I am looking for examples of a configuration management plan that describes baseline security/applications/programs for workstations and servers. I have found lots of information on how to do this in a large company by using lots of people to hold lots of meetings and write lots of papers. I only have me. I'm looking for some generic example of what this would look like. Maybe it's writer's block. Key words would be NIST and cyber security.
I'm hoping you have come across something like this in the past.

Anyone can point me to a good study material & model answers for
CIA (Certified Internal Auditor) examination?

Any free online sample test (with immediate answer) CBT will be
good too

Given the turf wars between Firefox and Google over how they handle and display "secure" web sites, are EV SSL Certificates of any value any more?  

To the general public user that is; I know the CAs think they are of value!

The green bar of IE was nice in its day but that has long gone. A LetsEncrypt certificate site looks pretty much the same as an EV certificate site now to all intents and purposes. I mean, how many users are actually checking this - real world users that is, not us.

And are there any policies enforcable by anything that would prevent accessing a NON-EV certificated site?

My insurance broker client, who sells policies via their e-commerce website, received an email from New York State Department of Financial Services (DFS) asserting a requirement that my client file a "Certification of Compliance" by February 15, 2020.

I've never heard of this before, nor has my client. The entity's website is www.dfs.ny.gov. I assume we must file as indicated, but I can't tell if this is something required only of businesses incorporated in NY State, which my client's company is not.

I'd be grateful to know if anyone here knows whether whether a response on my client's part is required. Following are the money quotes from the email:

"All regulated entities and licensed persons of the DFS were required to file an annual cybersecurity regulation Certification of Compliance under Part 500.  Although you did not file a Certification of Compliance this year, this is an early reminder that one is due by February 15, 2020.  If you are compliant with all sections of the Part 500 that apply to you by the end of the year, then please file your Certification in a timely manner.   If you do not file a Certification because you were not compliant with Part 500, then please keep appropriate documentation including any remedial plans....

"The Department will consider a failure to submit a Certification of Compliance as an indicator that the cybersecurity program of the Covered Entity has a substantive deficiency.  Any current or future deficiencies of Part 500 …

Dear all,

My laptop (Microsoft Windows 10,  Enterprise 2016 LTSB, Build 14393). It's a Dell Latitude and a bit old but was working OK. Lately, it has been slow and displays erratic behaviors (strange processes, pop ups, power Shell down based on Event viewer, will come back to this in a second). Besides the Falcon Sensor Free trial and a paid version of Symantec End point protection, I've run different scans such as ESET  Online Scan, Restoro, I have done that for days with no luck so I think it could be a bad Windows 10 version.

Today when I checked the USERS folder in C, there was a new user! and there were traces of strange events on the event  viewer including the log on of this user (DAU1-2106).

On the other hand, I was installing Visual studio yesterday when the "log on" happened, can Visual Studio create a new user during installation?

I also tried identifying the username of the SID by using the wmic command in cmd and it was not found to be in the domain.



Please let me know if it's safe to attach the files on here as they can contain sensitive information of my network and user names, etc.


Thank you very much and I will check back in a few minutes.

Kind Regards,
D

Hi All,

In Mcafee EPO how can we identify the hash value of files and how to search and verify the malicious files with their hash values ?

Please advise

Best Regards,
Ganpat

We get an audit finding from one of the Big Four audit firms as follows:
"A study should be conducted to determine the granularity of the segmentation of end-users. Minimally,
  IT administrators should be in a separate network segment from the rest of the end-users."
"Inadequate network segmentation increases the ease and risk of lateral movement by cyber-
  attacks, if a server or device in the segment is compromised."

As sysadmins have "privileged" access to servers & compromise of their PCs will risk compromising
the servers in a 'privileged' way, we'll adopt the recommendation.

I'll need some good points/arguments to support our stand of not further segmenting each
departments from each other:

a) the main exposures are from "Internet surfing" & emails access (lots of malicious attachments,
    phishing, spam emails seen in email gateways) besides USB ports

b) all other users belong to same trust domain as they read emails & surf internet (yes, the
     sysadmins are encouraged to surf internet on PCs not used to surf Net & read emails)

c) for workstations used for Industrial Control Systems/Operations Tech, they don't have email
    access & Internet surfing &  have been rightfully segregated as per existing set-up

d) To prevent lateral attacks, EDR, AV & email security (forwarding of malicious emails to
     other colleagues) are in place with SIEM for detecting such events in the pipeline

e) if we were to segregate every departments (eg:…

Hi
Is there a technology related with Cybersecurity called Lawful Interception Solutions . If yes, what does this do ? Is it cloud based or on-prem. ? Which vendors has it etc .

Looking for basics to understand the concept and any links for me to move further .

Regards,
Sid

I'm trying to configure a rule in Cisco CES cloud platform the stops people masquerading as the CEO
for attempted Phishing. So on our previous FW we had if the mail has the sender as 'our ceo' but does not come from
our Domain, then drop. I can see where to configure this in the CES.

IP conflict in 2 of 8 security cameras recently added of the OOSSXX type.  How to fix. All 8 are remotely viewable but the 2 conflicting cameras show the images shared and flipping between their two images. Windows 10 pro PCs and Apple in use. please advise easy, best way to resolve the IP conflicts. Thanks tons
‘:o)
Asta

I have a client who has had two separate credit cards compromised in the last week.  Same user, same computer, different secure websites, and two totally different cards.  I have run malware and AV scans on the machine, verified the web browser was fully patched and didn't have any extensions installed, verified Gateway AV IPS and App Control was enabled on the Sonicwall.  We looked for rogue APs and came back clean.  Both cards were used within an hour of being used for online transactions and the cards were entered in to the web browser manually, not saved.  I am running out of ideas on where to look or what to even look for.  Any help would be appreciated.