This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Security Awareness: Applying Practical Security in Your World
Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals
Intrusion Detection Systems and Practices
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Computer Security: Principles and Practice
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
seminar on Intrusion detection system
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Network security policy: best practices
Incident Response Updated 03/20/2015
EC4019PA Intrusion & Access Control Technology (IACT) Chapter 4- CAMS Prepared by Sandy Tay.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.
IT Control Objectives for Sarbanes-Oxley
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
IDENTITY THEFT. RHONDA L. ANDERSON, RHIA, PRESIDENT ANDERSON HEALTH INFORMATION SYSTEMS, INC.
I MPLEMENTING IT S ECURITY FOR S MALL AND M EDIUM E NTERPRISES Short Presentation by Subhash Uppalapati. - Edgar R. Weippl and Markus Klemen.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Copyright © 2007 Pearson Education Canada 1 Chapter 1: The Demand for Auditing and Assurance Services.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Note1 (Admi1) Overview of administering security.
 Is the process of conducting an exhaustive physical examination and thorough inspection of all operational systems and procedures of a facility.
Component 8/Unit 6aHealth IT Workforce Curriculum Version 1.0 Fall Installation and Maintenance of Health IT Systems Unit 6a System Security Procedures.
Wireless Intrusion Prevention System
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Role Of Network IDS in Network Perimeter Defense.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
CWNA Guide to Wireless LANs, Third Edition Chapter 11: Managing a Wireless LAN.
Incident Response Christian Seifert IMT st October 2007.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
CompTIA Security+ Certification Exam SY COMPTIA SECURITY+SY0-401 Q&A is a straight forward,efficient,and effective method of preparing for the new.
JANELL LAYSER Training Manual. AWARENESS! Social Engineers are out there, and everyone should be prepared to deal with them! They can contact you by phone,
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Some Great Open Source Intrusion Detection Systems (IDSs)
Responding to Intrusions
I S P S loss Prevention.
Joe, Larry, Josh, Susan, Mary, & Ken
Security in Networking
IS4680 Security Auditing for Compliance
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Objectives Telecommunications and Network Physical and Personnel
This material is based upon work supported by the National Science Foundation under Grant #XXXXXX. Any opinions, findings, and conclusions or recommendations.
Presentation transcript:

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. NETW 05A: APPLIED WIRELESS SECURITY Functional Policy: Monitoring & Response By Mohammad Shanehsaz Spring 2005

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Objectives Security management : Explain the necessary criteria for regular wireless LAN security reporting and documentation Implement and conduct timely and consistent reporting procedures Implement & maintain wireless LAN security checklist

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Objectives Explain how to identify and prevent social engineering Educate staff and security personnel Implementation and enforcement of corporate policy regarding social engineering Security marketing and propaganda campaigns to heighten awareness

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. This lecture covers Physical Security Social Engineering Reporting Response Procedures

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Physical Security Physical security begins with allowing only authorized personnel into and out of the organization’s premises, by implementing security and educating staff about the risks prevent placement of Rogue access points and Ad Hoc networks on the wired network, and data flooding. RF jamming is more difficult to prevent, detect, or block, but it can be done by putting up high fences that block RF transmissions around facility, or using mesh substances in the wall

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Physical Security Security policy must include documentation on physical security, procedures for authorizing visitors or technicians who show up to repair and upgrade systems, how rogues will be found, how often the area will be scanned and what to do when rogues are found

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Social Engineering By training employees and help desk staff we can raise their awareness to recognize and prevent social engineering. Social engineering attacks come in many forms such as: Dumpster diving - searching through the trash Phone calls - attackers try to locate willing and helpful people from whom to obtain information such as usernames and password and IM (instant messaging ) - a social engineer gathers a phone directory and information on the standard naming conventions for IM, and then masquerades as a legitimate employee

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Social Engineering Prevention Some of the procedures support and administrative personnel should adhere to are: Positively identify the person that is calling or requesting help Use established, secure channels for passing security information Report suspicious activity or phone calls Establish procedures that eliminate password exchanges Shred company documents before throwing them in the trash

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Social Engineering Prevention A well-educated employee is the best defense against social engineering attempts, they must become familiar with what types of attacks may occur, what to look for, and how to respond to incident An organization’s security policy should dictate proper response procedures for social engineering threat

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Social Engineering Audits To reduce the threat of social engineering have defenses tested for weaknesses by penetration tests, including social engineering attacks against organizational staff, performed by security professionals

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Reporting Reports that are generated as part of security monitoring procedures can provide valuable information on how the network is being utilized as well as where attacks are occurring. A proper reporting policy will include information on who is accountable for generating the reports and who is responsible for reading the reports in a timely manner Training should also be required for the reviewers System logs and IDS logs can be used to detect anomalies and attacks on a network Traffic baselining of data flow establishes which users or devices are utilizing the most WLAN bandwidth

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Response Procedures Response procedures endeavor to detect and properly react to intrusions A security policy should define the steps to take after an intrusion has been recognized, to prevent the attack from occurring again

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Recommended steps for response procedures Positive identification Administrator must be properly trained to distinguish between an attack and false positives Confirmed attack After an attack has taken place, damage must be assessed and confirmed, and appropriate managers should be notified

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Recommended steps for response procedures Immediate action If an attack has taken place follow the documented security policy to implement the appropriate procedures for each type of attack scenario Documentation Document all attack findings in a standard form generated by the organization and add to the security policy Reporting Notify the appropriate authorities, Corporate legal counsel, police and even IT forensics experts

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Resources CWSP certified wireless security professional, from McGraw-Hill