Module 1: Introduction to Designing Security

Slides:



Advertisements
Similar presentations
Planning and Administering Windows Server® 2008 Servers
Advertisements

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Incident Response Managing Security at Microsoft Published: April 2004.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Appendix B: Designing Policies for Managing Networks.
Module 4: Implementing User, Group, and Computer Accounts
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Microsoft Technology Associate
Stephen S. Yau CSE , Fall Security Strategies.
Risk Management Vs Risk avoidance William Gillette.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Storage Security and Management: Security Framework
Understanding Security Layers
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Module 14: Configuring Server Security Compliance
Chapter 6 of the Executive Guide manual Technology.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Module 2: Creating a Plan for Network Security. Overview Introduction to Security Policies Designing Security by Using a Framework Creating a Security.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Appendix C: Designing an Operations Framework to Manage Security.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Note1 (Admi1) Overview of administering security.
Module 6: Designing Security for Network Hosts
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Module 11: Designing Security for Network Perimeters.
Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.
Introduction to Information Security
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Module 2: Designing Network Security
Module 11: Planning and Implementing an Active Directory Infrastructure.
Overview of Network Security. Network Security2 New Challenges 1.Security does not focus on a “product” only; it is a process and focuses on the whole.
Module 7: Designing Security for Accounts and Services.
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
SELF-DEFENDING NETWORK. CONTENTS Introduction What is Self Defending Network? Types of Network Attacks Structure of Self Defending Network Conclusion.
Module 5: Designing Physical Security for Network Resources
Information Systems Security
CS457 Introduction to Information Security Systems
OIT Security Operations
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
“Introduction to Azure Security Center”
Understanding Security Layers
Microsoft Dumps PDF CompTIA SY0-501 Dumps PDF CompTIA Security+ Certification RealExamCollection.com.
CMGT 431 Competitive Success/snaptutorial.com
CMGT 430 Competitive Success/snaptutorial.com
CMGT 431 Education for Service-- snaptutorial.com.
CMGT 431 STUDY Lessons in Excellence--cmgt431study.com.
CMGT 430 Education for Service/snaptutorial.com
CMGT 431 Teaching Effectively-- snaptutorial.com.
CMGT 430 Teaching Effectively-- snaptutorial.com.
Understanding Security Layers
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
How to Mitigate the Consequences What are the Countermeasures?
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
Delegation of Control Manage Active Directory Objects 3.7
Cyber Security in a Risk Management Framework
Security Policies and Implementation Issues
Microsoft Üzleti Megoldások Konferencia 2005
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Presentation transcript:

Module 1: Introduction to Designing Security

Overview Overview of Designing Security for Microsoft Networks Introducing Contoso Pharmaceuticals: A Case Study

Lesson 1: Overview of Designing Security for Microsoft Networks Why Invest in Network Security? What Are the Key Principles of Security? The Relationship Between Security Design and Implementation Typical Elements That Require Security in Microsoft Networks Designing Security

Why Invest in Network Security? External Attackers Internal Attackers Incorrect Permissions Corporate Assets Virus Worms

What Are the Key Principles of Security? Definition Defense in Depth Provide multiple layers of protection Least Privilege Grant the least amount of privilege or permissions necessary to perform the required task Minimized Attack Surface Reduce vulnerable points on a network

The Relationship Between Security Design and Implementation Ensures a logical and carefully planned strategy for securing an organizations assets Ensures security is applied throughout the organization in a controlled and logical manner Creates policies and procedures Security Implementation Applies the policies and procedures created during the design Ensures that they are deployed consistently

Typical Elements That Require Security in Microsoft Networks Elements in a Microsoft Network Physical security Hosts Accounts and Services Authentication Data Data Transmission Network Perimeters Branch Office Networks Wireless Perimeter Networks Remote Users

Designing Security Module Phase Task 2 3 4 5-11 12 A, B, C Creating a Design Team Include diverse membership to ensure success and buyoff across organization 3 Performing Threat Modeling Predict attacks to assets 4 Performing Risk Management Analyze and prioritize risk 5-11 Designing Security Measures Create policies and procedures to prevent threats from occurring 12 Detecting and Reacting Detect occurrence and respond to a security incident A, B, C Ongoing Security Management Create policies for managing networks

Lesson 2: Introducing Contoso Pharmaceuticals: A Case Study Introduction to Contoso Pharmaceuticals The IT Security Consultant Role Key Personnel at Contoso Pharmaceuticals Introduction to the Lab Environment

Introduction to Contoso Pharmaceuticals Is a fictional company used throughout this course In each lab, you are a consultant hired to explore Contoso’s security problems and design solutions for the company

The IT Security Consultant Role In each lab, you are a consultant hired to explore the security problems experienced by Contoso Pharmaceuticals and design solutions for the company Branch Office Networks Headquarters Networks Perimeter Networks Wireless Remote Users

Key Personnel at Contoso Pharmaceuticals Garth Fort CEO Ellen Adams CIO Thomas Hamborg CFO John Y. Chen IT Administrator Susan Burk VP Research Michiko Osada Business Analyst

Introduction to the Lab Environment In each lab: Read interviews, e-mail, and other documents Determine the goals for the lab Write your answer Discuss your answers as a class

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.