IS4680 Security Auditing for Compliance

Slides:



Advertisements
Similar presentations
Guide to Network Defense and Countermeasures Second Edition
Advertisements

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
HIPAA Security Standards What’s happening in your office?
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Chapter 12 Network Security.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Controls for Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.
Wireless Intrusion Prevention System
Chapter 2 Securing Network Server and User Workstations.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Security fundamentals Topic 10 Securing the network perimeter.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.
Strategic Agenda We want to be connected to the internet……… We may even want to host our own web site……… We must have a secure network! What are the.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 4 Network Security Tools and Techniques.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 7 VPN Fundamentals.
IS3220 Information Technology Infrastructure Security
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
© ITT Educational Services, Inc. All rights reserved. IS3120 Network Communications Infrastructure Unit 10 Network Management—FCAPS.
© ITT Educational Services, Inc. All rights reserved. IS4680 Security Auditing for Compliance Unit 1 Information Security Compliance.
Security fundamentals
Chapter 7. Identifying Assets and Activities to Be Protected
CompTIA Security+ Study Guide (SY0-401)
Design for Security Pepper.
CONNECTING TO THE INTERNET
IS4550 Security Policies and Implementation Unit 7 Risk Management
IS4680 Security Auditing for Compliance
Click to edit Master subtitle style
Introduction to Networking
IS3120 Network Communications Infrastructure
IS4550 Security Policies and Implementation
CompTIA Security+ Study Guide (SY0-401)
IS4550 Security Policies and Implementation
IS3440 Linux Security Unit 9 Linux System Logging and Monitoring
ISMS Information Security Management System
IS4550 Security Policies and Implementation
IS4550 Security Policies and Implementation
IS4680 Security Auditing for Compliance
IS4680 Security Auditing for Compliance
IS4680 Security Auditing for Compliance
IS4680 Security Auditing for Compliance
Introduction to Network Security
PLANNING A SECURE BASELINE INSTALLATION
Presentation transcript:

IS4680 Security Auditing for Compliance Unit 7 Compliance Within the LAN-to-WAN and WAN Domains

Class Agenda 8/1/16 Covers Chapter 11 and 12 Learning Objectives Lesson Presentation and Discussions. Discussion on Assignments. Discussion on Lab Activities. Lab will be perform in class. Break Times as per School Regulation Discussion on Project.

Learning Objective Use an appropriate framework to implement information systems security (ISS) compliance within the local area network (LAN)-to-Wide Area Network (WAN) and WAN Domains.

Key Concepts Compliance law requirements and business drivers for LAN-to-WAN and WAN Domains Devices and access controls for the LAN- to-WAN and WAN Domains and steps to maximize availability, integrity, and confidentiality (A-I-C) for LAN-to-WAN and WAN Domains

Key Concepts (Continued) Policies, standards, procedures, and guidelines in the LAN-to-WAN and WAN Domains Vulnerability management in the LAN-to- WAN and WAN Domains Best practices for LAN-to-WAN and WAN Domain compliance requirements

EXPLORE: CONCEPTS

Business Drivers Protecting data privacy Implementing proper security controls for the LAN-to-WAN Domain Internet Service Provider (ISP) connection and backup connection Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) Data leakage security appliance

Devices and Access Controls Router Firewall Proxy server Demilitarized Zone (DMZ) Honeypots

Devices and Access Controls (Continued) Web content filtering device Traffic-monitoring device

IT Security Framework Preventive DMZ Firewall 11/23/2018 IT Security Framework Preventive DMZ Firewall User-based access controls Encryption Within the WAN domain certain policies are or should be required: Preventive Enforce privacy through encryption Optimize WAN throughput Assurance of WAN service provider security Assurance of WAN availability User-based access controls for WAN resources Configuration change control Detective Performance monitoring Traffic analysis Configuration settings monitoring Penetration testing (c) ITT Educational Services, Inc.

IT Security Framework (Continued) Detective Performance monitoring Packet analysis Configuration settings IDS

EXPLORE: PROCESSES

Vulnerability Management 11/23/2018 Vulnerability Management Define policy Baseline the environment Prioritize vulnerabilities Mitigate vulnerabilities Maintain and monitor Implement a Change Management Control Process Implement a Configuration Management Process Define Policy - Organizations must start out by determining what the desired security state for their environment Baseline the Environment - Once a policy has been defined, the organization must assess the true security state of the environment and determine where instances of policy violations are occurring Prioritize Vulnerabilities - Instances of policy violations are then prioritized using risk and effort-based criteria Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, as do security policy requirements (c) ITT Educational Services, Inc.

EXPLORE: ROLES

Roles Senior Managers IT Managers IT Auditors Data Owners System Administrators Risk Managers

EXPLORE: CONTEXTS

Best Practices for LAN-to-WAN Domain Compliance 11/23/2018 Best Practices for LAN-to-WAN Domain Compliance Map your proposed LAN-to-WAN architecture before installing any hardware. Use one of the several available network-mapping software products to make the process easier. Identify all of the components’ data paths through the domain. Use the map to identify any single points of failure. Update the network map any time you make physical changes to your network. Implement a Change Management Control Process Implement a Configuration Management Process Define Policy - Organizations must start out by determining what the desired security state for their environment Baseline the Environment - Once a policy has been defined, the organization must assess the true security state of the environment and determine where instances of policy violations are occurring Prioritize Vulnerabilities - Instances of policy violations are then prioritized using risk and effort-based criteria Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, as do security policy requirements (c) ITT Educational Services, Inc.

Best Practices for WAN Domain Compliance 11/23/2018 Best Practices for WAN Domain Compliance Map your proposed WAN architecture, including redundant and backup hardware and connections before establishing WAN service. Update the network map any time you make physical changes to your network. Establish multiple WAN connections to avoid any single point of failure. Use load-balancing techniques on the multiple WAN connections to utilize the bandwidth of both connections. Implement a Change Management Control Process Implement a Configuration Management Process Define Policy - Organizations must start out by determining what the desired security state for their environment Baseline the Environment - Once a policy has been defined, the organization must assess the true security state of the environment and determine where instances of policy violations are occurring Prioritize Vulnerabilities - Instances of policy violations are then prioritized using risk and effort-based criteria Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, as do security policy requirements (c) ITT Educational Services, Inc.

Best Practices for WAN Domain Compliance (Continued) 11/23/2018 Best Practices for WAN Domain Compliance (Continued) Develop a backup and recovery plan for each component in the WAN Domain. Don’t forget to include configuration settings for network devices in your backup and recovery plans. Implement a Change Management Control Process Implement a Configuration Management Process Define Policy - Organizations must start out by determining what the desired security state for their environment Baseline the Environment - Once a policy has been defined, the organization must assess the true security state of the environment and determine where instances of policy violations are occurring Prioritize Vulnerabilities - Instances of policy violations are then prioritized using risk and effort-based criteria Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, as do security policy requirements (c) ITT Educational Services, Inc.

Best Practices for WAN Domain Compliance (Continued) 11/23/2018 Best Practices for WAN Domain Compliance (Continued) Implement frequent update procedures for all operating systems, applications, and network-device software and firmware in the WAN Domain. Monitor WAN traffic for performance and traffic for suspicious content. Implement a Change Management Control Process Implement a Configuration Management Process Define Policy - Organizations must start out by determining what the desired security state for their environment Baseline the Environment - Once a policy has been defined, the organization must assess the true security state of the environment and determine where instances of policy violations are occurring Prioritize Vulnerabilities - Instances of policy violations are then prioritized using risk and effort-based criteria Mitigate Vulnerabilities - Ultimately, the root causes of vulnerabilities must be addressed Maintain and Monitor - Organizations' computing environments are dynamic and evolve over time, as do security policy requirements (c) ITT Educational Services, Inc.

Summary In this presentation, the following were covered: Business drivers for LAN-to-WAN and WAN Domains Devices and access controls IT-security framework Vulnerability management Best practices for LAN-to-WAN and WAN Domains

Assignment and Lab Discussion 7.1 Vulnerability Management in LAN to-WAN and WAN Domains Lab 7.2 Auditing the LAN-to-WAN Domain for Compliance Assignment Assignment 7.3 Best Practices for LAN to-WAN and WAN Domain Compliance

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.