1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Slides:

Advertisements

Similar presentations

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Advertisements

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Paula Kiernan Senior Consultant Ward Solutions

System and Network Security Practices COEN 351 E-Commerce Security.

Chapter 7 HARDENING SERVERS.

Chapter 6: Configuring Security. Options for Managing Security Configurations LGPO (Local Group Policy Object) –Used if Computer is not part of a domain.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Installing and Configuring a Secure Web Server COEN 351 David Papay.

Security Guidelines and Management

Module 8: Implementing Administrative Templates and Audit Policy.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Securing Operating Systems Chapter 10. Security Maintenance Practices and Principles Basic proactive security can prevent many problems Maintenance involves.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Troubleshooting Windows Vista Security Chapter 4.

Module 14: Configuring Server Security Compliance

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

Chapter 6 of the Executive Guide manual Technology.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Module 15 Managing Windows Server® 2008 Backup and Restore.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Database Role Activity. DB Role and Privileges Worksheet.

Chapter 2 Securing Network Server and User Workstations.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Security fundamentals Topic 2 Establishing and maintaining baseline security.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Module 10: Implementing Administrative Templates and Audit Policy.

Computer Security By Duncan Hall.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

CPT 123 Internet Skills Class Notes Internet Security Session B.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Windows Administration How to protect your computer.

Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.

Computer Security Sample security policy Dr Alexei Vernitski.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Chapter 12 Operating System Security. Possible for a system to be compromised during the installation process before it can install the latest patches.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

Securing Network Servers

Working at a Small-to-Medium Business or ISP – Chapter 8

Configuring Windows Firewall with Advanced Security

CompTIA Server+ Certification (Exam SK0-004)

Secure Software Confidentiality Integrity Data Security Authentication

LAND RECORDS INFORMATION SYSTEMS DIVISION

Chapter 27: System Security

Lesson 16-Windows NT Security Issues

IS4680 Security Auditing for Compliance

PLANNING A SECURE BASELINE INSTALLATION

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

1 Chapter 8 Fundamentals of System Security

2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of use Explore preventive system security controls Understand available detective system security controls Learn effective backup strategies that can be used as corrective security controls

3 Trade-offs Security vs. –Network communication speed –System resources usage –Security application ease of use QoSS – Quality of Security Service –Security services vs. performance

4 Preventive System Security Physical security –No unauthorized individuals should access systems –No one should be able to indirectly harm IT systems –Physical access should be tracked

5 Preventive System Security Vulnerability management –Receive security advisories from trusted source –Apply patches or workarounds in a timely manner –Test systems to ensure patches are applied

6 Preventive System Security Minimize unneeded software –Uninstall unused applications –Disable unnecessary services –Uninstall unnecessary drivers

7 Preventive System Security Software development tools allow for building malicious tools on the fly –Compilers (e.g., C) –Interpreters (e.g., Java) –Limit the use of software development tools and strictly forbid those tools on systems connected to the Internet

8 Preventive System Security Users –Remove or disable guest accounts –Rename administrator and other default accounts –Review users periodically to ensure: User is still an employee User still needs access –Group management

9 Preventive System Security Passwords should: Be 8 characters or more in length Contain both uppercase and lowercase characters Contain numbers and symbols Not contain the user name Not contain words commonly found in the dictionary Not contain more than two repeating characters

10 Preventive System Security Passwords policies should: Require passwords be changed every 90 days Require 10 different passwords before any can be reused Lock accounts after 5 invalid login attempts Disable user accounts indefinitely when lock out occurs

11 Preventive System Security Authentication alternatives: Biometrics Hardware-based keys Certificates Smart Cards

12 Preventive System Security

13 Preventive System Security Access control Rights management Principle of least privilege Access control list (ACL) Execution control list (ECL)

14 Preventive System Security Web server Isolate within DMZ Restrict script execution CGI scripts Restrict scripts to one directory Allow only authorized users Review client-side vs. server-side scripts

15 Preventive System Security Web server Use nonprivileged accounts Protect files with OS permissions Disable directory listings Require the use of SSL

16 Preventive System Security Remote administration tools Restrict access to authorized users Use encryption: SSH, SCP, etc.

17 Preventive System Security Testing Test servers prior to placing them in production Test security patches and workarounds Ensure security controls are applied to testing environments Disconnect network Segregate test lab via firewalls Deploy security controls

18 Detective System Security Antivirus Use active malware checking Schedule regular AV scans Update AV signatures regularly

19 Detective System Security Auditing and Logging Audit system events: Logs cleared Logon failures and successes System restarts and shutdowns Rights changes or group membership changes Object access

20 Detective System Security Auditing and Logging Use log analysis tools Baseline activity Store logs for 90 days

21 Detective System Security Firewalls Block unwanted traffic at system level Log network traffic HIDS Detect malicious activity at system level Alert on specific events

22 Detective System Security Policy verification Ensure passwords have been changed Ensure password policies are followed Check file permissions on critical OS files Check that auditing facilities are enabled Check to make sure AV products are up-to- date

23 Corrective System Security Backups Keep original installation media Schedule regular backups Choose backup device to hold all pertinent data Schedule backups to capture all changes Choose backup type: full, incremental, or differential Properly store backup media

24 Summary System security may come at the price of performance or usability. It is important to consider the pros of the security offered against the cons of reduced resources or increased system complexity. Physical security ensures that attackers do not gain access by physically manipulating systems. Effective vulnerability management can greatly improve the overall security of systems without an enormous cost to the organization. Minimizing the software available on systems reduces the doors available to abusers.

25 Summary Strict user and password controls ensure that the “keys” to systems do not fall into the wrong hands. Access control lists (ACLs) and execution control lists (ECLs) allow administrators to manage the rights assigned to users. Web server applications present a large security exposure to a company’s IT environment. Preventive controls must be applied to secure all Web servers. Remote administration tools should be tightly controlled to prevent abusers from using these tools for malicious purposes.

26 Summary Systems that are used for development and testing generally do not adequately enforce security controls and should be “quarantined” from the normal production systems. Antivirus software protects systems against dangerous software code. Firewalls can be employed at the system level to further protect systems from malicious network traffic. Host intrusion detection offers real-time detection of malicious activities occurring on systems. An effective backup strategy helps organizations recover whenever malicious activity damages the environment.