Protect Your Windows Network From Perimeter to Data
by Jesper M. Johansson and Steve Riley
1 - Introduction to Network Protection
Information technology is working properly only when users can stop thinking about how or why it works
Security Management is about spending good money to have nothing happen
Fundamental Tradeoffs are between Cost, Level of Security, and Usefullness/Usability
Microsoft Library - Security Center
A protected network is one with an absence of unmitigated vulnerabilities that can be used to compromise the network
To have a truly secure network you must enumerate every place where it might be insecure and demonstrate that it is not insecure in any of them. This is only possible in theory not in practice (i.e. Chasing Unicorns)
2 - Anatomy of a Hack
No network is any more secure than the least-secure device connected to it
SQL injection is a vulnerability in the application, not the DBMS itself
The only proper way to clean a compromised system is to nuke and pave it
3 - Pat…
by Jesper M. Johansson and Steve Riley
1 - Introduction to Network Protection
Information technology is working properly only when users can stop thinking about how or why it works
Security Management is about spending good money to have nothing happen
Fundamental Tradeoffs are between Cost, Level of Security, and Usefullness/Usability
Microsoft Library - Security Center
A protected network is one with an absence of unmitigated vulnerabilities that can be used to compromise the network
To have a truly secure network you must enumerate every place where it might be insecure and demonstrate that it is not insecure in any of them. This is only possible in theory not in practice (i.e. Chasing Unicorns)
2 - Anatomy of a Hack
No network is any more secure than the least-secure device connected to it
SQL injection is a vulnerability in the application, not the DBMS itself
The only proper way to clean a compromised system is to nuke and pave it
3 - Pat…