Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Module Overview
Overview of Network Security Design Creating a Network Security Plan
Assets
Threats
Principle Defense-in-Depth
Definition
Provides multiple layers of protection
Least privilege
Security Implementation Applies the policies and procedures created during the design to the organizations assets Ensures that policies and procedures are deployed consistently throughout the organization
Task
Include diverse membership to ensure success Predict attacks to assets Analyze and prioritize risks based on likelihood of occurrence and cost Create policies and procedures to mitigate the selected risks
Detect occurrences of security violations and respond to them Review the security policies and modify them as necessary
Security procedures provide detailed steps that describe how to implement policies
Not enforced
Difficult to read Difficult to find Outdated
Too vague
Too strict Not supported by management
Write clear and concise policies Write simple procedures Obtain management support Make policies and procedures easily accessible Ensure no disruption to business processes Implement technology where possible Ensure that consequences are consistent for policy violation
Responsibility
Advocating for the team with top
management
represented
Acting as team advocate with business units Driving the overall project including goals,
Development
Testing User experience
Description
An individual who wants to hack valuable information for resale or obtain a ransom to stop an attack A discontented employee who feels offended by an organization A person or team that performs a high profile attack to obtain notoriety A person who spies on government or organizations to obtain network information A person or team that may attack networks as a hobby or to boost their egos A person or group that may impair societal infrastructure and apply pressure on groups or governments
Revenge Publicity
Espionage
Personal satisfaction Terrorism
1
Survey and Assess
2
Exploit and Penetrate
3 5
Deny Service
4
Maintain Access
Escalate Privileges
Vulnerability
Account passwords Audit settings
Description
Password is either too simple or shared among users If auditing is not enabled, you cannot report an attack that has occurred
User rights
User rights should be restricted to the minimum requirements to perform necessary tasks
Any service or application may have flaws, making the computer vulnerable to attacks
Services
Tampering
Denial of service
Elevation of privilege
Encourage creative thinking among team members Ensure that you have all the information Manage discussions about the validity of a threat
Include specialized network penetration testers Apply caution when it involves conflict of interests
Consider technology-specific threats
Tampering
Repudiation Information disclosure Denial of service
Elevation of privilege
Process Overview
Risk Assessment
Prioritize security risks
Justify costs
Create metrics
Example
Desktop and portable computers Routers and switches
Backup media
Software installation CDs
Software
Documentation
Data
Employee information
Customer information
Example: A Web server, which is vulnerable to one hour of denial-of-service attack, has 1% probability of the occurrence of the risk over the next year. The direct cost of lost orders in that hour is $50,000. The indirect cost involved in loss of customer confidence is $200,000.
Description
Identify risks including the cause and consequence Determine the impact of a risk by using probability of occurrence and cost Determine how risks can be mitigated based on the cost of mitigation and impact of the risks
Obtain approval and support from top management Determine the scope of the risk management plan Implement actions at appropriate time Update the risk management plan as changes occur
Use the risk management plan to assign ownership and allocate resources
Description
Includes files and databases Includes client applications and server applications Contains individual computers, including the operating system Contains LAN, WAN, and wireless Ensures connectivity to the Internet and business partners Prevents unauthorized personnel from accessing the network assets Creates awareness among users and staff accessing with computers in a network
Example Risks
Unauthorized viewing, or changing of data
Application
Host Internal network Perimeter Physical security Polices, procedures, and awareness
Mitigation Examples
Access Control List (ACL) encryption, Encrypting File System (EFS), and Digital Rights Management (DRM) Application hardening and antivirus software Operating system hardening, authentication, update management, and Network Access Protection
Network segmentation, IPsec, and intrusion detection Firewalls and VPNs Locks and tracking devices
Scenario
Exercise 2: Identifying Threats Exercise 3: Analyzing Risks Exercise 4: Discussion of Designing a Network Security
Plan
Logon information
NYC-DC1 Administrator
Pa$$w0rd