Concepts
- Threats
- Internal
- External
- Vulnerability: Is some kind of weakness
- Exploit: a way of taking advantage of a vulnerability
Reduce threat exposure
- Zero Trust
- User / Admin access
- Role Based Access
- Only have access to required system
- Least Privileges
- Allow as little access as required
- Applies to system process too
- Separation of Duties
- Processes require more than a single person
- Role Based Access
- Network Access Control
- Authenticate user
- Authenticate device
- Scan device
- Provide least privilege access
- Provide access based on role
- Network Segmentation
- Honeypots
- User / Admin access
Authentication, Authorization and Accounting (AAA)
-
Auth:
- Local auth
- Domain auth
- Single Sing On (SSO)
-
Tools
- I Been Pwned