Scripting and Automation - CompTIA Security+ SY0-701 - 4.7

00:01

Scripting allows for the automation of functions

00:04

that normally you would have to perform manually.

00:07

This means, when situations occur,

00:09

you don't necessarily have to be there to resolve the problems.

00:13

You have a script that does that for you.

00:15

This also means that you don't have to receive a phone

00:18

call in the middle of the night disrupting your sleep

00:20

as you're trying to resolve a problem manually,

00:23

and you can sometimes identify problems

00:26

before they occur and automate the process of resolving them

00:30

before anyone knows an issue was even there.

00:33

Another great advantage of scripting is that it's fast.

00:36

It runs as fast as the computing systems that it resides on,

00:40

and you don't have to worry about somebody

00:42

typing things in or misspelling anything.

00:44

Once you've set up a script and tested it,

00:47

it can run without any type of delay or errors.

00:50

And if we have a script that's performing processes for us,

00:53

we can do other things that are much more interesting

00:56

than typing at a command line.

00:59

Scripting certainly saves a lot of time.

01:01

We can run these scripts whenever we might need them.

01:03

They can perform their functions over and over again.

01:06

And you won't have to provide any type of human intervention.

01:10

Automation can also help us enforce security baselines.

01:13

We might have a script that is providing an update

01:16

or upgrade with security patches,

01:18

and that script waits for the patch

01:20

to arrive in a particular folder,

01:22

identifies that a new patch exists,

01:24

and then automatically deploys that patch

01:26

to all of the systems that need it.

01:28

I've also configured scripts for infrastructure configurations,

01:32

especially when setting up multiple systems

01:34

that all need to have exactly the same security.

01:37

You might set up a script that automatically builds a default

01:40

router configuration with all the unique settings

01:42

that your organization requires.

01:44

Maybe you have a script that creates firewall rules any time

01:47

you deploy a new firewall to a remote site.

01:50

Or maybe there's a script that runs configurations, sets

01:53

security rules, or configures standard configuration

01:56

options within a single device.

01:58

By using a script to provide this configuration,

02:01

we not only know that we're putting

02:03

in a correct configuration, but it's

02:05

one that includes all of the security controls required.

02:08

You're probably familiar with the process

02:11

of scaling up or scaling down a cloud-based application

02:14

infrastructure.

02:15

When you're scaling these systems up,

02:17

you're adding new servers and new databases.

02:19

But you also need to add new security features.

02:22

And you can scale up the security along

02:24

with everything else for that application in the cloud.

02:27

You just have to make sure that you build your scripts

02:29

to not only include the servers and databases but also

02:33

the firewalls and other security devices along with it.

02:36

This is also great for members of your information technology

02:40

staff.

02:40

Instead of everyone manually typing in and dealing

02:43

with problems on an ad-hoc basis,

02:45

you can create scripts that perform many of those functions

02:49

automatically, and they can move away from the boring tasks

02:52

and concentrate on something that's much more interesting.

02:56

Automation has the ability to react very quickly when

02:59

a problem is identified.

03:01

We can set up constant monitoring of a system.

03:04

And if anything changes in that system that

03:06

needs to be addressed, we can automatically

03:08

apply those changes.

03:10

For example, we might monitor a server for available disk

03:12

space.

03:13

And if we identify that the disk space is becoming low,

03:16

we can have a script go into temporary files

03:19

and clear out some of that space so that the system remains

03:22

up and running.

03:23

And since these scripts run 24 hours a day and 7 days a week,

03:27

we don't have to have an individual manually

03:30

monitoring a server for disk space.

03:32

We can simply have the scripts take

03:33

care of all of that for us.

03:35

Many organizations will automate the process

03:38

of onboarding and offboarding.

03:39

When you're onboarding, there are

03:41

a core set of resources that almost every employee needs

03:44

access to.

03:45

For example, they will need their own home directory.

03:47

They'll need access to a printer that's near them.

03:50

And they'll need access to email.

03:51

An onboarding script can automatically

03:53

create the user's account, assign them

03:55

to the correct groups, and make sure they

03:57

have access to the files and resources they need.

04:00

Automation can also be used two stop payments

04:03

from making mistakes.

04:04

We refer to these as guardrails.

04:06

The guardrail is an automated verification of information

04:09

going into a system.

04:10

So a human might be typing into a server,

04:13

but an automated script is going to verify

04:15

the information that's being input

04:17

and make sure that the information is not

04:19

going to cause a problem with that destination system.

04:22

For example, a technician may try

04:23

to delete a folder on a server but mistakenly chooses

04:27

a much larger area of the server to delete.

04:30

By using guardrails, we can have this automation monitor

04:33

that process and block anything that would cause

04:36

critical files to be deleted.

04:39

Throughout a normal workday, there

04:40

may be constant changes to the security groups associated

04:44

with the employees in your organization.

04:46

And because of that, you might want an automated system

04:49

to be able to add and remove users from particular security

04:52

groups.

04:53

This can also be very useful for monitoring security groups.

04:56

For example, you may want to create

04:58

a report or an alert that monitors the administrator

05:01

group.

05:01

And if a person is added to the administrator group,

05:04

you would be informed immediately.

05:06

If you work in an organization with a help desk,

05:08

you may be already using automation.

05:11

Many help desks support the ability to email the help desk.

05:14

The automation can take an email submission,

05:17

turn that email into a help desk ticket,

05:20

and, based on the information that's in the email,

05:22

can even assign that ticket to the appropriate person.

05:26

And if we're monitoring the right resources

05:28

with our scripts, we can identify problems

05:30

before they become an issue.

05:32

Normally, this issue would occur,

05:34

and we'd have to escalate the problem to a higher level

05:37

technician.

05:37

But if we're constantly monitoring these resources,

05:40

we may be able to have the script resolve

05:42

the problem for us without any human intervention.

05:45

If the script is not able to resolve this problem,

05:48

it can automatically escalate the issue

05:50

to the technician who's on call.

05:52

Automation can also be used to enable or disable services.

05:56

For example, if a service needs to be

05:58

used for a certain amount of time,

05:59

you can have the script enable the service.

06:01

And then after that time frame is complete,

06:04

it can then disable the service without any human intervention.

06:07

Application developers can use scripting

06:09

to provide constant development and code updates

06:12

and push those code updates automatically out to systems.

06:15

And when you're working with a cloud-based infrastructure,

06:18

a firewall, or almost any other device in your infrastructure,

06:22

you may want to use automation to speak

06:24

directly to the application programming

06:26

interfaces, or APIs, on those devices.

06:29

This allows you to programmatically control

06:32

those devices without manually having to log in

06:35

and click things on the screen.

06:36

The script handles the process of communicating to the API

06:40

and making any changes necessary on that device.

06:43

But, of course, scripting is not a panacea,

06:46

and there are important concerns when implementing

06:48

any type of automation.

06:50

For example, scripts are relatively complex,

06:52

and they have to interact with other devices

06:55

and other systems.

06:56

This requires a great deal of testing

06:58

to make sure that all of these will work well together.

07:01

These scripts also don't create themselves.

07:03

Someone does have to sit down and go

07:05

through the process of coding out

07:07

all of these different scripts.

07:08

That means that there's not only time involved but also

07:11

a cost associated with that script creation.

07:14

And like any other device that may be in your network,

07:17

that script could be a single point of failure.

07:20

If that script stops working, there

07:21

could be a significant problem with the devices that

07:24

rely on that automation.

07:26

I've personally worked with organizations

07:28

that spend a lot of time working on issues that

07:31

come up throughout the day.

07:33

And a lot of this work seems to revolve

07:35

around solving the symptoms that have

07:37

been created instead of addressing

07:39

the core root of the problems.

07:41

We refer to this as technical debt,

07:43

and sometimes creating a script to hide a much bigger problem

07:47

can increase the amount of technical debt

07:49

in your organization.

07:51

And of course, someone has to support

07:52

this script going forward.

07:54

This script may be working fine today.

07:56

But later on, you might change the type of operating system

07:59

associated with the service, the scripting language

08:02

might have modifications, and someone

08:04

will need to update these scripts to bring them up

08:06

to the latest versions.