© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

SL21 Information Security Board Mission, Goals and Guiding Principles.
Agenda COBIT 5 Product Family Information Security COBIT 5 content
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Security Controls – What Works
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Security: Principles and Practice
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Stephen S. Yau CSE , Fall Security Strategies.
Payment Card Industry (PCI) Data Security Standard
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
SEC835 Database and Web application security Information Security Architecture.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Module 14: Configuring Server Security Compliance
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Unit 4 IT 484 Networking Security Course Name – IT Networking Security 1203C Term Instructor.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Module 6: Designing Security for Network Hosts
Chapter 2 Securing Network Server and User Workstations.
Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
© ITT Educational Services, Inc. All rights reserved.Page 1 IS3220 Information Technology Infrastructure Security Class Agenda 1  Learning Objectives.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 4 Network Security Tools and Techniques.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 7 VPN Fundamentals.
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Joe, Larry, Josh, Susan, Mary, & Ken
Information Security Board
Unit 10 NT1330 Client-Server Networking II Date: 8/16/2016
IS4550 Security Policies and Implementation
I have many checklists: how do I get started with cyber security?
IS4680 Security Auditing for Compliance
How to Mitigate the Consequences What are the Countermeasures?
Operating System Security
IS4680 Security Auditing for Compliance
In the attack index…what number is your Company?
Presentation transcript:

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management

© ITT Educational Services, Inc. All rights reserved.Page 2 IS3220 Information Technology Infrastructure Security Class Agenda 1 2/25/16  Learning Objectives  Lesson Presentation and Discussions.  Discussion on Assignments.  Discussion on Lab Activities.  Break Times as per School Regulations.  Note: Submit all Assignment and labs due today  Final Project is due in the next class  Final Exam will be held in the next class.

© ITT Educational Services, Inc. All rights reserved.Page 3 IS3220 Information Technology Infrastructure Security Class Agenda 2  Theory: 6:00pm -8:00pm  Lab: 8:15pm to 11:00pm  Chapter 6 and 15  Other Materials: NIST SP : Computer Security Incident Handling Guide  ub_id= ub_id=51289

© ITT Educational Services, Inc. All rights reserved.Page 4 IS3220 Information Technology Infrastructure Security Learning Objective and Key Concepts Learning Objectives  Identify network security management best practices and strategies for responding when security measures fail Key Concepts  Best practices for network security management  Strategies for integrating network security strategies with firewall defenses and VPN remote access  Value of incident response planning, testing and practice

© ITT Educational Services, Inc. All rights reserved.Page 5 IS3220 Information Technology Infrastructure Security Best Practices: Strategy  Create written plans Security policy Incident Response Plan Business Continuity Plan (BCP) Disaster Recovery Plan (DRP) Security checklists  Perform regular maintenance Back up regularly and test restores frequently Monitor and review collected log files frequently Constantly identify the weakest architectural link

© ITT Educational Services, Inc. All rights reserved.Page 6 IS3220 Information Technology Infrastructure Security Best Practices: Strategy (cont.)  Perform diligent testing of new systems before deploying in production  Implement the principle of least privilege  Deploy layered defenses

© ITT Educational Services, Inc. All rights reserved.Page 7 IS3220 Information Technology Infrastructure Security Best Practices: Devices  Maintain physical security over users and equipment  Install and maintain virus and malware protection at all layers in the environment  Harden both internal and perimeter devices  Develop and follow a patch management strategy  Enforce hard drive or file encryption

© ITT Educational Services, Inc. All rights reserved.Page 8 IS3220 Information Technology Infrastructure Security Best Practices: Connectivity  Restrict Internet connections to required activity  Limit remote access to required connectivity  Encrypt all internal network traffic  Require multi-factor authentication  Use default deny over default permit as possible

© ITT Educational Services, Inc. All rights reserved.Page 9 IS3220 Information Technology Infrastructure Security User Training Q: What is user training? A: Educational information presented through various mechanisms that clearly defines security policies, their boundaries and imposed limitations Q: Why is user training important? A: Training drives user accountability, understanding, and acceptance of obligatory security policies It is imperative that regular renewal of security awareness training occurs

© ITT Educational Services, Inc. All rights reserved.Page 10 IS3220 Information Technology Infrastructure Security Security Awareness  Defines, informs, explains, and teaches users the principles and importance of security  Every user in an organization has a part to play in upholding company security  Awareness and education may be tailored to job specific or role specific content  Policies and procedures are driven by people Without mechanisms to aid users in secure network use, much of the work put into implementing best practices for network security may become disreputable

© ITT Educational Services, Inc. All rights reserved.Page 11 IS3220 Information Technology Infrastructure Security Network Security Assessments Q: What is a network security assessment? A: The process of judging, testing, and evaluating a deployed security solution

© ITT Educational Services, Inc. All rights reserved.Page 12 IS3220 Information Technology Infrastructure Security Conducting Network Security Assessments  Perform a risk assessment  Execute the security assessment: 1. Perform configuration scanning 2. Perform vulnerability scanning 3. Execute penetration testing  Perform a post-mortem assessment review

© ITT Educational Services, Inc. All rights reserved.Page 13 IS3220 Information Technology Infrastructure Security Security Information and Event Monitoring (SIEM)  A SIEM is a tool that allows for automation of log and event centralization and analysis  Functions of a SIEM Log centralization Log management Log monitoring  Purposes of a SIEM Incident detection Incident response and alerting

© ITT Educational Services, Inc. All rights reserved.Page 14 IS3220 Information Technology Infrastructure Security Commonly Available SIEM Tools  enVision  Qradar  Eventia  Security Manager  nDepth  Student should check this tools online.

© ITT Educational Services, Inc. All rights reserved.Page 15 IS3220 Information Technology Infrastructure Security Commonly Available Network Monitoring Tools (Open Source)  Nagios – network management and monitoring  SmokePing –monitors network latency Can visualize the entire network  GroundWork – highly scalable network management and monitoring  Ganglia – geared toward clusters and grids  Cacti  Ntop

© ITT Educational Services, Inc. All rights reserved.Page 16 IS3220 Information Technology Infrastructure Security Commonly Available Network Monitoring Tools (Commercial)  WhatsUp Gold Proactive monitoring and management tool  Iris Network traffic monitoring and analysis tool

© ITT Educational Services, Inc. All rights reserved.Page 17 IS3220 Information Technology Infrastructure Security Considerations for the Future State of Firewalls and VPNs as Part of Network Security Strategies  Threats  Firewall capabilities  Encryption  Authentication  Metrics  Industry focus  Cloud security  Mobile device security  IPv6 support

© ITT Educational Services, Inc. All rights reserved.Page 18 IS3220 Information Technology Infrastructure Security Integration of Firewalls and VPNs into Network Security Strategies  Functions Enhanced threat management Authentication Encryption  Value Add Confidentiality Integrity Availability

© ITT Educational Services, Inc. All rights reserved.Page 19 IS3220 Information Technology Infrastructure Security Assignment and Lab  Discussion 10.1 Incident Response Strategies  Lab 10.2 in lab manual. See Vlab  Assignment 10.3 Postincident Executive Summary Report

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.