Notes on Cybersecurity

GDPR, short for General Data Protection Regulation, mandates that data breaches be reported within 72 hours after they have been discovered. Therefore, an organisation requires a plan of an incident response before an incident actually happens. To mitigate damage after the breach has occurred, the first step is containing the breach. In order to do that, network security staff must learn exactly how the incident happened. This is to be able to take necessary action and prevent any future damage. Often that means disconnecting the company systems from the Internet but it is not always the case. After the incident has been contained, the next step is to assess the risks. This stage includes investigating the type of data breached, the level of data sensitivity, how many individuals were affected, which categories of people were affected, if any financial or other high-risk data was involved, if the data was encrypted and if the data was backed up. Depending on the scope of...

Backing up data is important because the data is on is deleted, device is hacked or corrupted, the data can be accessed and restored from another medium. It is recommended to backup anything of value, be it family member photos, CVs, reports or invoices. Data could be backed up to the cloud or to a local removable media. When backing up data to the cloud, it could be easily be accessed from the Internet. Apple iCloud, Google Drive and Microsoft OneDrive offer between 5GB and 15 GB free storage space that could be used for backups. It is suitable to back up the most important data but not enough to back up many large files. It is crucial to have fast and stable Internet connection to make successful backups to the cloud. Another consideration is that if using metered Internet connection, data backups to the cloud might be too expensive to perform. It is essential to protect access to the cloud with a strong password and enable multi-factor authentication in order to keep the data confid...

I installed the UWF firewall on the Kali Linux system using sudo apt install uwf command Then I configured the UWF firewall rules using the following commands to allow traffic from the IP addresses 192.168.1.1, 192.168.1.2, 192.168.1.3, 192.168.1.4 sudo ufw allow from 192.168.1.1 sudo ufw allow from 192.168.1.2 sudo ufw allow from 192.168.1.3 sudo ufw allow from 192.168.1.4 After the rules have been configured I enabled the UWF firewall using sudo ufw enable command. Below is the screenshot of an Open University course chapter on firewalls