Skip to content

Instantly share code, notes, and snippets.

View jcohen66's full-sized avatar

Jonathan T. Cohen jcohen66

View GitHub Profile
@jcohen66
jcohen66 / cism_security_policy.txt
Last active July 26, 2024 23:29
CISM IT Security Policy #cism #security #policy
Writing Security Policies
https://www.cyberpilot.io/it-security-policy-downloada
Purpose
- Provide a framework
- Sets objectives for IT Security
- Delegates responsibility
- Creates guidelines and rules for employees to follow
@jcohen66
jcohen66 / cism_continuityofenterprise.txt
Last active July 25, 2024 19:52
CISM Continuity of the Enterprise #cism #business #continuity #disaster #recovery #planning
Continuity of the Enterprise
- Get Sr Mgt buyin
- Build a Charter
Business Continuity
- Incorporates Info Systems AND everything else!
- In for the long haul
- Starts as incident/Ends as disaster
- Coordinated strategy involving plans, procedures, and technical measures
- Enable the recovery of info systems, operations and data after a disruption
@jcohen66
jcohen66 / CISM_inicient_response.txt
Created July 25, 2024 18:40
CISM Incident Response #cism #incident #response #plan #prepare #protect #contain #triage #respond
Incident Response
- Hands off!
- We dont act/we advise
Prepare
- Coordinate Planning and Design
- Identify Incident Management Requirements
- Obtain Funding and Sponsorship
- Develop Policies, Plans, Processes
@jcohen66
jcohen66 / cissp_designing_secure_systems.txt
Created July 23, 2024 15:40
CISSP Designing Secure Systems #cissp #secure #system #design #best #practice
Designing Secure Systems
Authentication
- Scenarios to Protect
- User logins
- Employee access to internal systems
- Design Points
- String password policy
- Multi-factor authentication (MFA)
@jcohen66
jcohen66 / cissp_endpoint_best_practice.txt
Created July 23, 2024 00:15
CISSP Endpoint Best Practices #cissp #endpoint #best #practice
Essential Endpoint Best Practices
Regular Updates and Patching
- Ensure all devices and software are kept up to date on all patches and updates
- This practice fixes vulnerabilities that could be exploited by attackers and enhances the overall security posture
Strong Authentication and Access Control
- Implement strong password policies and multi-factor authentication (MFA) to reduce the risk of unauthorized access
- Apply the Principle Of Least Privilege (PLP) by restricting user access rights to only what is necessary for their role.
@jcohen66
jcohen66 / cissp_rbac.txt
Created July 22, 2024 14:45
CISSM Role Based Access Control (RBAC) #cissp #rbac #role #based #access #control
Role Based Access Control
- Has Role
- Has Permission
- User
- Role
- Permission
- User can have 1-n Roles (User-Role)
- Role can have 1-n Permissions (Rolex-Permission)
@jcohen66
jcohen66 / cissp_crowdstrike.txt
Last active July 22, 2024 19:29
CISSP Crowdstrike Bug SMM #cissp #crowstrike #edr #ring #uefi
https://insights.sei.cmu.edu/blog/uefi-terra-firma-for-attackers/
Kernel Driver Failed
- Ring 0
- Kernel Mode (OS Code)
- Can see all memory
- When kernel mode code crashes -> The System Crashes
- Blue Screens since alternative could be worse
- OS doesnt know what to do
- Application code is not separated from one another
@jcohen66
jcohen66 / cism_risk_stages.txt
Created July 21, 2024 03:10
CISM Risk Stages #cism #risk #stages #analysis #identification #evaluation #management
Risk Identification
- The first and most fundamental stage
Risk Analysis
- Follows Identification
- Structured process that involves identifying ways to achieve goals, anlyzing consequences and assessing the likelihood of hazardous events.
Risk Evaluation
- Follows Analysis
- Risks should be ranked and prioritized
@jcohen66
jcohen66 / cism_global_local.txt
Created July 20, 2024 17:55
CISM Global Organization Policy #cism #global #local #policy #legal #compliance #law #data #privacy
Infromation Security Program Global/Local Policies
Local Entity
- Must comply with local law for data collected in the country
- Sr Management is accountable for legal compliance
- Policy takes 2nd place to law
- Law supercedes internal policy
- Local regulations can differ from the country where the organization is HQ
- Not likely that org policy will cover all local legal requirements
- Local law supercedes law of country where HQ
@jcohen66
jcohen66 / cism_strategies.txt
Last active July 20, 2024 17:10
CISM Strategies #cism #cobit #cmmi #togaf #zachman #sabsa #27002 #fisma #itil #20000 #800-53 #iso #nist #framework #architecture #best #practice #federal
Strategy Methodologies
Frameworks
- COBIT
- Framework
- IT Governance and Management
- CMMI
- Framework
- Process Improvement