Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security

Similar documents
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

LOGmanager and PCI Data Security Standard v3.2 compliance

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

PCI Compliance Updates

Jérôme Kerviel. Dang Thanh Binh

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

ANATOMY OF AN ATTACK!

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

BUFFERZONE Advanced Endpoint Security

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

DEFENDING THE MOBILE WORKFORCE Karim Toubba-Vice President Product Marketing and Strategy-Security Business Unit

CYBERSECURITY RISK LOWERING CHECKLIST

Payment Card Industry (PCI) Data Security Standard

Securing Today s Mobile Workforce

Vulnerability Assessment. Detection. Aspects of Assessment. 1. Asset Identification. 1. Asset Identification. How Much Danger Am I In?

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

CS 356 Operating System Security. Fall 2013

CIS Controls Measures and Metrics for Version 7

epldt Web Builder Security March 2017

Requirements for IT Infrastructure

Cyber Essentials. Requirements for IT Infrastructure. QG Adaption Publication 25 th July 17

CIS Controls Measures and Metrics for Version 7

Office 365 Buyers Guide: Best Practices for Securing Office 365

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Symantec Endpoint Protection Family Feature Comparison

Computer Network Vulnerabilities

BUFFERZONE Advanced Endpoint Security

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

Carbon Black PCI Compliance Mapping Checklist

Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.

CompTIA Security+ (2008 Edition) Exam

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

19.1. Security must consider external environment of the system, and protect it from:

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

PCI DSS and VNC Connect

Mobile Devices prioritize User Experience

Kaspersky Mobile Security 9. Reviewer s Guide

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Start the Security Walkthrough

201 CMR COMPLIANCE CHECKLIST Yes No Reason If No Description

Total Security Management PCI DSS Compliance Guide

Security Solutions. Overview. Business Needs

4 Information Security

Built-in functionality of CYBERQUEST

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

ESET Mobile Security for Windows Mobile. Installation Manual and User Guide - Public Beta

Kaspersky Open Space Security

IBM Europe, Middle East, and Africa Services Announcement ZS , dated October 6, 2009

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations

Simple and Powerful Security for PCI DSS

Copyright

CompTIA E2C Security+ (2008 Edition) Exam Exam.

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

Security+ SY0-501 Study Guide Table of Contents

A Measurement Companion to the CIS Critical Security Controls (Version 6) October

Quick Heal Mobile Security. Free protection for your Android phone against virus attacks, unwanted calls, and theft.

Ritz Camera Leverages Whitelisting for Picture Perfect Security

Access Controls. CISSP Guide to Security Essentials Chapter 2

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

Kishin Fatnani. Founder & Director K-Secure. Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009

5. Execute the attack and obtain unauthorized access to the system.

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Google Cloud Platform: Customer Responsibility Matrix. December 2018

Seqrite Endpoint Security

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

HIPAA Assessment. Prepared For: ABC Medical Center Prepared By: Compliance Department

Security Audit What Why

Cybersecurity The Evolving Landscape

Google Cloud Platform: Customer Responsibility Matrix. April 2017

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Quick Heal Mobile Security. Anti-Theft Security. Real-Time Protection. Safe Online Banking & Shopping.

PCI DSS and the VNC SDK

Quick Heal Total Security Multi-Device (Mac) Simple, fast and seamless protection for Mac.

Securing Information Systems

CS System Security 2nd-Half Semester Review

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Technology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics

Dynamic Datacenter Security Solidex, November 2009

Mobility, Security Concerns, and Avoidance

BEST PRACTICES FOR IMPLEMENTING ACCESS CONTROL SYSTEMS

A Guide to Closing All Potential VDI Security Gaps

CompTIA Security+(2008 Edition) Exam

Automating the Top 20 CIS Critical Security Controls

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Locking down a Hitachi ID Suite server

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:


Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003

McAfee Embedded Control for Retail

Transcription:

Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 5 Host, Application, and Data Security

Objectives List the steps for securing a host computer Define application security Explain how to secure data using loss prevention Security+ Guide to Network Security Fundamentals, Fourth Edition 2

Securing the Host Three important elements to secure Host (network server or client) Applications Data Securing the host involves: Protecting the physical device Securing the operating system software Using security-based software applications Monitoring logs Security+ Guide to Network Security Fundamentals, Fourth Edition 3

Securing Devices Prevent unauthorized users from gaining physical access to equipment Aspects of securing devices Physical access security Host hardware security Mobile device security Security+ Guide to Network Security Fundamentals, Fourth Edition 4

Securing Devices (cont d.) Physical security Restricting access to equipment areas Hardware locks Standard keyed entry lock provides minimal security Deadbolt locks provide additional security Keyed locks can be compromised if keys lost, stolen, or duplicated Security+ Guide to Network Security Fundamentals, Fourth Edition 5

Figure 5-1 Residential keyed entry lock Cengage Learning 2012 Figure 5-2 Deadbolt lock Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 6

Securing Devices (cont d.) Recommended key management procedures Change locks after key loss or theft Inspect locks regularly Issue keys only to authorized users Keep records of who uses and turns in keys Keep track of issued keys Master keys should not have identifying marks Security+ Guide to Network Security Fundamentals, Fourth Edition 7

Securing Devices (cont d.) Recommended key management procedures (cont d.) Secure unused keys in locked safe Set up key monitoring procedure Mark duplicate master keys with Do not duplicate Wipe out manufacturer s serial number to prevent duplicates from being ordered Security+ Guide to Network Security Fundamentals, Fourth Edition 8

Securing Devices (cont d.) Cipher lock More sophisticated alternative to key lock Combination sequence necessary to open door Can be programmed to allow individual s code to give access at only certain days or times Records when door is opened and by which code Can be vulnerable to shoulder surfing Often used in conjunction with tailgate sensor Security+ Guide to Network Security Fundamentals, Fourth Edition 9

Figure 5-3 Cipher lock Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 10

Securing Devices (cont d.) Alternative access method: physical token ID badge may contain bearer s photo ID badge emits a signal identifying the owner Proximity reader receives signal RFID tags Can be affixed inside ID badge Read by an RFID proximity reader Badge can remain in bearer s pocket Security+ Guide to Network Security Fundamentals, Fourth Edition 11

Figure 5-4 RFID tag Cengage Learning 2012 Figure 5-5 Mantrap Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 12

Securing Devices (cont d.) Access list Record of individuals who have permission to enter secure area Records time they entered and left Mantrap Separates a secured from a nonsecured area Device monitors and controls two interlocking doors Only one door may open at any time Security+ Guide to Network Security Fundamentals, Fourth Edition 13

Securing Devices (cont d.) Video surveillance Closed-circuit television (CCTV) Fencing Video cameras transmit signal to limited set of receivers Cameras may be fixed or able to move Barrier around secured area Modern perimeter fences are equipped with other deterrents Security+ Guide to Network Security Fundamentals, Fourth Edition 14

Table 5-1 Fencing deterrents Security+ Guide to Network Security Fundamentals, Fourth Edition 15

Securing Devices (cont d.) Hardware security Physical security protecting host system hardware Portable devices have steel bracket security slot Cable lock inserted into slot and secured to device Cable connected to lock secured to desk or immobile object Laptops may be placed in a safe Locking cabinets Can be prewired for power and network connections Allow devices to charge while stored Security+ Guide to Network Security Fundamentals, Fourth Edition 16

Figure 5-6 Cable lock Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 17

Securing Devices (cont d.) Mobile device security Many security provisions that apply to laptops apply to mobile devices Mobile devices unique security features Remote wipe / sanitation Data can be remotely erased if device is stolen GPS tracking Can pinpoint location to within 100 meters Security+ Guide to Network Security Fundamentals, Fourth Edition 18

Securing Devices (cont d.) Mobile devices unique security features (cont d.) Voice encryption Used to mask content of voice communication over a smartphone Security+ Guide to Network Security Fundamentals, Fourth Edition 19

Securing the Operating System Software Five-step process for protecting operating system Develop the security policy Perform host software baselining Configure operating system security and settings Deploy the settings Implement patch management Security+ Guide to Network Security Fundamentals, Fourth Edition 20

Securing the Operating System Software (cont d.) Develop the security policy Document(s) that clearly define organization s defense mechanisms Perform host software baselining Baseline: standard or checklist against which systems can be evaluated Configuration settings that are used for each computer in the organization Security+ Guide to Network Security Fundamentals, Fourth Edition 21

Securing the Operating System Software (cont d.) Configure operating system security and settings Hundreds of different security settings can be manipulated Typical configuration baseline Changing insecure default settings Eliminating unnecessary software, services, protocols Enabling security features such as a firewall Security+ Guide to Network Security Fundamentals, Fourth Edition 22

Securing the Operating System Deploy the settings Software (cont d.) Security template: collections of security configuration settings Process can be automated Group policy Windows feature providing centralized computer management A single configuration may be deployed to many users Security+ Guide to Network Security Fundamentals, Fourth Edition 23

Securing the Operating System Software (cont d.) Operating systems have increased in size and complexity New attack tools have made secure functions vulnerable Security patch General software update to cover discovered vulnerabilities Security+ Guide to Network Security Fundamentals, Fourth Edition 24

Table 5-2 Estimated size of selected operating systems Security+ Guide to Network Security Fundamentals, Fourth Edition 25

Securing the Operating System Software (cont d.) Hotfix addresses specific customer situation Service pack accumulates security updates and additional features Implement patch management Modern operating systems can perform automatic updates Patches can sometimes create new problems Vendor should thoroughly test before deploying Security+ Guide to Network Security Fundamentals, Fourth Edition 26

Figure 5-7 Microsoft Windows 7 automatic update options Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 27

Securing the Operating System Software (cont d.) Automated patch update service Manage patches locally rather than rely on vendor s online update service Advantages of automated patch update service Administrators can force updates to install by specific date Computers not on the Internet can receive updates Users cannot disable or circumvent updates Security+ Guide to Network Security Fundamentals, Fourth Edition 28

Figure 5-8 Automated patch update service Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 29

Securing with Anti-Malware Software Anti-virus Software that examines a computer for infections Scans new documents that might contain viruses Searches for known virus patterns Weakness of anti-virus Vendor must continually search for new viruses, update and distribute signature files to users Alterative approach: code emulation Questionable code executed in virtual environment Security+ Guide to Network Security Fundamentals, Fourth Edition 30

Anti-Spam Spammers can distribute malware through email attachments Spam can be used for social engineering attacks Spam filtering methods Bayesian filtering Local host filtering Blacklist Whitelist Blocking certain file attachment types Security+ Guide to Network Security Fundamentals, Fourth Edition 31

Pop-up Blockers and Anti-Spyware Pop-up Small window appearing over Web site Usually created by advertisers Pop-up blockers Separate program as part of anti-spyware package Incorporated within a browser Allows user to limit or block most pop-ups Alert can be displayed in the browser Gives user option to display pop-up Security+ Guide to Network Security Fundamentals, Fourth Edition 32

Host-Based Firewalls Firewall Designed to prevent malicious packets from entering or leaving computers May be hardware or software-based Host-based software firewall runs on local system Microsoft Windows 7 firewall Three designations for networks: public, home, or work Users can configure settings for each type separately Security+ Guide to Network Security Fundamentals, Fourth Edition 33

Monitoring System Logs Log: record of events that occur Log entries Contain information related to a specific event Audit log can track user authentication attempts Access log can provide details about requests for specific files Monitoring system logs Useful in determining how an attack occurred and whether successfully resisted Security+ Guide to Network Security Fundamentals, Fourth Edition 34

Monitoring System Logs (cont d.) Logs that record all activity from network devices or programs: Used in operations, general audits, and demonstrating regulatory compliance Logs for system security Operating system logs Security application logs Security+ Guide to Network Security Fundamentals, Fourth Edition 35

Monitoring System Logs (cont d.) System event logs record: Client requests and server responses Usage information Account information Operational information Security application logs Anti-virus software log Automated patch update service log Security+ Guide to Network Security Fundamentals, Fourth Edition 36

Figure 5-9 Microsoft system event and audit record log viewer Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 37

Monitoring System Logs (cont d.) Benefits of monitoring system logs Identify security incidents, policy violations, fraudulent activity Provide information shortly after event occurs Provide information to help resolve problems Help identify operational trends and long-term problems Provide documentation of regulatory compliance Security+ Guide to Network Security Fundamentals, Fourth Edition 38

Figure 5-10 Anti-virus log Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 39

Application Security Aspects of securing applications Application development security Application hardening Patch management Security+ Guide to Network Security Fundamentals, Fourth Edition 40

Application Development Security Security for applications must be considered through all phases of development cycle Application configuration baselines Standard environment settings can establish a secure baseline Includes each development system, build system, and test system Must include system and network configurations Security+ Guide to Network Security Fundamentals, Fourth Edition 41

Application Development Security Secure coding concepts (cont d.) Coding standards increase applications consistency, reliability, and security Coding standards useful in code review process Errors (exceptions) Faults that occur while application is running Response should be based on the error Improper handling can lead to application failure or insecurity Security+ Guide to Network Security Fundamentals, Fourth Edition 42

Application Development Security (cont d.) Error handling practices to avoid Failing to check return codes or handle exceptions Or improperly checking them Handling all return codes or exceptions in the same manner Divulging potentially sensitive data in error information Security+ Guide to Network Security Fundamentals, Fourth Edition 43

Application Development Security (cont d.) Verify user responses to the application Could cause program to abort Necessary to check for XSS, SQL, or XML injection attacks Input validation Performed after data entered but before destination is known Not possible to know which characters are potentially harmful Security+ Guide to Network Security Fundamentals, Fourth Edition 44

Application Development Security (cont d.) Escaping (output encoding) Preferred method for trapping user responses Ensures characters are treated as data Not relevant to the application Fuzz testing (fuzzing) Software technique that deliberately provides invalid, unexpected, or random data inputs Monitor to ensure all errors are trapped Security+ Guide to Network Security Fundamentals, Fourth Edition 45

Application Development Security (cont d.) Application hardening Intended to prevent exploiting vulnerabilities Table 5-3 Attacks based on application vulnerabilities Security+ Guide to Network Security Fundamentals, Fourth Edition 46

Application Development Security Patch management Rare until recently (cont d.) Users unaware of the existence of patches or where to acquire them More application patch management systems are being developed today Security+ Guide to Network Security Fundamentals, Fourth Edition 47

Securing Data Work today involves electronic collaboration Data must flow freely Data security is important Data loss prevention System of security tools used to recognize and identify critical data and ensure it is protected Goal: protect data from unauthorized users Security+ Guide to Network Security Fundamentals, Fourth Edition 48

Securing Data (cont d.) Data loss prevention typically examines: Data in use (example: being printed) Data in motion (being transmitted) Data at rest (stored) Content inspection Security analysis of transaction Takes context into account Security+ Guide to Network Security Fundamentals, Fourth Edition 49

Figure 5-11 DLP architecture Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 50

Figure 5-12 DLP report Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 51

Summary Physical access security includes door locks of various types Portable devices can be secured with a cable lock Remote wipe / sanitation can erase device contents from a distance if stolen Security policy must be created, then a baseline can be established Third-party anti-malware software can provide added security Security+ Guide to Network Security Fundamentals, Fourth Edition 52

Summary (cont d.) Monitoring system logs is useful in determining how an attack occurred Protecting applications that run on hardware Create configuration baselines Secure coding concepts Data loss prevention (DLP) can identify critical data, monitor and protect it Works through content inspection Security+ Guide to Network Security Fundamentals, Fourth Edition 53

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback