1 00:00:00,000 --> 00:00:17,519 Hey guys and welcome back. Now in the previous nugget we had talked about some of the security 2 00:00:17,519 --> 00:00:22,480 tools that we can use to of course help our security. What we're now going to look at 3 00:00:22,480 --> 00:00:27,400 are some security resources that we have available to us that we must know for the 4 00:00:27,399 --> 00:00:33,600 LPIC 2 examination. So with that said let's talk about it. Now before we actually just 5 00:00:33,600 --> 00:00:38,200 look at these resources some things we have to be aware of are the types of things we 6 00:00:38,200 --> 00:00:44,439 want to be looking for. One thing we want to be aware of software updates. So really 7 00:00:44,439 --> 00:00:50,959 if some type of software has been discovered to have a bug in it i.e. some type of flaw 8 00:00:50,959 --> 00:00:55,759 that could be manipulated that could otherwise compromise the security that software may 9 00:00:55,759 --> 00:01:00,519 be issued with something called a patch. A patch is really just a piece of code that 10 00:01:00,519 --> 00:01:06,319 is going to implement the fix to correct the flaw that is within the original software 11 00:01:06,319 --> 00:01:11,719 and that's going to integrate with the software itself. So when you happen to run your software 12 00:01:11,719 --> 00:01:17,280 updates that have the latest patches then your system will no longer be vulnerable to 13 00:01:17,280 --> 00:01:22,599 that particular bug. So really keeping on top of your software updates very very important 14 00:01:22,599 --> 00:01:29,079 cannot be overstated. Another thing we want to be aware of are security alerts. This is 15 00:01:29,079 --> 00:01:35,719 really you know when some type of vulnerability is discovered within the security community. 16 00:01:35,719 --> 00:01:42,199 You want to be aware of a particular trojan or virus or worm. Maybe some type of ransomware 17 00:01:42,199 --> 00:01:47,359 that is going around. To be secure you have to have an awareness of the threats that are 18 00:01:47,359 --> 00:01:53,480 around. So you really want to keep your ear to the ground and be aware of these types 19 00:01:53,480 --> 00:01:59,079 of alerts. So this type of information you know understanding when particular patches 20 00:01:59,079 --> 00:02:04,960 have been released which patches fix what problems as well as what type of threats are 21 00:02:04,960 --> 00:02:10,079 currently out on the horizon. Then we want to consult some type of security resources. 22 00:02:10,079 --> 00:02:16,240 Now the first service you want to be aware of is something called CERT. Now this is 23 00:02:16,240 --> 00:02:21,360 the computer emergency response team and you can find information relating to CERT's 24 00:02:21,360 --> 00:02:28,560 resources at CERT and that's not CERT it should be CERT.org. So on this website you will find 25 00:02:28,560 --> 00:02:34,200 things such as blogs, podcasts, all of this stuff is going to be security focused. All 26 00:02:34,200 --> 00:02:40,840 of it going to be very very valuable in keeping you up to date with the security landscape. 27 00:02:40,840 --> 00:02:46,160 So if you happen to search for CERT.org you should be redirected to this URL. This is 28 00:02:46,159 --> 00:02:51,840 ultimately ran by Carnegie Mellon University and we can see here the CERT division is a 29 00:02:51,840 --> 00:02:58,199 leader in cybersecurity. Now on this website you're going to find a whole bunch of valuable 30 00:02:58,199 --> 00:03:04,439 information such as security vulnerabilities and like I say we have blogs, we have podcasts, 31 00:03:04,439 --> 00:03:09,800 lots and lots of very valuable information. Now the other resource I want to highlight 32 00:03:09,800 --> 00:03:18,800 to you is one called Bug Track and that is a bug track with a Q actually at the end. 33 00:03:18,800 --> 00:03:23,760 Now all bug track is as opposed to being a website it's more of a mailing list and it 34 00:03:23,760 --> 00:03:30,040 is a mailing list developed by the team over at securityfocus.com. Basically this is going 35 00:03:30,040 --> 00:03:37,160 to allow you to sign up to this mailing list and have some highly curated, inveted security 36 00:03:37,159 --> 00:03:41,719 information that you can trust sent directly to you. So if you do subscribe you can get 37 00:03:41,719 --> 00:03:47,639 information on things such as zero days. These are just newly discovered vulnerabilities 38 00:03:47,639 --> 00:03:54,280 and software you can find information relating to those patches that can be used to fix these 39 00:03:54,280 --> 00:03:59,800 vulnerabilities. Now the crucial thing to note about these resources is that they are reputable 40 00:03:59,800 --> 00:04:05,599 and trustworthy. This is why they happen to be recommended because you can have a high 41 00:04:05,719 --> 00:04:10,759 degree of confidence that what you're being told within these sites happens to be accurate 42 00:04:10,759 --> 00:04:17,480 data vetted by trusted professionals and this is why the LPEC2 likes to highlight these types 43 00:04:17,480 --> 00:04:21,920 of resources because ultimately if we're going to be implementing these practices within our 44 00:04:21,920 --> 00:04:27,560 systems for real we want to be dealing like I say with those reputable resources that are 45 00:04:27,560 --> 00:04:32,240 trustworthy. So really that is what we have to understand for the LPEC2 examination. We want 46 00:04:32,280 --> 00:04:39,000 to know the security tools that we can use to help secure our perimeter as well as how we can 47 00:04:39,000 --> 00:04:45,199 gather information about the general security landscape from those trusted resources. So that 48 00:04:45,199 --> 00:04:51,000 is us for security tasks. The next thing we have to look at is the concept of virtual private 49 00:04:51,000 --> 00:04:55,079 networks. What exactly is a virtual private network? Well that's what we're talking about in 50 00:04:55,079 --> 00:04:59,560 the very next nuggets. I hope this has been informative for you and I'd like to thank you for 51 00:04:59,560 --> 00:04:59,879 viewing.