Training – Operating System Privacy and Security

Operating System Privacy and Security

  • 1. Operating System Telemetry – configuring protection in Windows 10

    (slides) (recording)
    The session provides an insight into the telemetry mechanism Windows uses for data collection and how it can be configured to the needs of an organisation. It also explores additional ways to make Windows 10 more privacy friendly.

  • 2. Logging and Audit – Log management and audit strategies

    (slides) (recording)
    All IT users know about log files and many of them, and not only system administrators, even regularly look at application logs, syslog entries, or Windows Eventlogs. However, without sound processes in place for analysing these logs, their value is significantly reduced.

    The session provides an insight into log management as well as audit strategies and some practical tips for configuring windows and Linux logging/audit settings and understanding the need for central log collection and examination.

  • 3. File Integrity Monitoring (FIM) for detecting security incidents

    (slides) (recording)
    Detecting malicious changes to operating system files early and thoroughly is vital to the handling of security incidents. Programs to look out for such changes however are rarely used, although these have been around for a long time and their usefulness is unequivocally recognised. This seems rooted in the assumption that it is difficult and time-consuming to operate such programs properly.

    The session introduces the concept of file integrity monitoring (FIM) and gives practical tips to participants on how to plan and start adopting FIM in their organisation. It also includes a live demonstration of one of the latest open source FIM solutions ‘Wazuh’.

  • 4. Network 1st Hop Security

    (slides) (recording)
    Configuring end-user systems for accessing directly attached networks is being facilitated through use of automatic configuration protocols such as DHCP or IPv6 Router Discovery. Also, for operation on attached links, finding the corresponding link-layer address to an ip-address is done using protocols such as ARP or IPv6 Neighbor Discovery.

    While these protocols are vital to the operation of the network, they inherit a number of security risks, which are also explored in this session, as well as ways to mitigate some security risks.

  • 5. Authentication Methods – how to avoid common pitfalls

    (slides) (recording)
    Authentication is the basis for any kind of secure system. Unfortunately, it is also easy to get wrong, and getting it wrong fundamentally breaches a system’s security.

    The session provides an overview of authentication methods and outlined the most important and relevant approaches in more detail to help participants avoid the most common pitfalls in this area.

Skip to content