ICE CONSULTING PRODUCTS & SERVICES
🇬🇧
In English
In English
Practice Known Questions
Stay up to date with your due questions
Complete 5 questions to enable practice
Exams
Exam: Test your skills
Test your skills in exam mode
Learn New Questions
Manual Mode [BETA]
Select your own question and answer types
Specific modes
Learn with flashcards
Complete the sentence
Listening & SpellingSpelling: Type what you hear
multiple choiceMultiple choice mode
SpeakingAnswer with voice
Speaking & ListeningPractice pronunciation
TypingTyping only mode
ICE CONSULTING PRODUCTS & SERVICES - Leaderboard
ICE CONSULTING PRODUCTS & SERVICES - Details
Levels:
Questions:
40 questions
🇬🇧 | 🇬🇧 |
Accolades | • 25 years’ experience designing, implementing, and scaling operations • Customer Satisfaction Rating of 97% (out of 5,000 reviews) • The Top 10 Best Performing Managed Security Service Providers by Insights Success Magazine • Top 10 Most Disruptive Cloud Solution Provider from CEO Views Magazine • The Top 25 Technology Providers from CIO Providers • Best Supplier Award – Adaprec, Inc • Best in Class Award – Northrup Grumman • Service of Excellence Recognitions – Ion Torrent, Odyessy Thera |
4 Types of Services | 1. Strategic 2. Administrative 3. Technical 4. Support |
Strategic Services | 1. Provide IT Director services 2. Design IT Infrastructure On-Premise and Cloud 3. Implement Process & procedures based on IT best practices 4. Meet compliance requirements 5. Handle office build-out, migration & expansions |
Administrative Services | 1. Regular IT Meetings 2. Project Management 3. Ticket Management 4. Client Satisfaction reporting 5. Weekly & Monthly IT Reporting 6. Key Performance Index (KPI) Reporting 7. Asset Management 8. Vendor Management 9. Cabling Services 10. IT Room, Cooling, HVAC 11. IT Documentation |
Technical Services | 1. Firewall,Switching, & Routing 2. Linux, Windows & MAC servers & systems 3. Cybersecurity 4. Design & implement Zero Trust Network 5. Virtualization & Storage 6. Backup & Disaster Recovery 7. Wireless Solutions 8. Single Sign ON (SSO) & Multifactor Authetification 9. Mobile Device Management 10. Cloud services management 11. Onboarding & offboarding employees & contractors 12. Printing & phone services |
Support Services | IT SUPPORT SERVICES 1. Onsite technical services 2. Helpdesk-live tech support 24x7x365 including holidays 3. Proactive weekly Preventative Maintenance Network Security Network Infrastructure Systems Infrastructure Endpoints (Desktops, Laptops, & Mobile Devices) 4. NOC (Network Operation Center) 24x7x365 5. Provide IT Training to Users |
Accolades | • 24 years’ experience designing, implementing, and scaling operations • Customer Satisfaction Rating of 97% (out of 5,000 reviews) • The Top 10 Best Performing Managed Security Service Providers by Insights Success Magazine • Top 10 Most Disruptive Cloud Solution Provider from CEO Views Magazine • The Top 25 Technology Providers from CIO Providers • Best Supplier Award – Adaprec, Inc • Best in Class Award – Northrup Grumman • Service of Excellence Recognitions – Ion Torrent, Odyessy Thera |
Real-Time Analysis of Behavior Related Incident SCENARIO: Three times a day on-average John logs into a file share containing critical business data. Then one day, he logs in 100 times…anomaly detected. His credentials were stolen, and he has been personally compromised. | SOLUTION: Using artificial intelligence (AI) and machine learning technology, Securonix establishes a baseline of normal behavior, and compares that baseline to current activity on the network. It triggers an alert when it detects activity outside the norm. The ICE SOC Team opens the alert, contacts your IT Dept, and initiates action based on your Threat Response Plan. RESULT: Threat mitigated before your company loses the sensitive data core to your business. |
Security Stats | WHO - 5 fold increase in cyberattacks in 2020 |
Average cost of 1 breach (+500) | 3.86 million - based on The Ponemon Institute and IBM Security |
Average cost of 1 breach (under 500) | 2.67 million - - based on The Ponemon Institute and IBM Security |
Most frequently compromised type of record | PII (Personally Identifiable Information) The costliest at $150 a record |
Non-Monetary Damages | Loss of intellectual property Years of research down the drain Damage to your brand and reputation Cancelled deals and partnerships Millions in lost productivity, and legal/remediation expenses Disclosure requirements imposed by your clients and governments intellectual property |
The burden placed on IT Staff | Anti-Virus / Anti-Malware / EDR Behavioral analytics Firewall/WAF, Servers on cloud infrastructure Firewalls with UTM URL & DNS Filtering Threat Detection / Threat Prevention IDS / IPS Penetration Testing Threat hunting Log aggregation Wireless rogue activity detection Single Sign On / Multi Factor Authentication Email filter tuning and quarantine management Identify Access Management (IAM) Monitoring of critical data flows Data Encryption Hosted Email services Threat Intelligence and Feed Analysis |
SOC-2 Certification | SOC 2 (System and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. SOC 2 reports are the result of an official SOC 2 audit. These reports attest that a service organization’s solution has been audited by a Certified Public Accountant (CPA) on over 600 data points, using standards laid down by the AICPA, with regard to: Security, Availability, Processing Integrity, Confidentiality and/or Privacy. |
SOC-2 Audits for what? (SAPIC) | Security Availability Privacy Integrity (process & storage) Confidentiality |
Availability | The process, product, or service must remain available per the agreement between user and provider. Both parties either explicitly or implicitly agree on the appropriate level of availability of the service. |
Confidentiality | If access to the data is limited to certain individuals or organizations, it must be treated as confidential. Data protected by the principle of confidentiality could include anything the user submits for the eyes of company employees only, including but not limited to business plans, internal price lists, intellectual property and other forms of financial information. An auditor will take into account data encryption, network firewalls, software firewalls and access controls. |
Privacy | The principle of privacy applies to the collection, disclosure, disposal, storage and use of personal information with regard to the generally accepted principles of privacy (GAPP) as established by the AICPA. It applies to Personal Identifiable Information (PII), information that can be used to differentiate persons, including but not limited to names, addresses, phone numbers and social security numbers. Other data, including race, gender, medical profiles, and religion are also covered by GAPP. An auditor must verify controls in place to prevent the dissemination of PII. |
Security | System resources must be defended against outside access to comply with the principle of security. Access controls must adequately resist attempts at intrusion, device manipulation, unauthorized deletion, data misuse, or improper modification and release. An auditor looks at IT security tools like WAF (web application firewalls), encryption and intrusion detection in addition to administrative controls such as background checks and authorizations. |
Integrity | This principle is concerned with the delivery of the right data at the right time and at the right price— in other words, whether or not the platform performs as expected. Data processing must be complete, licensed, reliable and timely. IMPORTANT: Integrity of storage does not imply the integrity of the information. Information may contain errors before it is entered into the system, which the storage entity is not responsible to identify. An auditor must look at data processing management and quality assurance practices to ensure the reliability of the data. |
SOC (Security Operations as a Service) | 1. Provides 24/7/365, real-time visibility into yourIT infrastructure 2. Staffed by a global team of trained professionals 3. SIEM (Security Incident and Event Management) subscription includes industry-leading processes and security tools 4. Proactive remediation of threats before damage is caused 5. One of the most cost-effective and impactful ways to elevate any organization’s security posture as compared to developing these services in-house |
ICE SOC | 1. ICE has qualified team of certified security professionals to monitor your infrastructure 24/7/365 2. ICE security professionalsrespond to all alerts instantly to reduce the exposure and limit the damage a security breach might otherwise cause 3. ICE SOC team will work with your organization to establish incident response teams (IRT), formulate Incident Response Plans (IRP), and perform the necessary actions to remediate threats in a timely manner, as required by many compliance frameworks |
4 STEPS PROVIDED | MONITOR - Real time monitoring of critical apps and services in a single dashboard ANALYZE - Centralized Log Collector to collect and store logs from services and devices for analysis. Risk management process that reduces chances of security breaches. RESPOND - Respond immediately to cyber attacks to avoid security breach ESTABLISH - Incident Response Plan (IRP) |
SECURONIX PARTNERSHIP | Securonix delivers a next-generation security analytics and operations management platform for the modern era of big data and advanced cyber threats and was named a leader in the 2021 Gartner Critical Capabilities for SIEM(for Security Information and Event Management) |
WHY SECURONIZ PARTNERED WITH US | ICE Consulting is an experienced MSSP that offers a full range of security services to their customers. They have a highly skilled staff that understands the value of providing the best solutions to keep their customers protected 24 x 7. We see ICE Consulting as a strategic MSSP partner in a key geography with unique vertical expertise in Biotechnology and Life Sciences. |
SECURONIX SNYPR | 1. Centralized Log Collector maintains all logsfrom the connected devices and services for extended time periods for forensic analysis,legal reasons, etc. 2. SIEM and UEBA in a single package. 3. Threat Analyzer with a cloud based-AI engine analyzes, reports, suggests remediation, and documents all threats received. 4. SNYPR is compatible with most major applications and services (Okta, Azure, AWS, O365, Palo Alto Firewalls, Cisco Umbrella, Windows Servers, Web Servers, etc…) |
SECURONIX FEATURES (Part1) | Anti-Virus / Anti-Malware / EDR Firewalls with UTM URL & DNS Filtering Threat Detection / Threat Prevention IDS / IPS Single Sign On / Multi Factor Authentication Data encryption Behavioral analytics Threat hunting Email filter tuning and quarantine management Servers & storage in data centers |
SECURONIZ FEATURES (part 2) | Firewall/WAF, Servers on Cloud infrastructure Log aggregation Identify Access Management (IAM) Hosted Email services Penetration Testing Wireless rogue activity detection Monitoring of critical data flows Threat intelligence and feed analysis |
Incident Response Workflow | 1. Identify Friend or Foe (IFF) 2. Use WHOIS, and DNS to identify the source 3. Create a network object to auto-identify the CIDR (registered public IP) block for the source in the future 4. Add the system to an elevated risk watch list (Risk Booster for future events) 5. Move from Production VLAN to Patch Only/Guest VLAN (Switch Port) 6. Update anti-virus 7. Update OS 8. Run a full AV scan If clean, run a vulnerability scan to check patches were successful, If success, return to production VLAN If failed AV or Patch check Notify IT team to reimage system, or Perform a full reimage of system and repeat a-d 9. Add the system to an elevated risk watch list (Risk Booster for future events) |
IF FOE | If foe… Add to the block list recommendations for the next change review or window Check for additional attackers/symptoms on the same CIDR block Block at the firewall or IPS as appropriate (Class C CIDR block or smaller) Note date of block, and add to an expire/review list for 30 days Note and review country of origin for appropriateness to the business |
ALERT & REPSONSE | 1. Create a ticket totrack the event 2. Update the ticket with any enrichment data available. Identify Friend or Foe Add network informationabout the source Internal? Or External? Check blacklist information (AbuseIPDB, Zeus Tracker…) and add to ticket Identify the user logged into the system at time of event (if internal) 3. Classify the ticket Internal / External Recon, Exploit, Data Exfil,Malware, Unknown |
Real-Time Analysis of Behavior Related Incident SCENARIO: Three times a day on-average John logs into a file share containing critical business data. Then one day, he logs in 100 times…anomaly detected. His credentials were stolen, and he has been personally compromised. | SOLUTION: Using artificial intelligence (AI) and machine learning technology, Securonix establishes a baseline of normal behavior, and compares that baseline to current activity on the network. It triggers an alert when it detects activity outside the norm. The ICE SOC Team opens the alert, contacts your IT Dept, and initiates action based on your Threat Response Plan. RESULT: Threat mitigated before your company loses the sensitive data core to your business. |
ERP | Enterprise Resource Planning (ERP) solution |
SOC-2 | SOC 2 (System and Organization Controls 2) |
LOI | Letter of Intent |
SOW | Statement of Work |
CDMO | Contract Development and Manufacturing Organization (CDMO) |
CMO | Contract Manufacture Organization |
CRO | Contract Research Organization |