00:01
Hello students, we are identifying the risk, threat and vulnerability in the it domain system and the application domain.
00:07
Common risk, threat and vulnerability risks may be system outage, impacting business operations, unauthorized access leading to data breaches, threat malware attack on the application, insider threat, compromising sensitive data vulnerability, unpaired software and application, weak authentication mechanism, application internal vulnerability scanner tools like open vas for identifying software vulnerability, nessus application security testing tool.
00:42
So with the help of the tool like waspjap for testing application security, security mechanism, security information and event management as siem system, monitors log for suspicious activities and the potential security incident, mitigation, regular patching and update.
01:03
So in this way we can do the mitigation work, access control and authentication.
01:09
So enforce strong authentication mechanism, web application firewall, waf, protect web application for the common vulnerability lan.
01:18
So common risk here, network downtime, affecting communication, unauthorized access to the sensitive information threats, man in the middle, mitm attack on the network traffic network.
01:33
So here network sniffing, vulnerability and secure wi -fi network, weak encryption protocol, application network scanner, identify open port and vulnerability in the network, intrusion detection system ids and encryption tool implementing strong encryption tools in the data.
01:55
Mitigation network segmentation, divide the network into the segment to limit the latest moment use of vpn, ensure secure communication over public network, regular security audit.
02:09
So here identify and address the vulnerability in the network configuration, workstation domain...