13 Ways Through A Firewall What you don t know will hurt you
|
|
- Alicia Booth
- 6 years ago
- Views:
Transcription
1 13 Ways Through A Firewall What you don t know will hurt you Andrew Ginter VP Industrial Security Waterfall Security Solutions CIPS ICE: The Tech Day 2013 (Calgary) Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 2013
2 Firewalls Firewalls separate networks and subnetworks with different security / connectivity needs Often first investment any site makes when starting down the road to an ICS cyber security program Unified Threat Managers firewalls with stateful inspection, VPNs, in-line anti-virus scanning, intrusion detection, intrusion prevention, anti-spam, web filtering, and much more but are they secure? DNP3 DMZ in-between network(s) ICS best practice: layers of firewalls, layers of host and network-based defenses Photo: Red Tiger Security Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 2
3 Setup for Demo Scenarios Industrial firewall / UTM Business network my laptop + hacked host virtual machine Control network ICS server to attack / take over + one other ICS host virtual machine 2x virtual switches one for each network, each connected to firewall Consider only one-hop compromise into DMZ, or into ICS from DMZ Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 3
4 Compensating Measures Abbrev Graphic Compensating Measure 2-Factor authentication Encryption Better firewall rules Host intrusion detection / prevention system / SIEM Network intrusion detection / prevention system / SIEM Security updates / patch program Unidirectional security gateway Impact Would have prevented / detected the attack Would prevent / detect some variants of the attack Would not have prevented / detected the attack Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 4
5 #1 Phishing / Spam / Drive-By-Download Single most common way through (enterprise) firewalls Client on business network pulls malware from internet, or activates malware in attachment Spear-phishing carefully crafted to fool even security experts into opening attachment Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 5
6 #2 Social Engineering Steal a Password VPN password on sticky note on monitor, or under keyboard Call up administrator, weave a convincing tale of woe, and ask for the password Ask the administrator to give you a VPN account Shoulder-surf while administrator enters firewall password Guess Install a keystroke logger Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 6
7 #3 Compromise Domain Controller Create Account More generally abuse trust of external system Create account / change password of exposed ICS server, or firewall itself Other external trust abuse compromise external HMI, ERP, DCS vendor with remote access, WSUS server, DNS server, etc. Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 7
8 #4 Attack Exposed Servers Every exposed port is vulnerable: SQL injection buffer overflow default passwords hard-coded password denial of service / SYN-flood Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 8
9 #5 Attack ICS Clients via Compromised Servers Best practice: originate all cross-firewall TCP connections on ICS / trusted side Once established, all TCP connections are bi-directional attacks can flow back to clients: compromised web servers compromised files on file servers buffer overflows Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 9
10 #6 Session Hijacking / Man-in-the-Middle Requires access to communications stream between authorized endpoints eg: ARPSpoof (LAN), fake Wi-Fi access point, hacked DNS server Insert new commands into existing communications session Sniff / fake session ID / cookie and re-use Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 10
11 #7 Piggy-Back on VPN You may trust the person you have granted remote access, but should you trust their computer? Broad VPN access rules I trust this user to connect to any machine, on any port makes it easy for worms and viruses to jump Split-tunneling allows interactive remote control Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 11
12 #8 Firewall Vulnerabilities Firewalls are software. All large software artifacts have bugs, and some of those bugs are security vulnerabilities and zero-days Vendor back-doors / hard-coded passwords Supply chain issues do you trust the manufacturer? The manufacturer s suppliers? Occasional design vulnerabilities Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 12
13 #9 Errors and Omissions Modern firewalls require 6-8 weeks full-time training to cover all features and all configurations The smallest errors expose protected servers to attack Over time, poorly-managed firewalls increasingly resemble routers Well-meaning corporate IT personnel often control firewall configurations and can reach through to fix ICS hosts Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 13
14 #10 Forge an IP Address Most firewall rules are expressed in terms of IP addresses Any administrator can change the IP address on a laptop or workstation Works only if attacker is on same LAN segment as true IP address or WAN routers route response traffic to a different LAN May need ARPSpoof to block machine with real IP Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 14
15 #11 Bypass Network Security Perimeter Complex network architectures path from business network to ICS network through only routers exists, but is not obvious Rogue wireless access points Rogue cables well meaning technicians eliminate single point of failure in firewall ICS network extends outside of physical security perimeter Dial-up port Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 15
16 #12 Physical Access to Firewall If you can touch it, you can compromise it Reset to factory defaults Log in to local serial port, change settings with CLI Re-arrange wiring Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 16
17 #13 Sneakernet Removable media, especially USB sticks, carried past physical / cyber security perimeter Entire laptops, workstations and servers carried past physical / cyber security perimeter Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 17
18 Demo Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 18
19 Firewall Vulnerability Cross-Site Request Forgery Uses web browser credentials for logged-in sites Blind technique script cannot read from foreign web page Can however, push changed data to web server, as if user had pressed send Lesson: Cross-site scripting vulnerabilities are rampant in web applications of all kinds, including ICS applications. CSRF has been public knowledge for over a decade Mitigation: Modify web application to use hidden fields to echo random data back to web site on pages that change application state. Browsers prevent each site s scripts from seeing data coming from another site, so foreign scripts cannot echo random data back to protected website Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 19
20 Errors and Omissions andrews-machine address was really for an entire subnet See this only when you go to the screen which defines andrewsmachine address Correcting this problem is not sufficient the address was in the DHCP range See this only when you go to the DHCP server definition screen Andrew s machine needs to be given a static IP address Lesson: Full-featured firewalls are complex. Reviewing configurations to ensure they are safe is not straightforward. Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 20
21 Firewall Design Vulnerability Browsers enforce can t touch other site s web pages rule when scripts and web pages come from different sites Within a site, scripts can touch web pages at will this is how complex web applications work Hiding many web sites behind a single proxy address is very convenient web browser is your SSL client Web browsers cannot enforce can t touch other site s web pages rules when scripts and web pages all appear to originate at the same site Lesson: Clientless/browser SSL clients are designed to hide many sites behind one address. Unless browser designs or clientless SSL designs change, hosts behind such proxy-site web servers will always be vulnerable to each other s scripted attacks. Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 21
22 Hacking ICS Servers 100,000 Vulnerabilities A major vendor recently reported counting over 50,000 bufferoverflow-capable C library calls in one 2,000,000 LOC product All such calls are currently being replaced Do the math: Assume 2% of all overflow-capable calls are vulnerabilities 10 major vendors world-wide, in at least 5 verticals Assume at least 3 2MLOC products unique to each vertical Assume at least 75% of these products still written in C/C++ The math: 2% x 50,000 calls x 10 vendors x 5 verticals x 3 products x 75% = at least 100,000 vulnerabilities waiting to be found Lesson: Attacking firewall-exposed ICS servers with zero-day exploits will be straightforward for the foreseeable future Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 22
23 Keeping Score Graphic Score Impact 2 Would have prevented / detected the attack 1 Would prevent / detect some variants of the attack 0 Would not have prevented / detected the attack Score Abbrev Compensating Measure 7 2-Factor authentication 7 Encryption 11 Better firewall rules 8 Host intrusion detection / prevention system / SIEM 9 Network intrusion detection / prevention system / SIEM 9 Security updates / patch program 20 Unidirectional security gateway Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 23
24 Unidirectional Example: Historian Replication TX agent is conventional historian client request copy of new data as it arrives in historian RX agent is conventional historian collector drops new data into replica as it arrives from TX TX agent sends historical data and metadata to RX using nonroutable, point-to-point protocol Complete replica, tracks all changes, new tags, alerts in replica Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd. 24
25 Unidirectional Security Gateways Stronger Than Firewalls Firewalls are porous Given the elephants in the room, perimeter protection will always be disproportionately important: 100,000 vulnerabilities Plain-text device communications Dissonance between ECC and IT s constant change patch programs Long life-cycles for physical equipment If this topic was useful, a detailed whitepaper in the same theme is coming andrew. waterfall-security. com Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd.
26 Waterfall Security Solutions Headquarters in Israel, sales and operations office in the USA Hundreds of sites deployed in all critical infrastructure sectors Frost & Sullivan: Entrepreneurial Company of the Year Award for ICS network security Pike Research: Waterfall is key player in the cyber security market Gartner: IT and OT security architects should consider Waterfall for their operations networks Strategic partnership agreements / cooperation with: OSIsoft, GE, Siemens, and many other major industrial vendors Market leader for server replication in industrial environments Proprietary Information -- Copyright 2013 by Waterfall Security Solutions Ltd.
ICALEPCS 2013 San Francisco
UNIDIRECTIONAL SECURITY GATEWAYS Unidirectional Security Gateways Stronger Than Firewalls ICALEPCS 2013 San Francisco Andrew Ginter VP Industrial Security Waterfall Security Solutions Proprietary Information
More informationNERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes
NERC-CIP CAN-0024: Securing Critical Cyber Assets with Data Diodes Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright 2012 2011 by Waterfall
More informationWhat I learned about Firewalls:
What I learned about Firewalls: A Decade of ICS Firewall Management Standards Certification Education & Training Publishing Conferences & Exhibits Michael H. Firstenberg, GICSP, GCIH, CISSP Director of
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationCTS2134 Introduction to Networking. Module 08: Network Security
CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting
More informationCyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX
Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security HTML PHP Database Linux Operating System and Networking: LINUX NETWORKING Information Gathering:
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More informationCompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management
CompTIA Security+ Lecture Six Threats and Vulnerabilities Vulnerability Management Copyright 2011 - VTC Malware Malicious code refers to software threats to network and systems, including viruses, Trojan
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationCurso: Ethical Hacking and Countermeasures
Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security
More informationCS System Security 2nd-Half Semester Review
CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSoftware Defined Perimeter & PrecisionAccess. Secure. Simple.
Software Defined Perimeter & PrecisionAccess Secure. Simple. Enterprise Perimeter: Then & Now THEN: Fixed Perimeter blocked attackers NOW: Attackers are Inside the Perimeter Corporate employees Corporate
More informationScanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.
I Introduction to Hacking Important Terminology Ethical Hacking vs. Hacking Effects of Hacking on Business Why Ethical Hacking Is Necessary Skills of an Ethical Hacker What Is Penetration Testing? Networking
More informationNERC Issues CAN-0024: Guidance for Unidirectional, Routable Communications
NERC Issues CAN-0024: Guidance for Unidirectional, Routable Communications Andrew Ginter Director of Industrial Security Waterfall Security Solutions Mark Simon Senior Consultant Encari Joel Langill The
More informationPass Microsoft Exam
Pass Microsoft 98-367 Exam Number: 98-367 Passing Score: 700 Time Limit: 45 min File Version: 51.0 http://www.gratisexam.com/ Pass Microsoft 98-367 Exam Exam Name: Security Fundamentals Certdumps QUESTION
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationInternetwork Expert s CCNA Security Bootcamp. Common Security Threats
Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationWeb insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.
Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language
More informationF5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe
F5 comprehensive protection against application attacks Jakub Sumpich Territory Manager Eastern Europe j.sumpich@f5.com Evolving Security Threat Landscape cookie tampering Identity Extraction DNS Cache
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationWayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk
Wayward Wi-Fi How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk 288 MILLION There are more than 288 million unique Wi-Fi networks worldwide. Source: Wireless Geographic Logging
More informationAURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo
ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking
More informationExam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo
Exam : JK0-015 Title : CompTIA E2C Security+ (2008 Edition) Exam Version : Demo 1.Which of the following logical access control methods would a security administrator need to modify in order to control
More informationIndustrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets
Industrial Cyber Security ICS SHIELD Top-down security for multi-vendor OT assets OT SECURITY NEED Industrial organizations are increasingly integrating their OT and IT infrastructures. The huge benefits
More informationCompTIA E2C Security+ (2008 Edition) Exam Exam.
CompTIA JK0-015 CompTIA E2C Security+ (2008 Edition) Exam Exam TYPE: DEMO http://www.examskey.com/jk0-015.html Examskey CompTIA JK0-015 exam demo product is here for you to test the quality of the product.
More informationPass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores
Pass4suresVCE http://www.pass4suresvce.com Pass4sures exam vce dumps for guaranteed success with high scores Exam : CS0-001 Title : CompTIA Cybersecurity Analyst (CySA+) Exam Vendor : CompTIA Version :
More informationHikCentral V1.3 for Windows Hardening Guide
HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationCyberP3i Course Module Series
CyberP3i Course Module Series Spring 2017 Designer: Dr. Lixin Wang, Associate Professor Firewall Configuration Firewall Configuration Learning Objectives 1. Be familiar with firewalls and types of firewalls
More informationAuthor: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0
Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the
More informationNETWORK THREATS DEMAN
SELF-DEFENDING NETWORK NETWORK THREATS DEMAN NEW SECURITY: STRATEGIES TECHNOLOGIES Self-Propagating Threats A combination of: self propagating threats Collaborative applications Interconnected environments
More informationCHCSS. Certified Hands-on Cyber Security Specialist (510)
CHCSS Certified Hands-on Cyber Security Specialist () SYLLABUS 2018 Certified Hands-on Cyber Security Specialist () 2 Course Description Entry level cyber security course intended for an audience looking
More informationUnderstanding Cisco Cybersecurity Fundamentals
210-250 Understanding Cisco Cybersecurity Fundamentals NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 210-250 Exam on Understanding Cisco
More informationMOBILE SECURITY OVERVIEW. Tim LeMaster
MOBILE SECURITY OVERVIEW Tim LeMaster tim.lemaster@lookout.com Your data center is in the cloud. Your users and customers have gone mobile. Starbucks is your fall-back Network. Your mobile device is a
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationPrecisionAccess Trusted Access Control
Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationTeleworking and Security: IT All Begins with Endpoints. Jim Jessup Solutions Manager, Information Risk Management June 19, 2007
Teleworking and Security: IT All Begins with Endpoints Jim Jessup Solutions Manager, Information Risk Management June 19, 2007 Agenda 1 Today s Landscape 2 Trends at the Endpoint 3 Endpoint Security 4
More informationTraining UNIFIED SECURITY. Signature based packet analysis
Training UNIFIED SECURITY Signature based packet analysis At the core of its scanning technology, Kerio Control integrates a packet analyzer based on Snort. Snort is an open source IDS/IPS system that
More informationSteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)
Internet Communications Made Safe SteelGate Overview SteelGate Overview SteelGate is a high-performance VPN firewall appliance that Prevent Eliminate threats & attacks at the perimeter Stop unauthorized
More informationINF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015
INF3700 Informasjonsteknologi og samfunn Application Security Audun Jøsang University of Oslo Spring 2015 Outline Application Security Malicious Software Attacks on applications 2 Malicious Software 3
More informationFIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?
WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take
More informationPracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam
PracticeDump http://www.practicedump.com Free Practice Dumps - Unlimited Free Access of practice exam Exam : SY0-501 Title : CompTIA Security+ Certification Exam Vendor : CompTIA Version : DEMO Get Latest
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationCourse overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)
Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationThe StrideLinx Remote Access Solution comprises the StrideLinx router, web-based platform, and VPN client.
Introduction: Intended Audience The StrideLinx Remote Access Solution is designed to offer safe and secure remote access to industrial equipment worldwide for efficient remote troubleshooting, programming
More informationSANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.
SANS SEC504 Hacker Tools, Techniques, Exploits and Incident Handling http://killexams.com/exam-detail/sec504 QUESTION: 315 Which of the following techniques can be used to map 'open' or 'pass through'
More informationn Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network
Always Remember Chapter #1: Network Device Configuration There is no 100 percent secure system, and there is nothing that is foolproof! 2 Outline Learn about the Security+ exam Learn basic terminology
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationCompTIA Security+(2008 Edition) Exam
http://www.51- pass.com Exam : SY0-201 Title : CompTIA Security+(2008 Edition) Exam Version : Demo 1 / 7 1.An administrator is explaining the conditions under which penetration testing is preferred over
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationCoordinated Threat Control
Application Note Coordinated Threat Control Juniper Networks Intrusion Detection and Protection (IDP) and Secure Access SSL VPN Interoperability Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale,
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationCourse Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture
About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationRussian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall
Russian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall 1 U.S. and U.K. authorities last week alerted the public to an on-going effort to exploit network infrastructure devices including
More information5. Execute the attack and obtain unauthorized access to the system.
Describe how a combination of preventive, detective, and corrective controls can be employed to provide reasonable assurance about information security. Before discussing the preventive, detective, and
More informationFIREWALL BEST PRACTICES TO BLOCK
Brought to you by Enterprie Control Systems FIREWALL BEST PRACTICES TO BLOCK Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting
More informationAccess Controls. CISSP Guide to Security Essentials Chapter 2
Access Controls CISSP Guide to Security Essentials Chapter 2 Objectives Identification and Authentication Centralized Access Control Decentralized Access Control Access Control Attacks Testing Access Controls
More informationCyberArk Solutions for Secured Remote Interactive Access. Addressing NERC Remote Access Guidance Industry Advisory
CyberArk Solutions for Secured Remote Interactive Access Addressing NERC Remote Access Guidance Industry Advisory Table of Contents The Challenges of Securing Remote Access 3 Using CyberArk s Privileged
More informationCIH
mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer
More informationSSL VPNs or IPsec VPNs The Challenges of Remote Access. February 2 nd, 2007 Chris Witeck- Director of Product Marketing
SSL VPNs or IPsec VPNs The Challenges of Remote Access February 2 nd, 2007 Chris Witeck- Director of Product Marketing Agenda Remote access challenges Drivers for remote access New challenges for IT Remote
More informationPRACTICAL NETWORK DEFENSE VERSION 1
PRACTICAL NETWORK DEFENSE VERSION 1 The world s premiere online practical network defense course elearnsecurity has been chosen by students in over 140 countries in the world and by leading organizations
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationThreat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets
Threat Control and Containment in Intelligent Networks Philippe Roggeband - proggeba@cisco.com Product Manager, Security, Emerging Markets 1 Agenda Threat Control and Containment Trends in motivation The
More informationCYBER ATTACKS EXPLAINED: PACKET SPOOFING
CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationComputer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks
Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition Chapter 3 Investigating Web Attacks Objectives After completing this chapter, you should be able to: Recognize the indications
More informationjk0-022 Exam Questions Demo CompTIA Exam Questions jk0-022
CompTIA Exam Questions jk0-022 CompTIA Academic/E2C Security+ Certification Exam Voucher Only Version:Demo 1.An attacker used an undocumented and unknown application exploit to gain access to a file server.
More informationHacking Intranet Websites from the Outside
1 Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous" Black Hat (Japan) 10.05.2006 Jeremiah Grossman (Founder and CTO) WhiteHat Security 2 WhiteHat Sentinel -
More informationChapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.
Name Date Chapter 10: Security After completion of this chapter, students should be able to: Explain why security is important and describe security threats. Explain social engineering, data wiping, hard
More informationInformation Technology Enhancing Productivity and Securing Against Cyber Attacks
Information Technology Enhancing Productivity and Securing Against Cyber Attacks AGENDA Brief Overview of PortMiami Enhancing Productivity Using Technology Technology Being Using at the Port Cyber Attacks
More informationCyber Security Audit & Roadmap Business Process and
Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,
More informationNetwork Intrusion Goals and Methods
Network Intrusion Goals and Methods Mgr. Rudolf B. Blažek, Ph.D. Department of Computer Systems Faculty of Information Technologies Czech Technical University in Prague Rudolf Blažek 2010-2011 Network
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationImplementing Cisco Network Security (IINS) 3.0
Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationSecure Access & SWIFT Customer Security Controls Framework
Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire Version 1.0 Release: December 2004 How to Complete the Questionnaire The questionnaire is divided into six sections. Each
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More informationF5 Application Security. Radovan Gibala Field Systems Engineer
1 F5 Application Security Radovan Gibala Field Systems Engineer r.gibala@f5.com +420 731 137 223 2007 2 Agenda Challenge Websecurity What are the problems? Building blocks of Web Applications Vulnerabilities
More informationCHAPTER 8 SECURING INFORMATION SYSTEMS
CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 20: Intrusion Prevention Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Firewalls purpose types locations Network perimeter
More informationN exam.420q. Number: N Passing Score: 800 Time Limit: 120 min N CompTIA Network+ Certification
N10-006.exam.420q Number: N10-006 Passing Score: 800 Time Limit: 120 min N10-006 CompTIA Network+ Certification Sections 1. Network security 2. Troubleshooting 3. Industry standards, practices, and network
More informationA (sample) computerized system for publishing the daily currency exchange rates
A (sample) computerized system for publishing the daily currency exchange rates The Treasury Department has constructed a computerized system that publishes the daily exchange rates of the local currency
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationAccounting Information Systems
Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how
More informationRemote Desktop Security for the SMB
A BWW Media Group Brand Petri Webinar Brief October 5th, 2018 Remote Desktop Security for the SMB Presenter: Michael Otey Moderator: Brad Sams, Petri IT Knowledgebase, Executive Editor at Petri.com There
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More informationCisco Systems Korea
(kiseo@cisco.com) Cisco Systems Korea 2008 Cisco Systems, Inc. All rights reserved. 1 Agenda 2008 Cisco Systems, Inc. All rights reserved. 2 2008 Cisco Systems, Inc. All rights reserved. 3 Threats Are
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationBarracuda Firewall Release Notes 6.6.X
Please Read Before Upgrading Before installing the new firmware version, back up your configuration and read all of the release notes that apply to the versions that are more current than the version that
More information