This will teach you five easy but effective ways to prevent attackers from accessing your system. These tactics are associated with patching, software vulnerabilities, cryptography, Windows security, and phishing. Each chapter covers the best practices for preventing vulnerabilities and making them more noticeable.

Patching: Acting Swiftly and Securely

When a serious bug is in the news, it’s essential to act quickly. You need to check if you’re using unsecured software and then fix it swiftly. In an ideal scenario, you should already be able to do this. But this course suggests on learning how to do it promptly in a proper way. This way, you can plan and test the fixes without feeling the fight against time. Patching is a time-critical skill. Once a vulnerability is publicized, security researchers and cybercriminals alike start writing scripts and tools to find out vulnerable systems. Scanning tools allow attackers to find your vulnerable public systems even if they’ve never had any reason to attack you before. The internet makes every public-facing computer equally vulnerable. Key actions to take include:

• Check if you’re using the at-risk software and address it.
• Upgrade third-party software.
• Manage dependencies to ensure smooth operations.
• Automate vulnerability detection for proactive security.
• Conduct a network inventory to know your assets.
• Identify published vulnerabilities to stay informed.

Once again, remember, patching is time-sensitive. Once a vulnerability is publicized, security researchers and cybercriminals develop tools to exploit it. The internet puts all public-facing systems at risk, making swift action essential.

Understanding Vulnerabilities: The Weaknesses and Solutions

Software vulnerabilities can lead to significant security breaches. In this chapter, you’ll learn about the inherent weaknesses in software and how to prevent them. The course also provides tips on making it easier to spot when someone is trying to exploit these weaknesses. You’ll also find out about some common mistakes that can make even secure software vulnerable. Key areas to focus on include:

• Learn about the inherent weaknesses in software.
• Spot signs of exploitation more easily.
• Use an analogy involving Roman and a computer to illustrate vulnerabilities.
• HTML encoding to prevent malicious code injection.
• Defenses against XSS attacks to safeguard against cross-site scripting.
• Change default passwords to avoid easily guessable credentials.

Cryptography: Trustworthy Tools Over Custom Solutions

The course warns against creating your security codes, stating, “Never write your crypto.” In this chapter, you’ll find out why it’s better to use trusted tools and methods. You’ll also discover some recommended tools to keep your online chats and messages secure. Key recommendations include:

• Understand the risks of developing your cryptographic solutions. Opt for trusted tools and methods for secure communications.
• Recommended tools include:
• NaCl, libsodium, or Tink for encryption.
• TLS 1.3 (or TLS 1.2 for legacy systems) for secure data transit.
• Scrypt, bcrypt, PBKDF2, or Argon2 for robust password hashing.

Windows Security: Protecting the Most Common OS

Odds are, most computers in your organization run on Windows. Here’s how to enhance their security:

• Follow general security advice from previous chapters tailored to Windows.
• Understand and defend against Mimikatz, a tool used for stealing Windows passwords.

Phishing: Recognizing and Defending Against Deceptive Emails

In the final chapter, you’ll learn about phishing, tricky emails designed to fool you. You’ll find out what attackers are trying to accomplish with these emails. The course discusses what you should learn to spot these scams and how to protect yourself and your organization from falling for them. Phishing remains one of the most common cyber threats. In this chapter:

Learn about various phishing attacks:

• Phished credentials
• XSRF attacks
• Social engineering
• Malware threats

Implement authentication-based defense measures:

• 2FA
• TOTP
• U2F

Additional security measures:

• Sender Policy Framework (SPF)
• Domain Keys Identified Mail (DKIM)
• Domain-Based Message Authentication

Learn more from the course Educative — Practical Security: Defending Your Systems.