Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIT 5 SEMINAR Unit 5 Chapter 5 in CompTIA Security + Course Name – IT286 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:

Published byGilbert Cobb Modified over 8 years ago

Similar presentations

Presentation on theme: "UNIT 5 SEMINAR Unit 5 Chapter 5 in CompTIA Security + Course Name – IT286 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:"— Presentation transcript:

1 UNIT 5 SEMINAR Unit 5 Chapter 5 in CompTIA Security + Course Name – IT286 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information: AIM – JMcDanolds Email – jmcdanolds@kaplan.edujmcdanolds@kaplan.edu 1

2 CHAPTER 4 OVERVIEW What we covered last week Monitoring the Network Understanding Intrusion Detection Systems (IDS) Working with Wireless Systems Understanding Instant Messaging Features (IM) Working with 8.3 File Naming Understanding Protocol Analyzers (sniffers) Understanding Signal Analysis and Intelligence Footprinting Scanning 2 Monitoring Activity and Intrusion Detection

3 CHAPTER 5 OVERVIEW Implementing and Maintaining a Secure Network Overview of Network Security Threats Defining Security Baselines Hardening the OS (operating system) and NOS Hardening Network Devices Hardening Applications 3

4 CHAPTER 5 Network Security Threats How do you learn about national/international security threats? CERT Coordination Center (CERT/CC) US Computer Emergency Readiness Team http://www.cert.org http://www.cert.org/insider_threat/ Field Trip….. http://www.kb.cert.org/vuls/ Left side menu – go down to - Severity Metric http://www.kb.cert.org/vuls/bymetric Example: Vulnerability Note VU#436854 - Cisco Tandberg E, EX, and C Series default root credentials “An attacker may be able to gain complete administrative control of the device.” 4

5 CHAPTER 5 Network Security Threats CERT Coordination Center (CERT/CC) US Computer Emergency Readiness Team http://www.cert.org http://www.cert.org/insider_threat/ MP4 on Cert site (too long for class) 5

6 CHAPTER 5 Network Security Threats (continued) SANs – The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization – now worldwide. http://www.sans.org/ SANs Internet Storm Center ISC http://isc.sans.edu/index.html Stormcasts are daily 5-10 minute threat updates. Podcast Field Trip….. http://isc.sans.edu/podcast.html 6

7 CHAPTER 5 Network Security Threats (continued) SANS – Newsletters – Example: NewsBites is a semiweekly executive summary of news articles published on computer security during the last week. Spend five minutes keeping up with the high-level perspective of all the latest security news. Field Trip….. http://www.sans.org/newsletters SANS Newsbites – slide down to Archive @Risk – select Archive - every Thursday OUCH! Select Archive Disposing of computers… http://www.securingthehuman.org/newsletters/ouch/issues/201101.pdf 7

8 CHAPTER 5 Network Security Threats (continued) SANS NewsBites Example: Researchers Circumvent IE Protected Mode (December 3, 2010) Researchers claim to have developed a way to bypass Internet Explorer's (IE's) Protected Mode. The attack involves exploiting a zero-day vulnerability and works on machines that have the Local Intranet Zone enabled. The researchers say they have devised a drive-by attack technique, meaning that it requires no user interaction. Protected Mode was introduced in IE 7 to prevent malicious code from gaining access to certain parts of the Windows operating system. 8

9 CHAPTER 5 Network Security Threats (continued) Interview with RSA CSO Eddie Schwartz (July 1, 2011) 14 minutes http://www.govinfosecurity.com/podcasts.php?podcastID=1178 RSA's newly-appointed chief security officer (CSO) Eddie Schwartz talks with GovInfoSecurity journalist Eric Chabrow about steps he is taking to address security concerns at the company. Earlier this year, RSA acknowledged a breach that compromised the seeds for the company's SecurID two-factor authentication token products. Fraud Fighters Wanted (July 5, 2011) 13 minutes http://www.govinfosecurity.com/podcasts.php?podcastID=1177 Global Threats Create Boom Times for Fraud Examiners Today's top fraud threats recognize no global boundaries, says James Ratley, head of the Association of Certified Fraud Examiners. And they require a stronger global workforce than ever before. 9

10 CHAPTER 5 Nessus and NMAP Nessus - vulnerability scanner that was a free and open source vulnerability scanner until they closed the source code in 2005 and removed the free "registered feed" version in 2008 http://www.nessus.org/products/nessus Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. http://nmap.org/ 10

11 CHAPTER 5 Security Baselines Back to the book…pg 222 Common Criteria (CC) Evaluation Assurance Levels (EALs) EAL 1 EAL 2 EAL 3 EAL 4 – Recommended for commercial systems –Windows 7 EAL 5 EAL 6 EAL 7 11

12 CHAPTER 5 Hardening the OS and NOS Configuring Network Protocols Hardening Microsoft Windows Vista/Windows 7 Hardening Microsoft Windows XP Hardening Windows Server 2003/Server 2008 Hardening Windows Server 2000 Hardening Unix/Linux Hardening Novell NetWare Hardening Apple Macintosh 12

13 CHAPTER 5 Hardening the OS and NOS Windows Service Hardening restricts critical Windows services from running abnormal activities in the file system, registry, network or other areas that could be exploited by malware. Ex: Install Windows Server 2008 as a Server Core installation. Server Core provides a minimal environment for running specific server roles, reducing maintenance and management requirements and the attack surface. Windows services represent a large percentage of the overall attack surface. Windows Server 2008 limits the number of services that are running and operational by default. Security Configuration Wizard – examines roles, adjusts to role http://technet.microsoft.com/en-us/library/cc754997.aspx Baseline Server Hardening http://technet.microsoft.com/en-us/library/cc526440.aspx 13

14 CHAPTER 5 Hardening the OS and NOS Hardening Filesystems NTFS, Unix NFS, Apple AFS Updating Your Operating System Hotfixes, Service Packs and Support Packs Patches Microsoft Patch Tuesday: Second Tuesday of the month Help: I Got Hacked. Now What Do I Do? http://technet.microsoft.com/en-us/library/cc700813.aspx Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I Security Program Manager, Microsoft Corporation After the very long Patch Management article last month, this month’s article is much shorter and to the point. Let’s just say you did not install the patches like we discussed last month. Now you got hacked. What to do? 14

15 CHAPTER 5 Hardening Network Devices Updating Network Devices Configuring Routers and Firewalls Patches and Updates for Routers and Firewalls Enabling/Disabling Services and Protocols Working with Access Control Lists (ACLs) 15

16 CHAPTER 5 Application Hardening (cont) Web Servers – IIS, Apache, anonymous, executable scripts, uploads, etc. DNS Servers http://www.networksolutions.com/whois/index.jsp http://www.whois.net Data Repositories Directory Services – LDAP, Active Directory, X.500, SQL 16

17 CHAPTER 5 Application Hardening Web Servers E-mail Servers FTP Servers DNS Servers NNTP Servers File and Print Servers and Services DHCP Services Data Repositories 17

18 CHAPTER 5 Unit 5 Project Assignment TWO PARTS! Essay questions 30 points for Part 1 1.1. Pick one NOS and one OS and describe the process of hardening it from attacks and intruders. (i.e. Windows XP and Windows Server 2008) 1.2. Pick two application server types listed in the text and describe the process of hardening them from attacks and intruders 20 points for Part 2 - 4 paragraphs Based on the knowledge you have achieved thus far in our class, compose a brief synopsis compiling what you have learned about network security. Describe how you will use this knowledge with any other class, your present or future career, or your own personal life. APA Style for both Part 1 and Part 2. 18

Download ppt "UNIT 5 SEMINAR Unit 5 Chapter 5 in CompTIA Security + Course Name – IT286 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:"

Similar presentations

International Academy Design and Technology Technology Classes.

International Academy Design and Technology Technology Classes.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 3 IT278 Network Administration Course Name – IT278 Network Administration Instructor.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 3 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Enterprise Network Security Accessing the WAN Lecture week 4.

Enterprise Network Security Accessing the WAN Lecture week 4.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Windows Anti-virus and Security WNUG Meeting 2-7-2002.

Windows Anti-virus and Security WNUG Meeting
UNIT 9 SEMINAR – THE LAST ONE  ! Unit 9 Chapter 9 in CompTIA Security + 1 Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds,

UNIT 9 SEMINAR – THE LAST ONE  ! Unit 9 Chapter 9 in CompTIA Security + 1 Course Name – IT Introduction to Network Security Instructor – Jan McDanolds,
Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Similar presentations

Ads by Google