Security Awareness: Applying Practical Security in Your World - PowerPoint PPT Presentation

Loading...

PPT – Security Awareness: Applying Practical Security in Your World PowerPoint presentation | free to download - id: 176324-MGY3Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Security Awareness: Applying Practical Security in Your World

Description:

List some of the challenges of making a computer secure ... Filter out executables. Turn off Preview Pane. Wireless networks. Turn off broadcast information ... – PowerPoint PPT presentation

Number of Views:248
Avg rating:3.0/5.0
Slides: 33
Provided by: Wea67
Learn more at: http://csis.pace.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Security Awareness: Applying Practical Security in Your World


1
Security Awareness Applying Practical Security
in Your World
  • Chapter 6 Total Security

2
Objectives
  • List some of the challenges of making a computer
    secure
  • Explain how to be prepared for a security attack
  • List the steps that are important to keeping
    alert to attacks
  • Explain how an organization and a user can resist
    security attacks

3
Total Security
  • Computers around the world are vulnerable to
    threats
  • New threats surface almost daily
  • The need for security will continue to be a key
    element of IT systems
  • Total security is a way of THINKING, PLANNING AND
    ACTING

4
The Security Challenge
  • Trends expert cite ?
  • Speed of attacks
  • Sophistication of attacks
  • Faster detection of weaknesses
  • Distributed attacks
  • Attacks on routers
  • Difficulties in patching (See Table 6-1)

5
The Security Challenge (continued)
6
Prepare for Attacks
  • Security begins with preparation
  • Right philosophy about security
  • Create a framework for action
  • Putting it all into practice

7
Develop a Philosophy
  • Information security philosophy ? Absolute
    security can never be achieved on any network or
    computer
  • Positive side Users and administrators
    awareness of lack of 100 security Be more
    alert!

8
Establish a Framework
  • Framework ? Establish how security should be
    approached
  • Microsofts framework ? SD3C
  • Secure by Design
  • Secure by Default
  • Secure by Deployment
  • Communications

9
Establish a Framework (continued)
  • Ciscos framework
  • Protect against known and unknown attacks
  • Deploy security devices in layers
  • Integrate security throughout the network
  • Be sure decision making and reporting are
    accurate
  • Security solution must be scalable and
    operationally effective

10
Take Action
  • Implementing security involves Patching
    software Hardening systems Blocking
    attacks Testing defenses

11
Patch Software
  • Patch software ? Hackers exploit weaknesses
    resulting from unpatched software to gain the
    easiest route
  • Organizations and individuals should have a
    process for identifying vulnerabilities and
    responding by applying necessary patches
    immediately
  • Proactive patch management is the first step in
    maintaining a secure environment (See Table 6-2)

12
Patch Software (continued)
13
Harden Systems
  • Hardening ? Properly configuring and securing a
    system against attackers
  • Default configurations are often left unsecured
  • Steps to systems hardening
  • Know what you are trying to protect
  • Know what you are trying to protect it from

14
Harden Systems (continued)
  • Systems hardening includes
  • Computer
  • Patch management
  • Install antivirus and antispyware and keep
    updated
  • Disable macros in Office applications
  • Internet connection
  • Block cookies
  • Set browser security settings to highest level

15
Harden Systems (continued)
  • Systems hardening includes (continued)
  • Implement advanced security as necessary
  • Use WEP encryption
  • E-mail
  • Filter out executables
  • Turn off Preview Pane
  • Wireless networks
  • Turn off broadcast information
  • Filter MAC addresses

16
Block Attacks
  • Prime defense in blocking attacks is a firewall
  • Enterprise firewalls ? Installed at the network
    perimeter
  • Individual users ? Internet Connection Firewall
    or other personal firewall software
  • Hiding IP address of devices from hackers
  • NAT
  • Proxy servers

17
Test Defenses
  • Does it all work?
  • Dont wait for an attack to find out! TEST YOUR
    OWN DEFENSES!
  • Several products are available to probe defenses
    and find weaknesses
  • Microsoft Baseline Security Analyzer (See Figure
    6-1)
  • Testing should be a regular step in the security
    process

18
Keep Alert
  • Biggest mistake when dealing with security is
    letting guard down
  • It is important to always keep alert to new
    threats
  • Know what hackers are doing
  • Use support provided by other security groups
  • Be familiar with tools used to secure systems

19
Know the Enemy
  • Attacks on data usually follow trends and create
    patterns
  • Most hackers imitate other hackers
  • The Internet contains a wealth of information
    posted by hackers (See Figure 6-2)
  • Visit hacker Web sites regularly to keep up on
    what hackers are doing

20
Join with Allies
  • You are not alone in the fight for information
    security
  • Learn from other groups
  • Many Web sites provide information on security
  • www.sans.org
  • isc.incidents.org
  • www.cert.org (See Figure 6-3)

21
Build a Toolbox
  • There are many tools available for securing a
    computer or network
  • Search the Internet for information and tools to
    help with security efforts

22
Resist Attack
  • No matter how good defenses are, attacks will
    happen
  • Organizations and individuals need to know how to
    react to an attack

23
Organizational Response
  • Response must be orchestrated among users,
    managers, IT personnel, and others
  • Response measured in
  • How to prepare
  • How to know if an attack is occurring
  • How to respond
  • How to preserve evidence

24
Organizational Response (continued)
  • Preparation
  • Store a clean copy of the operating system on a
    CD for quick clean-up and reinstallation
  • Keep updates for all software on CD in the event
    the Internet is unavailable during reinstallation
  • Be sure users have adequate training
  • Keep a prioritized list of key assets to be
    protected first in an emergency
  • Establish and maintain disaster recovery
    information for all systems

25
Organizational Response (continued)
  • Detection
  • Early warning signs of an attack
  • Changes in network traffic
  • Slow running computer
  • Sudden appearance of a new user account
  • Maintain and review event logs
  • Visit security organizations for up-to-date
    information on latest attacks and trends

26
Organizational Response (continued)
  • Response
  • Identify the nature of the attack
  • Identify the source
  • Communicate information about attack to
    appropriate persons
  • All users may or may not need to know, based on
    the nature of the attack
  • Isolate and contain the attack
  • Determine additional steps necessary based on the
    nature of the attack (change passwords,
    disconnect, etc.)

27
Organizational Response (continued)
  • Preserve Evidence
  • Computer forensics ? Science of preserving and
    analyzing evidence
  • Evidence may be used to prosecute
  • Many tools are available for forensics work
  • General rules to follow
  • Keep backup copies of logs
  • Take detailed notes
  • Dont attempt to change or fix the affected
    computer
  • The more you do to it, the more likely you are to
    destroy evidence

28
User Response
  • Response for a user is usually not as extensive
    as that for an organization
  • Guidelines
  • Keep a current copy of your operating systems
    recovery disk and operating system software on CD
  • Be aware of news of impending attacks and/or
    check security sites regularly
  • Keep watch over your computer
  • If you are attacked, disconnect from the Internet

29
User Response (continued)
  • User response guidelines
  • Use another computer to search the Internet for
    cleanup tools. Copy to CD and run on affected
    computer
  • Inform contacts in e-mail address book that you
    were attacked and to be cautious of e-mail from
    you
  • Find virus removal tools
  • After clean up, determine why your computer was
    compromised and what you can do to prevent it in
    future

30
Summary
  • Computer attacks are becoming more sophisticated
    and more frequent.
  • Defending against attack requires a total secure
    approach
  • Security begins by having the right mind set or
    philosophy and developing a framework for
    security.
  • We can never be totally secure ? BE ALERT!

31
Summary (continued)
  • Four major steps to putting the framework and
    philosophy into practice
  • Patch
  • Harden
  • Block unnecessary traffic
  • Test
  • It is important to keep alert to new security
    challenges
  • Staying up-to-date on current threats and tools
    can help keep a system secure

32
Summary (continued)
  • Key steps in responding to an attack
  • Preparation
  • Detection
  • Inform users
  • Preserve evidence
About PowerShow.com