Embed Size (px)
Citation preview
Cou
rse
ILT
Security overview
Unit objectives Discuss network security Discuss security threat trends and
their ramifications Determine the factors involved in
creating a secure network strategy Control access to a Windows 2000
server
Cou
rse
ILT
Topic A
Topic A: Introduction to network security
Topic B: Understanding security threats
Topic C: Creating a secure network strategy
Topic D: Windows 2000 server access control
Cou
rse
ILT
Network security defined
Network security:– Process by which digital information
assets are protected
Goals of network security are to:– Protect confidentiality– Maintain integrity– Assure availability
Assessing risk– Identify threats– Reduce vulnerabilities
Cou
rse
ILT
Information Security
Tasks of guarding digital information, which is typically processed by a computer, stored on a magnetic or optical storage device (such as a hard drive or DVD), and transmitted over a network.
Cou
rse
ILT
An isolated computer
What security threat do we have?
Cou
rse
ILT
Connected to the Internet
What security threat do we have?
The InternetThe Internet
Cou
rse
ILT
Information vs. Network
Most of the threat are from the network, that is why we chose the name “Network Security” instead of “Information Security”.
But the intention is to secure the information.
Information is an asset that must be protected.
Cou
rse
ILT
Financial Loss
Without adequate protection or network security, a company is highly susceptible to a financial loss.
The fear of security breach can cause financial loss as an actual breach.
Cou
rse
ILT
Each attack costs $213,000
After an attack on information security, clean-up efforts divert resources, such as time and money away from normal activities
A Corporate IT Forum survey of major corporations showed:– Each attack costs a company an average
of $213,000 in lost man-hours and related costs
– One-third of corporations reported an average of more than 3,000 man-hours lost
Cou
rse
ILT
Information Security
Cou
rse
ILT
Threat vs. Vulnerability
A threat is defined as any activity that poses a danger to our information.
A vulnerability is a weakness in a system, such as misconfigured hardware or software, poor design, or end-user carelessness.
Threats exploit vulnerabilities in order to gain unauthorized access to a network.
Cou
rse
ILT
Effect of Evolving technologies
Mainframes LANs Firewalls Extranets Security systems
– Intrusion detection– Authentication– Authorization– Vulnerability assessment
Cou
rse
ILT
Security build Trust
Security is critical for all types of Internet business.
By protecting systems from intrusion and corruption, security technologies help companies build trust
A trust that information is protected and transactions are reliable
Cou
rse
ILT
Securing means Managing risk
Users can perform only authorized tasks
Users can obtain only authorized information
Users cannot damage data, applications, or operating environment
Cou
rse
ILT
Errors and Equipment Failures
Though “security” means protection against malicious attacks by outsiders.
Security also involves controlling the effects of errors and equipment failures.
Cou
rse
ILT
Goals of network security - CIA
The goal of implementing network security is to maintain an acceptable level of confidentiality, integrity and availability of information.
Confidentiality– Protection of data from unauthorized disclosure
to a third party
Integrity– Assurance that data is not altered or destroyed
in an unauthorized manner
Availability– Continuous operation of computing systems
Cou
rse
ILT
Topic B
Topic A: Introduction to network security
Topic B: Understanding security threats
Topic C: Creating a secure network strategy
Topic D: Windows 2000 server access control
Cou
rse
ILT
Price of Intrusion
Corporate espionage, – FBI estimates up to $100 billion loss
Identity theft – up to 700,000 Americans
Computer Viruses– up to $13.2 billion in 2001
– Lost revenues– Lost prestige– Lost productivity
Cou
rse
ILT
CERT Computer Emergency Response Team (CERT)
security organization compiles statistics regarding number of reported attacks, including:– Speed of attacks– Sophistication of attacks– Faster detection of weaknesses– Distributed attacks– Difficulties of patching
http://www.cert.org/ Established in 1988, the CERT® Coordination
Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.
Cou
rse
ILT
Sources of threats
Compromising of each of these three security goals can cost organization either – directly or – indirectly
There are four causes for compromised security:– Technology weaknesses– Configuration weaknesses– Policy weaknesses– Human error or malice
Cou
rse
ILT
Technology weaknesses
TCP/IP Operating systems Network equipment
Cou
rse
ILT
TECHNOLOGY WEAKNESSESare a part of each technology
TCP/IP
A communication protocoldesigned as an open standard.
Application
Presentation
Session
Transport
Network
Data Link
Physical
Cou
rse
ILT
TECHNOLOGY WEAKNESSESare a part of each technology
Operating Systems
Windows, Linux, Unix,
Each operating system has issues.
Cou
rse
ILT
TECHNOLOGY WEAKNESSESare a part of each system
Networking equipment
All networking equipment must be protected!
Passwords Firewalls
Protocols Authentication
Cou
rse
ILT
Configuration weaknesses
Unsecured accounts System accounts with easily guessed
passwords Misconfigured Internet services Unsecured default settings Misconfigured network equipment Trojan horse programs Vandals Viruses
Cou
rse
ILT
Policy weaknesses
Lack of a written security policy Politics High turnover Concise access controls not applied Software and hardware installation
and changes do not follow policy Proper security Nonexistent disaster recovery plan
Cou
rse
ILT
Human error and malice
Accident Ignorance Workload Dishonesty Impersonation Disgruntled employees Snoops Denial-of-service attacks
Cou
rse
ILT
Topic C
Topic A: Introduction to network security
Topic B: Understanding security threats
Topic C: Creating a secure network strategy
Topic D: Windows 2000 server access control
Cou
rse
ILT
Network security strategies
Achieve the state where any action that is not expressly permitted is prohibited
Address both internal and external threats
Define policies and procedures Reduce risk across perimeter security,
the Internet, intranets, and LANs
(continued)
Cou
rse
ILT
Network security strategies, continued
Human factors Knowing your weaknesses Limiting access Achieving security through persistence Physical security Perimeter security
(continued)
Cou
rse
ILT
Secure network strategy, cont’d
Firewalls Web and file servers Access control Change management Encryption Intrusion detection systems (IDS)
Cou
rse
ILT
Topic D
Topic A: Introduction to network security
Topic B: Understanding security threats
Topic C: Creating a secure network strategy
Topic D: Windows 2000 server access control
Cou
rse
ILT
Access control
Restricts access to a resource Security levels
– Identify– Authenticate– Authorize
Cou
rse
ILT
MAC, DAC and RBAC
Mandatory access control (MAC)– Non-discretionary control used in high-
security locations
Discretionary access control– Allows the owner of a file to dictate who
can access the file and to what extent
Role-based access control – Access is based on the role a user plays
in the organization
Cou
rse
ILT
Unit summary
Discussed network security Discussed the security threat trends
and their ramifications Discussed the goals of network
security and determined the factors involved in a secure network strategy
Discussed methods of access control and their implementation on a Windows 2000 server
