Presentation is loading. Please wait.

Presentation is loading. Please wait.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Published byElwin Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management."— Presentation transcript:

1 © ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management

2 © ITT Educational Services, Inc. All rights reserved.Page 2 IS3220 Information Technology Infrastructure Security Class Agenda 1 2/25/16  Learning Objectives  Lesson Presentation and Discussions.  Discussion on Assignments.  Discussion on Lab Activities.  Break Times as per School Regulations.  Note: Submit all Assignment and labs due today  Final Project is due in the next class  Final Exam will be held in the next class.

3 © ITT Educational Services, Inc. All rights reserved.Page 3 IS3220 Information Technology Infrastructure Security Class Agenda 2  Theory: 6:00pm -8:00pm  Lab: 8:15pm to 11:00pm  Chapter 6 and 15  Other Materials: NIST SP 800-61: Computer Security Incident Handling Guide  http://www.nist.gov/customcf/get_pdf.cfm?p ub_id=51289 http://www.nist.gov/customcf/get_pdf.cfm?p ub_id=51289

4 © ITT Educational Services, Inc. All rights reserved.Page 4 IS3220 Information Technology Infrastructure Security Learning Objective and Key Concepts Learning Objectives  Identify network security management best practices and strategies for responding when security measures fail Key Concepts  Best practices for network security management  Strategies for integrating network security strategies with firewall defenses and VPN remote access  Value of incident response planning, testing and practice

5 © ITT Educational Services, Inc. All rights reserved.Page 5 IS3220 Information Technology Infrastructure Security Best Practices: Strategy  Create written plans Security policy Incident Response Plan Business Continuity Plan (BCP) Disaster Recovery Plan (DRP) Security checklists  Perform regular maintenance Back up regularly and test restores frequently Monitor and review collected log files frequently Constantly identify the weakest architectural link

6 © ITT Educational Services, Inc. All rights reserved.Page 6 IS3220 Information Technology Infrastructure Security Best Practices: Strategy (cont.)  Perform diligent testing of new systems before deploying in production  Implement the principle of least privilege  Deploy layered defenses

7 © ITT Educational Services, Inc. All rights reserved.Page 7 IS3220 Information Technology Infrastructure Security Best Practices: Devices  Maintain physical security over users and equipment  Install and maintain virus and malware protection at all layers in the environment  Harden both internal and perimeter devices  Develop and follow a patch management strategy  Enforce hard drive or file encryption

8 © ITT Educational Services, Inc. All rights reserved.Page 8 IS3220 Information Technology Infrastructure Security Best Practices: Connectivity  Restrict Internet connections to required activity  Limit remote access to required connectivity  Encrypt all internal network traffic  Require multi-factor authentication  Use default deny over default permit as possible

9 © ITT Educational Services, Inc. All rights reserved.Page 9 IS3220 Information Technology Infrastructure Security User Training Q: What is user training? A: Educational information presented through various mechanisms that clearly defines security policies, their boundaries and imposed limitations Q: Why is user training important? A: Training drives user accountability, understanding, and acceptance of obligatory security policies It is imperative that regular renewal of security awareness training occurs

10 © ITT Educational Services, Inc. All rights reserved.Page 10 IS3220 Information Technology Infrastructure Security Security Awareness  Defines, informs, explains, and teaches users the principles and importance of security  Every user in an organization has a part to play in upholding company security  Awareness and education may be tailored to job specific or role specific content  Policies and procedures are driven by people Without mechanisms to aid users in secure network use, much of the work put into implementing best practices for network security may become disreputable

11 © ITT Educational Services, Inc. All rights reserved.Page 11 IS3220 Information Technology Infrastructure Security Network Security Assessments Q: What is a network security assessment? A: The process of judging, testing, and evaluating a deployed security solution

12 © ITT Educational Services, Inc. All rights reserved.Page 12 IS3220 Information Technology Infrastructure Security Conducting Network Security Assessments  Perform a risk assessment  Execute the security assessment: 1. Perform configuration scanning 2. Perform vulnerability scanning 3. Execute penetration testing  Perform a post-mortem assessment review

13 © ITT Educational Services, Inc. All rights reserved.Page 13 IS3220 Information Technology Infrastructure Security Security Information and Event Monitoring (SIEM)  A SIEM is a tool that allows for automation of log and event centralization and analysis  Functions of a SIEM Log centralization Log management Log monitoring  Purposes of a SIEM Incident detection Incident response and alerting

14 © ITT Educational Services, Inc. All rights reserved.Page 14 IS3220 Information Technology Infrastructure Security Commonly Available SIEM Tools  enVision  Qradar  Eventia  Security Manager  nDepth  Student should check this tools online.

15 © ITT Educational Services, Inc. All rights reserved.Page 15 IS3220 Information Technology Infrastructure Security Commonly Available Network Monitoring Tools (Open Source)  Nagios – network management and monitoring  SmokePing –monitors network latency Can visualize the entire network  GroundWork – highly scalable network management and monitoring  Ganglia – geared toward clusters and grids  Cacti  Ntop

16 © ITT Educational Services, Inc. All rights reserved.Page 16 IS3220 Information Technology Infrastructure Security Commonly Available Network Monitoring Tools (Commercial)  WhatsUp Gold Proactive monitoring and management tool  Iris Network traffic monitoring and analysis tool

17 © ITT Educational Services, Inc. All rights reserved.Page 17 IS3220 Information Technology Infrastructure Security Considerations for the Future State of Firewalls and VPNs as Part of Network Security Strategies  Threats  Firewall capabilities  Encryption  Authentication  Metrics  Industry focus  Cloud security  Mobile device security  IPv6 support

18 © ITT Educational Services, Inc. All rights reserved.Page 18 IS3220 Information Technology Infrastructure Security Integration of Firewalls and VPNs into Network Security Strategies  Functions Enhanced threat management Authentication Encryption  Value Add Confidentiality Integrity Availability

19 © ITT Educational Services, Inc. All rights reserved.Page 19 IS3220 Information Technology Infrastructure Security Assignment and Lab  Discussion 10.1 Incident Response Strategies  Lab 10.2 in lab manual. See Vlab  Assignment 10.3 Postincident Executive Summary Report

Download ppt "© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
SL21 Information Security Board Mission, Goals and Guiding Principles.

SL21 Information Security Board Mission, Goals and Guiding Principles.
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Security Controls – What Works

Security Controls – What Works
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Similar presentations

Ads by Google