Protection Mechanisms

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
CSE 4482: Computer Security Management: Assessment and Forensics
Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Chapter 11 Firewalls.
Firewall Configuration Strategies
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 12 Network Security.
Intrusion Detection Systems and Practices
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Department Of Computer Engineering
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Chapter 10: Authentication Guide to Computer Network Security.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packets and Protocols Security Devices and Practices.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Intranet, Extranet, Firewall. Intranet and Extranet.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Chapter 6: Packet Filtering
1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Internet Firewalls What it is all about Concurrency System Lab, EE, National Taiwan University R355.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
NETWORKING FUNDAMENTALS. Network+ Guide to Networks, 4e2.
Security fundamentals Topic 10 Securing the network perimeter.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Role Of Network IDS in Network Perimeter Defense.
Technical Devices for Security Management Kathryn Hockman COSC 481.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Intrusion Detection and Prevention Systems By Colton Delman COSC 454 Information Assurance Management.
Security Methods and Practice CET4884
Security fundamentals
MANAGEMENT of INFORMATION SECURITY Second Edition.
CompTIA Security+ Study Guide (SY0-401)
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Security Methods and Practice CET4884
Computer Data Security & Privacy
Security Methods and Practice CET4884
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Introduction to Networking
CompTIA Security+ Study Guide (SY0-401)
* Essential Network Security Book Slides.
An Introduction to Computer Networking
Protection Mechanisms in Security Management
Presentation transcript:

Protection Mechanisms CC3020N Fundamentals of Security Management Lecture 6 Protection Mechanisms

Learning Objectives Understand access control approaches, including authentication, authorization, and biometric access controls. Define and identify the various types of firewalls and the common approaches to firewall implementation. Identify and describe the types of intrusion detection systems and the two strategies on which they are based. Discuss the current issues in dial-up access and protection. Learning Objectives Upon completion of this material you should be able to: Define information security policy and understand its central role in a successful information security program Know the three major types of information security policy often used and what goes into each type. Develop, implement, and maintain various types various types of information security policies Slide 2 2

Introduction Focus: Protection Mechanisms Technical controls can be an important part of an information security program. However, they must also be combined with sound policy and education, training, and awareness efforts. Some of the most powerful and widely used technical security mechanisms include: Access controls Firewalls Intrusion detection systems Dial-up protection Scanning and analysis tools* Encryption systems* Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 3 3

Sphere of Security Slide 4 Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 4 4

Access Control Devices Access control encompasses two processes: Authentication: Confirming the identity of the entity accessing a logical or physical area Authorization: Determining which actions that entity can perform in that physical or logical area A successful access control approach, whether intended to control physical access or logical access, always consists of both authentication and authorization. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 5 5

Authentication Mechanisms Types of authentication mechanism Something you know Something you have Something you are Something you produce A strong authentication uses at least two different authentication mechanism types. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 6 6

Something You Know This type verifies the user’s identity by means of a password, passphrase, or other unique code A password is a private word or combination of characters that only the user should know. A passphrase is a plain-language phrase, typically longer than a password, from which a virtual password is derived. A good rule of thumb is to require that passwords be at least eight characters long and contain at least one number and one special character. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 7 7

Something You Have This type makes use of something (a card, key, or token) that the user or the system possesses One example is a dumb card (such as an ATM card) with magnetic stripes. Another example is the smart card containing a processor. Another device often used is the cryptographic token, a processor in a card that has a display. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 8 8

Something You Are This type takes advantage of something inherent in the user that is evaluated using biometrics. Most of the technologies that scan human characteristics convert these images to obtain some form of minutiae—unique points of reference that are digitized and stored in an encrypted format. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 9 9

Something You Produce This type of authentication makes use of something the user performs or produces. It includes technology related to signature recognition and voice recognition. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 10 10

Recognition Characteristics Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 11 11

Evaluating Biometrics Biometric technologies are generally evaluated according to three basic criteria: The false reject rate (FRR): the percentage of authorized users who are denied access (Type I Error) – not a threat to security The false accept rate (FAR): the percentage of unauthorized users who are allowed access (Type II Error) – serious breach of security The crossover error rate (CER): the point at which the number of false rejections equals the false acceptances – optimal outcome Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 12 12

Orders of Effectiveness and Acceptance Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 13 13

Managing Access Controls To properly manage access controls, an organization must have in place a formal access control policy, which determines how access rights are granted to entities and groups. This policy must include provisions for periodically reviewing all access rights, granting access rights to new employees, changing access rights when job roles change, and revoking access rights as appropriate. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 14 14

Authorization In general, authorization can be handled by: Authorization for each authenticated user Authorization for members of a group Authorization across multiple systems (‘single sign-on’) Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 15 15

Firewalls In information security, a firewall is any device that prevents a specific type of information from moving between two networks, often the outside, known as the untrusted network (e.g., the Internet), and the inside, known as the trusted network. The firewall may be a separate computer system, a service running on an existing router or server, or a separate network containing a number of supporting devices. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 16 16

Firewall Architectures Four architectural implementations of firewalls are especially common: Packet filtering routers Screened-host firewalls Dual-homed host firewalls Screened-subnet firewalls Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 17 17

Packet Filtering Firewall Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 18 18

Packet Filtering Routers Most organizations with an Internet connection use some form of router between their internal networks and the external service provider. Many of these routers can be configured to block packets that the organization does not allow into the network. Such an architecture lacks auditing and strong authentication, and the complexity of the access control lists used to filter the packets can grow to a point that degrades network performance . Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 19 19

Screened-Host Firewall Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 20 20

Screened-Host Firewall Systems Screened-host firewall systems combine the packet filtering router with a separate, dedicated firewall such as an application proxy server. The router is used to screen packets to minimize the network traffic and load on the internal proxy. The application proxy examines an application layer protocol, such as HTTP, and performs the proxy services. This separate and single host, which is often referred to as a bastion host, represents a rich target for external attacks, and should be very thoroughly secured. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 21 21

Dual-Homed Host Firewall Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 22 22

Dual-Homed Host Firewalls In this configuration, the bastion host contains two network interfaces: one that is connected to the external network, and one that is connected to the internal network, requiring all traffic to travel through the firewall to move between the internal and external networks Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 23 23

Screened Subnet (DMZ) Slide 24 Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 24 24

Screened-Subnet Firewalls The screened-subnet firewall consists of one or more internal bastion hosts located behind a packet filtering router, with each host protecting the trusted network. This raises the level of difficulty to penetrate defense. One of the general models (in Figure 9-8) shows connections are routed as follows: Connections from the outside or untrusted network are routed through an external filtering router Connections from the outside or untrusted network are routed into—and then out of—a routing firewall to the separate network segment known as the DMZ Connections into the trusted internal network are allowed only from the DMZ bastion host servers Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 25 25

Firewall Best Practices Some of the Best Practices for Firewall Use: All traffic from the trusted network is allowed out. The firewall device is never accessible directly from the public network. Simple Mail Transport Protocol (SMTP) data is allowed to pass through the firewall, but should be routed to a SMTP gateway. All Internet Control Message Protocol (ICMP) data should be denied. Telnet (terminal emulation) access to all internal servers from the public networks should be blocked. When Web services are offered outside the firewall, HTTP traffic should be handled by some form of proxy access or DMZ architecture. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 26 26

Intrusion Detection Systems (IDSs) Information security intrusion detection systems (IDSs) work like burglar alarms. With almost all IDSs, administrators can choose the alarm level. Many IDSs can be configured to notify administrators via e-mail and numerical or text paging. Like firewall systems, IDSs require complex configurations to provide the level of detection and response desired. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 27 27

Intrusion Detection Systems (Cont.) Two system types: network based to protect network information assets host based to protect server or host information assets Two detection methods used: signature based statistical anomaly based Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 28 28

Intrusion Detection Systems (Cont.) Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 29 29

Host-Based IDS A host-based IDS works by configuring and classifying various categories of systems and data files. Such systems: monitor the access or altering of files on multiple systems often provide only a few general levels of alert notification unless the IDS is very precisely configured, mild actions can generate a large volume of false alarms easier to set up and administer than the network-based IDS due to the more specific rules and restrictions that can be set. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 30 30

Network-Based IDS Network-based IDSs monitor network traffic and, when a predefined condition occurs, notify the appropriate administrator. Such systems: look for patterns of network traffic must match known and unknown attack strategies against their knowledge base to determine whether an attack has occurred yield many more false-positive readings than host-based IDSs do, because they are attempting to read the network activity pattern to determine what is normal and what is not Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 31 31

Signature-Based IDS A signature-based IDS or knowledge-based IDS examines data traffic for something that matches the signatures, which comprise preconfigured, predetermined attack patterns The problem with this approach is that the signatures must be continually updated, as new attack strategies emerge A weakness of this method is the time frame over which attacks occur If attackers are slow and methodical, they may slip undetected through the IDS, as their actions may not match a signature that includes factors based on duration of the events Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 32 32

Statistical Anomaly-Based IDS The statistical anomaly-based IDS (stat IDS) or behavior-based IDS first collects data from normal traffic and establishes a baseline. It then periodically samples network activity, based on statistical methods, and compares the samples to the baseline. When the activity falls outside the baseline parameters (known as the clipping level), the IDS notifies the administrator. The advantage of this approach is that the system is able to detect new types of attacks, because it looks for abnormal activity of any type. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 33 33

Managing Intrusion Detection Systems IDSs must be configured using technical knowledge and adequate business and security knowledge to differentiate between routine circumstances and low, moderate, or severe threats. There must be response to an alert. A properly configured IDS can translate a security alert into different types of notification. A poorly configured IDS may yield only noise. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 34 34

Dial-Up Protection An attacker on an organization’s dial-up lines can use a device called a war-dialer to locate the connection points. Network connectivity using dial-up connections is usually much simpler and less sophisticated than Internet connections. For the most part, simple user name and password schemes are the only means of authentication. Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 35 35

RADIUS and TACACS RADIUS and TACACS are systems that authenticate the credentials of users who are trying to access an organization’s network via a dial-up connection. Typical dial-up systems place the authentication of users on the system connected to the modems. A Remote Authentication Dial-In User Service (RADIUS) system centralizes the management of user authentication by placing the responsibility for authenticating each user in the central RADIUS server Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 36 36

RADIUS and TACACS When a Remote Access Server (RAS) receives a request for a network connection from a dial-up client, it passes the request along with the user’s credentials to the RADIUS server; RADIUS then validates the credentials The Terminal Access Controller Access Control System (TACACS) works similarly and is based on a client/server configuration Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 37 37

RADIUS Configuration Slide 38 Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 38 38

Managing Dial-Up Connections Organizations that continue to offer dial-up remote access must deal with a number of thorny issues: Determine how many dial-up connections the organization has Control access to authorized modem numbers Use call-back whenever possible Use token-based authentication if at all possible Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 39 39

Summary Introduction Access Controls Firewalls Intrusion Detection Systems Dial-Up Protection Introduction This chapter focuses on information security policy: what it is, how to write it, how to implement it, and how to maintain it. Policy is the essential foundation of an effective information security program. “The success of an information resources protection program depends on the policy generated, and on the attitude of management toward securing information on automated systems. You, the policy maker, set the tone and the emphasis on how important a role information security will have within your agency. Your primary responsibility is to set the information resource security policy for the organization with the objectives of reduced risk, compliance with laws and regulations and assurance of operational continuity, information integrity, and confidentiality.” Slide 40 40

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.