<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">

<meta name="Generator" content="Microsoft Word 15 (filtered medium)">

<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}

o\:* {behavior:url(#default#VML);}

w\:* {behavior:url(#default#VML);}

.shape {behavior:url(#default#VML);}

</style><![endif]--><style><!--

/* Font Definitions */

@font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

@font-face

        {font-family:"Segoe UI";

        panose-1:2 11 5 2 4 2 4 2 2 3;}

@font-face

        {font-family:"Segoe UI Light";

        panose-1:2 11 5 2 4 2 4 2 2 3;}

/* Style Definitions */

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0in;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri",sans-serif;}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {mso-style-priority:99;

        color:purple;

        text-decoration:underline;}

p.msonormal0, li.msonormal0, div.msonormal0

        {mso-style-name:msonormal;

        margin:0in;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri",sans-serif;}

span.EmailStyle20

        {mso-style-type:personal-reply;

        font-family:"Calibri",sans-serif;

        color:windowtext;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-size:10.0pt;}

@page WordSection1

        {size:8.5in 11.0in;

        margin:1.0in 1.0in 1.0in 1.0in;}

div.WordSection1

        {page:WordSection1;}

--></style><!--[if gte mso 9]><xml>

<o:shapedefaults v:ext="edit" spidmax="1026" />

</xml><![endif]--><!--[if gte mso 9]><xml>

<o:shapelayout v:ext="edit">

<o:idmap v:ext="edit" data="1" />

</o:shapelayout></xml><![endif]-->

</head>

<body lang="EN-US" link="blue" vlink="purple">

<div class="WordSection1">

<p class="MsoNormal">The blue team accidentally sent out our week 11 link last week. So this week we have the following article about Backups and Recovery and I have kept this write up below from last week as a reminder of our link for Configuration Management.

<o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<p class="MsoNormal"><a href="https://www.information-management.com/slideshow/avoiding-the-7-biggest-threats-to-data-backup">https://www.information-management.com/slideshow/avoiding-the-7-biggest-threats-to-data-backup</a><o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<p class="MsoNormal">As we noted in class last week this article discusses the topics of backing up data shouldn&#8217;t mean back-of-mind security, how administrators are not backing up properly in Office 365 (which we did not discuss but is a major issue for lots

 of organizations), testing your backups to ensure they will actually restore your data, ransomware affecting your backups, and maintaining a backup system in the same network operating environment may be easy, but it isn&#8217;t smart.<o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<p class="MsoNormal">These are all important factors to consider when implementing backups and restores, of which most we covered last week. As for this weeks article please see below.

<o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<p class="MsoNormal">Thanks,<o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<p class="MsoNormal">Blue Team<o:p></o:p></p>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<div>

<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">

<p class="MsoNormal"><b>From:</b> cs615asa-bounces@lists.stevens.edu &lt;cs615asa-bounces@lists.stevens.edu&gt;

<b>On Behalf Of </b>Huajie Xu<br>

<b>Sent:</b> Monday, April 08, 2019 6:11 PM<br>

<b>To:</b> cs615asa@lists.stevens.edu<br>

<b>Subject:</b> [cs615asa] Blue Team Link Week 10<o:p></o:p></p>

</div>

</div>

<p class="MsoNormal"><o:p>&nbsp;</o:p></p>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black">Hello everyone,<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p>&nbsp;</o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black">This week, Blue Team found an article talking about the importance of Configuration Management, the 4 stages to robust SCM, and other things an administrator should consider while implementing

 Sonfiguration Management.<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p>&nbsp;</o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black">According to the author, SCM can not only identify misconfigurations that make the systems vulnerable but can also identify &#8220;unusual&#8221; changes to critical files or registry keys. The 4 stages are:

 Device Discovery, Establish Configuration Baselines, Assert Alert and Report changes and Remediate.<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p>&nbsp;</o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black">There are also other considerations such as Policy creation and management. Although the configuration management process is complex, works will be handled properly through automation if using

 the right SCM methods.<o:p></o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p>&nbsp;</o:p></span></p>

</div>

<div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tripwire.com%2Fstate-of-security%2Fsecurity-data-protection%2Fsecurity-configuration-management%2Fwhy-security-configuration-management-matters%2F&amp;data=02%7C01%7Cbbiggs%40stevens.edu%7Cad188874aa754a62acca08d6bc6f1ced%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C636903582798500653&amp;sdata=qZmiNEHGH0Cu9oc%2F9V9iSkBHCUdhQorLHSRVA6YXNmI%3D&amp;reserved=0">https://www.tripwire.com/state-of-security/security-data-protection/security-configuration-management/why-security-configuration-management-matters/</a><o:p></o:p></span></p>

<div style="margin-top:12.0pt;margin-bottom:12.0pt;min-width: 424px" id="LPBorder_GTaHR0cHM6Ly93d3cudHJpcHdpcmUuY29tL3N0YXRlLW9mLXNlY3VyaXR5L3NlY3VyaXR5LWRhdGEtcHJvdGVjdGlvbi9zZWN1cml0eS1jb25maWd1cmF0aW9uLW1hbmFnZW1lbnQvd2h5LXNlY3VyaXR5LWNvbmZpZ3VyYXRpb24tbWFuYWdlbWVudC1tYXR0ZXJzLw..">

<table class="MsoNormalTable" border="1" cellpadding="0" width="100%" style="width:100.0%;border:solid #C8C8C8 1.0pt">

<tbody>

<tr>

<td valign="top" style="border:none;padding:9.0pt 27.0pt 9.0pt 9.0pt">

<div style="margin-right:9.0pt;overflow:hidden" id="LPImageContainer787938">

<p class="MsoNormal"><a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tripwire.com%2Fstate-of-security%2Fsecurity-data-protection%2Fsecurity-configuration-management%2Fwhy-security-configuration-management-matters%2F&amp;data=02%7C01%7Cbbiggs%40stevens.edu%7Cad188874aa754a62acca08d6bc6f1ced%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C636903582798500653&amp;sdata=qZmiNEHGH0Cu9oc%2F9V9iSkBHCUdhQorLHSRVA6YXNmI%3D&amp;reserved=0" target="_blank"><span style="text-decoration:none"><img border="0" width="240" height="131" style="width:2.5in;height:1.3645in" id="LPThumbnailImageId787938" src="https://www.tripwire.com/state-of-security/wp-content/uploads/sites/3/thumb_shutterstock_279097199_1024.jpg"></span></a><o:p></o:p></p>

</div>

</td>

<td width="100%" valign="top" style="width:100.0%;border:none;padding:9.0pt 27.0pt 9.0pt 9.0pt">

<div style="margin-right:6.0pt;margin-bottom:9.0pt" id="LPTitle787938">

<p class="MsoNormal"><span style="font-size:16.0pt;font-family:&quot;Segoe UI Light&quot;,sans-serif"><a href="https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tripwire.com%2Fstate-of-security%2Fsecurity-data-protection%2Fsecurity-configuration-management%2Fwhy-security-configuration-management-matters%2F&amp;data=02%7C01%7Cbbiggs%40stevens.edu%7Cad188874aa754a62acca08d6bc6f1ced%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C636903582798510667&amp;sdata=XgvRo%2BKIcuFiBihoTlk5tAEPjyyzIcSAdgx9L%2BiK%2FZQ%3D&amp;reserved=0" target="_blank"><span style="text-decoration:none">Why

 Security Configuration Management (SCM) Matters</span></a><o:p></o:p></span></p>

</div>

<div style="margin-right:6.0pt;margin-bottom:9.0pt;max-height: 100px;overflow:hidden" id="LPDescription787938">

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:&quot;Segoe UI&quot;,sans-serif;color:#666666">Without a security configuration management plan, the task of maintaining secure configurations even on a single server is daunting. But if you&#8217;re using the

 right SCM tool, the bulk of the work will be handled for you through automation.<o:p></o:p></span></p>

</div>

<div id="LPMetadata787938">

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:&quot;Segoe UI&quot;,sans-serif;color:#A6A6A6"><a href="http://www.tripwire.com">www.tripwire.com</a><o:p></o:p></span></p>

</div>

</td>

</tr>

</tbody>

</table>

</div>

<p class="MsoNormal"><span style="font-size:12.0pt;color:black"><o:p>&nbsp;</o:p></span></p>

</div>

</div>

</body>

</html>