Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 2 Securing Network Server and User Workstations.

Similar presentations


Presentation on theme: "Chapter 2 Securing Network Server and User Workstations."— Presentation transcript:

1 Chapter 2 Securing Network Server and User Workstations

2 Author’s Goal Achieve CIA –Confidentiality Authentication access control encryption –Integrity Security scanning software (anti-virus, etc) IDS – intrusion detection system Checksums System monitoring –Availability Redundancy

3 Author’s Method Plan Configure Maintain Improve

4 Author’s Method Plan

5 Write deployment plans and recovery plans for each class of system: Private server Public server User workstation Portable devices (notebook, tablets, etc) Other devices?

6 Plan Classify users: Privileged, few (or no) restrictions to sensitive data, software, and hardware, Non-privileged – restricted access to data, software, and hardware

7 Plan A deployment plan should include – Configuration instructions for Hardware, software, and the OS –Determine if remote system administration will be allowed –Classify the users and their privileges. –Define the daily administration tasks. –Define the physical access –Document the backup procedure

8 JA, Author’s Method Plan Configure

9 Configure the OS and applications as outlined in the deployment plan. –Disabling unneeded features in the OS and other apps. –Install only the needed applications. Configure strong authentication procedures. Configure re-authentication after idle periods. Configure limits on authentication failures. Configure appropriate access controls for –data, –services –hardware Configure for backups Replicate the configuration to other systems. Configure system logging

10 JA, Author’s Method Plan Configure Maintain

11 Maintain Integrity Update the OS and applications regularly. Update security software regularly. Run security software checks regularly. Implement regular backup procedures. Use a secure method to store and inspect log files. Record Cryptographic checksums Remote maintenance must be secure. Measures are needed to prevent unauthorized installation of hardware.

12 JA, Author’s Method Plan Configure Maintain Improve

13 Improve User Awareness All users must sign a Computer System Usage Policy. Identify the file systems that are archived and those that are not archived. Educate users which systems, software, data, and peripheral devices are usable, and which are off limits. Provide periodic training to cover security issues. Posting banners and sending e-mails with important announcements regarding system usage and security.

14 Other Significant Points New systems should be configured before deployment (being attached to a network) Provide physical security Data must be properly protected from –Unauthorized access (encryption, intrusion defenses, access controls) –Unplanned changes (access controls and intrusion defenses) –Loss (backups and intrusion defenses)


Download ppt "Chapter 2 Securing Network Server and User Workstations."

Similar presentations


Ads by Google