Cybersecurity Certification Primers Application Data and Host Security

Session Overview • Application, Data, and Host Security • Review of Exam Domains • Exercises and Experiments • Secure coding concepts • Creating a backup policy • Creating a patching/update strategy

Learning Objectives • The learner will be able to describe the 5 exam objectives in the Comp. TIA Security+ Application, Data, and Host Security domain. • The learner will be able to perform a code review of a simple Python function, then rewrite the code to include proper security handling. • The learner will be able to create and justify secure policies and strategies for various data and server management scenarios.

Application, Data, and Host Security Code of Conduct Embrace Mistakes, because none of us would be here if we got everything right Be Respectful, towards others and towards their opinions Keep an Open Mind, and see how things play out in the end Behave Professionally, and voice your concerns and opinions in a constructive manner

Application, Data, and Host Security Review of Exam Domains • Explain the importance of application security controls and techniques • Fuzzing • Secure coding concepts • Error and exception handling • Input validation • Application configuration settings • Application hardening • Server-side vs. client-side validation Role: Cybersecurity Engineer NICE Specialty Area (Work Role ID): Software Developer (SP-DEV-001) Key KSA Codes: K 0001 -6, K 0039, K 0070, K 0140, S 0001, S 0019, S 0060, A 0047 Key Task Codes: T 0011, T 0013

Application, Data, and Host Security Review of Exam Domains • Summarize mobile security concepts and techniques • • • Device encryption Remote wiping Asset tracking and inventory control Mobile device management Removable storage BYOD concerns Role: Cybersecurity Manager / Administrator NICE Specialty Area (Work Role ID): COMSEC Manager (OV-MG-002) Key KSA Codes: K 0001 -6, K 0018, K 0038, S 0027 Key Task Codes: T 0004, T 0095

Application, Data, and Host Security Review of Exam Domains • Given a scenario, select the appropriate solution to establish host security • Operating system security and settings • OS hardening • Group policy • File and directory permissions • Anti-malware • Virtualization security • Snapshots • Elasticity • Sandboxing Role: Cybersecurity Engineer NICE Specialty Area (Work Role ID): System Administrator (OM-SA-001) Key KSA Codes: K 0001 -6, K 0077, K 0088, K 0167, S 0033, S 0076, S 0143 Key Task Codes: T 0029, T 0063, T 0136, T 0418

Application, Data, and Host Security Review of Exam Domains • Implement the appropriate controls to ensure data security • Hardware-based encryption devices • TPM and HSMs • Data in transit, data at rest, data in use • Permissions/ACL • Data policy • Retention • Storage • Wiping/disposing Role: Cybersecurity Manager / Administrator NICE Specialty Area (Work Role ID): COMSEC Manager (OV-MG-002) Key KSA Codes: K 0001 -6, K 0018, K 0038, S 0027 Key Task Codes: T 0004, T 0095

Application, Data, and Host Security Review of Exam Domains • Compare and contrast alternative methods to mitigate security risks in static environments • • • SCADA environments Embedded devices Network segmentations Security layers Wrappers Firmware and software version control Role: Cybersecurity Architect NICE Specialty Area (Work Role ID): Enterprise Architect (SP-ARC-001) Key KSA Codes: K 0001 -6, K 0027, K 0030, K 0043, K 0061, S 0024, S 0027, A 0008, A 0027, A 0060 Key Task Codes: T 0051, T 0517

Application, Data, and Host Security Exercises and Experiments Secure Coding Concepts Exercise: Given a block of code, rewrite the code to implement basic input validation and exception handling.

Application, Data, and Host Security Exercises and Experiments Creating a Backup Policy Exercise: With your group, come up with a robust database backup policy with the following requirements: 1. Will need backup policies for development, UAT, and production environments. 2. Should be able to recover all production data until at least the past 3 open business hours (within same business day). 3. Should be able to restore from backup and validate success.

Application, Data, and Host Security Exercises and Experiments Creating a Patching/Update Strategy Exercise: With your group, come up with a policy to perform patches/updates on a data center with the following requirements: 1. Non-production environments can have at most 1 day of down-time, as needed. Production environment can have at most 24 hours of downtime (Saturday 8 PM EST – Sunday 8 PM EST). 2. Strategy must accommodate security patch/updates during work hours for the production environment if needed.