Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 5: Designing Physical Security for Network Resources

Published by豆宜 文 Modified over 7 years ago

Similar presentations

Presentation on theme: "Module 5: Designing Physical Security for Network Resources"— Presentation transcript:

1 Module 5: Designing Physical Security for Network Resources

2 Overview Creating a Plan for Physical Security
Designing Physical Security for Network Resources

3 Lesson 1: Creating a Plan for Physical Security
MSF and Physical Security Network Resources That Require Physical Security Defense in Depth and Physical Security STRIDE Threat Model and Physical Security Activity: Analyzing Risks to Physical Security

4 MSF and Physical Security
The MSF envisioning and planning phases help you to: Decide which locations your plan will help to protect Ensure that appropriate countermeasures are applied Identify and achieve the goals of physical security: Deter Detect Delay Respond 3 4 5 Plan Envision

5 Network Resources That Require Physical Security
Desktops Servers Portable Computers Include physical security for network resources Routers/hubs/switches Wireless media Physical media

6 Defense in Depth and Physical Security
Policies, Procedures, and Awareness Physical Security Perimeter Internal Network Host Application Data

7 STRIDE Threat Model and Physical Security
Attackers pretending to be someone else Spoofing Attackers breaking or picking locks Tampering Attackers denying that they are breaking in Repudiation Attackers shoulder surfing Information disclosure Attackers damaging entry systems Denial of service Attackers configuring entry systems to provide more access than they are allowed Elevation of privilege

8 Activity: Analyzing Risks to Physical Security
In this practice you will: Read the scenario Answer the questions Discuss with the class

9 Lesson 2: Creating a Design for Physical Security of Network Resources
Methods for Securing Facilities Methods for Securing Access to Computers Methods for Physically Securing Portable Computers and Mobile Devices Considerations for Disaster Recovery Activity: Physical Threats and Countermeasures

10 Methods for Securing Facilities
To Secure Consider Entrances and exits Hiring security guards Requiring identification badges Installing video surveillance Installing fences and parking lot gates Permitting entry and exit only from main gates Information in buildings Securing data cables from wiretapping Positioning monitors and keyboards away from windows Erasing whiteboards in meeting rooms

11 Methods for Securing Access to Computers
To Secure Consider Access to computers Regulating the removal of computers Regulating the movement of computers Removing externally accessible drives such as floppy disks and DVDs Disabling USB ports Installing device locks Access to computers in sensitive areas Controlling entry points to server rooms Restricting LAN access from lobbies and reception areas

12 Methods for Physically Securing Portable Computers and Mobile Devices
To protect your mobile devices: Educate users about potential threats Require the use of hardware locks and alarms Require the use of biometric logon devices Avoid storage of sensitive data

13 Considerations for Disaster Recovery
To protect your data: Store backup media offsite Maintain cold spares and facilities Maintain hot spares and facilities

14 Activity: Physical Threats and Countermeasures
In this practice you will: Read each scenario Choose the best risk management strategy Determine an appropriate security response Discuss with the class

15 Lab: Designing Physical Security for Network Resources
Exercise 1 Identifying Potential Physical Vulnerabilities Exercise 2 Implementing Countermeasures

Download ppt "Module 5: Designing Physical Security for Network Resources"

Similar presentations

Chapter 7: Physical & Environmental Security

Chapter 7: Physical & Environmental Security
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Microsoft Technology Associate

Microsoft Technology Associate
Essentials of Security Steve Lamb Technical Security Advisor

Essentials of Security Steve Lamb Technical Security Advisor
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
The Impact of Physical Security on Network Security

The Impact of Physical Security on Network Security
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Technology Solutions Conference School Security Technology Solutions Conference School Security.

Technology Solutions Conference School Security Technology Solutions Conference School Security.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework

Similar presentations

Ads by Google