CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
© 2008 Carnegie Mellon University Preventing Insider Threats: Avoiding the Nightmare Scenario of a Good Employee Gone Bad Dawn Cappelli October 31, 2008.
Mr C Johnston ICT Teacher
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
What Is My Role in Information Survivability? Why Should I Care? Julia H. Allen Networked Systems Survivability CERT ® Coordination Center Software Engineering.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Security+ Guide to Network Security Fundamentals
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Computer Security: Principles and Practice
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
© 2003 by Carnegie Mellon University page 1 Information Security Risk Evaluation for Colleges and Universities Carol Woody Senior Technical Staff Software.
Network security policy: best practices
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Introduction to Network Defense
Securing Information Systems
Storage Security and Management: Security Framework
General Awareness Training
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
What is FORENSICS? Why do we need Network Forensics?
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
Security Architecture
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
GGF Fall 2004 Brussels, Belgium September 20th, 2004 James Marsteller Pittsburgh Supercomptuing Center
Information Systems Security Operational Control for Information Security.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Appendix C: Designing an Operations Framework to Manage Security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
Chapter 2 Securing Network Server and User Workstations.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Chap1: Is there a Security Problem in Computing?.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Chap 8: Administering Security.  Security is a combination Technical – covered in chap 1 Administrative Physical controls SE571 Security in Computing.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
Incident Response Christian Seifert IMT st October 2007.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Jason Ewing. What is an Intrusion Why Detecting Signs of Intrusion is Important? Types of Intrusion Detection Systems (IDS) Approaches for Detection Anomaly.
Welcome to the ICT Department Unit 3_5 Security Policies.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Securing Network Servers
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
I have many checklists: how do I get started with cyber security?
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
INFORMATION SYSTEMS SECURITY and CONTROL
PLANNING A SECURE BASELINE INSTALLATION
CERT® System and Network Security Practices
Presentation transcript:

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education, held at George Mason University in Fairfax, VA on May 22-24, 2001 Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2001 by Carnegie Mellon University ® CERT, CERT Coordination Center, and Carnegie Mellon are registered in the U.S. Patent and Trademark Office

page 2 © 2001 by Carnegie Mellon University The Problem - in the Large 85% of respondents to Computer Security Institute/FBI 2001 survey reported security breaches (70%, 2000; 62% 1999)* 186 organizations (35%) able to quantify financial loss reported $377.8M (273 organizations [51%], $265.6M in 2000 survey) - theft of proprietary information and financial fraud most serious 70% cited their Internet connection as a frequent point of attack (59% in 2000 survey) *Computer Crime and Security Survey, Computer Security Institute and the FBI, 2001,

page 3 © 2001 by Carnegie Mellon University The Problem - as Viewed by Administrators Lack of management understanding and guidance Lack of or arbitrary priorities (business goals, assets, threats, risks, protection strategies) Lack of time, resources, and qualified staff New and mutating attacks, new vulnerabilities Insecure products, bad patches

page 4 © 2001 by Carnegie Mellon University

page 5 © 2001 by Carnegie Mellon University Harden/Secure Install the minimum essential operating system and all applicable patches Remove all privilege/access and then add back in only as needed (“deny first, then allow”) Address user authentication mechanisms, backups, virus detection/eradication, remote administration, and physical access Record and securely store integrity checking (characterization) information

page 6 © 2001 by Carnegie Mellon University Prepare Identify and prioritize critical assets, level of asset protection, potential threats, detection and response actions, authority to act. Identify data to collect and collection mechanisms Characterize all assets, establishing a trusted baseline for later comparison Identify, install, and understand detection and response tools Determine how to best capture, manage, and protect all recorded information

page 7 © 2001 by Carnegie Mellon University Detect Ensure that the software used to examine systems has not been compromised Monitor and inspect network and system activities Inspect files and directories for unexpected changes Investigate unauthorized hardware Looks for signs of unauthorized physical access Initiate response procedures

page 8 © 2001 by Carnegie Mellon University Respond Analyze all available information; determine what happened Disseminate information per policy, using secure channels Collect and preserve evidence, including chain of custody Contain damage Eliminate all means of intruder access Return systems to normal operation

page 9 © 2001 by Carnegie Mellon University Improve Identify lessons learned; collect security business case information Install a new patch (re-harden); uninstall a problem patch Update the configuration of alert, logging, and data collection mechanisms Update asset characterization information Install a new tool; retire an old tool Update policies, procedures, and training

page 10 © 2001 by Carnegie Mellon University For More Information The CERT ® Guide to System and Network Security Practices, Addison-Wesley, June Phone:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.