Aprendizaje

Procedimientos forenses básicos

(en inglés)

 

• Order of volatility
• Capture system image
• Network traffic and logs
• Capture video
• Record time offset
• Take hashes
• Screenshots
• Witnesses
• Track man hours and expense
• Chain of custody
• Big Data analysis

(más…)

Tipos de malware

(en inglés)

 

• Adware
• Virus
• Spyware
• Trojan
• Rootkits
• Backdoors
• Logic bomb
• Botnets
• Ransomware
• Polymorphic malware
• Armored virus

(más…)

Soluciones para establecer la seguridad del host

(en inglés)

 

• Operating system security and settings 
• OS hardening
• Anti-malware (Antivirus, Anti-spam, Anti-spyware, Pop-up blockers)
• Patch management
• Whitelisting vs. blacklisting applications
• Trusted OS
• Host-based rewalls

(más…)

Controles para garantizar la seguridad de los datos

(en inglés)

 

• Cloud storage
• SAN
• Handling Big Data 
• Data encryption (Full disk, Database, Individual files, Removable media, Mobile devices)
• Hardware-based encryption devices (TPM, HSM, USB encryption, Hard drive)
• Data in transit, data at rest, data in use 
• Permissions/ACL
• Data policies (Wiping, Disposing, Retention, Storage)

 

(más…)

Mejores prácticas de gestión de riesgos

(en inglés)

 

• Business continuity concepts: Business impact analysis, Identification of critical systems and components, Removing single points of failure, Business continuity planning and testing, Risk assessment, Continuity of operations, Disaster recovery, IT contingency planning, Succession planning, High availability, Redundancy, Tabletop exercises

 

• Fault tolerance: Hardware, RAID, Clustering, Load balancing, Servers

 

• Disaster recovery concepts: Backup plans/policies, Backup execution/frequency, Cold site, Hot site, Warm site

(más…)

Seguridad móvil – Conceptos y tecnologías

(en inglés)

 

• Device security (Full device encryption, Remote wiping, Lockout, Screen locks, GPS, Application control, Storage segmentation, Asset tracking, Inventory control, Mobile device management, Device access control, Removable storage, Disabling unused features)

 

• Application security (Key management, Credential management, Authentication, Geo-tagging, Encryption, Application whitelisting, Transitive trust/authentication)

 

 • BYOD concerns (Data ownership, Support ownership, Patch management, Antivirus management, Forensics, Privacy, On-boarding/off-boarding, Adherence to corporate policies, User acceptance, Architecture/infrastructure considerations, Legal concerns, Acceptable use policy, On-board camera/video)

(más…)

Lista de Acrónimos

(en inglés)

 

3DES Triple Digital Encryption Standard
AAA Authentication, Authorization and Accounting
ACL Access Control List
AES Advanced Encryption Standard
AES256 Advanced Encryption Standards 256-bit
AH Authentication Header

(más…)

Tipos de ataques inalámbricos

(en inglés)

 

• Rogue access points
• Jamming/interference
• Evil twin
• War driving
• Bluejacking
• Bluesnarfing
• War chalking
• IV attack
• Packet sniffing
• Near field communication
• Replay attacks
• WEP/WPA attacks
• WPS attacks

(más…)

Tipos de ataques de aplicación

(en inglés)

 

• Cross-site scripting
• SQL injection
• LDAP injection
• XML injection
• Directory traversal/command injection
• Buffer overflow
• Integer overflow
• Zero-day
• Cookies and attachments
• Locally Shared Objects (LSOs)
• Flash cookies
• Malicious add-ons
• Session hijacking
• Header manipulation
• Arbitrary code execution/remote code execution

(más…)

Parámetros de configuración de seguridad

(en inglés)

 

• Firewalls
• Routers
• Switches
• Load balancers 
• Proxies
• Web security gateways 
• VPN concentrators
• NIDS and NIPS: Behavior-based, Signature-based, Anomaly-based, Heuristic
• Protocol analyzers
• Spam filter
• UTM security appliances, URL filter, Content inspection, Malware inspection
• Web application firewall vs. network firewall
• Application aware devices, Firewalls, IPS, IDS, Proxies

(más…)

Tipos de ataques cibernéticos

(en inglés)

 

• Man-in-the-middle
• DDoS
• DoS
• Replay
• Smurf attack
• Spoofing
• Spam
• Phishing
• Spim
• Vishing
• Spear phishing
• Xmas attack
• Pharming
• Privilege escalation
• Malicious insider threat

(más…)