Week 4

 

                      Security Solutions for Infrastructure Management

Infrastructure management involves overseeing and maintaining all the core components of an IT system—like servers, networks, storage, and software. Because these systems are critical to daily operations, they are also major targets for cyberattacks. That’s why having strong security solutions in place is essential.

Key security solutions include:

1. Network Security – Using firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs to protect data in transit and prevent unauthorized access.

2. Access Control – Limiting who can access what using role-based access control (RBAC), multi-factor authentication (MFA), and secure login systems.

3. Patch Management – Keeping systems updated to fix known vulnerabilities and reduce the risk of exploitation.

4. Endpoint Protection – Installing antivirus, antimalware, and endpoint detection tools on devices like laptops and servers.

5. Monitoring and Logging – Continuously watching system activity to detect suspicious behavior and keep audit logs for investigations.

6. Backup and Disaster Recovery – Creating regular backups and having a plan to restore systems in case of failure or attack, like ransomware.

7. Security Policies and Training – Educating staff about best practices and enforcing rules to avoid human errors that lead to security breaches.

By applying these security measures, organizations can better protect their IT infrastructure, ensure service availability, and maintain data integrity—especially in today’s complex and constantly evolving threat landscape.

Week 3

 

                      Threats and Vulnerabilities When Using the Cloud

Using the cloud means storing and running your apps and data over the internet instead of on your own computer or server. It’s super convenient and saves money, but it also comes with some risks you should know about.

One big worry is data breaches. When your info is in the cloud, hackers might try to sneak in and steal sensitive stuff like personal details or company secrets. If security isn’t tight, they can get in through weak passwords, software bugs, or things like open storage that’s accidentally left public. Since cloud data can be accessed from anywhere, it makes it easier for bad guys to find a way in.

Another problem is losing data. Unlike keeping files on your own computer, cloud data depends on the provider’s systems. If something goes wrong—like a crash, accidental deletion, or a natural disaster—your data could be lost for good if there aren’t good backups.

Account hijacking is also a risk. Hackers can steal login info through phishing emails or guessing weak passwords. Once they get control, they can mess with your data or cause bigger problems. That’s why using extra security steps like two-factor authentication is super important.

Cloud services rely a lot on APIs—basically the way different programs talk to each other. If these aren’t well-protected, hackers can use them to break into your cloud and take over.

A lot of issues happen because of misconfiguration—basically, someone sets up the cloud the wrong way. Maybe they leave security settings too open or forget to change default passwords. This can leave your data exposed to anyone who finds it.

Insider threats are another challenge. Sometimes people who are allowed to access the cloud—like employees—might accidentally or on purpose do something harmful. Since they already have access, it’s tough to spot, so keeping an eye on who does what is key.

Cloud services can also get hit by Denial of Service (DoS) attacks—where hackers overload the system with fake traffic, making your cloud slow or completely down. This can mess up your work and cost you money.

Finally, because cloud providers share their hardware and networks among many customers, there’s a chance that a hacker could break into one part and affect others. That’s why cloud companies need to have strong protections on the infrastructure they share.

In short, the cloud makes life easier but also brings risks like hacking, data loss, and misconfigurations. To stay safe, you have to use strong passwords, enable extra security like two-factor authentication, keep an eye on your settings, and work with trusted cloud providers. Knowing these risks and how to handle them helps you enjoy the cloud without getting burned.

Week 2

 

Web application scanners are tools that check websites and web apps for security problems. They test different parts of a site, like login pages, forms, and data inputs, to find weaknesses that hackers could exploit. Some of the most common vulnerabilities they look for are SQL injection (where attackers trick a site into giving away or changing data), cross-site scripting (XSS) (which lets hackers run harmful code on a user’s browser), broken authentication (weak login systems), and security misconfigurations (like leaving important settings open). After scanning, these tools provide reports that show what issues were found and how serious they are, so developers can fix them quickly. Using web application scanners regularly helps keep websites secure and protects user data from attacks.

Week 1

Hey everyone! 😁

    My name is Maria T., and I’m excited to kick off my learning journey in BSIT380 – System Hardening and Network. In today’s world, where cyber threats are constantly evolving, it’s more important than ever to understand how to protect systems and networks. 

    This course explores the tools, techniques, and best practices used to secure IT environments, reduce vulnerabilities, and defend against potential attacks. From learning how to identify weaknesses before hackers do, to applying real-world strategies that help keep data safe, BSIT380 is all about building stronger, smarter, and more secure systems. I’ll be using this space to share what I’m learning, reflect on important topics, and break things down in a way that’s easy to understand. Let’s get started!