Summer, 2015 1.

Slides:

Advertisements

Similar presentations

Welcome Cyber Defense Bootcamp for High School Teacher

Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

DHS, National Cyber Security Division Overview

1 Telstra in Confidence Managing Security for our Mobile Technology.

RFB&D’s Learning Through Listening ™. About RFB&D National non profit World’s largest lending library of audio textbooks 90,000+-volume library.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE , Fall Security Strategies.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.

SEC835 Database and Web application security Information Security Architecture.

Storage Security and Management: Security Framework

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Created by Curt Harrell & Jesse Kuzy for THE DEPARTMENT OF HOMELAND SECURITY.

Anderson School of Management University of New Mexico.

Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.

Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security.

Computer & Network Security

2010 Test Security 2011 Campus Test Coordinator Training Test Security January 26, 2011 Freeport Intermediate school.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Copyright © Allyn & Bacon 2008 POWER PRACTICE Chapter 11 Issues in Implementing Technology in Schools START This multimedia product and its contents are.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/

Wrap-up. Goals Have fun! Teach you about Cyber Defense so that you can: –Interest your students in Cyber Defense –Teach your students about Cyber Defense.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Information Security What is Information Security?

JMU GenCyber Boot Camp Summer, Welcome Cyber Defense Boot camp for High School Teachers Cyber Defense Lab (ISAT/CS Room 140) Department of Computer.

Center for Cybersecurity Research and Education (CCRE)

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

CSCE 548 Secure Software Development Security Operations.

JMU GenCyber Boot Camp Summer, Introduction to Penetration Testing Elevating privileges – Getting code run in a privileged context Exploiting misconfigurations.

UNCLASSIFIED 1 National Security in Cyberspace: It Takes a Nation Sandra Stanar-Johnson NSA/CSS Representative to the Department of Homeland Security February.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Overview of Network Security. Network Security2 New Challenges 1.Security does not focus on a “product” only; it is a process and focuses on the whole.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

Resources for Meeting Internet Safety Requirements Cheryl Elliott James Madison University Bill Johnsen Virginia Beach City Public Schools Educational.

Information Security tools for records managers Frank Rankin.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.

Best Cyber Security Practices for Counties An introduction to cybersecurity framework.

Cybersecurity: Risk Management

JMU GenCyber Boot Camp Summer, 2016

CS457 Introduction to Information Security Systems

3 Do you monitor for unauthorized intrusion activity?

Information Security, Theory and Practice.

Cyber Warfare and Importance of Cyber Awareness

Presented By Michelle Decker

Cybersecurity First Principles

Security Standard: “reasonable security”

Cybersecurity Education & Awareness Overview

UNIT I INTRODUCTION Growing IT Security Importance and New Career Opportunities – Becoming an Information Security Specialist – Conceptualizing.

Joe, Larry, Josh, Susan, Mary, & Ken

Cybersecurity: Threat Matrix

Risk MENTORING Alberta Construction Safety Association.

Cybersecurity Awareness

Microsoft Dumps PDF CompTIA SY0-501 Dumps PDF CompTIA Security+ Certification RealExamCollection.com.

CompTIA Security+ Study Guide (SY0-401)

JMU GenCyber Boot Camp Wrap up

How to Mitigate the Consequences What are the Countermeasures?

Cybersecurity ATD technical

Technology Convergence

Presentation transcript:

Summer, 2015 1

Goals Have fun! Teach you about Cyber Defense so that you can: Interest your students in Cyber Defense Teach your students about Cyber Defense Cyber Defense Clubs CyberPatriot Program (http://www.uscyberpatriot.org/)

Exercises Virtual machines (VMs) are great for hands-on Cyber Defense exercises You can create and use VMs with your students using free software: VirtualBox (https://www.virtualbox.org/) VMWare Player (http://www.vmware.com/products/player/)

Why You (and Your Students) Should Not Be Attackers It is illegal: United States Code, Title 18, Section 1030 (and others) USA Patriot Act, Homeland Security Act, PROTECT Act www.cybercrime.gov Basically: Unauthorized access or use of a computer or network system is illegal Unintentional attacks are illegal too

Understanding the Systems You are Defending You cannot effectively defend what you don't understand Think about what needs to be defended (security triad)

Understanding Your Adversaries Can evaluate systems you defend as attackers will Can implement countermeasures designed to thwart attackers Better understand the implications of certain decisions

Understanding Tools and Techniques at Your Disposal What security policies and mechanisms you will employ? What are your goals? Prevention Detection Recovery What policies and mechanisms are justified?

© 2015 James Madison university Cyber Defense Protect Detect Triage Respond Prepare JMU GenCyber Boot Camp © 2015 James Madison university 8 8

© 2015 James Madison university The Security Triad Confidentiality – information is protected from unauthorized access Example? Integrity – information is protected from unauthorized modification Availability – timely access to information (by authorized people) is ensured JMU GenCyber Boot Camp © 2015 James Madison university 9 9

© 2015 James Madison university GenCyber Cybersecurity First Principles Domain Separation Process Isolation Resource Encapsulation Modularity Least Privilege Abstraction Data Hiding Layering Conceptually Simple JMU GenCyber Boot Camp © 2015 James Madison university 10 10

Useful Links csrc.nist.gov/nice/ - NICE is a national campaign designed to improve the cyber behavior, skills, and knowledge of every segment of the population, enabling a safer cyberspace. securingourecity.org/- Securing Our eCity organization provides awareness of potential issues and offers free cybersecurity information and education. www.onguardonline.gov/ - OnGuardOnline.gov is the federal government’s website to help you be safe, secure and responsible online. www.mysecurecyberspace.com - A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace http://www.carnegiecyberacademy.com/ - At the Carnegie Cyber Academy, cadets complete several training missions in Cyberspace that equip them with the skills they need to be good cybercitizens and Cyber Defenders of the Internet.

Useful Links (cont) http://www.netsupportschool.com/ - NetSupport School is the class-leading training software solution, providing teachers with the ability to instruct and visually/audibly monitor, as well as interact with their students, individually, as a pre-defined group or to the whole class. http://www.consumer.ftc.gov/features/feature-0014-identity-theft - Federal trade commission provides several resources in identity theft, file sharing, and others. http://www.us-cert.gov/ - US-CERT’s mission is to improve the nation's cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks to the nation while protecting the constitutional rights of Americans. http://www.sans.org/ - The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. https://www.issa.org/ - The Information Systems Security Association's official website. http://www.nationalcyberwatch.org/ - Cyber security resources and certification information.

Final Thoughts Thank you for your participation! We hope you can use what we have learned to interest your students in Cyber Defense If we can be of assistance in the future, just ask Things to do before you leave: I9 forms for stipends Final Exam