Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Module 03
Disk Encryption
Router
Industrial Unauthorized
Espionage Access
Firewall
Antivirus Software
Intruder Virus
DAS
NAS
SAN
Cloud
Full disk
Database
File
Removable media
Mobile device
Email
Voice
TPM
HSM
USB
Hard drive
Data at rest
Data in transit
Data in use
Permissions:
Who can read or change data in a file or folder.
Implemented at individual file and folder level.
ACLs:
Who can access files and folders.
Implemented as MAC address filters on wireless routers and
wireless APs.
Evaluate
Evaluate
Non-Production
System
Test
Implement
Configuration baseline
Application hardening
Patch management
Delivered Format:
Expected Format: mm/dd/yyyy:DELETE
mm/dd/yyyy table ‘Users”
Malicious Code
Client-side validation:
Input validation and error recovery at the browser
JavaScript, AJAX, VBScript, and HTML 5 attributes
Server-side validation:
Input validation and error recover at the server
Perl, PHP, ASP, and other scripting languages
For enhanced user experience, use client-side validation.
For enhanced security, use server-side validation.
Message:
Attacker
Incorrect password
Trust Established
Attacker Exploits
Trust
Weaknesses are
found and tracked
Random data is
sent
Pop-up blocker
Parental controls
Automated updating
Encryption
Proxy support
Web content
Advanced security
Manage services
Configure firewall
Configure Internet security
Manage automatic updates
Enable auditing and logging
Trusted OS
Firmware
Hardware
Compare
Patches:
Supplemental code
Hotfixes:
Address specific security flaws
Rollups:
Collection of patches and hotfixes
Service Packs:
Comprehensive updates with new features
Scanning…
Infections detected: 3
Antivirus
Anti-spam
Anti-spyware
Pop-up blockers
Host-based firewalls
Layered security:
Network segmentation
Application firewalls
Manual updates:
Android
iOS
Firmware version control:
SCADA systems
Embedded systems
Wrappers
Controlling redundancy and diversity
Minimum Length
Special Characters
!Pass1234
Uppercase Letters
Numbers
Lowercase Letters
Smartphones
Wi-Fi enabled devices
Viruses
Spam
Lost or stolen devices
1. What experience have you had securing data, applications, or hosts for your
organization?
2. Have you ever dealt with mobile security issues for your organization? Are
there any security controls that would have prevented these issues?