swedenent sir crimgene exam friday 7 to 8

Box-by-Box Configuration

• Each network device must be configured separately

• We troubleshoot each device separately

• When we need to implement or update network configs, it also must be done to each device separately.

Controller

• Centralized device or application where the control is located

• Centralized control plane
  Because all control plane logic is done by the controller

• A software running on a physical appliance or somewhere in the cloud

SOFTWARE-DEFINED NETWORK (SDN) ARCHITECTURE

The management and control plane functions are separated from the device.
The control plane function is handled by the controller
The management and control plane functions are separated from the device

MANAGEMENT PLANE

Applications

CONTROL PLANE

Controller

DATA PLANE

Router
Switch
Firewall

Windows Server 2003 Edition Standard Edition

Has domain controller, Few roles

Windows Server 2003 Edition Small Business

Does not support being a Domain Controller, includes more roles, designed for peer-to-peer networking and data server functions

Windows Server 2003 Edition Enterprise

Has Domain Controller, includes all roles, strong WAN

Windows Server 2003 Edition Datacenter Edition

The most expensive edition, includes Domain Controller
Supports multiple CPU, 32 GB of RAM, RAID configurations

Windows Server 2003 Edition Web Server Edition

Most affordable,
Has enhanced WAN capabilities
For web servers, FTP servers, and Email Server

Domain Tree

is simply a collection of one or more domains that share a common namespace

FQDN (Fully Qualified Domain Name)

the complete, absolute name of a system within a Windows Server. It uniquely identifies a computer, server, or resource in a domain-based network.

Domain Forest

is a collection of one or more domain trees. The domains in the gma domain tree and the it243.com domain tree could be part of the same forest.
is a secure connection between two domains that allows authentication and resource sharing across them

Parent Domain

it243.com

Child Domain

us.it243.com
ph.it243.com
sg.it243.com
gma.com

Group Policy (GP)

Windows management feature that allows you to control multiple users' and computers' configurations within an Active Directory environment.

CIS Benchmarks

With our global community of cybersecurity experts, we've developed CIS Benchmarks; more than 100 configuration guidelines across 25+ vendor product families to safeguard systems against today's evolving cyber threats.

GROUP SCOPE

Domain local groups are Windows Server groups whose scope is restricted to the specific domain in which they are defined.
A universal group is a security or distribution group that can contain users, groups, and computers as members from any domain in its forest. Universal security groups can be granted rights and permissions on resources in any domain in the forest.

GROUP TYPE

Security groups are used to collect user accounts, computer accounts, and other groups into manageable units.

Distribution groups are used for sending email notifications to a group of people. Security groups are used for granting access to resources such as SharePoint sites. Mail-enabled security groups are used for granting access to resources such as SharePoint, and emailing notifications to those users.

ORGANIZATIONAL UNIT

An organizational unit (OU) is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units.

SERVER

Operating System/Application that provides network services to client devices
Can be located in a Physical server, Virtualized Environment, Cloud

TRADITIONAL PHYSICAL SERVER

Has different form factors
Bulky Computer Hardware with Server Operating System

• Rack

• Blade

Basic Server Components

• CPU - multiple processors

• RAM / 64GB

• Internal Storage - HDD, SSD

• Network Interface Cards - multiple

Bare Metal

Server without an Operating System

OPERATING SYSTEM

For a bare metal machine to be a full-fledged server, it needs an Operating System

Server Virtualization

We install multiple operating system instances in a physical server (called Host)
By creating a Virtual Machine (VM)
Emulated physical server
We can create multiple VMs in a single Host

Hypervisors

Software that creates and runs Virtual Machines (VM)

Manages and allocates the host hardware components for each VM

Serves as the supervisor and manager of the virtualized environment

CPU

RAM

STORAGE

Type 1 Hypervisor

Commonly known as Native/Bare Metal

Hypervisor Software is installed directly on top of the bare metal device hardware

VMWARE ESXI

HYPER-V

LINUX KVM

CITRIX XENSERVER

This type is heavily used for server

CPU

RAM

Type 2 Hypervisor

Commonly known as Hosted Hypervisors

Hypervisor is installed "on top" of the host operating system

APP

APP

APP

VMWARE WORKSTATION/HOST

HYPERVISOR

VMWARE FUSION

VIRTUALBOX

PARALLELS FOR MAC

This type is used for software Testing

MAN IN THE MIDDLE ATTACK

Man in the Middle (MITM) attack occurs when cybercriminals place themselves between a two-party communication.
Once the attacker intercepts the communication, they may filter and steal sensitive data and return different responses to the user.

DENIAL OF SERVICE ATTACK (DOS / DDOS)

Denial of Service attacks aim at flooding systems, networks, or servers with massive traffic, thereby making the system unable to fulfill legitimate requests.
Attacks can also use several infected devices to launch an attack on the target system. This is known as a Distributed Denial of Service (DDOS) attack.

SQL INJECTION

A Structured Query Language (SQL) injection attack occurs when cybercriminals attempt to access the database by uploading malicious SQL scripts.
Once successful, the malicious actor can view, change, or delete data stored in the SQL database.

Threat Avoidance, Mitigation, and Acceptance

You can prevent and reduce the risk of attacks on your server to a certain extent. However, for those that manage to bypass your defenses, it is essential to have measures in place to mitigate the impact.
Backup Plans
Risk Management
Awareness and Continuous Learning
Keen Planning and Readiness
Evolution of Defenses
Scanning and Regular Checking

Server Backup (WSB)

feature that provides backup and recovery options for Windows server environments. Administrators can use Windows Server Backup to back up a full server, the system state, selected storage volumes, or specific files or folders.

An Organizational Unit (OU)

Windows Server Active Directory (AD) is a logical container used to organize and manage objects within a domain. It allows administrators to group users, computers, groups, and other OUs for easier management, delegation, and application of Group Policies.

A Data breach

kind of security incident. happens when there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
Availability breach
Integrity breach
Confidentiality breach

Network programmability

• Python

• Ansible

• Puppet and Chef

Control Plane

The control plane function is handled by the controller

THE SOUTHBOUND INTERFACE (SBI)

In an SDN environment, the control plane function is detached from the network device, and is now the job of the “SDN CONTROLLER”.