1. Network Security

2. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges Trusted locations are systems V partners are Semi trusted entities. You would give them access to non-publically available systems after being. Customers are entities. After authentication, they can be given access to publically available systems.

3. Assessing the Risks The first stage of designing security infrastructure for your organization is to that you might want to protect and to the organization if that asset is compromised. Once you identify what needs to be protected, you then need to ask what you need to. Conduct a comprehensive risk assessment to: – Identify all potential vulnerabilities – Assess the likelihood that they will be compromised. – Determine the impact/cost that will be incurred if the asset is compromised. – The combination of likelihood and impact are then combined to identify major inherent security risks.

4. Threats Object, person, or other entity that represents a constant danger to an asset 1.Human error 2.Acts of Nature 3.Technical hardware or software failures – yours, a service provider’s 4.Deliberate Acts (attacks) – Sabotage, Vandalism, theft, software attacks (hacking, viruses, worms)

5. Defense in depth – Implementation of security so that multiple layers of defense have to be circumvented to gain access to internal information and assets Requires that organization establish sufficient security controls and safeguards so that an intruder faces. If one layer of security is breached, there will be another layer of security with P and security are BOTH important. How does a bank protect its assets?

6. Figure 5-15 – Spheres of Security IDS = Intrusion Detection System IR = Incident Response DR = Disaster Recovery BC = Business Continuity planning

7. Technology Controls Access Controls – multiple levels – networks, systems, data Intrusion Detection Systems Disconnection Monitoring Systems/Logging of User Activity Proxy Servers Firewalls Encryption – in storage, in transmission Backups Antivirus Redundant Systems Patches and Upgrades

8. Definitions not found in CyberProtect Information F: device that selectively discriminates against information flowing into or out of organization Proxy Server: a separate computer that relays requests from an application to an untrusted zone, and receives responses before forwarding them back to the application.

9. Hardened Systems – Refers to stability and impenetrability of the operating system. Step 1 – Secure the Core Operating System Eliminate unneeded services Patch Management (both OS and Applications) Avoid Unencrypted Protocols Ensure Virus Protection Rename Administrator Accounts Change Default passwords Disable Guest Accounts Do not allow anonymous FTP Control remote access to systems logs Increase size of log files File, Directory and other permissions. Display a warning message for remote access

10. Hardened Systems Step 2 – Apply Concept of– “Each subject should be granted the most restrictive set of privileges needed for the performance of authorized tasks. “ Usually accomplished through access control lists that are role-based. – Allow users only the system access that they specifically require to perform their role within the organization. –D–D

11. Hardened Systems Step 3 - Separation of Duties – Cannot create new users, grant them access and activate their accounts. – Similar to NOT having the person who orders something also being the person responsible for receiving the goods. – This ensures that, and therefore reduces the risk of Any local examples you can think of?