Presentation is loading. Please wait.

Presentation is loading. Please wait.

SIM 302. Unprepared UninformedUnaware Untrained Unused.

Published byAgnes Fields Modified over 8 years ago

Similar presentations

Presentation on theme: "SIM 302. Unprepared UninformedUnaware Untrained Unused."— Presentation transcript:

1 SIM 302

2

3

4

5

6

7

8

9 Unprepared UninformedUnaware Untrained Unused

10 Source: Dreamtime

11

12 DroidDream malware iPhone/Privacy

13

14

15

16

17 Gatherer/hunter Learn Communicate Socio interactivity Socio isolation Loss of information control

18

19

20

21

22 Virtual business services of all sorts, accounting, payroll, and even sales would come to a halt, as would many companies

23 $1.5 to $2 billion $80 to $120 million What does a stealth bomber cost? What does a stealth fighter cost? $1 to $2 million What does an cruise missile cost? $300 to $50,000 What does a cyber weapon cost?

24 Nuclear Weapons Facility Cyber Weapons Facility Where’s the Cyber Weapons Facility?

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40 Step 1 Reconnaissance Step 1 Reconnaissance Step 2 Initial intrusion into the network Step 2 Initial intrusion into the network Step 3 Establish a backdoor into the network Step 3 Establish a backdoor into the network Step 4 Obtain user credentials Step 4 Obtain user credentials Step 5 Install various utilities Step 5 Install various utilities Step 6 Privilege escalation /lateral movement /data exfiltration Step 6 Privilege escalation /lateral movement /data exfiltration Step 7 Maintain persistence Step 7 Maintain persistence

41

42

43

44

45

46

47

48

49

50 http://googleblog.blogspot.com/2010/01/new-approach-to-china.html

51 Thanks to Dreamtime

52

53 Thanks to BBC.co.uk

54

55 demo

56

57

58

59

60

61 Security Management Threat and Vulnerability Management, Monitoring and Response Edge Routers, Firewalls, Intrusion Detection, Vulnerability Scanning Network Perimeter Dual-factor Authorization, Intrusion Detection, Vulnerability Scanning Internal Network Access Control and Monitoring, Anti-Malware, Patch and Configuration Management Host Secure Engineering (SDL), Access Control and Monitoring, Anti-Malware Application Access Control and Monitoring, File/Data Integrity Data User Account Management, Training and Awareness, Screening Facility Physical Controls, Video Surveillance, Access Control Strategy: Employ a risk-based, multi-dimensional approach to safeguarding services and data

62

63 Required Slide Speakers, please list the Breakout Sessions, Interactive Discussions, Labs, Demo Stations and Certification Exam that relate to your session. Also indicate when they can find you staffing in the TLC.

64

65

66 www.microsoft.com/teched Sessions On-Demand & CommunityMicrosoft Certification & Training Resources Resources for IT ProfessionalsResources for Developers www.microsoft.com/learning http://microsoft.com/technet http://microsoft.com/msdn http://northamerica.msteched.com Connect. Share. Discuss.

67

68 Scan the Tag to evaluate this session now on myTechEd Mobile

69

Download ppt "SIM 302. Unprepared UninformedUnaware Untrained Unused."

Similar presentations

4/10/2017 2:53 PM SIM202 We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options) Laura Chappell Founder, Wireshark University Founder,

4/10/2017 2:53 PM SIM202 We Don't Need No Stinkin' GUI: Command-Line Capture Techniques (Remote Options) Laura Chappell Founder, Wireshark University Founder,
WSV405. IPv6 Ready Logo Program www.ipv6ready.org.

WSV405. IPv6 Ready Logo Program
DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.

DEV333. Describe each main attack Demo how the attack works Fix our poor vulnerable application! Why Script Kiddies, Why? Click to Hack.
SIM201. Announcing… copyright chappellseminars.com some hosts comply; RST = closed no = response open some hosts comply; RST = closed no = response.

SIM201. Announcing… copyright chappellseminars.com some hosts comply; RST = closed no = response open some hosts comply; RST = closed no = response.
WSV304 Manual Deployment High cost Fully Automated Low cost.

WSV304 Manual Deployment High cost Fully Automated Low cost.
Sample Fill demo WorkflowServiceHostFactory Tracking Persistence Custom Behaviour Creation Endpoint Control Endpoint Exception Behaviour.

Sample Fill demo WorkflowServiceHostFactory Tracking Persistence Custom Behaviour Creation Endpoint Control Endpoint Exception Behaviour.
Self Assessment COS202 a-Expense.

Self Assessment COS202 a-Expense.
SIM344. 2 Separate solution install paths can be taken, stand alone and SCOM integrated. Both require core AVIcode web apps and DB’s.

SIM Separate solution install paths can be taken, stand alone and SCOM integrated. Both require core AVIcode web apps and DB’s.
DBI331. Cube Measure Group Measure Partition Cube Dimension Dimension Attribute Relationship Hierarchy Level Cube Attribute Cube Hierarchy Measure.

DBI331. Cube Measure Group Measure Partition Cube Dimension Dimension Attribute Relationship Hierarchy Level Cube Attribute Cube Hierarchy Measure.
Video gallery HD video or high resolution photos of attendees H.264 SVC support Personalized collaboration experiences Intuitive controls Consistent.

Video gallery HD video or high resolution photos of attendees H.264 SVC support Personalized collaboration experiences Intuitive controls Consistent.
SIM346. General information about the software application.

SIM346. General information about the software application.
Sneak Peek at Microsoft System Center Service Manager 2012 Concepts

Sneak Peek at Microsoft System Center Service Manager 2012 Concepts
SIM405 BladeLogic Operations Manage BMC Atrium CMDB BMC Event Manager BMC Patrol BMC Remedy AR System CA Autosys CA eHealth CA Spectrum CA Unicenter.

SIM405 BladeLogic Operations Manage BMC Atrium CMDB BMC Event Manager BMC Patrol BMC Remedy AR System CA Autosys CA eHealth CA Spectrum CA Unicenter.
DEV314. Entity Data Model demo Entity Data Model.

DEV314. Entity Data Model demo Entity Data Model.
DBI311. Existing NMS application Agent Existing NMS application Agent 0.5 KB/record 2500 records/ agent 10 agents = 25K r/s (12. 5 MB/s) 25K r/s.

DBI311. Existing NMS application Agent Existing NMS application Agent 0.5 KB/record 2500 records/ agent 10 agents = 25K r/s (12. 5 MB/s) 25K r/s.
DEV202 Before I get started... …is too expensive. …is too complex. …requires a server.

DEV202 Before I get started... …is too expensive. …is too complex. …requires a server.
OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.

OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.
WCL309. Demo.

WCL309. Demo.
SIM329. Certificate Enrollment Without CEP/CES Certificate Authority Active Directory Client Workstations 3 4 1 2 LDAP RPC/DCOM.

SIM329. Certificate Enrollment Without CEP/CES Certificate Authority Active Directory Client Workstations LDAP RPC/DCOM.
VIR319 Overview of MED-V Enterprise Application Compatibility Challenges Solutions from Microsoft for Application Compatibility Lifecycle of MED-V.

VIR319 Overview of MED-V Enterprise Application Compatibility Challenges Solutions from Microsoft for Application Compatibility Lifecycle of MED-V.

Similar presentations

Ads by Google