Lesson 8-The Impact of Physical Security on Network Security.

Slides:



Advertisements
Similar presentations
Computer Security Computer Security is defined as:
Advertisements

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
CSA 223 network and web security Chapter one
Information Security Policies and Standards
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Security Awareness: Applying Practical Security in Your World
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Addressing Information Security at Heller October 16, 2013 secureHeller.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
New Data Regulation Law 201 CMR TJX Video.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Security Equipment Equipment for preventing unauthorised access to data & information.
The Impact of Physical Security on Network Security
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Physical Security Chapter 8.
Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
Physical Security Chapter 8.
BUSINESS B1 Information Security.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
Information Systems Security
GCSE ICT 3 rd Edition Computer networks 19 A computer network is a collection of computers linked together so that they can communicate with each other.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Chap1: Is there a Security Problem in Computing?.
Access Method. “ ” A key is usually intended to operate one specific lock or a small number of locks that are keyed alike, so each lock requires a unique.
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
1 UNIT 19 Data Security 2 Lecturer: Ghadah Aldehim.
Install, configure and test ICT Networks
Physical security By Ola Abd el-latif Abbass Hassan.
CSCE 201 Identification and Authentication Fall 2015.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Access Control Jeff Wicklund Computer Security Fall 2013.
Computer Security Sample security policy Dr Alexei Vernitski.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Information Systems Design and Development Security Precautions Computing Science.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Security Issues in Information Technology
Credits: 3 CIE: 50 Marks SEE:100 Marks Lab: Embedded and IOT Lab
Configuring Windows Firewall with Advanced Security
Controlling Computer-Based Information Systems, Part II
Chapter 2: System Structures
UNIT 19 Data Security 2.
An Introduction to Computer Networking
Lesson 16-Windows NT Security Issues
PLANNING A SECURE BASELINE INSTALLATION
Principles of Information Technology
Presentation transcript:

Lesson 8-The Impact of Physical Security on Network Security

Introduction  In this presentation, students will learn how physical and network security are linked.  They will also learn methods to minimize their exposure to physical security events that can diminish their network security.

Background  Businesses have the responsibility of attempting to secure their profitability.  They need to secure: – Employees – Product inventory – Trade secrets – Strategy information  All these assets affect the profitability of a company and its future survival.

Objectives  Upon completion of this lesson, the students will be able to: – Describe how physical security directly affects computer and network security. – List and describe steps that can be taken to help mitigate risks.

Physical Access  Physical access negates all other security measures.  Physical access allows an attacker to plug into an open Ethernet jack. – Hand-held devices that run operating systems with full networking support make this attack feasible. – Originally, the attacker would have to be in a secluded area with dedicated access to the Ethernet. An attacker can sit with a laptop and run a variety of tools against the network. Being internally based puts them behind the firewall and intrusion detection system.

Access to Boot Disk  A simple attack that can be used with physical access is by using a boot disk.  Before bootable CD-ROMs, a boot floppy had to be used to start the system and prepare the hard drives to load the operating system. – Since most machines still have floppy drives, boot floppies can still be used.

Access to Boot Disk  Once an attacker is able to read the drive, the password file can be copied off the machine for offline password-cracking attacks. – If write access to the drive is obtained, the attacker could alter the password file. – The attacker can place a remote control program to be automatically executed upon the next boot. – This guarantees continued access to the machine.

Access to Boot Disk  Bootable CD-ROMs are a threat.  They may contain a bootable version of an entire operating system complete with drivers for most devices giving an attacker a greater array of tools than could be loaded onto a floppy disk. – These bootable operating systems could also be custom-built to contain any tool that runs on them under Linux, allowing an attacker to have a standard bootable attack image.

Boot Disk and Disk Image  The use of boot disks also allows for making an image of the hard drive since some form of bootable media is often used to load the imaging software.  The process of taking the entire contents of a hard drive and copying them to a single file on a different media is called drive imaging.

Computer Theft  A simpler version of the drive imaging attack is outright theft of computers.  The theft of computers is mostly performed for the financial value of the computers.  However, stealing computers also allows an attacker to obtain the data contained on them.

Perhaps Better than DoS  Computer theft can be used to perform a Denial-of-Service (DoS) attack. However, physical access to the computers is more effective than a network-based DoS.  The theft of computers, using a boot disk to erase all data on the drives, or unplugging computers is effective for DoS attacks.

Physical Security Safeguards  While it is difficult to be completely secure, several steps can be taken to mitigate the risk to information systems from a physical threat.

Policies and Procedures  Policies and procedures affect two distinct areas that affect: – Computers. – Users.  To mitigate the physical security risk to computers physical security should be extended to the computers themselves.

Boot from Other Devices  To combat the threat of boot disks: – Remove or disable floppy drives on all desktops that do not require them.  The second boot device to consider is the CD-ROM/DVD- ROM. – Boot Device – BIOS Password – BIOS Delays Attack

USB and Security USB Boot  USB ports expand the ability for users to connect devices and have them auto-recognize and work without additional drivers or software.

Theft of Systems  The final physical access attack that can be performed is outright theft of machines. – Frequently the most effective countermeasure is to lock machines with sensitive data. – Special access to server rooms should be considered. – There should be minimal distribution of sensitive data.

User Responsibility  Users are the weakest link in the security chain.  They need to be aware of security issues and also need to be involved in security enforcement.

Who is Responsible for Security  Users should know whom to contact when they suspect a security violation.  They can perform one of the simple security tasks – Locking a workstation immediately when stepping away from it.  Security guards are not always users. However, they need to be educated about proper network security as well as physical security involving users.

Access Controls  Physical barriers help safeguard the information infrastructure.

Layered Access  Assets should be protected with several perimeters.  Servers should be placed in a separate secure area with a separate authentication mechanism.

Electronic Access Control  Electronic access control systems manage opening and closing doors. – A centralized system can instantly grant or refuse access. – The system works with a software package running on a computer. – It should not be on a network.

Closed Circuit Television (CCTV)  CCTVs can be very effective, but should be implemented carefully.  IP-based CCTVs should be on their own network and accessed by security personnel only.

Authentication  Access controls, network or physical, do not work without some form of authentication.  During authentication, users prove they are who they claim to be.  Authentication is done to allow or deny access to a physical space.

Access Tokens (Keys)  Keys are authentication tokens.  Some of the limitations of tokens are: – They are difficult to change. – They are easy to copy. – They are difficult to invalidate.

Radio Frequency Cards  When contactless radio frequency cards and readers are passed near a card reader, the card sends out a code via radio.  The reader picks up this code and transmits it to the control panel.  The control panel checks the code against the reader it is being read from and the type of access the card has in its database.

Radio Frequency Cards  Advantages of Radio Frequency Cards – Any card can be deleted from the system. – All doors can be segmented to create multiple access areas.

Smart Cards  The advent of smart cards can enable cryptographic type of authentication, but the primary drawback of this kind of authentication is that the token is actually being authenticated.

Biometrics  Biometrics is the measurement of biological factors for identifying a specific person. – These factors are based upon parts of the human body that are unique. When used for authentication, a computer takes the image of the factor and reduces it to a numeric value. – When users enter an area, they get re-scanned by the reader, and the computer compares the numeric value being read to the one stored in the database. – It allows access only when the data is matched. – Since these factors are unique, then theoretically only the authorized persons can open the door.

Biometrics  Takes analog signal and digitizes it.  May not encode the same way twice.

Biometric Errors  Systems allow some error in the scan while not allowing too much.  This introduces the concept of false positives and false negatives.  Stolen Factors (Fingerprint from glass).  Changes over time can affect the accuracy.

Biometric Errors  There is a chance of attackers stealing the uniqueness factor the machine scans and reproducing it to fool the scanner.  Parts of the human body can change forcing the biometric system to allow a higher tolerance for variance in the biometric being read.

Multiple Factor Authentication  Authentication can be separated into three broad categories: – What you are (for example, biometrics) – What you have (for example, tokens) – What you know (for example, passwords)  Multiple factor authentication is simply the combination of two or more types of authentication.

Multiple Factor Authentication  Two-factor authentication combines two factors before granting access.  Three-factor authentication combines all the three types.

Multiple Factor Authentication  Multiple factor authentication makes it very difficult for an attacker to have the correct materials for authentication. – This method of authentication reduces risk of stolen tokens. – It also enhances biometric security.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.