1 / 23

Chapter 3 Security Basics

Chapter 3 Security Basics. Jeremy Jordan. Who Should Make Information Security Policies?. Bottom-up approach – means the lower people make the security policies. This approach can be beneficial because the lower people know how to prevent attacks

rashad-joyner
Télécharger la présentation

Chapter 3 Security Basics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 3 Security Basics Jeremy Jordan

  2. Who Should Make Information Security Policies? • Bottom-up approach – means the lower people make the security policies. • This approach can be beneficial because the lower people know how to prevent attacks • Top-down approach – means the higher people make the security policies. • This approach can be beneficial because the higher people know how the entire network works as a whole

  3. Who Should Make Information Security Policies?

  4. Ways to Protect Systems • Layering • Limiting • Diversity • Obscurity • Simplicity

  5. Network Password Access Control List Database Password Database Layering • Layering is the process of putting multiple different defenses in place to block attacks. • Passwords • Firewalls • Antivirus • This way if a attacker gets through one layer they still have to get through other layers.

  6. Limiting • Limiting is based on using Access Control Lists to limit what users can do or access. • Access should be limited to the least amount necessary for the person to do their job.

  7. Internet Internet Cisco Firewall Cisco Firewall CiscoFirewall WatchGuardFirewall Network Network Diversity • Diversity is related to layering. • Each layer needs to be different, so if an attacker gets through one layer they may not know how to get through the next. • Diversity can also be applied for the types for devices or applications used.

  8. Obscurity • Don’t let attackers know information about your network. • Security policies • Equipment • Software • User passwords should be changed in an unpredictable way. • Users shouldn’t be able to change a password from Fluffy01 to Fluffy02.

  9. Simplicity • Very complex networks can be difficult to manage • Networks should be simple from the inside but complex from the outside

  10. Authentication • What you know • What you have • What you are

  11. What You Know • Authentication that uses what a person knows • Passwords • PIN • Answer to personal question

  12. What You Have • Authentication method based on what a person has. • Token • Smart Card • Proximity Card

  13. What You Are • Authentication based on who the person is • Biometrics • Fingerprints • Face • Hand • Iris • Retina • Voice

  14. Certificates • Certificates are used to bind a cryptographic key to a person who it is assigned to. • Then any encryption done with that key is from a known individual • Certificates issued by a Certification Authority (CA)

  15. Kerberos • An authentication protocol developed by MIT • Used to verify the identity of network users • Is supported by: • Windows 2003 • Apple Mac OS • Linux

  16. Kerberos

  17. Challenge Response Approval or Denial CHAP • Challenge Handshake Authentication Protocol • Allows a server to verify a computers identity • Server can start a CHAP challenge at any time the connection is open

  18. Server authenticates client Client authenticates server Mutual Authentication • A two-way authentication method • Server can authenticate the Client • Client can authenticate the server • Used to defend against identity attacks

  19. Multifactor Authentication • This is just using two or more authentication methods to verify a user. • Password and token • Fingerprint and password • Fingerprint and smart card

  20. Controlling Access To The Computer • Access Control Lists (ACLs) are used to control what a user who has accessed a system can and can’t do. • ACLs are stored in Access Control Entries (ACE) • Users in a group inherit all ACL permissions applied to the group

  21. Access Control Models • Mandatory Access Control (MAC) • A user is not allowed to give other users access to a file/folder • All permissions are set, and can only be changed, by the administrator • Role Based Access Control (RBAC) • Allows for permissions to be given to a specific role • Users are assigned to a role and inherit it’s permissions

  22. Access Control Models • Discretionary Access Control (DAC) • The least restrictive model • A user can change other users permissions of files/folders

  23. Auditing Information Security • Auditing is performed to ensure that the proper security controls are in place • Auditing can be done in two ways • Logging • Logs Keep records that show what users are doing and when • System Scanning • Scans users permissions to see if they are different then what they should be.

More Related