Embed Size (px)
Citation preview
UNIT 6 SEMINAR
Unit 6Unit 6Chapter 6 in CompTIA Security Chapter 6 in CompTIA Security
++
Course Name – IT286-01 Introduction to Network SecurityInstructor – Jan McDanolds, MS, Security+Contact Information: AIM – JMcDanolds Email – [email protected] Hours: Tuesday, 7:00 PM ET or Wednesday, 8:00 PM ET
1
CHAPTER 5 REVIEW
What did we cover last time?
Implementing and Maintaining a Secure NetworkOverview of Network Security ThreatsDefining Security BaselinesHardening the OS and NOSHardening Network DevicesHardening Applications
Now, on to a little light network checking…
2
CHAPTER 5 REVIEW
Basic TCP/IP Utilities
Open Command Prompt (in Accessories in Windows)
ipconfig /allping (ip address)
Tracert (ip address) Do a quick ipconfig /all Find your DNS Servers – ip addressesWrite them down. Ping www.bing.com Next use tracert on Bing’s ip address Write down cities shown in the hops – ex: Cincinnati, San Francisco,
San JosePing (your DNS server ip address) - reply?
3
CHAPTER 5 REVIEW
Nmap video
No sound, shows an internal scan.
Pause at 28 seconds
4
http://www.youtube.com/watch?v=uDbEfeVtIko&feature=related
CHAPTER 5 REVIEW
Defcon - Nmap and Hping http://defcon.org/DEFCON 2010http://www.youtube.com/watch?v=jJDCxzKmROY&feature=relatedDEFCON 19: Nmap: Scanning the Internet – port scanning http://nmap.org/45 minute Fyodor talk about features of Nmap at DEF CON 2008http://www.youtube.com/watch?v=Hk-21p2m8YY&feature=relatedNmap project – Fyodor – developer of Nmap
Hping - Video - Using Security Tools - Hping3 - Linuxhttp://www.youtube.com/watch?v=fagjmQi-sBYhttp://www.hping.org/hping is a command-line oriented TCP/IP packet assembler/analyzer. Supports ICMP echo requests, TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, ability to send files between a covered channel, etc. Use it for penetration testing. 7 minutes
5
CHAPTER 5 REVIEW
Review of Types of ToolsPaper by Boyd Aaron Sigmon – “Hacking Tools & Techniques and How to
Protect Your Network from Them” download in Doc Sharing
1. Port scanners2. Vulnerability scanners3. Packet sniffers (protocol analyzers)4. Root kits5. Password crackers6. Social engineering
6
CHAPTER 6 OVERVIEW
Securing the Network and Environment
Understanding Physical and Network Security
Understanding Business Continuity Planning (BCP)
Developing Policies, Standards, and Guidelines
Working with Security Standards and ISO 17799
Classifying Information
7
CHAPTER 6
Story – Physical SecurityMasked gunmen rob Fremont technology firmBy: The Associated Press 03/01/11 12:27 PM The Associated Press
Authorities are investigating an armed robbery at a Fremont technology firm by 15 masked gunmen who made off with computer parts. Fremont police say the robbers tied up, blindfolded and gagged several employees on the loading dock of Unigen Corp. on Sunday morning. They were wearing matching black clothing and armed with automatic rifles and handguns. Sgt. Chris Mazzone says the robbers spent a half-hour loading computer parts into a truck. One of the employees was able to get free and call police after the robbers left. Mazzone called the heist sophisticated and says the victims only were able to say that the robbers were all male. Unigen is still conducting an inventory to determine exactly what was stolen. Unigen manufactures memory chips among other products.
8
CHAPTER 6
Physical and Network Security
Implementing Access ControlPhysical Barriers - three-layer securityBiometrics – biological trait
Understanding Social Engineering – Kevin Mitnick, The Art of Deception
Scanning the Environment – wireless cells, physical location (HVAC and power)
Shielding – EMI and RFIFire Suppression – fire extinguishers and fixed systems
9
CHAPTER 6
Social Engineering
The Art of Deception by Kevin MitnickChapter 10 – Entering the PremisesSecurity Guard – Leroy GreeneJoe Harper – What did he do prior to the incident?
You can also see a video of Kevin Mitnick on CNN discussing hacking sites. http://www.cnn.com/video/#/video/tech/2011/01/26/nr.internet.security.hacker.cnn?iref=allsearch
You can download a copy of the Art of Deception ebook available at:http://www.taintedthoughts.com/user/perfect_flaw/Kevin%20Mitnick%20-%20The%20Art%20Of%20Deception.pdf
10
CHAPTER 6
Business Continuity Planning (BCP)
Business Impact Analysis (BIA)Critical Function IdentificationPrioritization of CBF (Critical Business Functions)Timeframe of Critical Systems LossEstimate Tangible and Intangible Impact on the Organization(download Business Continuity Sample plan in Doc Sharing)
Assessing RiskRisks to Which the Organization Is ExposedRisks That Need AddressingCoordination with BIA
SLE (single loss expectancy)ALE (annual loss expectancy)ARO (annualized rate of occurrence)
11
CHAPTER 6
Policies, Standards and Guidelines
Implementing PoliciesScope StatementPolicy Overview StatementPolicy StatementsAccountability StatementException Statement
12
CHAPTER 6
Policies, Standards and Guidelines (cont.)
Incorporating StandardsScope and PurposeRole and ResponsibilitiesReference DocumentsPerformance CriteriaMaintenance and Administrative Requirements
Following GuidelinesScope and PurposeRoles and ResponsibilitiesGuideline StatementsOperational Considerations
13
CHAPTER 6
Security Standards and ISO 17799
Communications and Ops MgtAccess ControlInfo Systems Acquisition, Development and MaintenanceInfo Security Incident MgtBusiness Continuity Mgt (BCM)Compliance
14
Code of Practice for Information Security ManagementThe ISO 27002 (formerly 17799) security standards represent one approach to security policy construction.
11 Areas of Focus:Security PolicySecurity OrganizationAsset ManagementHuman Resources/Personnel SecurityPhysical and Environmental Security
CHAPTER 6
Classifying Information
Public InformationLimited Distribution - Full Distribution
Private InformationInternal Information - Restricted Information
Government and Military Classifications
Roles in the Security ProcessOwnerCustodianUserSecurity professionalAuditor
15
CHAPTER 6
Classifying Information
Classification of information in a secure network: Public, Internal and Restricted
Information Access Controls: Bell La-Padula ModelBiba ModelClark-Wilson ModelInformation Flow ModelNoninterference Model
16
CHAPTER 6
Unit 6 Project AssignmentUnit Six Project: Formulate a logical solution to a company’s problems.
The company is Web Site 101
You are an IT security professional for Web Site 101. It has 300 employees, one large corporate office with 3 floors. Security problems have caused the CISO (chief information security officer) to ask you to write a security recommendation.
17
CHAPTER 6
Unit 6 Project AssignmentProblems: 1 There has been data loss due to employee negligence 2 Physical break ins 3 Employees complain they don’t understand what is expected of them from a security standpoint 4 The network administrators complain the company allows free access to anything on the network for anyone who asks 5 Web Site 101 home web page was recently hacked.
18
Develop a recommendation to cover access control methods, physical access controls, risk assessment and environmental controls and other items you feel important to ensure future information security at Web Site 101.
![PHYSICAL SECURITY & ENVIRONMENTAL SECURITY · Physical Security & Environmental Security Policy and Procedures Title [company name] Physical Security & Environmental Security Policy](https://img.pdfslide.net/doc/110x75/5b5559c77f8b9ac5358b71e4/physical-security-environmental-security-physical-security-environmental.jpg)
