Coursera
Udemy
Cybrary
edx
alison
linux academy
acloudguru
https://qwiklabs.com
Udemy
Cybrary
edx
alison
linux academy
acloudguru
https://qwiklabs.com
Sunday, December 17, 2017
Tuesday, July 18, 2017
Cyber Security
Cybersecurity Standard
Officially, ISO/IEC 27032 addresses “Cybersecurity” or
“Cyberspace security”, defined as the “preservation of confidentiality,
integrity and availability of information in the Cyberspace”. In turn “the
Cyberspace” (complete with definite article) is defined as “the complex
environment resulting from the interaction of people, software and services on
the Internet by means of technology devices and networks connected to it, which
does not exist in any physical form”.
source
Cybersecurity Framework – a set of industry standards and
best practices to help organizations manage cybersecurity risks. The resulting
Framework, created through collaboration between government and the private
sector, uses a common language to address and manage cybersecurity risk in a
cost-effective way based on business needs without placing additional
regulatory requirements on businesses.
Implementing Cyber Security
1. Complying with Regulatory Authority Guidelines like
- APRA(Australian Prudential Regulation Authority)
- OAIC(Office of the Australian Information Commissioner)
- ASIC(Australian Securities and Investments Commission)
- International Standards Organisation
2. Identifying Risks
- Data Loss
- Fraud
- Business Disruption
3. Adoption of Information Security Control
- Information lifecycle management
- DataQuality
- Privacy & Data Protection
4. Information Handling
- Nomenclature
- Access
- Distribution
- Storage
- Disposal
- Retention
- Sanitisation
5. Application and uses of Information systems
- Appropriate use
- Disclousre
- Password Saftey
- Electronic Communication
- Remote Access
- Use of Hardware and Software
- Security Incidents
6. Implement User Access Controls
- Disabling
- Emergency Accounts
- Privileged Accounts
- Federation & Trust
- Identify
- Remediate
- Review
- Passwords
- Prevent Brute force
- Timeouts
- Approved encryption methods
- Using Encryption
- Using keys
- Storage of keys
- Perimeter Security
- Physical access
- Fire,Flood, Power protection
- Facilities disaster recovery
- Physical security control equipment
- Equipment Management & removal
- Changement Management
- Security life cycle development process
- Speration of environments between production and non production
- Operational readiness
- Virus/Malware protection
- Resourcing
- Backup
- Vulnerbaility Management
- Audit,logging& Monitoring
- Monitor data/information transfer
- Monitor network connection
- Block non business websites
- Agreements
- Non disclosure Agreements
- RACI
- Risk assessment
- Incident management
- Reporting
- Root cause analysis
17. Implement Cyber Security Strategy
- Identity or Identities
- Cyber Saftey
- Application Security
- Governance
- Data Security
- Cloud Security
- Workplace and Mobility
Cyber Security Tools
1. Antivirus
- Mcafee
- symantec
- Trend Micro
- AVG
- Fireeye
- Websense
- Kaseya Network Monitor
- Akamai Prolexic Routed
- Cisco Sourcefire
- Splunk
- RSA netwitness
- Arcsight
- Fireeye threat analytic platform
- Mandiant
5. Cybercrime prevention tools
- phisingbox.com
- phishme
Monday, October 3, 2016
Setting up Jenkins in Windows
- Download jenkins.war from https://jenkins.io/
- Jenkins requires Java7 or later
- Run this command in command prompt
c:\Users\sam\Downloads>c:\DEV\Java\jdk1.7.0_67\bin\java -jar jenkins.war
- Below screen shows Jenkins is running successfully
Launching Jenkins
- Open Browser and paste url http://localhost:8080/
- Go to C:\Users\sam\.jenkins open file initialAdminPassword. Copy the password and paste in the initial login screen
- Setup proxy if you have details or skip
- You will prompted to create admin user, create one for your use
- After setup, jenkins is ready for you to prepare a automated deployment
Sunday, April 10, 2016
OID to OUD migration using DIP
Note:1) DIP does not support
password history migration
2) Migration approach discussed here is based on DIP bootstrap mechanism
1. Backup OUD backends
Run below commands to set environment
export ORACLE_HOME=/usr/app/oud/111220/oud_11.1
export ORACLE_INSTANCE==/usr/app/oud/environments/oudds_1/OUD
export
PATH=$ORACLE_HOME/bin:$ORACLE_INSTANCE/bin:$PATH
Run below command to execute backup
backup
--backUpAll --compress --backupDirectory /usr/app/datamigration/oudBackup
2.
Backup OUD config
·
Copy
the configuration directory, install-dir/config.
·
Make
sure that the schema subdirectory is present within the install-dir/config
directory.
·
Copy
the files in install-dir/logs.
·
Make a
copy of the installation directory.
·
Store
the archived data, configuration directory, schema subdirectory, log files and
installation directory together in a single location.
·
All
items are required when restoring the server.
3. Performance tuning on target OUD
For Data
Migration purpose adjust the heap sizes on the target OUD directories, as
required.
1.
Setting Environment Variables
export ORACLE_HOME=/usr/app/oud/111220/oud_11.1export ORACLE_INSTANCE=/usr/app/dirmon/environments/dipinst_1
export WLS_HOME=/usr/app/dirmon/11116/wlserver_10.3
2.
Execute Boost strap commands for each dip sync
profile
Boots strap properties file should be
edited to write the target LDIF file into a shared mount directory which is
shared across OUD hosts
o syncProfileBootstrap -h hostname -p
7005 -D weblogic -f /usr/app/datamigration/conf/ldp2ldf_legacyoiddata.properties
3. Data Transformation on Target
LDIF
Remember OID records
obpasswordchangeflag attributeswith value 0/1 and OUD records as TRUE/FALSE
Here may need to use some linux
commends like ‘sed’ to replace 0 with
True and 1 with false
4.
dsreplication
pre-external-initialization
dsreplication
pre-external-initialization -h host1 -p 4444 -X -b dc=domain,dc=com,dc=au -I
admin -j pwd-file
5.
Importing LDIF into OUD
STOP
OUD Directoring server using command stop-ds
import-ldif
-f /usr/app/dirmon/datamigration/OIDtoOUD.ldif -n userRoot –a
6.
Rebuild all indexes
Execute below
command to rebuild all indexes
rebuild-index
--rebuildAll -b dc=domain,dc=com,dc=au
7.
dsreplication
post-external-initialization
dsreplication
post-external-initialization -h localhost -p 4444 -b dc=domain,dc=com,dc=au
-I admin -j pwd-file –X
Monitoring OUD in OEM
Discovering OUD on OEM 12c. In short
1. No weblogic domain used for OUD monitoring
2.Use Self Update to find the OUD plugins, selfupdate will
show available plugins for OUD
3. Download plugins and apply in online or offline
4. Use offline mode to import em_catalog.zip
5. Extracted EMOUDPLUGIN_1.1 into swlib, added a reference
of this plugin in software library
6. setup EMCLI after downloading emclikit.jar
7. export OracleHome , JAVA Home and ECMCLI Home
8. execute ./emcli setup -url=<url of em>
-username=<username> -dir=<emclihome> -ver_jars_dir=<emclie
home>
9. ./emcli import_update -file
10. ./emcli deploy_plugin_on_server
-plugin="oracle.oud.odir"
11. Deployed plugin in OEM on Management server and later
OEM agent
12. Discovered OUD Instance, OUD-Proxy and OUD replication
gateway manually
Thursday, April 7, 2016
Federation
OAuth 2 and Openid are two protocols are widely being adopted by organisations to meet complex federation requirements
OAuth2 is now popular with many Identity and Access Management products, these products are now supporting this protocol
Recently I'm exploring okta tools and it is really a break thru in federation. This tool is very easy to manage and supports heaps of apps
OAuth2 is now popular with many Identity and Access Management products, these products are now supporting this protocol
Recently I'm exploring okta tools and it is really a break thru in federation. This tool is very easy to manage and supports heaps of apps
Subscribe to:
Comments (Atom)