SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing...

SAFE AND SOUNDSAFE AND SOUND

INTRODUCTIONINTRODUCTION

Elements of Security AuditingElements of Security Auditing

Applications to Customers NetworkApplications to Customers Network

Modular ApproachModular Approach

User layer…….Server User layer…….Server layer……..Network layerlayer……..Network layer

……………………..interconnects (cabling)..interconnects (cabling)…………………………

User LayerUser Layer

Thin-clients, or physically-secure Thin-clients, or physically-secure workstationsworkstations

Login + passworded accessLogin + passworded access

Access only to relevant services, Access only to relevant services, applicationsapplications

Run background malware prevention Run background malware prevention softwaresoftware

Server LayerServer Layer

Remove unnecessary servicesRemove unnecessary services

User groups to match physical User groups to match physical topologytopology

Don’t run services as root / adminDon’t run services as root / admin

Run OS as read-onlyRun OS as read-only

Network LayerNetwork Layer

Backup IOS, OS, data

Distribute & centralise topology (failover, and ordered & documented design & layout)

Use firewalls & logging

Use IDS, IPS, traffic monitoring

CablingCabling

Use more secure cable typesUse more secure cable types

Use patch-panels and colour-Use patch-panels and colour-codingcoding

Layouts that make testing, fault-Layouts that make testing, fault-finding easyfinding easy

Security ConsiderationsSecurity Considerations

Network ThreatsNetwork Threats

VirusesViruses

Tend to be inadvertently Tend to be inadvertently activatedactivated

…….or may be installed .or may be installed deliberatelydeliberately

WormsWorms

Travel the internet, scanning for Travel the internet, scanning for vulnerabilitiesvulnerabilities

Often disrupt networks by Often disrupt networks by flooding, forkingflooding, forking

Spiders and webbotsSpiders and webbots

Can be used maliciously –Can be used maliciously – Automated signups, website Automated signups, website

duplication, spamduplication, spam

TrojansTrojans

Masquerade as Masquerade as regular softwareregular software

Tend to allow Tend to allow attacker to attacker to control infected control infected machinemachine

Spyware and PhishingSpyware and Phishing

Information stealing, user Information stealing, user profilingprofiling

Used in advert targeting, spam, Used in advert targeting, spam, ID theftID theft

SpamSpam

Can contain other malwareCan contain other malware Congests networksCongests networks

Delete traces of Delete traces of intrusionsintrusions

Alter logsAlter logs

Forensics get-Forensics get-aroundaround

BombsBombs

Solutions for CustomerSolutions for Customer

Separate physical network for Separate physical network for WAN accessWAN access

Honeypot to track & ID intrusionsHoneypot to track & ID intrusions

Monitoring station for internal Monitoring station for internal LANsLANs

HoneypotHoneypot

Mimics internal network or DMZ Mimics internal network or DMZ Allows profiling of network Allows profiling of network

threatsthreats

SAN - storage area networkSAN - storage area network

RAID 40 : RAID level 4 & RAID RAID 40 : RAID level 4 & RAID level 0level 0

4 – block striping with parity: 4 – block striping with parity:

failure tolerant & faster rebuildsfailure tolerant & faster rebuilds

0 – striping: faster writes0 – striping: faster writes

RAID 40RAID 40

Tenable’s Security CenterTenable’s Security Center

Each node is a router, hosts Each node is a router, hosts behind routerbehind router

AdvisorAdvisor

Parallel co-ordinate plot of firewall Parallel co-ordinate plot of firewall logslogs

FlamingoFlamingo

Port scanPort scan

1 source1 source

manymany

targetstargets

RumintRumintVisualisation Jamming Attack Visualisation Jamming Attack

PsadPsad

Nachi worm Nachi worm

network network behaviourbehaviour

Red nodes Red nodes are ICMP are ICMP packetspackets

Web server log, Raju Web server log, Raju VargheseVarghese

Spider attack on web server from Spider attack on web server from single IPsingle IP

Red colouration indicates 5xx status Red colouration indicates 5xx status codescodes

f i nf i n

Network monitoring visualisations Network monitoring visualisations from:from:

http://www.secviz.org/category/http://www.secviz.org/category/image-galleries/graph-exchangeimage-galleries/graph-exchange

SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing...

Documents

ELEMENTS OF AUDITING - EIILM University · ELEMENTS OF AUDITING ... Vouching of Trading Transactions and Impersonal Ledger, ... Enumerate the features of a good internal control system

Auditing efficiency and effectiveness - … · Operational auditing! Compliance auditing! Financial auditing! Efficiency and effectiveness auditing? ... Monthly reporting KPI to one

EAST CASEYCOUNTY WATER DISTRICT Liberty, Kentucky · EAST CASEYCOUNTY WATER DISTRICT Liberty, Kentucky ... in Accordance withGovernment Auditing ... as billed to its customers on

Chapter 2 Auditing Standards - · PDF file2-308 Developing Elements of Findings (GAGAS 6.15-6.19) 2-309 Materiality ... This chapter discusses the auditing standards that apply to

Hakekat Auditing 1 AUDITING I - stie.dewantara.ac.id

For personal use onlyenergy monitoring, reporting and auditing services for commercial and industrial customers. Buddy Managed Services licenses Buddy’s technology platforms to customers

international standard on auditing 540 auditing accounting

Auditing-definition & objective of auditing

Review of Expert Systems in Auditing - USC Marshall · expert systems in EDP Auditing, External . AUditing: Academic Systems, External Auditing: Commercial Systems, Governmental Auditing

Auditing in common computer environments; Auditing

ELEMENTS OF COST ACCOUNTING AND AUDITING - …cbse.nic.in/curric~1/qp2010/12/ELEMENTS OF COST ACCOUNTING A… · Series OSS Roll No. 202 ... Elements of Cost Accounting ... Factory

Auditing Theory - مربی حسابداری · 2019. 10. 18. · Auditing Theory Auditing Theory provides a theory of auditing that underpins auditing prac- tice. A key aim of the

“Treating Customers Fairly” - Automotive Complianceacademy.automotive-compliance.com/TrainingResources/Showroom... · • Complaints Monitoring and Auditing • Set up and roll

Catalogue of conventional lightning protection elements · Catalogue of conventional lightning protection elements. Dear Customers, Our EUROSTAR innovation program was created in

Internal Auditing 101 - ACUIA · Internal Auditing 101 ... statements auditing, internal management auditing, information systems auditing, and investigations. Audit working papers

Auditing with computers; Auditing procedure study;

Compiled Auditing Standard - Auditing and Assurance

Database Auditing: Best Practices - SF ISACA · – Database Auditing and Forensics – Best Practices. Recent Breaches Company/Organization # of Affected Customers Date of Initial

Session 5 Introduction to the elements of commercial energy auditing

Introduction to Auditing the Use of AWS€¦ · Amazon Web Services – Introduction to Auditing the Use of AWS October 2015 Page 5 of 28 Introduction As more and more customers deploy