1 / 55

Security practices

Security practices. Unit objectives Secure an operating system Secure network devices. Topic A. Topic A: Operating systems Topic B: Devices. Antivirus software. Combat viruses Real-time scanners Checksum Definition files Antivirus products. Activity A-1.

odessa
Télécharger la présentation

Security practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security practices Unit objectives • Secure an operating system • Secure network devices

  2. Topic A • Topic A: Operating systems • Topic B: Devices

  3. Antivirus software • Combat viruses • Real-time scanners • Checksum • Definition files • Antivirus products

  4. Activity A-1 Installing antivirus software

  5. Spyware • Software installed without user’s knowledge • Installed along with another app • Hidden in license agreement • File sharing sites

  6. Windows Defender • Severe • High • Medium • Low • Not yet classified

  7. Activity A-2 Scanning your system for spyware

  8. Securing the operating system • Hardening • Hotfixes • Patches • Updates • Service packs

  9. Windows Update

  10. Updates • Important • Recommended • Optional

  11. Activity A-3 Updating the operating system

  12. Patch management • View list of installed updates • View update information • Uninstall updates when necessary

  13. Activity A-4 Managing software patches

  14. Other updates • Firmware • BIOS

  15. System Information • Complete system summary • Run msinfo32 • BIOS and SMBIOS versions

  16. Activity A-5 Determining BIOS version

  17. Windows Firewall • Host-based firewall • Windows Vista and Windows Server 2008 • Filters communication • Protects the operating system

  18. Activity A-6 Configuring Windows Firewall

  19. Topic B • Topic A: Operating systems • Topic B: Devices

  20. Firewalls and proxy servers • Firewalls • NAT • Basic packet filtering • Stateful packet inspection • Access control lists • Network layer vs Application layer • Proxy servers • Manages client communication • Masks internal IP addresses • Internet content filters • Block access to sites

  21. Activity B-1 Examining firewalls and proxy servers

  22. Security zones • Divide network into levels of security • Intranet • Perimeter • Extranet

  23. Intranet • Organization’s private network • Private addresses • Additional measures • Antivirus software • Removing unnecessary services • Auditing • Subnetting

  24. Perimeter network • Prevent direct communication with intranet from extranet (Internet) • Kept separate from the intranet • Demilitarized zone (DMZ)

  25. DMZ • Screened host • Bastion host • Three-homed firewall • Back-to-back firewall • Dead zone

  26. Screened host

  27. Bastion host

  28. Three-homed firewall

  29. Back-to-back firewall

  30. Dead zone

  31. Traffic filtering • Outgoing • From a DMZ computer • Determine computer functions within DMZ • Incoming • Source addresses • Uninitiated inbound traffic

  32. Activity B-2 Comparing firewall-based secure topologies

  33. Network access control • Ensures policy compliance • Microsoft’s Network Access Protection • Third-party vendors

  34. Activity B-3 Identifying the benefits of NAC

  35. Virtual private network • Secure communication across the Internet • Mobile employees • TCP/IP communications encrypted • Tunneling • VPN concentrators

  36. IPSec encryption • Secures IPv4 and IPv6 communications • Encryption • Tunnel • Transport

  37. Activity B-4 Identifying the security enabled by VPNs

  38. Security issues • Built-in management interfaces • Physical attack susceptibility

  39. Built-in management interfaces • HTTP, Telnet, and SNMP interfaces vulnerable to attack • Switches • Default passwords • Network sniffing

  40. Secure and unsecure methods • Telnet • HTTP, HTTPS, SHTTP • FTP, SFTP, TFPT • SNMP • SSH and SCP • RSH and RCP

  41. Physical attack susceptibility • Physical access • Theft • Reconfiguration • Eavesdropping • Network hijacking

  42. Activity B-5 Identifying inherent weaknesses in network devices

  43. Overcoming device weaknesses • Change default passwords • Disable features • Update or upgrade firmware and software • Monitor

  44. Activity B-6 Examining the ways to overcome device threats

  45. Intrusion detection and prevention • IDS systems monitor network • IDS system classified as • Anomaly-based • Behavior-based • Signature-based • Passive vs reactive actions • NIDS vs HIDS • IDS determinations • True negative • True positive • False positive • False negative

  46. Activity B-7 Discussing IDS characteristics

  47. NIDS • Network location • Indicators of malicious activity • Active reaction options • Passive reaction options • Examples • Cisco’s IOS NIDS • Computer Associates eTrust Intrusion Detection

  48. HIDS • HIDS operation • Logs • File modifications • Application and resource monitoring • Network traffic monitoring

  49. HIDS advantages • Can verify an attack • Can monitor individual users • Monitor direct physical attacks • No reliance on network location or topology

  50. Activity B-8 Comparing HIDS and NIDS

More Related