Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.

Slides:

Advertisements

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Advertisements

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Controls for Information Security

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Payment Card Industry (PCI) Data Security Standard

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Computer Security Dylan, Robert, Matanel, Jordan.

Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

PCI: As complicated as it sounds? Gerry Lawrence CTO

Security Services Agenda Overview of HEAnet security services HEAnet CERT (Computer Emergency Response) Anti-Spam RBL (Real time blacklist service) HEAnet.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Trey Shaffer PostNet.com OneCo.net.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

U of Maryland, Baltimore County Risk Analysis of Critical Process –Financial Aid Adapted STAR model –Focus on process and information flow –Reduced analysis.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.

Note1 (Admi1) Overview of administering security.

Awicaksi E-Commerce Security & Payment System E-Commerce.

Module 11: Designing Security for Network Perimeters.

Introduction to Information Security

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

©Dr. Respickius Casmir Network Security Best Practices – Session 2 By Dr. Respickius Casmir.

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

Chapter 10: Ethics, Privacy, and Security Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter

Janis Buikauskis Joe Kubena Kyle Nelson Chris Schrader.

1 NES554: Computer Networks Defense Course Overview.

Policies and Security for Internet Access

MIS323 – Business Telecommunications Chapter 10 Security.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Koustav Sadhukhan, Rao Arvind Mallari and Tarun Yadav DRDO, Ministry of Defense, INDIA Cyber Attack Thread: A Control-flow Based Approach to Deconstruct.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.

Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.

Chapter 6: Securing the Cloud

Security Risk Profiles – Tips and Tricks

Secure Software Confidentiality Integrity Data Security Authentication

Capabilities Matrix Access and Authentication

Lifecycle Services for Advanced Wireless LAN (LCSAWLAN) practice-questions.html.

Network Services, Cloud Computing, and Virtualization

Security in Networking

I have many checklists: how do I get started with cyber security?

By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union

Unit 27: Network Operating Systems

ISMS Information Security Management System

Security Essentials for Small Businesses

Identity & Access Management

How to Mitigate the Consequences What are the Countermeasures?

Encryption and Hacking

Security week 1 Introductions Class website Syllabus review

Cybersecurity Threat Assessment

Cybersecurity and Cyberhygiene

Presentation transcript:

Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004

Introduction Who am I? Who are you? What are your biggest security concerns? Why are we here?

Today’s Tasks We will be designing a virtual network in phases –Review – discuss impact of each security component –Design – Choose a specific implementation for your virtual network Once the network is complete, we will attack and defend it.

Security Components Policies Physical Design/Infrastructure Required Services Security Services

Policies AUP Physical Host security Network security Incident Response Risk assessment Awareness Data security, etc…

AUP Strong passwords and good password management Current patches Current malware protection Safe Safe browsing

Host/Network Security Users implementing infrastructure Professional management Minimum services Minimum access Vulnerability Assessment

Physical Design/Infrastructure

Required Services DHCP DNS Mail Web

Security Services IDS Firewall Authentication Gateways Patch/AV management

Security Services contd. Secure proxies Security management platforms Flow monitoring/analysis Vulnerability Assessment

Put it all Together Take some time to fill in the gaps if necessary

Hacking the Matrix Now we’ll attack and defend our simulated networks to better understand them.

Notes

Debriefing What changes could you have made to better protect your network? Are those changes worth implementing? Can all attacks be prevented?

Questions/Comments? Jordan Wiens