Infosec Gladiators

So i get more visibility

But need other people to poll

I know 7 people don't like the group

Please share ur cv

Lets understand the controls and event in Sequence

𝐄𝐱𝐩𝐥𝐚𝐧𝐚𝐭𝐢𝐨𝐧 𝐢𝐧 𝐒𝐞𝐪𝐮𝐞𝐧𝐜𝐞:

𝐃𝐢𝐫𝐞𝐜𝐭𝐢𝐯𝐞 𝐂𝐨𝐧𝐭𝐫𝐨𝐥: The organization puts a policy in place that prohibits employees from browsing social media during work hours (9 AM to 5 PM). This policy sets the baseline for acceptable behavior.

𝐃𝐞𝐭𝐞𝐫𝐫𝐞𝐧𝐭 𝐂𝐨𝐧𝐭𝐫𝐨𝐥: An internal warning is issued to all employees: If anyone is found violating this rule, necessary action will be taken (such as a disciplinary warning or suspension). This deters employees from breaking the rules.

𝐏𝐫𝐞𝐯𝐞𝐧𝐭𝐚𝐭𝐢𝐯𝐞 𝐂𝐨𝐧𝐭𝐫𝐨𝐥:To ensure employees cannot access social media during work hours, a proxy server is installed at the network level. The proxy blocks all social media websites, effectively preventing employees from opening such sites.

𝐂𝐨𝐦𝐩𝐞𝐧𝐬𝐚𝐭𝐢𝐧𝐠 𝐂𝐨𝐧𝐭𝐫𝐨𝐥: To mitigate the risk of employees using external devices, like dongles or mobile hotspots, to bypass the network-level restrictions, the company uses Data Loss Prevention (DLP) software on endpoints. The DLP restricts access to non-company-approved internet connections.

𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐯𝐞 𝐂𝐨𝐧𝐭𝐫𝐨𝐥:The company uses network monitoring tools and regularly checks DLP logs to detect any attempts to bypass the network or use unauthorized devices to access restricted sites.

𝐂𝐨𝐫𝐫𝐞𝐜𝐭𝐢𝐯𝐞 𝐂𝐨𝐧𝐭𝐫𝐨𝐥: If an employee is detected bypassing these controls, their network access is terminated immediately. The incident is escalated to management or HR, and the employee may face further disciplinary actions based on company policy.

#CISSP #cyberecurity #cisa #security+ #cism #grc #infosec

Study with me join my telegram

Why These Sources are Effective:
Real-Time Data: Many of these sources, like ISC, Abuse.ch, and Greensnow, provide real-time threat feeds, which help organizations respond to threats as they emerge.

Focused Areas: Some sources specialize in certain types of threats, like Spamhaus with spam/phishing or Abuse.ch with malware tracking, making them highly effective in those areas.

Collaborative Efforts: Platforms like AlienVault OTX allow for community sharing, improving the speed and efficiency of detecting new threats.

Wide Application: Solutions like Cisco Talos and Emerging Threats offer detection rules and tools that can be applied across various network security devices, ensuring broad protectio