Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

Published byAron O’Neal’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses."— Presentation transcript:

1 Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses

2 Introduction We’ve discussed the threats from hackers Since 9/11 there has been increasing concern of attacks from cyber terrorists Cyber terror attacks are not considered weapons of mass destruction but rather, weapons of mass disruption

3 Intro (2) Areas feeling most pressure are: telecommunications, transportation, financial services, and chemical, water, energy, and power grid industries These are critical infrastructures which our national economy depend upon Perfect security is impossible This chapter introduces defensive technologies and reconnaissance tools

4 Intro (3) This chapter presents material covering tier 4 of the DLM Multiple and diverse layers of security SW, HW, and auditing systems are necessary Used to validate and enforce AUPs, secure-use practices Serve as necessary countermeasures to stop spread of malware, monitor for illegal activity, and filtering inbound and outbound packets

5 Factors Driving the Need for Diverse Technology Layers Growth in Computer Crime 28% increase in Internet attacks and almost 200,000 of them were successful 50 or more new comp viruses created each wk FBI estimated that losses by US businesses exceeded $7 billion in 2001 This does not include costs of fraud or damages by disgruntled or corrupted employees Remember estimates are usually low -- why?

6 More Factors Driving the Need for Diverse Tech Layers Growth in SW Complexity and Flaws Complexity and design flaws have caused SW and OS’s to become more vulnerable to malware Many companies make obvious security mistakes - introducing wireless networks or IM w/o encryption and firewalls Intranets w/o adequate security checkpoints

7 More Factors Driving the Need for Diverse Tech Layers Growth in Release Rate of Security Patches and Service Packs Since new SW vulnerabilities is now around 50/wk and IT managers spend an avg of 2 hrs/server to test and deploy a patch Estimate is total cost to a company w/ 1,000 servers is roughly $300,000 per patch There are now tools to automate and manage server and desktop patches but it is a problem IT staff need to focus on keeping networks and systems working hard to have time to deal w/ complex security component

8 Security Technology No “Out of the box” Solutions No defense tools are usable out of the box - it is necessary to correctly install and monitor your security mechanisms The security tools that are available have varying deployment costs, installation or implementation complexity, operational and maintenance costs, and potential to be effective

9 Security Technology (2) Many believe that having a firewall installed will offer automatic protection They still need to be maintained What kind of maintenance? Tools and Targets technology tools for security can be expensive to purchase and maintain They are targets of hackers -- when broken they are hardened by defenders then hackers begin cycle again…. Look at @Lert on pg. 115

10 Multilayered, Diverse Technology Infrastructure Read Cyberbrief on pg. 116 Note that an organizations effectiveness in using technology to protect against hacker attacks and lawsuits improves w/ regular auditing of networks, applications, and employees for signs of vulnerability or unauthorized use

11 Characteristics of a Defensive Technology Infrastructure p 116 A defensive technology infrastructure depends on appropriate security technologies Properly installed and configured at correct checkpoints Placed on each device connected to the network Continuously maintained, patched, and audited With incident response and disaster recovery plans in place Routinely tested by people /w technology expertise Security company Foundstone predict that the success of security is directly related to the location of the security officer in the organizational chart. (Why? See pg. 117)

12 Underlying Technical Issues Functional (Critical) requirements of HW and SW Six of them are listed – important Confidentiality Integrity Authenticity Nonrepudiation Accountability Availability How to remember them? AAAINC?

13 Some pieces of the HW TCP/IP IP address Ports File Integrity Checker (checksum) Routers You read these short sections

14 Perimeter and File Protection Maintaining Confidentiality and Integrity What types of tools can assist us in confidentiality and integrity Several tools to protect against or to monitor intrusion Firewalls Intrusion Detection Systems Access control and virtual private networks (VPN) Biometrics and tokens Antivirus Software Cryptography/encryption Public key infrastructure (PKI) and certificates

15 Firewalls Protect one computer network from another and often protect one part of a company’s network from the rest of another Permits or denies certain types of traffice to pass through based on the source address in the IP packet Firewall looks at individual IP packets and decides what to allow or deny based on the rules of the configured firewall.

Download ppt "Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses."

Similar presentations

Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Controls for Information Security

Controls for Information Security
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
NETWORK SECURITY.

NETWORK SECURITY.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Similar presentations

Ads by Google