Hello, and welcome back. My name is Tyler McMann with Aruba, a Hewlett Packard Enterprise company. This is our second video in our first part of the Aruba network security basics. In this video, we're going to be taking a look at security threats, and the Aruba security strategy for dealing with them. Without further ado, let's jump on in. Security threats and how do we deal with those? Well, first we want to take a look at just an overview of what security means. How do we define good security? There's a really nice acronym for summing it all up, C for confidentiality, I for integrity, and A for availability. Confidentiality is that I can send information across the network in the form of an email, in the form of traffic go into my bank's website, in the form of files that I'm sharing across to a file server and no one can read those messages or examined those packets or the payloads of those packets except the intended recipients. We want to be able to send our data with confidence. Integrity is that any message that is being received matches the message that is sent. In other words, if I send you a check for $100, the check that you receive says $100, not $1,000, not $10. It hasn't been altered in transit. This also relates to authenticity that we are signing an email or we're signing a packet or a file such that only we could have been the person to have said that. This is all done with cartography. Then lastly, availability, which you might think, what does availability you really have to do with security? But when hackers are trying to intercept our messages or they're trying to alter our messages, and those attempts fail, they'll often resort to a denial of service or a DOS attack. Maintaining uptime, maintaining availability is a concern for the networking side of things. Otherwise, we could suffer these DoS or distributed denial of services, which we'll talk about here in just a minute. Before we jump into how we protect our network, first we need to know what we're protecting our network from, and that brings us to the subject of threats. What are the threats that we need to worry about out there in the world? There's going to be a few of these that we're going to run through. The first set we'll start with defining vulnerabilities versus threats. What is a vulnerability versus the threat that's threatening that vulnerability? Well, vulnerability and they show it here. A bug or unexpected behavior that permits and exploit refers to a state in which a device or your network is vulnerable to an attack. A vulnerability does not necessarily mean an issue has occurred, but that simply there's a risk of being exploited. A threat is the actual exploit of that vulnerability. How do we deal with those? Vendors that distribute laptops, and phones, switches, routers, access points, whatever they will typically fix these vulnerabilities as they discover them, as they discover bugs in the code. They might decide to patch that in order to close these vulnerabilities. A zero-day threat or an exploit, is an exploit or vulnerability that the vendors have not found nor have patched or maybe they found it but they didn't patch it. Either way, the result is the same. Most of these updates that you're going to see on your Windows machine, your Mac device, your Android phones, your iPhones, those updates often include month after month these patches and vulnerabilities that have been discovered and reported to the company. Probably the best way to protect your operating system from attack is by patching or updating the operating system as those updates are made available. If we take a look at actors. We have bad actors, we have ethical hackers that are actually testing and looking for these vulnerabilities so that they can report them to vendors are known as ethical hackers, testing the locks in a building before you call it a night. That's an idea of penetration testing. Except we would do this in a networking perspective by checking our reports, checking to see that our devices have been updated and looking for vulnerabilities, and testing our own system to see if we're still vulnerable to them. All that's under the guise of ethical hacking. Bad actors are malicious hackers. They are typically outside hackers, criminals, other governments, or just someone seeking to cause general mischief all fall into this idea of a bad actor. Unfortunately, the most successful attacks also involve an inside hacker. This could be an employee, contractor, or just whether they're disgruntled or they're just greedy or self-serving to one extent or another. Non-malicious really does fall in between these. It is a bad actor that lacks intent. All of the bad actors really are malicious. They have an intention of trying to cause it denial-of-service, or to intercept traffic, or to alter traffic in one way. The last term that we'll cover is this idea of malware and we're really going to dive into malware more in the next video. But malware is defined as malicious code that executes unauthorized actions on a device. The idea is its bad software, for example, steals data, locks up a device, does encryption when it's not supposed to, and is often the key component of many of these exploits, not the only component. We'll see there's a human factor, there's other factors involved, but the classification of malware is going to be based on how the malware infects the system and based on what the Malware does. In the next video, that's what we're going to take a look at, as these different types of malware based on their symptoms and how they're deployed. We covered a broad overview of CIA confidentiality, integrity, and authorization. We looked at vulnerabilities and the threats that take advantage of them, and we defined what malware is. In the next video, we'll dive deeper into what exactly different types of malware are and how we define them. That's it for this video, I'll see you guys in the next one. Thank you very much.
