Module 9: Designing Security for Data. Overview Creating a Security Plan for Data Creating a Design for Security of Data.

Slides:



Advertisements
Similar presentations
Planning and Administering Windows Server® 2008 Servers
Advertisements

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 1: Installing Windows XP Professional
Module 4: Implementing User, Group, and Computer Accounts
6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Module 8 Implementing Backup and Recovery. Module Overview Planning Backup and Recovery Backing Up Exchange Server 2010 Restoring Exchange Server 2010.
Module 8: Implementing Administrative Templates and Audit Policy.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
1 Chapter Overview Planning an Audit Policy Implementing an Audit Policy Using Event Viewer.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.
Storage Security and Management: Security Framework
Module 13: Configuring Availability of Network Resources and Content.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.
Implementing File and Print Services
Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.
Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.
Configuring Encryption and Advanced Auditing
Module 12: Managing Disaster Recovery. Overview Preparing for Disaster Recovery Backing Up Data Scheduling Backup Jobs Restoring Data Configuring Shadow.
Designing Group Security Designing security groups Designing user rights.
Module 14: Configuring Server Security Compliance
Module 4 Managing Access to Resources in Active Directory ® Domain Services.
Module 9 Planning a Disaster Recovery Solution. Module Overview Planning for Disaster Mitigation Planning Exchange Server Backup Planning Exchange Server.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,
Module 13 Implementing Business Continuity. Module Overview Protecting and Recovering Content Working with Backup and Restore for Disaster Recovery Implementing.
11 DISASTER RECOVERY Chapter 13. Chapter 13: DISASTER RECOVERY2 OVERVIEW  Back up server data using the Backup utility and the Ntbackup command  Restore.
Module 1: Installing Microsoft Windows XP Professional.
1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Module 15 Managing Windows Server® 2008 Backup and Restore.
Module 5: Implementing Group Policy
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Module 6: Designing Security for Network Hosts
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Permissions and User Rights
Module 1: Implementing Active Directory ® Domain Services.
Chapter 2 Securing Network Server and User Workstations.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
Module 11: Designing Security for Network Perimeters.
1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security.
NetTech Solutions Supporting Local Users and Groups Lesson Three.
Module 3: Planning Administrative Access. Overview Determining the Appropriate Administrative Model Designing Administrative Group Strategies Planning.
Module 5: Configuring and Managing File Systems. Overview Working with File Systems Managing Data Compression Securing Data by Using EFS.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Administering Groups Chapter Eight. Exam Objectives In this Chapter:  Plan a security group hierarchy based upon delegation requirements  Plan a security.
Module 2: Designing Network Security
Module 10: Implementing Administrative Templates and Audit Policy.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Understand Audit Policies LESSON Security Fundamentals.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Module 11: Managing Data Storage. Overview Managing File Compression Configuring File Encryption Configuring EFS Recovery Agents Implementing Disk Quotas.
Module 4: Managing Access to Resources. Overview Overview of Managing Access to Resources Managing Access to Shared Folders Managing Access to Files and.
Configuring and Managing Resource Access Lecture 5.
Module 7: Designing Security for Accounts and Services.
INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.
Sharing Resources Lesson 6. Objectives Manage NTFS and share permissions Determine effective permissions Configure Windows printing.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Lesson 14: Configuring File and Folder Access MOAC : Configuring Windows 8.1.
Module 5: Designing Physical Security for Network Resources
Slide Template for Module 4 Data Storage, Backup, and Security
Working at a Small-to-Medium Business or ISP – Chapter 8
Module 4: Managing Access to Resources
Module 1: Introduction to Designing Security
Bethesda Cybersecurity Club
Presentation transcript:

Module 9: Designing Security for Data

Overview Creating a Security Plan for Data Creating a Design for Security of Data

Lesson 1: Creating a Security Plan for Data MSF and Security of Data Defense in Depth and Security of Data What Is Access Control? STRIDE Threat Model and Security of Data Activity: Identifying Threats to Data

MSF and Security of Data The MSF envisioning and planning phases help you to: Decide which locations your plan will help to protect Ensure that appropriate countermeasures are applied Consider appropriate DACL configuration Decide which locations your plan will help to protect Ensure that appropriate countermeasures are applied Consider appropriate DACL configuration Plan Envision

Defense in Depth and Security of Data Policies, Procedures, and Awareness Physical Security Perimeter Internal Network Application Host Data

What Is Access Control? Stored on the user’s computer Contains the SIDs of the users account and groups Lists the user rights for the user Stored on the user’s computer Contains the SIDs of the users account and groups Lists the user rights for the user Access Token Contains an ACE for each permission that is assigned SIDs compared to SIDs in the access token Contains an ACE for each permission that is assigned SIDs compared to SIDs in the access token DACL Defines the protections that apply to an object ACE

STRIDE Threat Model and Security of Data Administrators and users have improper rights Spoofing Computers running Windows use default NTFS and share permissions Tampering Hardware fails Repudiation Permissions are assigned incorrectly Information disclosure A user irreversibly encrypts a file Denial of service A virus corrupts or deletes data Elevation of privilege

Activity: Identifying Threats to Data In this practice you will: Read the scenario Answer the questions Discuss with the class Read the scenario Answer the questions Discuss with the class

Lesson 2: Creating a Design for Security of Data Process for Designing an Access Control Model Considerations for Combining NTFS and Share Permissions Multimedia: How Encryption Works Process for Designing EFS Policies Guidelines for Managing Data Securely Activity: Data Threats and Countermeasures

To design an access control model, follow these steps: Determine access control requirements Create the access control model Implement the model Determine access control requirements Create the access control model Implement the model Process for Designing an Access Control Model Accounts Global Group Domain Local Group Permissions

Considerations for Combining NTFS and Share Permissions PermissionsApplied Share When the data is accessed remotely over a network NTFS When a user accesses data on an NTFS volume locally or remotely

Multimedia: How Encryption Works How EFS Works How BitLocker Works

To ensure the proper use of encryption in your organization, design: Policies for encrypting files Procedures for recovering encrypted files A user education strategy Policies for encrypting files Procedures for recovering encrypted files A user education strategy Process for Designing Encryption Policies

Guidelines for Managing Data Securely For each areaDetermine Data storage location How to store data on the network What data to store locally Backup strategy Who can back up and restore files How frequently to back up files How to secure backup media Auditing How to audit data access How to review data access audit logs Management permissions Who manages data Where to manage data Hardware replacement How to use hardware redundancy technology How often to replace hardware Data retention How long to retain data on the network How and where to archive data from the network

Activity: Data Threats and Countermeasures In this practice you will: Read the scenario Choose the best risk management strategy Determine an appropriate security response Discuss with the class Read the scenario Choose the best risk management strategy Determine an appropriate security response Discuss with the class

Lab: Designing Security for Data Exercise 1 Identifying Potential Data Vulnerabilities Exercise 2 Designing Countermeasures

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.