Presentation is loading. Please wait.

Presentation is loading. Please wait.

Part II : Computer Security and the VVSG October 15-17, 2007 Barbara Guttman Nelson Hastings National Institute of Standards and Technology

Published byAbraham Shaw Modified over 9 years ago

Similar presentations

Presentation on theme: "Part II : Computer Security and the VVSG October 15-17, 2007 Barbara Guttman Nelson Hastings National Institute of Standards and Technology"— Presentation transcript:

1 Part II : Computer Security and the VVSG October 15-17, 2007 Barbara Guttman Nelson Hastings National Institute of Standards and Technology barbara.guttman@nist.govbarbara.guttman@nist.gov nelson.hastings@nist.govnelson.hastings@nist.gov

2 Oct 15-17, 2007Next VVSG TrainingPage 2 Agenda Security Requirements Overview Review of Chapter 4: Security and Audit Architecture Review of Chapter 5: General Security Requirements

3 Oct 15-17, 2007Next VVSG TrainingPage 3 Security Requirements Overview The security requirements of the next VVSG work together to support equipment security Difficult to understand security provided by a single requirement or set of requirements without understanding how requirements relate to each other

4 Oct 15-17, 2007Next VVSG TrainingPage 4 Security Requirements Overview For example, Cryptography section addresses how cryptography is implemented by equipment Software installation and electronic records sections address how cryptography, specifically digital signatures are use by equipment to support security

5 Oct 15-17, 2007Next VVSG TrainingPage 5 Security Requirements Overview Documentation requirements related to security Part 2: Documentation Requirements System Security Specification Section 3.5 of the Technical Data Package (TDP) Section 4.3 of the user documentation

6 Oct 15-17, 2007Next VVSG TrainingPage 6 Security Requirements Overview Section 3.5 System Security Specification (TDP) Provided to test lab to assist in the testing campaign General documentation about security including Security Architecture Security Threat Controls Security Testing and vulnerability analysis Detailed implementation specification for each security mechanism

7 Oct 15-17, 2007Next VVSG TrainingPage 7 Security Requirements Overview Section 4.3: System Security Specification (User documentation) Provided to user of the voting system including test labs How security mechanism are to be used Information needed to support a features use such as a list of software to be installed

8 Oct 15-17, 2007Next VVSG TrainingPage 8 Chapter 4: Security and Audit Architecture Section 4.2: Requirements to support auditing Section 4.3: Electronic Records Section 4.4 Independent Voter Verifiable Records (IVVR) VVPAT PCOS

9 Oct 15-17, 2007Next VVSG TrainingPage 9 Software Independence TGDC Resolution 06-06 requires software independence (SI) Software Independence means that changes must be detectable Detectable, in practice, means auditable SI = Auditable

10 Oct 15-17, 2007Next VVSG TrainingPage 10 Why Does the TGDC Want SI? With software, it is pretty easy to make a screen say one thing, but record another thing inside the computer. The hard part is making plausible, directed changes.

11 Oct 15-17, 2007Next VVSG TrainingPage 11 Auditing Records Two types of records: Electronic & Independent 4.3 address electronic records 4.4 addresses independent records

12 Oct 15-17, 2007Next VVSG TrainingPage 12 Won’t a Test Lab Catch This? No, software, especially the software that runs the user interface, is really complicated.

13 Oct 15-17, 2007Next VVSG TrainingPage 13 Famous Software that wasn’t doing what we thought it was doing Some trojan horse (or 2) NC voting example Therac 25 phishing

14 Oct 15-17, 2007Next VVSG TrainingPage 14 Therac 25 After this second Tyler accident, the ETCC physicist immediately took the machine out of service and called AECL to alert the company to this second apparent overexposure. The Tyler physicist then began his own careful investigation. He worked with the operator, who remembered exactly what she had done on this occasion. After a great deal of effort, they were eventually able to elicit the Malfunction 54 message. They determined that data-entry speed during editing was the key factor in producing the error condition: If the prescription data was edited at a fast pace (as is natural for someone who has repeated the procedure a large number of times), the overdose occurred. http://courses.cs.vt.edu/~cs3604/lib/Therac_25/Therac_2.html

15 Oct 15-17, 2007Next VVSG TrainingPage 15 How Does the VVSG Address Auditability? Requires equipment to have features that can be used for various types of audits Requires documentation NOTE – The VVSG itself does not require auditing – This is procedural and outside the scope.

16 Oct 15-17, 2007Next VVSG TrainingPage 16 4.2 Requirements for Supporting Audits Types of Audits Pollbook Audit Hand Audit of Independent Record Ballot Count and Vote Total Audit Observational Testing Note: Parallel Testing is another type of audit, but it is not included because it does not levy requirements on the equipment

17 Oct 15-17, 2007Next VVSG TrainingPage 17 Audit Records Two types of records: Electronic records Independent Voter Verifiable Records (IVVR) 4.3 address electronic records 4.4 addresses independent records

18 Oct 15-17, 2007Next VVSG TrainingPage 18 4.3 Electronic Records General Requirements Open Format Printable Digitally signed for Integrity & Authenticity

19 Oct 15-17, 2007Next VVSG TrainingPage 19 4.3 Electronic Records Information/data requirements Contain all relevant data List for Tabulator (4.3.2) List for EMS (4.3.3) Generally: Totals Read ballots Counted ballots Rejected ballots Overvotes/undervotes Write-ins

20 Oct 15-17, 2007Next VVSG TrainingPage 20 4.4 Independent Voter Verifiable Records (IVVR) What is an independent voter verifiable record? (4.4.1) Direct verification by voter Support for hand auditing Various security and operational properties (can be rejected/durable) Doesn’t this mean paper?

21 Oct 15-17, 2007Next VVSG TrainingPage 21 4.4 Independent Voter Verifiable Records (IVVR) Direct review (by voter & election official) Can support a hand audit Can support a recount Durable Tamper evidence Support for Privacy

22 Oct 15-17, 2007Next VVSG TrainingPage 22 4.4 Independent Voter Verifiable Records (IVVR) Public Format Sufficient Information (ballot configuration, not just selections) No codebook required Support for multiple physical media Able to be accepted or reject (per media) Non-human readable allowed (public format)

23 Oct 15-17, 2007Next VVSG TrainingPage 23 4.4 Independent Voter Verifiable Records (IVVR) Two current types of IVVR VVPAT Optical Scan

24 Oct 15-17, 2007Next VVSG TrainingPage 24 4.4.2 VVPAT VVPAT & Accessibility addressed by Sharon. Note need for observational testing Many operational requirements Paper rolls allowed

25 Oct 15-17, 2007Next VVSG TrainingPage 25 4.4.3 PCOS Few additional security requirements Allow non-human readable marks (record identifiers, batch information, integrity checks)

26 Oct 15-17, 2007Next VVSG TrainingPage 26 Chapter 5: General Security Requirements Section 5.1: Cryptography Section 5.2: Setup Inspection Section 5.3: Software Installation Section 5.4: Access Control Section 5.5: System Integrity Management Section 5.6: Communication Security Section 5.7: System Event Logging Section 5.8: Physical Security for Voting Devices

27 Oct 15-17, 2007Next VVSG TrainingPage 27 5.1 Cryptography Powerful basic security control Integrity of information Authentication of information Requirements developed to provide easy use and maintenance Use strength of existing federal standards

28 Oct 15-17, 2007Next VVSG TrainingPage 28 5.1 Cryptography Implementation of cryptography Public and Secret Key cryptography Not cryptographic voting protocols (a.k.a End-to-End voting systems) Many sections of the next VVSG leverage the security features supported by cryptography

29 Oct 15-17, 2007Next VVSG TrainingPage 29 5.1 Cryptography FIPS 140-2 validated cryptographic module A cryptographic module is hardware, firmware, and/or software that implements cryptographic functions (such as encryption, decryption, and key generation). Minimum strength of cryptography

30 Oct 15-17, 2007Next VVSG TrainingPage 30 5.1 Cryptography Signature Module A hardware cryptographic module FIPS 140-2 Level 2 (out of 4) with physical security being Level 3 Generates digital signatures Generates and stores private signature keys Permanently attached the equipment

31 Oct 15-17, 2007Next VVSG TrainingPage 31 5.1 Cryptography Types of keys within a Signature Module (SM) Device Signature Key (DSK) Associated with a device for its lifetime Signatures traceable to specific pieces of equipment Election Signature Key (ESK) Generated once per election cycle Associated with a device’s specific election cycle Signatures traceable to electronic records for a given election

32 Oct 15-17, 2007Next VVSG TrainingPage 32 5.1 Cryptography Device Signature Key (DSK) Generate using a nondeterministic random number generator Public Key certificate - self signed or CA Unique identifier on an external surface of the equipment and in certificate Signing of Election signature key certificate Election key closeout records Device signature key certificates

33 Oct 15-17, 2007Next VVSG TrainingPage 33 5.1 Cryptography Election Signature Key (ESK) Generate using a nondeterministic random number generator Used to digitally sign electronic records for an election cycle Destroyed as part of election close out Counters to keep track of the number of ESKs generated and signatures generated by a given ESK

34 Oct 15-17, 2007Next VVSG TrainingPage 34 5.1 Cryptography Election Signature Key (ESK) Certificates are signed by Device Signature Key (DSK) Device Signature (private) key Election Signature (Public) Key: Signature DSK

35 Oct 15-17, 2007Next VVSG TrainingPage 35 5.1 Cryptography Election key closeout record Electronic record Public key of Election Signature Key (ESK) (certificate or message digest/hash???) Number of signatures generated by Election Signature Key (ESK) Election Signature Key (ESK) number of the device Signed by the Device Signature Key (DSK)

36 Oct 15-17, 2007Next VVSG TrainingPage 36 5.1 Cryptography Technical Date Package (TDP) requirements Certificate fields for Device Signature Key (DSK) and Election Signature Key (ESK) Specific cryptographic algorithms used Election Closeout Record format specification

37 Oct 15-17, 2007Next VVSG TrainingPage 37 5.2 Setup Inspection Requirements related to the capabilities to inspect properties of voting devices Improves voting device management and maintenance Reflects new focus of requirements in light of software independence (SI) approach Called Setup Validation in VVSG 2005

38 Oct 15-17, 2007Next VVSG TrainingPage 38 5.2 Setup Inspection Inspections generate system event log entries Time and date Information related to the specific inspection Location of software files Component calibration Result of inspection Voting device unique identification Individual (or role) that performed inspection

39 Oct 15-17, 2007Next VVSG TrainingPage 39 5.2 Setup Inspections Software identification verification Ability to query/inspect the voting device to determine what software is installed Software integrity verification Using digital signatures and hash Designated repositories such as National Software Reference Library (NSRL) Voting Device Owner - Jurisdiction SI approach allows for internal verification NO external interface requirement like in VVSG 2005

40 Oct 15-17, 2007Next VVSG TrainingPage 40 5.2 Setup Inspection Voting device election information inspection Ability to query/inspect the storage locations containing information that changes during an election Number of ballots cast Totals for a given contest Generalized register and variable terminology from VVSG 2005 Support zero total inspections prior to use in election

41 Oct 15-17, 2007Next VVSG TrainingPage 41 5.2 Setup Inspection Inspection of properties of voting device components Backup power supply level Cabling connectivity indicator Communications operational status and on/off indicators Consumables remaining indicator Calibration determination and adjustments

42 Oct 15-17, 2007Next VVSG TrainingPage 42 5.2 Setup Inspection User documentation requirements Model setup inspection process supported by voting device Minimally includes items mentioned previously Manufacturer provided Model inspection check list of other properties supported by the voting device Manufacturer provided Risks related to not performing a given inspection

43 Oct 15-17, 2007Next VVSG TrainingPage 43 5.3 Software Installation Requirements related to the installation of software on voting devices Also covers access and modification of configuration files Uses digital signatures to provide the ability to verify the authentication and integrity of the software National Software Reference Library (NSRL) Designated repositories

44 Oct 15-17, 2007Next VVSG TrainingPage 44 5.3 Software Installation Software installation only when in pre- voting state Only individuals with an administrator or central election official role can install software Central Election Officials limited to election specific software or data files

45 Oct 15-17, 2007Next VVSG TrainingPage 45 5.3 Software Installation Digital signature verification of software before installation Externally visible alert when software installation fails Software to only be able to be installed using documented procedures

46 Oct 15-17, 2007Next VVSG TrainingPage 46 5.3 Software Installation Software installation generates system event log entries Time and date Software name and version Location of installation - directory path Digital signature verification - result and signature source Result of software installation

47 Oct 15-17, 2007Next VVSG TrainingPage 47 5.3 Software Installation Technical Data Package (TDP) requirements List of all software to be installed on voting system Name and version Manufacturer contract information Type of software Software documentation Location software is to be installed Functionality provided by the software Dependences and interactions between the software

48 Oct 15-17, 2007Next VVSG TrainingPage 48 5.3 Software Installation User documentation List of all software to be installed on voting system particularly election specific software Hardware and software need to install software

49 Oct 15-17, 2007Next VVSG TrainingPage 49 5.3 Software Installation Procedures used to perform software installation No use of compilers COTS software to be obtained via open market How to create a baseline binary image for replication Preparations of erasable media Software from unalterable media - CDs Record resulting from the installation procedure

50 Oct 15-17, 2007Next VVSG TrainingPage 50 5.4 Access Control The management of three basic elements Identification Authentication Authorization Supports the ability of the voting system to Account for users actions Limits use of resources Applies to individuals, applications, and processes of the voting system

51 Oct 15-17, 2007Next VVSG TrainingPage 51 5.4 Access Control Management of identification information Creating and disabling identities or roles Failed attempts lock out Number of failures within in a time period Length of lockout time

52 Oct 15-17, 2007Next VVSG TrainingPage 52 5.4 Access Control Role identification Required for voting devices and election management systems Roles specified: Voter, Election Judge, Poll Worker, Central Election Official, and Administrator Individual identification Required by election management systems

53 Oct 15-17, 2007Next VVSG TrainingPage 53 5.4 Access Control Management of authentication information Setting and changing authentication information Protection of authentication data by system Password management - strength, reuse, and expiration.

54 Oct 15-17, 2007Next VVSG TrainingPage 54 5.4 Access Control Authentication requirements by role Voter in Section 7.5.1 Issuance of voting credentials and ballot activation Poll Worker - N/A Election Judge and Central Something you know Administrator Multi-factor authentication - smartcard, biometric Application or Process - Digital certificate or signature - ????

55 Oct 15-17, 2007Next VVSG TrainingPage 55 5.4 Access Control Authorization Management By voting system state, time interval, or specific time Dual person control Separation of duties Type of functionality and data accessed Explicitly allowed or disallowed Least privilege, Privilege escalation, prevent modification or tampering of software/firmware ???

56 Oct 15-17, 2007Next VVSG TrainingPage 56 5.4 Access Control Technical Date Package (TDP) requirements Descriptions and specifications of all access control mechanisms used Descriptions and specification of all voting system mechanisms that rely on access control Mapping of all voting system operations and default roles with permissions to perform operations

57 Oct 15-17, 2007Next VVSG TrainingPage 57 5.4 Access Control User documentation requirements Instructions for implementing, configuring, and managing Model access control policy Templates or instructions for custom access control policy creation Disclosure of all default privileged roles

58 Oct 15-17, 2007Next VVSG TrainingPage 58 5.5 System Integrity Management Security controls that do not fit into other sections of the VVSG Boot, load, and execute process protection Removable media interface protection Backup and recovery capabilities Malicious software protection

59 Oct 15-17, 2007Next VVSG TrainingPage 59 5.5 System Integrity Management Boot process process protection Process used when a system is powered on Integrity verification of software initialization components Hardware cryptographic module - digital signature/hashes

60 Oct 15-17, 2007Next VVSG TrainingPage 60 5.5 System Integrity Management Load and execute process protection Process used to load software into memory for execution Integrity verification of any software before loading into memory for execution Hardware cryptographic module - digital signature/hashes

61 Oct 15-17, 2007Next VVSG TrainingPage 61 5.5 System Integrity Management Removable media interface protection Other than physical security mechanisms Ability to disable removable media interfaces when not required CDs, Flash memory, PCIMIA, etc. May only need a CDs interface to be enabled during software installation

62 Oct 15-17, 2007Next VVSG TrainingPage 62 5.5 System Integrity Management Backup and recovery mechanisms Limited to election management systems Permitted only when not capturing votes Integrity verification information (digital signatures, hashes, MACs) created with backup information Backup information authentication and integrity verification before used for recovery

63 Oct 15-17, 2007Next VVSG TrainingPage 63 5.5 System Integrity Management Malicious software protection Limited to election management systems Use of malware detection software Ability to update as new threats appear over time Executed at least once every 24 hours and before loading and execution of software Executed against removable media

64 Oct 15-17, 2007Next VVSG TrainingPage 64 5.5 System Integrity Management Technical Date Package (TDP) requirements List of all software required to be executed

65 Oct 15-17, 2007Next VVSG TrainingPage 65 5.6 Communication Security Protection of voting system communications Transmission of information Communications based threats No use of wireless technology Except for infrared technology

66 Oct 15-17, 2007Next VVSG TrainingPage 66 5.6 Communication Security No remote communication to voting devices during election day Exceptions for devices used to transmit end of day results and communication with voter registration databases However, these devices cannot be connected to other polling place devices

67 Oct 15-17, 2007Next VVSG TrainingPage 67 5.6 Communication Security Polling Place Remote Locations Registration Database Electronic Poll Book Central Count Voting Devices Accumulator

68 Oct 15-17, 2007Next VVSG TrainingPage 68 5.6 Communication Security Network interface protection Ability to disable physical network interfaces when not required Prohibit flow of network traffic from one interface to another on multiple interface devices Unique physical identifier (address) for each interface

69 Oct 15-17, 2007Next VVSG TrainingPage 69 5.6 Communication Security Limit communications to only devices that are required to communicate with each other Integrity information for data Generate integrity information for data sent Verify integrity information for data received Digital signature, hashes, MACs

70 Oct 15-17, 2007Next VVSG TrainingPage 70 5.6 Communication Security Mutual authentication between devices before exchange of information Part of connection establishment Unique identifier for devices Limit amount of information needed for authentication Limit devices to only required network ports, active shares, and services

71 Oct 15-17, 2007Next VVSG TrainingPage 71 5.6 Communication Security Monitor network interfaces for evidence of attack When attacks are detected, devices need to respond to stop attack Shutting down network interface

72 Oct 15-17, 2007Next VVSG TrainingPage 72 5.6 Communication Security Documentation requirements List of all network communication processes and applications required for proper operation List of all network ports, shares, services, and protocols used

73 Oct 15-17, 2007Next VVSG TrainingPage 73 5.7 System Event Logging Provides accountability and supports the ability to reconstruct events and detect intrusions Electronic audit trail Information to be generated Integrity protection of the information Management of system event log

74 Oct 15-17, 2007Next VVSG TrainingPage 74 5.7 System Event Logging Log information must maintain voter privacy and ballot secrecy Basic log entry information System Identifier Event Identifier Time Stamp Result of event When applicable, user that triggered event and requested resource

75 Oct 15-17, 2007Next VVSG TrainingPage 75 5.7 System Event Logging Time Stamp requirements Clock drift - 1 minute within 15 hours Format of time stamp - give example ISO 8601 Date Time - hours, minutes, and seconds Administrator role required to adjust clock

76 Oct 15-17, 2007Next VVSG TrainingPage 76 5.7 System Event Logging Minimum list of events to be logged General system functions events Changes to configuration Device startup and shutdown Addition and deletion files System readiness results Authentication and access control events Logon attempts Logout events Attempts to access system resources

77 Oct 15-17, 2007Next VVSG TrainingPage 77 5.7 System Event Logging Software events Installation, upgrades, and patches Changes to configuration settings Connection attempts to databases Cryptographic events Changes to cryptographic keys Voting events Opening and closing of polls Cast ballot Ballot definition and modification

78 Oct 15-17, 2007Next VVSG TrainingPage 78 5.7 System Event Logging Management of system event log Default setting of system event log Storage of log information in a publicly documented format such as XML Event logs separable on an election and device basis Retention of event log data from previous elections

79 Oct 15-17, 2007Next VVSG TrainingPage 79 5.7 System Event Logging Export of log information with digital signature Rotation of log information internally From primary file to new file Log capacity management Alert as it reaches configurable intervals Suspension of vote capturing when logs capacity reached

80 Oct 15-17, 2007Next VVSG TrainingPage 80 5.7 System Event Logging Ability to view, analyze, and search system event log while on device Halt vote capturing when system log malfunctions or is disabled Administrator role required to configure system event log and clear previous election event logs prior to new election cycle

81 Oct 15-17, 2007Next VVSG TrainingPage 81 5.7 System Event Logging Protection of log information Unauthorized access Read only for administrator roles Write or append only for processes Unauthorized modification Use of cryptography, append only media, operating system Unauthorized Deletion Integrity and [[availability]] protection of archived log information

82 Oct 15-17, 2007Next VVSG TrainingPage 82 5.8 Physical Security for Voting Devices Prevent undetected, unauthorized physical access Must be able to differentiate authorized from unauthorized access Unauthorized access must leave physical evidence Requirements recognize use of a combination of procedures and physical countermeasures without prescribing either

83 Oct 15-17, 2007Next VVSG TrainingPage 83 5.8 Physical Security for Voting Devices Unauthorized physical access must leave physical evidence Physical port access and least functionality Essential to operations, testing and auditing Boundary protection Broken connection → port automatically disabled, alarm, event log, authorization to re-enable

84 Oct 15-17, 2007Next VVSG TrainingPage 84 5.8 Physical Security for Voting Devices Information flow Restricted access to ports with removable media Tamper evidence Manually disable Door covers and panels Monitor access Ballot boxes Tamper evident

85 Oct 15-17, 2007Next VVSG TrainingPage 85 5.8 Physical Security for Voting Devices Secure physical locks and keys Meet UL standards and be tamper evident Keyed per System Owner’s preference Physical encasement locks (fasteners) Must not compromise security Power supplies If the power goes out, physical countermeasures should not fail

86 Oct 15-17, 2007Next VVSG TrainingPage 86 Questions End of Day One???

Download ppt "Part II : Computer Security and the VVSG October 15-17, 2007 Barbara Guttman Nelson Hastings National Institute of Standards and Technology"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
SECAM Systems Product Presentation SECAM Systems © 2010.

SECAM Systems Product Presentation SECAM Systems © 2010.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.

1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Testing - an Overview September 10, 2008 1. What is it, Why do it? Testing is a set of activities aimed at validating that an attribute or capability.

Testing - an Overview September 10, What is it, Why do it? Testing is a set of activities aimed at validating that an attribute or capability.
Examine Quality Assurance/Quality Control Documentation

Examine Quality Assurance/Quality Control Documentation
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.

Ballot Processing Systems February, 2005 Submission to OASIS EML TC and True Vote Maryland by David RR Webber.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Similar presentations

Ads by Google