Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 1: Introduction to Designing Security

Published bySherman Shields Modified over 6 years ago

Similar presentations

Presentation on theme: "Module 1: Introduction to Designing Security"— Presentation transcript:

1 Module 1: Introduction to Designing Security

2 Overview Overview of Designing Security for Microsoft Networks
Introducing Contoso Pharmaceuticals: A Case Study

3 Lesson 1: Overview of Designing Security for Microsoft Networks
Why Invest in Network Security? What Are the Key Principles of Security? The Relationship Between Security Design and Implementation Typical Elements That Require Security in Microsoft Networks Designing Security

4 Why Invest in Network Security?
External Attackers Internal Attackers Incorrect Permissions Corporate Assets Virus Worms

5 What Are the Key Principles of Security?
Definition Defense in Depth Provide multiple layers of protection Least Privilege Grant the least amount of privilege or permissions necessary to perform the required task Minimized Attack Surface Reduce vulnerable points on a network

6 The Relationship Between Security Design and Implementation
Ensures a logical and carefully planned strategy for securing an organizations assets Ensures security is applied throughout the organization in a controlled and logical manner Creates policies and procedures Security Implementation Applies the policies and procedures created during the design Ensures that they are deployed consistently

7 Typical Elements That Require Security in Microsoft Networks
Elements in a Microsoft Network Physical security Hosts Accounts and Services Authentication Data Data Transmission Network Perimeters Branch Office Networks Wireless Perimeter Networks Remote Users

8 Designing Security Module Phase Task 2 3 4 5-11 12 A, B, C
Creating a Design Team Include diverse membership to ensure success and buyoff across organization 3 Performing Threat Modeling Predict attacks to assets 4 Performing Risk Management Analyze and prioritize risk 5-11 Designing Security Measures Create policies and procedures to prevent threats from occurring 12 Detecting and Reacting Detect occurrence and respond to a security incident A, B, C Ongoing Security Management Create policies for managing networks

9 Lesson 2: Introducing Contoso Pharmaceuticals: A Case Study
Introduction to Contoso Pharmaceuticals The IT Security Consultant Role Key Personnel at Contoso Pharmaceuticals Introduction to the Lab Environment

10 Introduction to Contoso Pharmaceuticals
Is a fictional company used throughout this course In each lab, you are a consultant hired to explore Contoso’s security problems and design solutions for the company

11 The IT Security Consultant Role
In each lab, you are a consultant hired to explore the security problems experienced by Contoso Pharmaceuticals and design solutions for the company Branch Office Networks Headquarters Networks Perimeter Networks Wireless Remote Users

12 Key Personnel at Contoso Pharmaceuticals
Garth Fort CEO Ellen Adams CIO Thomas Hamborg CFO John Y. Chen IT Administrator Susan Burk VP Research Michiko Osada Business Analyst

13 Introduction to the Lab Environment
In each lab: Read interviews, , and other documents Determine the goals for the lab Write your answer Discuss your answers as a class

Download ppt "Module 1: Introduction to Designing Security"

Similar presentations

Planning and Administering Windows Server® 2008 Servers

Planning and Administering Windows Server® 2008 Servers
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Incident Response Managing Security at Microsoft Published: April 2004.

Incident Response Managing Security at Microsoft Published: April 2004.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Appendix B: Designing Policies for Managing Networks.

Appendix B: Designing Policies for Managing Networks.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Microsoft Technology Associate

Microsoft Technology Associate
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Understanding Security Layers

Understanding Security Layers
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Module 14: Configuring Server Security Compliance

Module 14: Configuring Server Security Compliance
Chapter 6 of the Executive Guide manual Technology.

Chapter 6 of the Executive Guide manual Technology.

Similar presentations

Ads by Google