Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP."— Presentation transcript:

1 Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP

2 Topics for Discussion Typical IT Security Technical Work Intrusion Detection/Prevention Ethical Hacking/Penetration Testing IT Security in the Business Risk, Audit Support, Compliance Policies, Standards, and Procedures IT Security’s Role in Creation and Enforcement Typical IT Security Technical Work Intrusion Detection/Prevention Ethical Hacking/Penetration Testing IT Security in the Business Risk, Audit Support, Compliance Policies, Standards, and Procedures IT Security’s Role in Creation and Enforcement

3 Intrusion Detection Intrusion Detection Systems are just what they seem to be. Detect and Alert Host Based and Network Based How they work? Statistical Modeling Heuristics Trending End result? Similar to home security system Intrusion Detection Systems are just what they seem to be. Detect and Alert Host Based and Network Based How they work? Statistical Modeling Heuristics Trending End result? Similar to home security system

4 Intrusion Detection cont’d Source: www.windowssecurity.org

5 Intrusion Prevention Systems Actively participates in defense of security violations Host based IPS: Resident to the host machine. Monitors system calls and inbound traffic. Creates a baseline and can prevent internal “bad” behavior through system controls. Typically works in conjunction with Anti-virus Sandboxing – Creates isolated “scratch” disk space to run untrusted platforms or applications from untrusted third parties Actively participates in defense of security violations Host based IPS: Resident to the host machine. Monitors system calls and inbound traffic. Creates a baseline and can prevent internal “bad” behavior through system controls. Typically works in conjunction with Anti-virus Sandboxing – Creates isolated “scratch” disk space to run untrusted platforms or applications from untrusted third parties

6 Intrusion Prevention cont’d Network based IPS has several operating modes or implementations: Inline IPS is directly inline with the data stream similar to a firewall Gateway Interaction performs packet analysis interactively with the router/firewall Network based IPS has several operating modes or implementations: Inline IPS is directly inline with the data stream similar to a firewall Gateway Interaction performs packet analysis interactively with the router/firewall

7 Intrusion Prevention cont’d Network intrusion prevention action methods: Content based – Inspects packet contents for unique sequences or “signatures” to prevent known attacks Protocol analysis – Decodes known protocols to detect anomalous behavior Rate based – Used to prevent Denial of Service attacks Network intrusion prevention action methods: Content based – Inspects packet contents for unique sequences or “signatures” to prevent known attacks Protocol analysis – Decodes known protocols to detect anomalous behavior Rate based – Used to prevent Denial of Service attacks

8 Intrusion Prevention cont’d Core Design: www.pandasecurity.com

9 IPS Business Case 1 Company X requires a homogeneous solution due to compliance and governance restrictions. The facts: Cisco is the network hardware provider for all communications. All connections need to be monitored: VOIP Hosts Gateways VPN Routers and Switches Ingress/Egress traffic (Firewall) The aggregation point for analysis and statistics must be built on a windows server platform The solution must be licensed The solution should not be built on open source code Support from the vendor must be highly available regardless of cost Company X requires a homogeneous solution due to compliance and governance restrictions. The facts: Cisco is the network hardware provider for all communications. All connections need to be monitored: VOIP Hosts Gateways VPN Routers and Switches Ingress/Egress traffic (Firewall) The aggregation point for analysis and statistics must be built on a windows server platform The solution must be licensed The solution should not be built on open source code Support from the vendor must be highly available regardless of cost

10 IPS Business Case 1 cont’d How do you choose? Note: Taken from Jed Haile presentation at BlackHat02 © 2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.

11 IPS Business Case 1 cont’d Cisco Solutions The good: Homogeneous solution Proprietary Code Base Supreme Support Current Vendor The bad: Management easy but not intuitive Fewer vulnerability signatures Cost Cisco Solutions The good: Homogeneous solution Proprietary Code Base Supreme Support Current Vendor The bad: Management easy but not intuitive Fewer vulnerability signatures Cost Sourcefire Solutions The good: Visionary Leader Homogeneous solution Controls SNORT signature engine Cost The bad: Potentially lacking support New vendor Technically complicated Open Source based Sourcefire Solutions The good: Visionary Leader Homogeneous solution Controls SNORT signature engine Cost The bad: Potentially lacking support New vendor Technically complicated Open Source based

12 IPS Business Case 1 cont’d Cisco wins based on the scorecard of requirements. © 2007 Cisco Systems, Inc. All rights reserved.

13 IPS Business Case 1 cont’d Protection At All Layers © 2007 Cisco Systems, Inc. All rights reserved.

14 Ethical Hacking Ethical hacking is a very common profession within the IT security industry. White hat, Grey hat, Black hat Sometimes synonymous with penetration testing – A method of assessing the security posture of a system or network by simulating an “attack” Ethical hacking is a very common profession within the IT security industry. White hat, Grey hat, Black hat Sometimes synonymous with penetration testing – A method of assessing the security posture of a system or network by simulating an “attack”

15 Ethical Hacking cont’d Most current computer protocols were designed in a time when security was not a consideration. Times have changed: Source: CERT

16 Ethical Hacking cont’d Why perform an ethical hack? Determine flaws and vulnerabilities Provide a quantitative metric for evaluating systems and networks Measure against pre-established baselines Determine risk to the organization Design mitigating controls Why perform an ethical hack? Determine flaws and vulnerabilities Provide a quantitative metric for evaluating systems and networks Measure against pre-established baselines Determine risk to the organization Design mitigating controls

17 Ethical Hacking cont’d

18 METHODOLOGY

19 Ethical Hacking cont’d

20 We will now explore some free tools and simple techniques to break into a machine. KPMG DOES NOT ENDORSE HACKING OR PERFORMING THESE METHODS ON ANY DEVICE YOU DO NOT HAVE PERMISSION TO ACCESS IN THIS FASHION. NOR DOES KPMG ENDORSE ANY SPECIFIC PRODUCT. We will now explore some free tools and simple techniques to break into a machine. KPMG DOES NOT ENDORSE HACKING OR PERFORMING THESE METHODS ON ANY DEVICE YOU DO NOT HAVE PERMISSION TO ACCESS IN THIS FASHION. NOR DOES KPMG ENDORSE ANY SPECIFIC PRODUCT.

21 Wanna Break In? The first step in any ethical hack is to obtain information in the most stealth fashion. USE NMAP!!

22 NMAP Powerful free linux tool – www.insecure.org Syntax: nmap [...] [ ] { } TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0- 255.1-254 -iL : Input from list of hosts/networks -iR : Choose random targets --exclude : Exclude hosts/networks --excludefile : Exclude list from file Powerful free linux tool – www.insecure.org Syntax: nmap [...] [ ] { } TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0- 255.1-254 -iL : Input from list of hosts/networks -iR : Choose random targets --exclude : Exclude hosts/networks --excludefile : Exclude list from file

23 NMAP cont’d HOST DISCOVERY: -sL: List Scan - simply list targets to scan -sP: Ping Scan - go no further than determining if host is online -PN: Treat all hosts as online -- skip host discovery -PS/PA/PU[portlist]: TCP SYN/ACK or UDP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers : Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags : Customize TCP scan flags -sI : Idle scan -sO: IP protocol scan -b : FTP bounce scan HOST DISCOVERY: -sL: List Scan - simply list targets to scan -sP: Ping Scan - go no further than determining if host is online -PN: Treat all hosts as online -- skip host discovery -PS/PA/PU[portlist]: TCP SYN/ACK or UDP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers : Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags : Customize TCP scan flags -sI : Idle scan -sO: IP protocol scan -b : FTP bounce scan

24 NMAP cont’d PORT SPECIFICATION AND SCAN ORDER: -p : Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080 -F: Fast mode - Scan fewer ports than the default scan -r: Scan ports consecutively - don't randomize --top-ports : Scan most common ports --port-ratio : Scan ports more common than SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info --version-intensity : Set from 0 (light) to 9 (try all probes) --version-light: Limit to most likely probes (intensity 2) --version-all: Try every single probe (intensity 9) --version-trace: Show detailed version scan activity (for debugging) PORT SPECIFICATION AND SCAN ORDER: -p : Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080 -F: Fast mode - Scan fewer ports than the default scan -r: Scan ports consecutively - don't randomize --top-ports : Scan most common ports --port-ratio : Scan ports more common than SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info --version-intensity : Set from 0 (light) to 9 (try all probes) --version-light: Limit to most likely probes (intensity 2) --version-all: Try every single probe (intensity 9) --version-trace: Show detailed version scan activity (for debugging)

25 NMAP cont’d OS DETECTION: -O: Enable OS detection --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively TIMING AND PERFORMANCE: Options which take are in milliseconds, unless you append 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m). -T : Set timing template (higher is faster) --min-hostgroup/max-hostgroup : Parallel host scan group sizes --min-parallelism/max-parallelism : Probe parallelization --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies probe round trip time. --max-retries : Caps number of port scan probe retransmissions. --host-timeout : Give up on target after this long --scan-delay/--max-scan-delay : Adjust delay between probes --min-rate : Send packets no slower than per second --max-rate : Send packets no faster than per second OS DETECTION: -O: Enable OS detection --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively TIMING AND PERFORMANCE: Options which take are in milliseconds, unless you append 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m). -T : Set timing template (higher is faster) --min-hostgroup/max-hostgroup : Parallel host scan group sizes --min-parallelism/max-parallelism : Probe parallelization --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies probe round trip time. --max-retries : Caps number of port scan probe retransmissions. --host-timeout : Give up on target after this long --scan-delay/--max-scan-delay : Adjust delay between probes --min-rate : Send packets no slower than per second --max-rate : Send packets no faster than per second

26 NMAP cont’d FIREWALL/IDS EVASION AND SPOOFING: -f; --mtu : fragment packets (optionally w/given MTU) -D : Cloak a scan with decoys -S : Spoof source address -e : Use specified interface -g/--source-port : Use given port number --data-length : Append random data to sent packets --ip-options : Send packets with specified ip options --ttl : Set IP time-to-live field --spoof-mac : Spoof your MAC address --badsum: Send packets with a bogus TCP/UDP checksum FIREWALL/IDS EVASION AND SPOOFING: -f; --mtu : fragment packets (optionally w/given MTU) -D : Cloak a scan with decoys -S : Spoof source address -e : Use specified interface -g/--source-port : Use given port number --data-length : Append random data to sent packets --ip-options : Send packets with specified ip options --ttl : Set IP time-to-live field --spoof-mac : Spoof your MAC address --badsum: Send packets with a bogus TCP/UDP checksum

27 NMAP cont’d OUTPUT: -oN/-oX/-oS/-oG : Output scan in normal, XML, s|<rIpt kIddi3, and Grepable format, respectively, to the given filename. -oA : Output in the three major formats at once -v: Increase verbosity level (use twice or more for greater effect) -d[level]: Set or increase debugging level (Up to 9 is meaningful) --reason: Display the reason a port is in a particular state --open: Only show open (or possibly open) ports --packet-trace: Show all packets sent and received --iflist: Print host interfaces and routes (for debugging) --log-errors: Log errors/warnings to the normal-format output file --append-output: Append to rather than clobber specified output files --resume : Resume an aborted scan --stylesheet : XSL stylesheet to transform XML output to HTML --webxml: Reference stylesheet from Nmap.Org for more portable XML --no-stylesheet: Prevent associating of XSL stylesheet w/XML output OUTPUT: -oN/-oX/-oS/-oG : Output scan in normal, XML, s|<rIpt kIddi3, and Grepable format, respectively, to the given filename. -oA : Output in the three major formats at once -v: Increase verbosity level (use twice or more for greater effect) -d[level]: Set or increase debugging level (Up to 9 is meaningful) --reason: Display the reason a port is in a particular state --open: Only show open (or possibly open) ports --packet-trace: Show all packets sent and received --iflist: Print host interfaces and routes (for debugging) --log-errors: Log errors/warnings to the normal-format output file --append-output: Append to rather than clobber specified output files --resume : Resume an aborted scan --stylesheet : XSL stylesheet to transform XML output to HTML --webxml: Reference stylesheet from Nmap.Org for more portable XML --no-stylesheet: Prevent associating of XSL stylesheet w/XML output

28 NMAP cont’d Analyze your results:

29 Vulnerabilities Find any hosts worthwhile? Your nest step should be scanning for exploitable vulnerabilities. USE NESSUS!!! © Copyright 2002 - 2009 Tenable Network Security(R). All Rights Reserved.

30 Nessus Nessus scans based on an exhaustive list of vulnerabilities for all platforms of computing. Custom scripts are written by Nessus and their team to check for a vulnerable software component. Nessus scans based on an exhaustive list of vulnerabilities for all platforms of computing. Custom scripts are written by Nessus and their team to check for a vulnerable software component.

31 How Do We Exploit? Now that you have found a useful exploit, what do we use? USE METASPLOIT!!! Copyright © 2003-2009 Metasploit LLC Metasploit ™ is a registered trademark Contact us at msfdev[at]metasploit.com

32 MetaSploit Metasploit was created in 2003 as a portable network game using the Perl scripting language. Later, the Metasploit Framework was then completely rewritten in the Ruby programming language. It is most notable for releasing some of the most technically sophisticated exploits to public security vulnerabilities. In addition it is a powerful tool for third party security researchers to investigate potential vulnerabilities.

33 MetaSploit cont’d Remember the machine with vulns?? Let’s use the metasploit framework….

34 MetaSploit cont’d What else can we do now that were in???

35 MetaSploit cont’d We can add shares as root!!

36 Ethical Hacking cont’d Administrative items: Authorization letter – “Get out of jail free card” Risk report Likelihood of risk Mitigation plans Trends (performed with recurring clients) Administrative items: Authorization letter – “Get out of jail free card” Risk report Likelihood of risk Mitigation plans Trends (performed with recurring clients)

37 Ethical Hacking cont’d

38 Q & A ANY QUESTIONS?

39 Risk IT Security performs a critical role in assessing risk in the organization. Vulnerability Scanning Penetration Testing Industry Trends IT Strategy Familiarity with Audit and Compliance measures IT Security performs a critical role in assessing risk in the organization. Vulnerability Scanning Penetration Testing Industry Trends IT Strategy Familiarity with Audit and Compliance measures

40 Audit Support In many cases, IT Security is heavily relied upon to perform in depth testing required by an audit organization. Security is enlisted by audit because: Technical expertise Familiarity with current issues from internal testing Familiarity with Policies, Standards, and Procedures In many cases, IT Security is heavily relied upon to perform in depth testing required by an audit organization. Security is enlisted by audit because: Technical expertise Familiarity with current issues from internal testing Familiarity with Policies, Standards, and Procedures

41 Compliance Compliance may relate to internal compliance or external compliance. Internal compliance: Policies and Standards Security and Configuration baselines Framework use – ISO, COBIT, ITIL, GAISP, NIST Best Practices Compliance may relate to internal compliance or external compliance. Internal compliance: Policies and Standards Security and Configuration baselines Framework use – ISO, COBIT, ITIL, GAISP, NIST Best Practices

42 Compliance cont’d External compliance: SOX (Sarbanes Oxley) COSO Framework HIPAA PCI Safe Harbor External compliance: SOX (Sarbanes Oxley) COSO Framework HIPAA PCI Safe Harbor

43 ISO Best Practices Source: www.rsa.com

44 Compliance in Action Source: www.rsa.com

45 Internal Policy IT Security is regularly tasked with creation and enforcement of IT policies, standards, and procedures. Creation and enforcement of these documents require: Understanding of audit roles and procedures Familiarity with all systems, networks, and applications Compliance considerations IT Security is regularly tasked with creation and enforcement of IT policies, standards, and procedures. Creation and enforcement of these documents require: Understanding of audit roles and procedures Familiarity with all systems, networks, and applications Compliance considerations

46 Internal Policy cont’d Definitions: A Policy is a set of directional statements and requirements aiming to protect corporate values, assets and intelligence. Policies serve as the foundation for related standards, procedures and guidelines. A Standard is a set of practices and benchmarks employed to comply with the requirements set forth in policies. A standard should always be a derivation of a policy, as it is the second step in the process of a company’s policy propagation. A Procedure is a set of step-by-step instructions for implementing policy requirements and executing standard practices. Definitions: A Policy is a set of directional statements and requirements aiming to protect corporate values, assets and intelligence. Policies serve as the foundation for related standards, procedures and guidelines. A Standard is a set of practices and benchmarks employed to comply with the requirements set forth in policies. A standard should always be a derivation of a policy, as it is the second step in the process of a company’s policy propagation. A Procedure is a set of step-by-step instructions for implementing policy requirements and executing standard practices.

47 Internal Policy cont’d

48 Policy creation and enforcement cycle

49 Policy Business Case A top 5 global food retailer has a massive IT/IS infrastructure and good governance….but no real policies! Policies are the foundation for enforcing IT compliance and governance. What policies were written for the client… A top 5 global food retailer has a massive IT/IS infrastructure and good governance….but no real policies! Policies are the foundation for enforcing IT compliance and governance. What policies were written for the client…

50 Policy Business Case cont’d Policies written for IT Security: Acceptable Use Policy Information Classification & Ownership Policy Risk Assessment & Mitigation Policy Access Control Policy Network Configuration and Communication Policy Remote Access Policy Business Continuity Policy Incident Response Policy Third Party Data Sharing Policy System Implementation & Maintenance Secure Application Development Cryptography & Key Management Mobile Computing Physical & Environmental Security Policies written for IT Security: Acceptable Use Policy Information Classification & Ownership Policy Risk Assessment & Mitigation Policy Access Control Policy Network Configuration and Communication Policy Remote Access Policy Business Continuity Policy Incident Response Policy Third Party Data Sharing Policy System Implementation & Maintenance Secure Application Development Cryptography & Key Management Mobile Computing Physical & Environmental Security

51 Policy Business Case cont’d Sample Policies

52 Q & A Any Questions? Contact Information Brandon Hoffman KPMG, LLP bshoffman@kpmg.com 312.665.2775 Any Questions? Contact Information Brandon Hoffman KPMG, LLP bshoffman@kpmg.com 312.665.2775

Download ppt "Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP."

Similar presentations

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar (http://www.insecure.org), it.

NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar ( it.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
IP Network Scanning.

IP Network Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP.

Information Technology Security: Fitting Into the Big Picture Brandon Hoffman, KPMG LLP Fitting Into the Big Picture Brandon Hoffman, KPMG LLP.
Description “Nmap stands for Network Mapper. Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing.

Description “Nmap stands for "Network Mapper". Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing.
Security Policy. Topics for Discussion IT Security in the Business – Risk, Audit Support, Compliance Policies, Standards, and Procedures – IT Security’s.

Security Policy. Topics for Discussion IT Security in the Business – Risk, Audit Support, Compliance Policies, Standards, and Procedures – IT Security’s.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Similar presentations

Ads by Google