3/2/25, 7:30 PM ISA-unit1

Intro

Information :
is processed, structured, or organized data that provides meaning orcontext and is useful for
decision-making, understanding, or performing specifictasks.

Information Security (InfoSec) :

refers to the practices, principles, and tools
designed to protect information from unauthorized access, disclosure, alteration,
destruction, or disruption.

CIA ensures InfoSEC

1. Confidentiality (accesssible to only authorized )
2. Integrity (no tampering of data)
3. Availability (Available to those who have authZ)

Client side devices:

primary interface for users to interact with the digital
world. Example

Desktops : pc for regular use at fixed location ; stationary ; different components

(CPU,Ups,Monitor,Keyboard); upgradable cpu,gpu,ram
Laptops : portable; integrated wifi ; battery ; Fixed cpu,gpu,ram and mobile devices;
Mobile devices : smartphones,tablets; portable; integrated wifi; battery; upgradable ram;
Wearables : devices worn over body ; compact; portable
IOT devices : Internet - connected devices ;limited computing power

file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 1/6

3/2/25, 7:30 PM ISA-unit1

Desktop

Setup (Desktop)
1. Assemble
2. physical damage check
3. Attach monitor to CPU and power
4. Connect kwyboard , mouse , audio devices using cables (usb, 3.5 mm) or bluetooth
5. Establish Internet connection using wifi or ethernet
6. Printers, External Drives other peripherals
7. Plug the power cord in wall outlet , also use surge protectors
8. Power On ,Open BIOS(BIOS is a program that starts a computer and manages data flow
between the computer's operating system and its
devices. It's stored on a chip on the computer's motherboard and is pre-installed.)
9. Ensure system recognizes all hardware devices
10. Install OS , Install Drivers
11. Update OS , Install essential software , Check connections

Managing Desktop
1. Keeping system updated (apps & os)
2. Upgrade hardware like RAM & drive
3. Dust cleanup
4. Uninstall waste s/w like bloatware
5. Backup data

Securing Desktop
1. For physical security, place the PC in a safe and stable environment
• Use a physical lock for the CPU case and desk to prevent tampering or theft.
• Protect against power surges, outages, and electrical damage.
2. For cybersecurity, use reputable antivirus software like Norton, McAfee, or Windows Defender
and built-in firewall
3. Password Protect All Accounts.Create complex passwords with a combination of letters,
numbers, and symbols. Use a password manager to securely store and manage passwords.
4. For online accounts, enable Two-Factor Authentication (2FA) for an added layer of security.
5. Use a VPN (Virtual Private Network) , a technology that creates a secure, encrypted connection
over the internet between your device and a remote server. It allows you to send and receive

file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 2/6

3/2/25, 7:30 PM ISA-unit1

data securely and privately, even on public networks. if accessing sensitive data over public
networks.
6. Avoid clicking on unknown links or downloading attachments from untrusted sources.
7. Use HTTPS websites for secure data transfer.
8. Create Separate Accounts. Use a standard user account for daily activities and reserve the
administrator account for system changes.
9. Enable Automatic Locking. Set the PC to lock automatically after a period of inactivity.
10. Use tools like Task Manager (Windows) or Activity Monitor (macOS) to detect unusual behavior.
11. Restore Backups. Use external backups or cloud services to restore data if compromised.
12. Automate Maintenance Tasks and schedule automatic updates, backups, and scans for
convenience.
13. Invest in Quality Hardware.Dispose of Old Hardware Securely. Wipe all data from old drives
before discarding or recycling them.
14. For Long-Term Management and Security, regularly educate yourself. Stay informed about new
threats and best practices for PC security.
15. Contact Support. For severe hardware or software issues, seek assistance from professionals or
the manufacturer.

Mobile Devices

Setting up Mobile Devices

1. Power on the device and select your preferred language and region.
2. Connect to a secure Wi-Fi network for system updates and app downloads.
3. For Android: Sign in with a Google account.
For iOS: Sign in with an Apple ID.
4. Use tools like iCloud, Google Drive, or third-party apps to transfer data from an old device.
5. Download applications from trusted sources like Google Play Store or Apple App Store

Managing a Mobile Device

1. Corporate-Owned Devices are pre-configured with the required applications and security
policies. Use Mobile Device Management (MDM)
solutions to automate enrollment.
2. Enforce Security Policies like Password complexity (e.g., alphanumeric, 8+ characters),
Biometric authentication like fingerprint or
facial recognition, Lock screen timeout to limit unauthorized access.

file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 3/6

3/2/25, 7:30 PM ISA-unit1

3. Pre-install Critical Apps like Productivity tools (e.g., Microsoft Teams, Zoom) and Security apps
(e.g., VPN clients, endpoint protection).
4. Disable auto-connection to open or public networks. Configure devices to use a Virtual Private
Network (VPN) for secure remote access.
5. Use an enterprise app store to provide secure applications. Block installation of unapproved or
potentially harmful apps.
6. Ensure apps are regularly updated to patch vulnerabilities.
7. Limit app access to sensitive data like location, camera, and contacts.
8. Monitor compliance with security policies using MDM.
9. Detect jailbroken/rooted devices that pose security risks.
10. Use analytics to identify trends, such as frequent policy violations.

Security of Mobile Device

1. Data Security: Ensure full-disk encryption to protect data at rest. Encrypt backups stored on the
cloud or locally.
2. Data Loss Prevention (DLP): Restrict copying and sharing sensitive data. Block unauthorized
apps from accessing corporate files.
3. Configure devices for remote wiping in case of loss or theft.
4. Ensure that employees or users must connect to a Virtual Private Network (VPN) before they
can access sensitive or internal corporate systems, data, or applications. This policy ensures that
all communication between the user's device and corporate resources is encrypted and secure.
5. Block connections to unsecured Wi-Fi networks. Disable Bluetooth when not in use to prevent
attacks like Bluejacking (
Bluejacking is a form of unauthorized communication where a person sends unsolicited
messages or files to another person's Bluetooth-enabled device. It is typically used as a prank
rather than a serious cyberattack, but it can also be disruptive or alarming.)
6. Continuously verify users and devices before granting access.
7. In case of lost or stolen Devices, use MDM to remotely lock or wipe the device.
8. Maintain logs of device activity for forensic analysis during an incident.
9. Design usage policies: Define what is allowed on corporate and BYOD devices,Require regular
password changes and prohibit device sharing.

file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 4/6

3/2/25, 7:30 PM ISA-unit1

ClientOS

Monitoring And Managing ClientOS & Applications

An Information Security Administrator (InfoSec Admin) is responsible for ensuring that client
operating systems (OS)
and applications are secure, up-to-date, and compliant with organizational policies.

Monitoring and managing these systems involves proactive measures to detect vulnerabilities,
enforce security protocols - Monitor system performance Track CPU, memory, and disk usage to
ensure systems run efficiently and detect abnormal behavior. - Monitor all user activities - user
logins, file access, and software usage for suspicious activity. - Ensure configurations meet
regulatory standards like GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came
into effect on May 25, 2018, within the European Union (EU). It establishes guidelines for collecting,
processing, and storing personal data to protect individuals' privacy and data rights. - As per this law,
data must be processed legally and transparently, data should only be collected for specific, explicit,
and legitimate purposes, collect only the data necessary for the intended purpose, ensure data is
accurate and up-to-date, retain data only for as long as necessary, protect data from unauthorized
access or breaches. Organizations must demonstrate compliance with GDPR.
Rights of individuals under GDPR: 1. Individuals can request access to their personal data. 2.
Individuals can have inaccurate data corrected. 3. Individuals can request their data be deleted under
certain conditions. 4. Individuals can receive their data in a portable format or have it transferred. 5.
Individuals can limit how their data is processed. 6. Individuals can object to data processing,
especially for marketing. 7. Right Not to Be Subject to Automated Decision-Making (Examples - Loan
approvals or denials, Employment screening and hiring, Credit scoring, Online behavioral
advertising): Includes profiling that significantly affects them

Managing ClientOS
1. Review system logs from OS (e.g., Windows Event Viewer, Linux syslog) for errors or security
events.
2. Deploy EDR tools to identify and respond to advanced threats on endpoints.
Endpoint Detection and Response (EDR) is a cybersecurity solution designed to detect,
investigate, and respond to threats targeting endpoint devices such as desktops, laptops,
servers, and mobile devices.
EDR tools provide real-time visibility, threat detection, and automated or manual response
capabilities to address potential security incidents effectively.

file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 5/6

3/2/25, 7:30 PM ISA-unit1

The EDR tool continuously monitors these endpoints for suspicious activities.
The EDR solution collects behavioral data from endpoints. This includes processes, file
activities, user behaviors, and network connections.The data gives a real-time view of
endpoint behavior, which is essential for identifying anomalies
or threats.

Working :
The collected data is sent to a centralized database that uses:
Big Data techniques: To manage and process large volumes of data. + Machine Learning
(ML): To identify patterns, detect anomalies, and predict potential threats.
The processed information is shared with IT administrators and security analysts. Analysts can: -
Investigate threats using detailed context provided by the EDR tool or make informed decisions
about how to handle incidents. - The system provides both manual controls (for analyst-driven
actions) and automation (for
immediate response).
3. Microsoft Windows Server Update Services (WSUS) is a server role included in Windows
Server that enables administrators to manage the distribution of updates and patches released
by Microsoft for Windows operating systems, Microsoft Office,and other Microsoft software
products.
WSUS acts as an intermediary between Microsoft's update servers and client devices,
providing centralized control over the patching process.
Allows IT administrators to approve, schedule, and deploy updates across the organization's
network.
Admins can approve updates for specific devices or groups of devices, ensuring tailored
patching policies.
WSUS downloads updates from Microsoft servers once and distributes them locally,
reducing internet bandwidth usage.
4. Security Information and Event Management (SIEM) is a cybersecurity solution that provides
real-time monitoring, analysis, and
management of security events and information across an organization's IT infrastructure.
It combines two core functionalities:
It focuses on long-term storage, analysis, and reporting of log data.
Real-time monitoring and correlation of events, along with incident responses.
Aggregates logs and event data from various sources, including firewalls, servers,
endpoints, applications, and databases.
Correlates events across systems to identify patterns that may indicate potential threats
(e.g., multiple failed login attempts
followed by a successful login from a different IP address).
When a potential threat or anomaly is detected, the SIEM generates alerts for the security
team.
file:///C:/Users/mnnbt/OneDrive/Desktop/Stuudi/Data Visualization/ISA-unit1.html 6/6