Incident Summary:
A sales manager mistakenly shared access to an internal folder containing confidential documents. A sales team member later shared the link to that folder with an external business partner, who published it on social media, exposing sensitive information.
Security Principle: Least Privilege (NIST SP 800-53: AC-6)
This incident highlights the importance of giving users only the minimum access necessary to perform their duties.
Project Description:
In this project, I used Linux commands to check and change file and directory permissions. This helps to make sure only the right users can access or modify files, keeping the system secure.
Project Description:
In this project, I applied SQL filters to investigate login attempts and employee data. I queried the log_in_attempts table for failed logins after hours, on specific dates, and outside of Mexico. I also queried the employees table to identify users by department and office location for system updates.
Project Description:
In this project, I created a Python program that automates updating a list of allowed IP addresses by removing restricted ones. The program reads the allow list from a file, compares it with a remove list, and updates the file to ensure only authorized IPs remain. This enhances access control and data security.
Process Overview:
open() and with for safe handling.read() and .split() to get a list of IPs.join()