Security: Troubleshoot Common Security Issues - Paiet/Tech-Journal-for-Everything GitHub Wiki

Unencrypted credentials/clear text
- FTP, Telnet, PAP, HTTP
Logs and events anomalies
- Clear log Audit Logs in Windows
Permission issues
- Win10-2 Shared Folder (wbryan)
- Connect from Win01
Access violations
Certificate issues
- Show Local Cert Store Intermediate CA\CRLs
- http://www.badssl.com
Data exfiltration
- FTP
Misconfigured devices
- Firewall
  - Disabled/Enabled
  - Authentication Mismatches in wf.msc
  - Rule misconfiguration
- Content filter
  - Show Filtering in MSAs
- Access points
  - Show http://ui.linksys.com
  - Weak Cipher(WPS)(WEP)
  - Unencrypted Remote Management
Weak security configurations
- Show TLS1.0 Connection on http://www.badssl.com
- Mentioned throughout
Personnel issues
- Policy violation
- Insider threat
- Social engineering
- Social media
- Personal email
Unauthorized software
- Remove the root Certificate for notepad++
- Applocker
Baseline deviation
- Baselines define the expected configuration of a systems as well as what the acceptable performance levels of a system. When configurations or performance levels changes the baseline will show evidence of this fact and point to a deviation from the configuration.
License compliance violation (availability/integrity)
Asset management
Authentication issues
- Domain Issues
  - Missing Domain Trust
  - Unavailable Logon Server
  - Extremely strict policies
  - Anonymous login (missing non-repudiation)
- User
  - Incorrect password
  - User lockout