Information Security and Risk Management

Security Definitions

Vulnerability:

·        Weakness in Mechanism that can threaten the confidentiality, Integrity, or availability of an asset.

·        Lack of countermeasure

Risks Probability of a threat becoming real, and the corresponding potential damages

Threat someone uncovering the threat and exploiting it

Exposure When vulnerability exists in an environment

Countermeasure A control put into place to mitigate potential loss

Some Examples of Vulnerability that are not always obvious

·        Lack of security understanding

o   Real security requires real knowledge

o   Technical to C-level in companies

·        Misuse of access by authorized users

o   Authorization creep

o   Can now be criminal offense according to specific laws

·        Concentration of responsibilities

o   Separation of duties

·        Not being able to react quickly

o   No response team or procedure

·        Lack of communication structure

·        Lack of ways to detect fraud

o   Rotation of duties

o   Technologies and processes

DB2 HADR Setup

Creating DB2 Database

There are two options to create the database :

1. Control Center
2. Command Based

1. Control Center - Follow below steps,

DB2 Installation

This article describes installing IBM DB2 Universal Database.

Open the Installer Folder/CD and launch DB2 Setup Launchpad.

Select Install a Product -> Select Install New

IIS and Tomcat Redirection on Windows Server 2008

Steps necessary to set up an IIS website that will forward the requests to the Application instance hosted on Tomcat application server and provide support for non IIS compatible extensions, which include jsp.

Below steps to follow :

Deploying RSA Access Manager Self Service Console

The Access Manager User Self-Service Console is a web-based application that allows users to change or reset their passwords and update other attributes, such as first name, e-mail, and other custom properties without any intervention from an administrator.

Steps in Deploying Self Service Application :

1. Set up your application server environment as described in the documentation from the application server vendor.

2. Install the Lockbox dependencies. Self-Service Console uses Lockbox to retrieve the encryption key, for which the Lockbox dependencies must be installed on that machine.

3. Deploy the User Self-Service Console WAR file in your application server environment.

4. Configure the User Self-Service Console by editing its configuration file.

5. Access the User Self-Service Console through your client browser.

Deploying RSA Access Manager Administrative Console

Before You Begin

Before you begin to deploy the RSA Access Manager Administrative Console make sure that:

• LDAP directory host or SQL database host is running.

• The Access Manager Server components are installed.

• Access Manager License file is in place.

• Access Manager Data Adapters are installed.

• Communication between Access Manager Servers and data hosts is tested.