – the shorter it is the faster it is to crack. It is recommended to create a unique password for each service and use a password manager that could store all the unique passwords. When logging in it is advisable to enable the “Show password” feature as it would help prevent entering incorrect password and having to reset it th u s creating a vulnerability . It would also prevent the user being locked out of the account as many companies that follow NIST cybersecurity guidelines lock out the user after several unsuccessful login attempts. Wherever possible multi-factor authentication should be enabled when creating a password to complement a password with a code sen t to your phon...