SlideShare une entreprise Scribd logo

Chapter 4

Télécharger en tant que PPT, PDF
Amy McMullin
Amy McMullin

APPLICATION, DATA, AND HOST SECURITY

Formation
1  sur  52
CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition Chapter 4 Host, Application, and Data Security
© Cengage Learning 2015CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition Objectives • List the steps for securing a host computer • Define application security • Explain how to secure data 2
© Cengage Learning 2015 Securing the Host • Securing the host involves: – Protecting the physical device – Securing the operating system (OS) software – Using antimalware software CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 3
© Cengage Learning 2015 Securing Devices • Security control - any device or process that is used to reduce risk • Two levels of security controls: – Administrative controls - processes for developing and ensuring that policies and procedures are carried out – Technical controls - controls that are carried out or managed by devices • There are five subtypes of controls (sometimes called activity phase controls) described on the following slide CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 4
© Cengage Learning 2015 Securing Devices CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 5
© Cengage Learning 2015 External Perimeter Defenses • External perimeter defenses are designed to restrict access to equipment areas • This type of defense includes: – Barriers – guards – Motion detection devices CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 6
© Cengage Learning 2015 External Perimeter Defenses • Barriers – Fencing - usually a tall, permanent structure • Modern perimeter fences are equipped with other deterrents such as proper lighting and signage – Barricade - large concrete ones should be used • Guards – Human guards are considered active security elements – Video surveillance uses cameras to transmit a signal to a specific and limited set of receivers called closed circuit television (CCTV) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 7
© Cengage Learning 2015 External Perimeter Defenses CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 8
© Cengage Learning 2015 External Perimeter Defenses • Motion Detection – Determining an object’s change in position in relation to its surroundings – This movement usually generates an audible alarm CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 9
© Cengage Learning 2015 Internal Physical Access Security • These protections include: – Hardware locks – Proximity readers – Access lists – Mantraps – Protected distribution systems for cabling CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 10
© Cengage Learning 2015 Internal Physical Access Security • Hardware locks – Standard keyed entry lock provides minimal security – Deadbolt locks provide additional security and require that a key be used to both open and lock the door – Cipher locks are combination locks that use buttons that must be pushed in the proper sequence • Can be programmed to allow a certain individual’s code to be valid on specific dates and times CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 11
© Cengage Learning 2015 Internal Physical Access Security • Recommended key management procedures – Inspect locks regularly – Issue keys only to authorized users – Keep track of issued keys – Master keys should not have identifying marks – Secure unused keys in a safe place – Establish a procedure to monitor use of locks and keys – Mark master keys with “Do Not Duplicate” – Change locks after key loss or theft CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 12
© Cengage Learning 2015 Internal Physical Access Security • Proximity Readers – Uses an object (physical token) to identify persons with authorization to access an area • ID badge emits a signal identifying the owner • Proximity reader receives signal – ID badges that can be detected by a proximity reader are often fitted with RFID tags • Badge can remain in bearer’s pocket CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 13
© Cengage Learning 2015 Internal Physical Access Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 14
© Cengage Learning 2015 Internal Physical Access Security • Access list – Record of individuals who have permission to enter secure area – Records time they entered and left • Mantrap – Separates a secured from a nonsecured area – Device monitors and controls two interlocking doors • Only one door may open at any time CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 15
© Cengage Learning 2015 Internal Physical Access Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 16
© Cengage Learning 2015 Internal Physical Access Security • Protected Distribution Systems (PDS) – A system of cable conduits used to protect classified information that is being transmitted between two secure areas • Created by the U.S. Department of Defense (DOD) – Two types of PDS: • Hardened carrier PDS - conduit constructed of special electrical metallic tubing • Alarm carrier PDS - specialized optical fibers in the conduit that sense acoustic vibrations that occur when an intruder attempts to gain access CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 17
© Cengage Learning 2015 Hardware Security • Hardware security - the physical security protecting the hardware of the host system – Most portable devices have a steel bracket security slot • A cable lock can be inserted into slot and secured to device and a cable connected to the lock can be secured to a desk or chair • Locking cabinets – Can be prewired for power and network connections – Allow devices to charge while stored CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 18
© Cengage Learning 2015 Hardware Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 19
© Cengage Learning 2015 Securing the Operating System Software • Five-step process for protecting operating system – 1. Develop the security policy – 2. Perform host software baselining – 3. Configure operating system security settings – 4. Deploy and manage security settings – 5. Implement patch management CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 20
© Cengage Learning 2015 Securing the Operating System Software • Develop the security policy – Security policy - a document(s) that clearly define organization’s defense mechanisms • Perform host software baselining – Baseline - the standard or checklist against which systems can be evaluated – Configuration settings that are used for each computer in the organization CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 21
© Cengage Learning 2015 Securing the Operating System Software • Configure operating system security and settings – Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline – Typical configuration baseline would include: • Changing insecure default settings • Eliminating unnecessary software, services, protocols • Enabling security features such as a firewall CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 22
© Cengage Learning 2015 Securing the Operating System Software • Deploy and Manage Security Settings – Tools to automate the process • Security template - collections of security configuration settings • Group policy - Windows feature providing centralized computer management; a single configuration may be deployed to many users CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 23
© Cengage Learning 2015 Securing the Operating System Software • Implement Patch Management – Operating systems have increased in size and complexity – New attack tools have made secure functions vulnerable – Security patch - software security update to repair discovered vulnerabilities – Hotfix - addresses specific customer situation – Service pack - accumulates security updates and additional features CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 24
© Cengage Learning 2015 Securing the Operating System Software • Patches can sometimes create new problems – Vendor should thoroughly test before deploying • Automated patch update service – Manage patches locally rather than rely on vendor’s online update service • Advantages of automated patch update service – Administrators can force updates to install by specific date – Administrators can approve updates for “detection” only; allows them to see which computers will require the update without actually installing it CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 25
© Cengage Learning 2015 Securing the Operating System Software • Advantages of automated patch update service (cont’d) – Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time – Specific types of updates that the organization does not test can be automatically installed – Users cannot disable or circumvent updates CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 26
© Cengage Learning 2015 Securing the Operating System Software CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 27
© Cengage Learning 2015 Securing the Operating System Software • Security Through Design – OS hardening - tightening security during the design and coding of the OS – Trusted OS - an OS that has been designed through OS hardening CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 28
© Cengage Learning 2015 Securing with Antimalware • Third-party antimalware software packages can provide added security • Antimalware software includes: – Antivirus – Antispam – Popup blockers – Antispyware – Host-based firewalls CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 29
© Cengage Learning 2015 Antivirus • Antivirus (AV) - Software that examines a computer for infections – Scans new documents that might contain viruses – Searches for known virus patterns • Weakness of anti-virus – Vendor must continually search for new viruses, update and distribute signature files to users • Alternative approach: code emulation – Questionable code is executed in virtual environment to determine if it is a virus CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 30
© Cengage Learning 2015 Antispam • Spammers can distribute malware through email attachments • Spam can be used for social engineering attacks • Spam filtering methods – Bayesian filtering - divides email messages into two piles: spam and nonspam – Create a list of approved and nonapproved senders • Blacklist - nonapproved senders • Whitelist - approved senders – Blocking certain file attachment types CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 31
© Cengage Learning 2015 Pop-up Blockers and Antispyware • Pop-up - small window appearing over Web site – Usually created by advertisers • Pop-up blockers - a separate program as part of anti-spyware package – Incorporated within a browser – Allows user to limit or block most pop-ups – Alert can be displayed in the browser • Gives user option to display pop-up • Antispyware - helps prevent computers from becoming infected by different types of spyware CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 32
© Cengage Learning 2015 Host-Based Firewalls • Firewall - designed to prevent malicious packets from entering or leaving computers – Sometimes called a packet filter – May be hardware or software-based • Host-based software firewall - runs as a program on local system to protect it – Application-based CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 33
© Cengage Learning 2015 Securing Static Environments • Static environment - devices in which additional hardware cannot easily be added or attached • Common devices in this category: – Embedded system - a computer system with a dedicated function within a larger electrical system – Game consoles – Smartphones – Mainframes – In-vehicle computer systems – SCADA (supervisory control and data acquisition) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 34
© Cengage Learning 2015 Securing Static Environments CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 35
© Cengage Learning 2015 Application Security • Besides protecting OS software on hosts, there is a need to protect applications that run on these devices • Aspects of application security: – Application development security – Application hardening and patch management CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 36
© Cengage Learning 2015 Application Development Security • Security for applications must be considered through all phases of development cycle • Application configuration baselines – Standard environment settings can establish a secure baseline – Includes each development system, build system, and test system – Must include system and network configurations CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 37
© Cengage Learning 2015 Application Development Security • Secure coding concepts – Coding standards increase applications’ consistency, reliability, and security – Coding standards allow developers to quickly understand and work with code that has been developed by different members of a team – Coding standards useful in code review process • Example of a coding standard: – To use a wrapper function (a substitute for a regular function used in testing) to write error- checking routines for preexisting system functions CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 38
© Cengage Learning 2015 Application Development Security • Errors and Exception Handling – Errors - faults that occur while application is running – Response to the user should be based on the error – The application should be coded so that each error is “caught” and effectively handled – Improper error handling in an application can lead to application failure CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 39
© Cengage Learning 2015 Application Development Security • The following may indicate potential error-handling issues: – Failure to check return codes or handle exceptions – Improper checking of exceptions or return codes – Handling all return codes or exceptions in the same manner – Error information that divulges potentially sensitive data • Fuzz testing (fuzzing) - a software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a program CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 40
© Cengage Learning 2015 Application Development Security • Input Validation – A specific type of error handling is verifying responses that the user makes to the application – Improper verification is the cause for XSS, SQL, or XML injection attacks – Cross-site request forgery (XSRF) - an attack that uses the user’s web browser settings to impersonate the user • To prevent cross-site scripting, the program should trap for these user responses CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 41
© Cengage Learning 2015 Application Development Security • Input validation generally uses the server to perform the validation (server-side validation) – It is possible to have the client perform the validation (client-side validation) – In client-side validation all input validations and error recovery procedures are performed by the user’s web browser • An approach to preventing SQL injection attacks is avoid using SQL relational databases • NoSQL - a nonrelational database that is better tuned for accessing large data sets CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 42
© Cengage Learning 2015 Application Hardening and Patch Management • Application hardening – Intended to prevent attackers from exploiting vulnerabilities in software applications CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 43
© Cengage Learning 2015 Application Hardening and Patch Management • Patch management – Rare until recently – Users were unaware of the existence of patches or where to acquire them – More application patch management systems are being developed to patch vulnerabilities CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 44
© Cengage Learning 2015 Securing Data • Work today involves electronic collaboration – Data must flow freely – Data security is important • Big Data - refers to a collection of data sets so large and complex that it becomes difficult to process using traditional data processing apps • Data loss prevention (DLP) – System of security tools used to recognize and identify critical data and ensure it is protected – Goal: protect data from unauthorized users CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 45
© Cengage Learning 2015 Securing Data • DLP examines data as it resides in any of three states: – Data in use (example: creating a report from a computer) – Data in-transit (data being transmitted) – Data at rest (data that is stored on electronic media) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 46
© Cengage Learning 2015 Securing Data • Most DLP systems use content inspection – A security analysis of the transaction within its approved context – Looks at security level of data, who is requesting it, where the data is stored, when it was requested, and where it is going • DLP systems can also use index matching – Documents that have been identified as needing protection are analyzed by DLP and complex computations are conducted based on the analysis CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 47
© Cengage Learning 2015 Securing Data • Three types of DLP sensors: – DLP network sensors - installed on the perimeter of the network to protect data in-transit by monitoring all network traffic – DLP storage sensors - designed to protect data at- rest – DLP agent sensors - installed on each host device and protect data in-use • When a policy violation is detected by the DLP agent, it is reported back to the DLP server – Different actions can then be taken CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 48
© Cengage Learning 2015 Securing Data CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 49
© Cengage Learning 2015 Securing Data CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 50
© Cengage Learning 2015 Summary • A security control is any device or process used to reduce risk • Hardware locks for doors are important to protect equipment • Hardware security is physical security that involves protecting the hardware of the host system • In addition to protecting hardware, the OS software that runs on the host also must be protected • Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 51
© Cengage Learning 2015 Summary • OS and additional third-party antimalware software packages can provide added security • Protecting applications that run on hardware – Create configuration baselines – Secure coding concepts • Data loss prevention (DLP) can identify critical data, monitor and protect it – Works through content inspection CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 52

Recommandé

Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 PresentationAmy McMullin
 
Chapter 3 Presentation
Chapter 3 PresentationChapter 3 Presentation
Chapter 3 PresentationAmy McMullin
 
Chapter 2 Presentation
Chapter 2 PresentationChapter 2 Presentation
Chapter 2 PresentationAmy McMullin
 
Chapter 7 Presentation
Chapter 7 PresentationChapter 7 Presentation
Chapter 7 PresentationAmy McMullin
 
Chapter 6 Presentation
Chapter 6 PresentationChapter 6 Presentation
Chapter 6 PresentationAmy McMullin
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Chapter 1 Introduction to Security
Chapter 1 Introduction to SecurityChapter 1 Introduction to Security
Chapter 1 Introduction to SecurityDr. Ahmed Al Zaidy
 

Recommandé

Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 PresentationAmy McMullin
 
Chapter 3 Presentation
Chapter 3 PresentationChapter 3 Presentation
Chapter 3 PresentationAmy McMullin
 
Chapter 2 Presentation
Chapter 2 PresentationChapter 2 Presentation
Chapter 2 PresentationAmy McMullin
 
Chapter 7 Presentation
Chapter 7 PresentationChapter 7 Presentation
Chapter 7 PresentationAmy McMullin
 
Chapter 6 Presentation
Chapter 6 PresentationChapter 6 Presentation
Chapter 6 PresentationAmy McMullin
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Chapter 1 Introduction to Security
Chapter 1 Introduction to SecurityChapter 1 Introduction to Security
Chapter 1 Introduction to SecurityDr. Ahmed Al Zaidy
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationKuldeep Padhiyar
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber securityShri ramswaroop college of engineering and management
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 PresentationAmy McMullin
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Network monitoring system
Network monitoring systemNetwork monitoring system
Network monitoring systemMyPresentations Services
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intrudersrajakhurram
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Network security
Network securityNetwork security
Network securitySimranpreet Singh
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptsaloni mittal
 
Network administration and Management
Network administration and ManagementNetwork administration and Management
Network administration and ManagementBry Cunal
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 ReviewAmy McMullin
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 PresentationAmy McMullin
 

Contenu connexe

Tendances

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 PresentationAmy McMullin
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Operating System Security
Operating System SecurityOperating System Security
Operating System SecurityRamesh Upadhaya
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intrudersrajakhurram
 
Network administration and Management
Network administration and ManagementNetwork administration and Management
Network administration and ManagementBry Cunal
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 

Tendances (20)

Firewalls
FirewallsFirewalls
Firewalls
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 Presentation
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Access Controls
Access ControlsAccess Controls
Access Controls
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Network monitoring system
Network monitoring systemNetwork monitoring system
Network monitoring system
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intruders
 
Network security
Network security Network security
Network security
 
Network security
Network securityNetwork security
Network security
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Network administration and Management
Network administration and ManagementNetwork administration and Management
Network administration and Management
 
Cia security model
Cia security modelCia security model
Cia security model
 

En vedette

A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 ReviewAmy McMullin
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 PresentationAmy McMullin
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPointAmy McMullin
 
Chapter 12 Presentation
Chapter 12 PresentationChapter 12 Presentation
Chapter 12 PresentationAmy McMullin
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 ReviewAmy McMullin
 
A+ Chapter 4 Review
A+ Chapter 4 ReviewA+ Chapter 4 Review
A+ Chapter 4 ReviewAmy McMullin
 
Chapter 8 Presentaion
Chapter 8 PresentaionChapter 8 Presentaion
Chapter 8 PresentaionAmy McMullin
 
Chapter 15 Presentation
Chapter 15 PresentationChapter 15 Presentation
Chapter 15 PresentationAmy McMullin
 
9781305094352 ppt ch08
9781305094352 ppt ch089781305094352 ppt ch08
9781305094352 ppt ch08Amy McMullin
 
What's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceWhat's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceCengage Learning
 
CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ GuideSmithjulia33
 
How to hack the web
How to hack the webHow to hack the web
How to hack the webAmy McMullin
 
CompTIA Security+ ce certificate
CompTIA Security+ ce certificateCompTIA Security+ ce certificate
CompTIA Security+ ce certificateLuigi Cristiani
 
Ceh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingCeh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingsabulite
 

En vedette (20)

A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 Review
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 Presentation
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPoint
 
Chapter 12 Presentation
Chapter 12 PresentationChapter 12 Presentation
Chapter 12 Presentation
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 Review
 
A+ Chapter 4 Review
A+ Chapter 4 ReviewA+ Chapter 4 Review
A+ Chapter 4 Review
 
Chapter 8 Presentaion
Chapter 8 PresentaionChapter 8 Presentaion
Chapter 8 Presentaion
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
Chapter 15 Presentation
Chapter 15 PresentationChapter 15 Presentation
Chapter 15 Presentation
 
9781305094352 ppt ch08
9781305094352 ppt ch089781305094352 ppt ch08
9781305094352 ppt ch08
 
Intro to Security
Intro to SecurityIntro to Security
Intro to Security
 
What's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing ConferenceWhat's New In CompTIA Security+ - Course Technology Computing Conference
What's New In CompTIA Security+ - Course Technology Computing Conference
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ Guide
 
hacker culture
hacker culturehacker culture
hacker culture
 
Ch01
Ch01Ch01
Ch01
 
How to hack the web
How to hack the webHow to hack the web
How to hack the web
 
CompTIA Security+ ce certificate
CompTIA Security+ ce certificateCompTIA Security+ ce certificate
CompTIA Security+ ce certificate
 
Ceh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingCeh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hacking
 
Ch01 Introduction to Security
Ch01 Introduction to SecurityCh01 Introduction to Security
Ch01 Introduction to Security
 

Similaire à Chapter 4

Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowPrecisely
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)ControlCase
 
Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security Malachi Jones
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
 
SecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentationSecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentationMariza Konidi
 
Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)ControlCase
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as UsualControlCase
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesInductive Automation
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesInductive Automation
 
Quality attributes of Embedded Systems
Quality attributes of Embedded Systems Quality attributes of Embedded Systems
Quality attributes of Embedded Systems VijayKumar5738
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systemsBen Rothke
 
Chapter 9 Client and application Security
Chapter 9 Client and application SecurityChapter 9 Client and application Security
Chapter 9 Client and application SecurityDr. Ahmed Al Zaidy
 
Using Integrated Security Systems to Accommodate Expansion and Ensure Safety
Using Integrated Security Systems to Accommodate Expansion and Ensure SafetyUsing Integrated Security Systems to Accommodate Expansion and Ensure Safety
Using Integrated Security Systems to Accommodate Expansion and Ensure SafetyUniversity of the District of Columbia
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 

Similaire à Chapter 4 (20)

Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)
 
Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security
 
ppt ch18
ppt ch18ppt ch18
ppt ch18
 
Lessson 1
Lessson 1Lessson 1
Lessson 1
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
 
SecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentationSecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentation
 
Intacct Security and Operations
Intacct Security and OperationsIntacct Security and Operations
Intacct Security and Operations
 
Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Quality attributes of Embedded Systems
Quality attributes of Embedded Systems Quality attributes of Embedded Systems
Quality attributes of Embedded Systems
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systems
 
Chapter 9 Client and application Security
Chapter 9 Client and application SecurityChapter 9 Client and application Security
Chapter 9 Client and application Security
 
Using Integrated Security Systems to Accommodate Expansion and Ensure Safety
Using Integrated Security Systems to Accommodate Expansion and Ensure SafetyUsing Integrated Security Systems to Accommodate Expansion and Ensure Safety
Using Integrated Security Systems to Accommodate Expansion and Ensure Safety
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Lessson 2
Lessson 2Lessson 2
Lessson 2
 

Dernier

Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxPooja Bhuva
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 

Dernier (20)

Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 

Chapter 4

  • 1. CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition Chapter 4 Host, Application, and Data Security
  • 2. © Cengage Learning 2015CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition Objectives • List the steps for securing a host computer • Define application security • Explain how to secure data 2
  • 3. © Cengage Learning 2015 Securing the Host • Securing the host involves: – Protecting the physical device – Securing the operating system (OS) software – Using antimalware software CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 3
  • 4. © Cengage Learning 2015 Securing Devices • Security control - any device or process that is used to reduce risk • Two levels of security controls: – Administrative controls - processes for developing and ensuring that policies and procedures are carried out – Technical controls - controls that are carried out or managed by devices • There are five subtypes of controls (sometimes called activity phase controls) described on the following slide CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 4
  • 5. © Cengage Learning 2015 Securing Devices CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 5
  • 6. © Cengage Learning 2015 External Perimeter Defenses • External perimeter defenses are designed to restrict access to equipment areas • This type of defense includes: – Barriers – guards – Motion detection devices CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 6
  • 7. © Cengage Learning 2015 External Perimeter Defenses • Barriers – Fencing - usually a tall, permanent structure • Modern perimeter fences are equipped with other deterrents such as proper lighting and signage – Barricade - large concrete ones should be used • Guards – Human guards are considered active security elements – Video surveillance uses cameras to transmit a signal to a specific and limited set of receivers called closed circuit television (CCTV) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 7
  • 8. © Cengage Learning 2015 External Perimeter Defenses CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 8
  • 9. © Cengage Learning 2015 External Perimeter Defenses • Motion Detection – Determining an object’s change in position in relation to its surroundings – This movement usually generates an audible alarm CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 9
  • 10. © Cengage Learning 2015 Internal Physical Access Security • These protections include: – Hardware locks – Proximity readers – Access lists – Mantraps – Protected distribution systems for cabling CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 10
  • 11. © Cengage Learning 2015 Internal Physical Access Security • Hardware locks – Standard keyed entry lock provides minimal security – Deadbolt locks provide additional security and require that a key be used to both open and lock the door – Cipher locks are combination locks that use buttons that must be pushed in the proper sequence • Can be programmed to allow a certain individual’s code to be valid on specific dates and times CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 11
  • 12. © Cengage Learning 2015 Internal Physical Access Security • Recommended key management procedures – Inspect locks regularly – Issue keys only to authorized users – Keep track of issued keys – Master keys should not have identifying marks – Secure unused keys in a safe place – Establish a procedure to monitor use of locks and keys – Mark master keys with “Do Not Duplicate” – Change locks after key loss or theft CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 12
  • 13. © Cengage Learning 2015 Internal Physical Access Security • Proximity Readers – Uses an object (physical token) to identify persons with authorization to access an area • ID badge emits a signal identifying the owner • Proximity reader receives signal – ID badges that can be detected by a proximity reader are often fitted with RFID tags • Badge can remain in bearer’s pocket CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 13
  • 14. © Cengage Learning 2015 Internal Physical Access Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 14
  • 15. © Cengage Learning 2015 Internal Physical Access Security • Access list – Record of individuals who have permission to enter secure area – Records time they entered and left • Mantrap – Separates a secured from a nonsecured area – Device monitors and controls two interlocking doors • Only one door may open at any time CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 15
  • 16. © Cengage Learning 2015 Internal Physical Access Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 16
  • 17. © Cengage Learning 2015 Internal Physical Access Security • Protected Distribution Systems (PDS) – A system of cable conduits used to protect classified information that is being transmitted between two secure areas • Created by the U.S. Department of Defense (DOD) – Two types of PDS: • Hardened carrier PDS - conduit constructed of special electrical metallic tubing • Alarm carrier PDS - specialized optical fibers in the conduit that sense acoustic vibrations that occur when an intruder attempts to gain access CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 17
  • 18. © Cengage Learning 2015 Hardware Security • Hardware security - the physical security protecting the hardware of the host system – Most portable devices have a steel bracket security slot • A cable lock can be inserted into slot and secured to device and a cable connected to the lock can be secured to a desk or chair • Locking cabinets – Can be prewired for power and network connections – Allow devices to charge while stored CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 18
  • 19. © Cengage Learning 2015 Hardware Security CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 19
  • 20. © Cengage Learning 2015 Securing the Operating System Software • Five-step process for protecting operating system – 1. Develop the security policy – 2. Perform host software baselining – 3. Configure operating system security settings – 4. Deploy and manage security settings – 5. Implement patch management CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 20
  • 21. © Cengage Learning 2015 Securing the Operating System Software • Develop the security policy – Security policy - a document(s) that clearly define organization’s defense mechanisms • Perform host software baselining – Baseline - the standard or checklist against which systems can be evaluated – Configuration settings that are used for each computer in the organization CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 21
  • 22. © Cengage Learning 2015 Securing the Operating System Software • Configure operating system security and settings – Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline – Typical configuration baseline would include: • Changing insecure default settings • Eliminating unnecessary software, services, protocols • Enabling security features such as a firewall CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 22
  • 23. © Cengage Learning 2015 Securing the Operating System Software • Deploy and Manage Security Settings – Tools to automate the process • Security template - collections of security configuration settings • Group policy - Windows feature providing centralized computer management; a single configuration may be deployed to many users CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 23
  • 24. © Cengage Learning 2015 Securing the Operating System Software • Implement Patch Management – Operating systems have increased in size and complexity – New attack tools have made secure functions vulnerable – Security patch - software security update to repair discovered vulnerabilities – Hotfix - addresses specific customer situation – Service pack - accumulates security updates and additional features CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 24
  • 25. © Cengage Learning 2015 Securing the Operating System Software • Patches can sometimes create new problems – Vendor should thoroughly test before deploying • Automated patch update service – Manage patches locally rather than rely on vendor’s online update service • Advantages of automated patch update service – Administrators can force updates to install by specific date – Administrators can approve updates for “detection” only; allows them to see which computers will require the update without actually installing it CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 25
  • 26. © Cengage Learning 2015 Securing the Operating System Software • Advantages of automated patch update service (cont’d) – Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time – Specific types of updates that the organization does not test can be automatically installed – Users cannot disable or circumvent updates CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 26
  • 27. © Cengage Learning 2015 Securing the Operating System Software CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 27
  • 28. © Cengage Learning 2015 Securing the Operating System Software • Security Through Design – OS hardening - tightening security during the design and coding of the OS – Trusted OS - an OS that has been designed through OS hardening CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 28
  • 29. © Cengage Learning 2015 Securing with Antimalware • Third-party antimalware software packages can provide added security • Antimalware software includes: – Antivirus – Antispam – Popup blockers – Antispyware – Host-based firewalls CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 29
  • 30. © Cengage Learning 2015 Antivirus • Antivirus (AV) - Software that examines a computer for infections – Scans new documents that might contain viruses – Searches for known virus patterns • Weakness of anti-virus – Vendor must continually search for new viruses, update and distribute signature files to users • Alternative approach: code emulation – Questionable code is executed in virtual environment to determine if it is a virus CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 30
  • 31. © Cengage Learning 2015 Antispam • Spammers can distribute malware through email attachments • Spam can be used for social engineering attacks • Spam filtering methods – Bayesian filtering - divides email messages into two piles: spam and nonspam – Create a list of approved and nonapproved senders • Blacklist - nonapproved senders • Whitelist - approved senders – Blocking certain file attachment types CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 31
  • 32. © Cengage Learning 2015 Pop-up Blockers and Antispyware • Pop-up - small window appearing over Web site – Usually created by advertisers • Pop-up blockers - a separate program as part of anti-spyware package – Incorporated within a browser – Allows user to limit or block most pop-ups – Alert can be displayed in the browser • Gives user option to display pop-up • Antispyware - helps prevent computers from becoming infected by different types of spyware CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 32
  • 33. © Cengage Learning 2015 Host-Based Firewalls • Firewall - designed to prevent malicious packets from entering or leaving computers – Sometimes called a packet filter – May be hardware or software-based • Host-based software firewall - runs as a program on local system to protect it – Application-based CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 33
  • 34. © Cengage Learning 2015 Securing Static Environments • Static environment - devices in which additional hardware cannot easily be added or attached • Common devices in this category: – Embedded system - a computer system with a dedicated function within a larger electrical system – Game consoles – Smartphones – Mainframes – In-vehicle computer systems – SCADA (supervisory control and data acquisition) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 34
  • 35. © Cengage Learning 2015 Securing Static Environments CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 35
  • 36. © Cengage Learning 2015 Application Security • Besides protecting OS software on hosts, there is a need to protect applications that run on these devices • Aspects of application security: – Application development security – Application hardening and patch management CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 36
  • 37. © Cengage Learning 2015 Application Development Security • Security for applications must be considered through all phases of development cycle • Application configuration baselines – Standard environment settings can establish a secure baseline – Includes each development system, build system, and test system – Must include system and network configurations CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 37
  • 38. © Cengage Learning 2015 Application Development Security • Secure coding concepts – Coding standards increase applications’ consistency, reliability, and security – Coding standards allow developers to quickly understand and work with code that has been developed by different members of a team – Coding standards useful in code review process • Example of a coding standard: – To use a wrapper function (a substitute for a regular function used in testing) to write error- checking routines for preexisting system functions CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 38
  • 39. © Cengage Learning 2015 Application Development Security • Errors and Exception Handling – Errors - faults that occur while application is running – Response to the user should be based on the error – The application should be coded so that each error is “caught” and effectively handled – Improper error handling in an application can lead to application failure CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 39
  • 40. © Cengage Learning 2015 Application Development Security • The following may indicate potential error-handling issues: – Failure to check return codes or handle exceptions – Improper checking of exceptions or return codes – Handling all return codes or exceptions in the same manner – Error information that divulges potentially sensitive data • Fuzz testing (fuzzing) - a software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a program CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 40
  • 41. © Cengage Learning 2015 Application Development Security • Input Validation – A specific type of error handling is verifying responses that the user makes to the application – Improper verification is the cause for XSS, SQL, or XML injection attacks – Cross-site request forgery (XSRF) - an attack that uses the user’s web browser settings to impersonate the user • To prevent cross-site scripting, the program should trap for these user responses CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 41
  • 42. © Cengage Learning 2015 Application Development Security • Input validation generally uses the server to perform the validation (server-side validation) – It is possible to have the client perform the validation (client-side validation) – In client-side validation all input validations and error recovery procedures are performed by the user’s web browser • An approach to preventing SQL injection attacks is avoid using SQL relational databases • NoSQL - a nonrelational database that is better tuned for accessing large data sets CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 42
  • 43. © Cengage Learning 2015 Application Hardening and Patch Management • Application hardening – Intended to prevent attackers from exploiting vulnerabilities in software applications CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 43
  • 44. © Cengage Learning 2015 Application Hardening and Patch Management • Patch management – Rare until recently – Users were unaware of the existence of patches or where to acquire them – More application patch management systems are being developed to patch vulnerabilities CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 44
  • 45. © Cengage Learning 2015 Securing Data • Work today involves electronic collaboration – Data must flow freely – Data security is important • Big Data - refers to a collection of data sets so large and complex that it becomes difficult to process using traditional data processing apps • Data loss prevention (DLP) – System of security tools used to recognize and identify critical data and ensure it is protected – Goal: protect data from unauthorized users CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 45
  • 46. © Cengage Learning 2015 Securing Data • DLP examines data as it resides in any of three states: – Data in use (example: creating a report from a computer) – Data in-transit (data being transmitted) – Data at rest (data that is stored on electronic media) CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 46
  • 47. © Cengage Learning 2015 Securing Data • Most DLP systems use content inspection – A security analysis of the transaction within its approved context – Looks at security level of data, who is requesting it, where the data is stored, when it was requested, and where it is going • DLP systems can also use index matching – Documents that have been identified as needing protection are analyzed by DLP and complex computations are conducted based on the analysis CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 47
  • 48. © Cengage Learning 2015 Securing Data • Three types of DLP sensors: – DLP network sensors - installed on the perimeter of the network to protect data in-transit by monitoring all network traffic – DLP storage sensors - designed to protect data at- rest – DLP agent sensors - installed on each host device and protect data in-use • When a policy violation is detected by the DLP agent, it is reported back to the DLP server – Different actions can then be taken CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 48
  • 49. © Cengage Learning 2015 Securing Data CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 49
  • 50. © Cengage Learning 2015 Securing Data CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 50
  • 51. © Cengage Learning 2015 Summary • A security control is any device or process used to reduce risk • Hardware locks for doors are important to protect equipment • Hardware security is physical security that involves protecting the hardware of the host system • In addition to protecting hardware, the OS software that runs on the host also must be protected • Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 51
  • 52. © Cengage Learning 2015 Summary • OS and additional third-party antimalware software packages can provide added security • Protecting applications that run on hardware – Create configuration baselines – Secure coding concepts • Data loss prevention (DLP) can identify critical data, monitor and protect it – Works through content inspection CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition 52

Notes de l'éditeur

  1. CompTIA Security+ Guide to Network Security Fundamentals, Fifth Edition Chapter 4 Host, Application, and Data Security
  2. Objectives List the steps for securing a host computer Define application security Explain how to secure data
  3. Securing the Host Securing the host involves: Protecting the physical device Securing the operating system (OS) software Using antimalware software
  4. Securing Devices Security control - any device or process that is used to reduce risk Two levels of security controls: Administrative controls - processes for developing and ensuring that policies and procedures are carried out Technical controls - controls that are carried out or managed by devices There are five subtypes of controls (sometimes called activity phase controls) described on the following slide
  5. Securing Devices Table 4-1 Activity phase controls
  6. External Perimeter Defenses External perimeter defenses are designed to restrict access to equipment areas This type of defense includes: Barriers guards Motion detection devices
  7. External Perimeter Defenses Barriers Fencing - usually a tall, permanent structure Modern perimeter fences are equipped with other deterrents such as proper lighting and signage Barricade - large concrete ones should be used Guards Human guards are considered active security elements Video surveillance uses cameras to transmit a signal to a specific and limited set of receivers called closed circuit television (CCTV)
  8. External Perimeter Defenses Table 4-2 Fencing detergents
  9. External Perimeter Defenses Motion Detection Determining an object’s change in position in relation to its surroundings This movement usually generates an audible alarm Table 4-3 Motion detection methods
  10. Internal Physical Access Security These protections include: Hardware locks Proximity readers Access lists Mantraps Protected distribution systems for cabling
  11. Internal Physical Access Security Hardware locks Standard keyed entry lock provides minimal security Deadbolt locks provide additional security and require that a key be used to both open and lock the door Cipher locks are combination locks that use buttons that must be pushed in the proper sequence Can be programmed to allow a certain individual’s code to be valid on specific dates and times
  12. Internal Physical Access Security Recommended key management procedures Inspect locks regularly Issue keys only to authorized users Keep track of issued keys Master keys should not have identifying marks Secure unused keys in a safe place Establish a procedure to monitor use of locks and keys Mark master keys with “Do Not Duplicate” Change locks after key loss or theft
  13. Internal Physical Access Security Proximity Readers Uses an object (physical token) to identify persons with authorization to access an area ID badge emits a signal identifying the owner Proximity reader receives signal ID badges that can be detected by a proximity reader are often fitted with RFID tags Badge can remain in bearer’s pocket
  14. Internal Physical Access Security Figure 4-4 RFID tag
  15. Internal Physical Access Security Access list Record of individuals who have permission to enter secure area Records time they entered and left Mantrap Separates a secured from a nonsecured area Device monitors and controls two interlocking doors Only one door may open at any time
  16. Internal Physical Access Security Figure 4-5 Mantrap
  17. Internal Physical Access Security Protected Distribution Systems (PDS) A system of cable conduits used to protect classified information that is being transmitted between two secure areas Created by the U.S. Department of Defense (DOD) Two types of PDS: Hardened carrier PDS - conduit constructed of special electrical metallic tubing Alarm carrier PDS - specialized optical fibers in the conduit that sense acoustic vibrations that occur when an intruder attempts to gain access
  18. Hardware Security Hardware security - the physical security protecting the hardware of the host system Most portable devices have a steel bracket security slot A cable lock can be inserted into slot and secured to device and a cable connected to the lock can be secured to a desk or chair Locking cabinets Can be prewired for power and network connections Allow devices to charge while stored
  19. Hardware Security Figure 4-7 Cable lock
  20. Securing the Operating System Software Five-step process for protecting operating system 1. Develop the security policy 2. Perform host software baselining 3. Configure operating system security settings 4. Deploy and manage security settings 5. Implement patch management
  21. Securing the Operating System Software Develop the security policy Security policy - a document(s) that clearly define organization’s defense mechanisms Perform host software baselining Baseline - the standard or checklist against which systems can be evaluated Configuration settings that are used for each computer in the organization
  22. Securing the Operating System Software Configure operating system security and settings Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline Typical configuration baseline would include: Changing insecure default settings Eliminating unnecessary software, services, protocols Enabling security features such as a firewall
  23. Securing the Operating System Software Deploy and Manage Security Settings Tools to automate the process Security template - collections of security configuration settings Group policy - Windows feature providing centralized computer management; a single configuration may be deployed to many users
  24. Securing the Operating System Software Implement Patch Management Operating systems have increased in size and complexity New attack tools have made secure functions vulnerable Security patch - software security update to repair discovered vulnerabilities Hotfix - addresses specific customer situation Service pack - accumulates security updates and additional features
  25. Securing the Operating System Software Patches can sometimes create new problems Vendor should thoroughly test before deploying Automated patch update service Manage patches locally rather than rely on vendor’s online update service Advantages of automated patch update service Administrators can force updates to install by specific date Administrators can approve updates for “detection” only; allows them to see which computers will require the update without actually installing it
  26. Securing the Operating System Software Advantages of automated patch update service (cont’d) Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time Specific types of updates that the organization does not test can be automatically installed Users cannot disable or circumvent updates
  27. Securing the Operating System Software Figure 4-8 Automatic patch update service
  28. Securing the Operating System Software Security Through Design OS hardening - tightening security during the design and coding of the OS Trusted OS - an OS that has been designed through OS hardening Table 4-4 OS hardening techniques
  29. Securing with Antimalware Third-party antimalware software packages can provide added security Antimalware software includes: Antivirus Antispam Popup blockers Antispyware Host-based firewalls
  30. Antivirus Antivirus (AV) - Software that examines a computer for infections Scans new documents that might contain viruses Searches for known virus patterns Weakness of anti-virus Vendor must continually search for new viruses, update and distribute signature files to users Alternative approach: code emulation Questionable code is executed in virtual environment to determine if it is a virus
  31. Antispam Spammers can distribute malware through email attachments Spam can be used for social engineering attacks Spam filtering methods Bayesian filtering - divides email messages into two piles: spam and nonspam Create a list of approved and nonapproved senders Blacklist - nonapproved senders Whitelist - approved senders Blocking certain file attachment types
  32. Pop-up Blockers and Antispyware Pop-up - small window appearing over Web site Usually created by advertisers Pop-up blockers - a separate program as part of anti-spyware package Incorporated within a browser Allows user to limit or block most pop-ups Alert can be displayed in the browser Gives user option to display pop-up Antispyware - helps prevent computers from becoming infected by different types of spyware
  33. Host-Based Firewalls Firewall - designed to prevent malicious packets from entering or leaving computers Sometimes called a packet filter May be hardware or software-based Host-based software firewall - runs as a program on local system to protect it Application-based
  34. Securing Static Environments Static environment - devices in which additional hardware cannot easily be added or attached Common devices in this category: Embedded system - a computer system with a dedicated function within a larger electrical system Game consoles Smartphones Mainframes In-vehicle computer systems SCADA (supervisory control and data acquisition)
  35. Securing Static Environments Table 4-5 Static environment defense methods
  36. Application Security Besides protecting OS software on hosts, there is a need to protect applications that run on these devices Aspects of application security: Application development security Application hardening and patch management
  37. Application Development Security Security for applications must be considered through all phases of development cycle Application configuration baselines Standard environment settings can establish a secure baseline Includes each development system, build system, and test system Must include system and network configurations
  38. Application Development Security Secure coding concepts Coding standards increase applications’ consistency, reliability, and security Coding standards allow developers to quickly understand and work with code that has been developed by different members of a team Coding standards useful in code review process Example of a coding standard: To use a wrapper function (a substitute for a regular function used in testing) to write error-checking routines for preexisting system functions
  39. Application Development Security Errors and Exception Handling Errors - faults that occur while application is running Response to the user should be based on the error The application should be coded so that each error is “caught” and effectively handled Improper error handling in an application can lead to application failure
  40. Application Development Security The following may indicate potential error-handling issues: Failure to check return codes or handle exceptions Improper checking of exceptions or return codes Handling all return codes or exceptions in the same manner Error information that divulges potentially sensitive data Fuzz testing (fuzzing) - a software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a program
  41. Application Development Security Input Validation A specific type of error handling is verifying responses that the user makes to the application Improper verification is the cause for XSS, SQL, or XML injection attacks Cross-site request forgery (XSRF) - an attack that uses the user’s web browser settings to impersonate the user To prevent cross-site scripting, the program should trap for these user responses
  42. Application Development Security Input validation generally uses the server to perform the validation (server-side validation) It is possible to have the client perform the validation (client-side validation) In client-side validation all input validations and error recovery procedures are performed by the user’s web browser An approach to preventing SQL injection attacks is avoid using SQL relational databases NoSQL - a nonrelational database that is better tuned for accessing large data sets
  43. Application Hardening and Patch Management Application hardening Intended to prevent attackers from exploiting vulnerabilities in software applications Table 4-6 Attacks based on application vulnerabilities
  44. Application Hardening and Patch Management Patch management Rare until recently Users were unaware of the existence of patches or where to acquire them More application patch management systems are being developed to patch vulnerabilities
  45. Securing Data Work today involves electronic collaboration Data must flow freely Data security is important Big Data - refers to a collection of data sets so large and complex that it becomes difficult to process using traditional data processing apps Data loss prevention (DLP) System of security tools used to recognize and identify critical data and ensure it is protected Goal: protect data from unauthorized users
  46. Securing Data DLP examines data as it resides in any of three states: Data in use (example: creating a report from a computer) Data in-transit (data being transmitted) Data at rest (data that is stored on electronic media)
  47. Securing Data Most DLP systems use content inspection A security analysis of the transaction within its approved context Looks at security level of data, who is requesting it, where the data is stored, when it was requested, and where it is going DLP systems can also use index matching Documents that have been identified as needing protection are analyzed by DLP and complex computations are conducted based on the analysis
  48. Securing Data Three types of DLP sensors: DLP network sensors - installed on the perimeter of the network to protect data in-transit by monitoring all network traffic DLP storage sensors - designed to protect data at-rest DLP agent sensors - installed on each host device and protect data in-use When a policy violation is detected by the DLP agent, it is reported back to the DLP server Different actions can then be taken
  49. Securing Data Figure 4-9 DLP architecture
  50. Securing Data Figure 4-10 DLP report
  51. Summary A security control is any device or process used to reduce risk Hardware locks for doors are important to protect equipment Hardware security is physical security that involves protecting the hardware of the host system In addition to protecting hardware, the OS software that runs on the host also must be protected Modern OSs have hundreds of different security settings that can be manipulated to conform to the baseline
  52. Summary OS and additional third-party antimalware software packages can provide added security Protecting applications that run on hardware Create configuration baselines Secure coding concepts Data loss prevention (DLP) can identify critical data, monitor and protect it Works through content inspection