Computer & Info Security Instructor: David Wilkeson, CISSP Class Website: Grades based on: 6 Homework Projects 6 Homework Projects 6 Papers 6 Papers Group Project Group Project Final Exam Final Exam

Text: All In One CISSP Certification Exam Guide Access Control Systems & Methodology Access Control Systems & Methodology Telecommunications & Network Solutions Telecommunications & Network Solutions Security Management Practices Security Management Practices Application & Systems Development Security Application & Systems Development Security Cryptography Cryptography Security Architecture & Models Security Architecture & Models Operations Security Operations Security Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP) Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP) Law, Investigations, and Ethics Law, Investigations, and Ethics Physical Security Physical Security

You and Jobs Backgrounds? Infosec Job Availability International Information Systems Security Certification Consortium (ISC 2 ) Certifications Certified Information Systems Security Professional (CISSP) Certified Information Systems Security Professional (CISSP) Systems Security Certified Practitioner (SSCP) Systems Security Certified Practitioner (SSCP)

Global Information Assurance Certifications (GIAC) Developed by The SANS (SysAdmin, Audit, Network, Security) Institute Developed by The SANS (SysAdmin, Audit, Network, Security) Institute GIAC Security Essentials Certification (GSEC) GIAC Security Essentials Certification (GSEC) GIAC Certified Firewall Analyst (GCFW) GIAC Certified Firewall Analyst (GCFW) GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Intrusion Analyst (GCIA) Certified Information Systems Auditor (CISA) Vendor Specific Certifications Microsoft Microsoft Linux/Unix Linux/Unix Cisco Cisco Oracle Oracle CheckPoint CheckPoint

State of InfoSec - CERT Statistics -

- SANS Internet Storm Center Statistics -

cboss

Why? Computers no longer in “closed environment” More distributed computing More connectivity, more bandwidth, always on More neophyte computer users More computers in unstable/anti-Western countries More telecommuters, more connected business partners

How? Information Warfare Government vs. Government Government vs. Government Activist/Terror Group vs. Government/Corp Activist/Terror Group vs. Government/Corp Individual vs. Government/Corp/Group Individual vs. Government/Corp/GroupHactivism Corp vs. Corp Corp vs. Corp Communications disruption Chinese Code Red Virus Chinese Code Red VirusEspionage Public embarrassment Propaganda

Criminal Activities Electronic money theft Electronic money theft Blackmail Blackmail CD Universe incident Identity theft Identity theft Fraud, Ponzi schemes Fraud, Ponzi schemes Help get money out of Nigeria for a cut scam Great stock tip spam “Joy riding” Viruses – modern graffiti Viruses – modern graffiti Melissa Virus I Love You Web site defacement Web site defacement Denial of service attacks Denial of service attacks Attacks on Yahoo, eBay, Amazon, Buy.com in 2000

Financial Losses? Very hard to quantify No standard definition of “intrusion” No standard definition of “intrusion” What costs should be included? What costs should be included? Loss of “potential” revenue? IP? Loss of “potential” revenue? IP? Long term effects on revenue? Long term effects on revenue? According to FBI 2002 Computer Crime and Security Survey 2002 Computer Crime and Security Survey2002 Computer Crime and Security Survey 80% of respondents reports breeches resulting in financial loss 80% of respondents reports breeches resulting in financial loss 43% quantified losses at a combined $455,848,000 43% quantified losses at a combined $455,848, Survey quantified losses at $265,000, Survey quantified losses at $265,000,000 Only 34% reported losses to law enforcement (up from 16% in 1996) Only 34% reported losses to law enforcement (up from 16% in 1996)

Fighting Back! Increased awareness of computer security issues New, tougher laws Emphasis on computer security included in Homeland Security efforts More trained law enforcement Acceptance of Common Criteria indicates more Worldwide cooperation

The Researchers CERT Coordination Center ( SANS Institute ( SecurityFocus ( Neohapsis ( Internet Security Systems ( Microsoft (

The CyberCrime Fighters FBI Infrastructure Protection and Computer Intrusion Squad Infrastructure Protection and Computer Intrusion Squad Awareness of National Security Issues & Response (ANSIR) Awareness of National Security Issues & Response (ANSIR)CIANSA U.S. Dept. of Justice Computer Crime and Intellectual Property Section (CCIPS) Computer Crime and Intellectual Property Section (CCIPS) Dept. of Defense U.S. Army U.S. Army Defense Information Systems Agency ( Defense Information Systems Agency (

National Infrastructure Protection Center ( InfraGuard ( Ohio Attorney General’s Bureau of Criminal Investigation Computer Crimes Task Force Attorney General’s Bureau of Criminal Investigation Computer Crimes Task Force State Highway Patrol State Highway Patrol Every large police department Banking Institutions Healthcare Organizations Large and medium corporations

The Information Sources National Institute of Standards and Technology’s ICAT (icat.nist.gov) icat.nist.gov CERT/CCSecurityfocus Virus Databases Symantec Symantec Symantec McAfee McAfee McAfee F-Secure F-Secure F-Secure

Terminology & Jargon Hacker/CrackerPhreaker Script Kiddie White Hat Black Hat Grey Hat VulnerabilityExploitRiskCompromisePenetrationAttack Passive Active Countermeasure/ Safeguard InfoSecCIOCTOCSO

CVE Best Practices IDSFirewallCryptography Encryption Encryption Decryption DecryptionVirusWorm Trojan Horse Social Engineering Backdoor/Trapdoor Root kit DoS/DDoSVPNWEP