Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Systems Security Operations Security Domain #9.

Published byJeffry Spencer Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Systems Security Operations Security Domain #9."— Presentation transcript:

1 Information Systems Security Operations Security Domain #9

2 Operations Security Objectives  Operations Responsibility & Personnel  Configuration Management  Media Access Protection  System Recovery  Facsimile Security  Vulnerability and Penetration Testing  Attack Types

3 Computer Operations  Fixing Hardware and software issues  Media Libraries  Controlling Remote Access  Contingency Planning  Incident Handling  Licensing Issues  Input Controls  Backup and Recovery

4 Threats to Operations  Disclosure  Destruction  Loss of system and network capabilities  Corruption and Modification  Theft  Espionage  Hackers/Crackers  Malicious Code

5 Issues  Backup Maintenance  Change workstation/location –Used to improve security  Need to Know Required  Least Privilege Principle Enforced  Due Care  Due Diligence –U.S. Federal Sentencing Guidelines of 1991  Up to 290M for non-performance

6 Security Control Types  Directive control –Used to guide the security implementation  Preventive control –Can deter or mitigate undesirable actions  Detective control –Verifies whether a control has been successful  Corrective control –Used to reverse the effects of an unwanted activity

7 Examples  Directive – policies, standards, laws  Preventive – firewalls, authentication, access controls, antivirus software  Detective – audit trails, logs, CCTV, CRC  Corrective – incident handling, fire extingiuishers

8 Vulnerability Testing  Things to agree upon –Goals of the assessment –Written agreement from management –Explaining testing ramifications –Understand results are just a ‘snapshot’

9 Steps in Testing  Reconnaissance –Obtain info either passively or actively  Sniffing, eavesdropping, ARIN, Whois, etc.  Scanning –ID systems that are running and active services  Ping sweeps and port scans  Gaining Access –Exploiting vulnerabilities to gain access  Buffer overflow, brute force

10 More Steps  Maintaining Access –Uploading software to ensure reentry  Trojan Horse, backdoor  Covering Tracks –Hide one’s malicious activities  Delete system and application logs

11 Honeypots  Usually placed in DMZ –Should not be connected to internal network  Sacrificial lamb system  Goal is that hackers will attack this system instead of production system  Leaves many ports open and services running to be more ‘enticing’

12 Sensitive Media Handling  Marking  Handling  Storing  Destruction  Declassification

13 Continuity of Operations  Fault Tolerance –Software –Hardware  Data Protection –RAID 0, 1, 5, 10  Redundant Communications –Phone, Broadband, Wireless, Satellite  Redundant Power Supplies

14 Auditing  Auditing Basics –Logs, monitors, and triggers  Accountability, Compliance  Audit trails  Sampling and clipping levels  External auditors

15 Monitoring Tools  Warning banners  Keystroke monitoring  Traffic analysis  CCTV

16 More Terms  Ethical Hacking  War dialing  Radiation monitoring  Dumpster diving  Social engineering

17 Physical Security  Facility Location and construction  Electrical Issues  Perimeter Protection  Physical Intrusion Detection  Fire Prevention

18 Threats  Physical Damage  Theft of Assets  Interruption of Service  Disclosure of Proprietary Information  Natural Disaster  Vandalism  Terrorism

19 Administration Controls  Facility construction  Site management  Personnel controls  Emergency procedures  Awareness training

20 Technical Controls  Access controls  Alarms  CCTV/Monitors  HVAC  Power Supplies  Fire detection and suppression

Download ppt "Information Systems Security Operations Security Domain #9."

Similar presentations

© Peter Readings 2007 1 Data Leakage Pete Readings CISSP.

© Peter Readings Data Leakage Pete Readings CISSP.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
Ch.5 It Security, Crime, Compliance, and Continuity

Ch.5 It Security, Crime, Compliance, and Continuity
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Similar presentations

Ads by Google