Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,

Published byLeona Tyler Modified over 9 years ago

Similar presentations

Presentation on theme: "System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,"— Presentation transcript:

1 System Security Basics

2 Information System Security The protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats.

3

4

5 Fortress Model Watch towers to detect threat Protection by: –Moat –Outer Wall –Inner Wall of Keep Draw bridge and Gate – controlled access

6 Fortress model for defense 1.Critical information 2.Physical protection 3.Operation system hardening 4.Information access 5.External access

7 1. Critical Information Data categorization –Public –Internal –Confidential –Secret Application hardening

8 2. Physical Protection Physical environment –Geographical location –Social environment –Building construction Physical controls Communications Surveillance

9 3. Operation Systems Hardening Security configuration Anti-malware File system –Encrypting File System ADDS security System redundancy

10 4. Information Access User identification Security policies Resources access Role base access control Access auditing Digital rights management

11 5. External Access Perimeter network VPN/ RRAS (Routing and Remote Access) SSTP (Secure Socket Tunneling Protocol) PKI Identity federation NAP (Network Access Protection)

12 Polices, Procedures & Awareness Data Application Host Internal Network Perimeter The Microsoft Model

13 Things to do Identify who enter your system Provide the user with the appropriate access right Identify the person modifying the data is authorized to do so Guarantee the confidentiality of information Guarantee the availability of information

14 Things to do Ensure the integrity of the information Monitor the activities of the system Audit security events Put in administrative procedures to ensure the system is secure

15 System composition File server/ Print server/ Fax server Web server Application server DNS server DHCP server Domain controller Terminal server

16 System composition Email server RADIUS server VPN server Certificate server UDDI server Network policy and access server Gateway/ Firewall/ Switch And users

Download ppt "System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,"

Similar presentations

System Center Operations Manager 2007 Management Pack Roadmap (Apr/May 2008)

System Center Operations Manager 2007 Management Pack Roadmap (Apr/May 2008)
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Securing the Borderless Network March 21, 2000 Ted Barlow.

Securing the Borderless Network March 21, 2000 Ted Barlow.
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor

Implementing Server Security on Windows 2000 and Windows Server 2003 Steve Lamb Technical Security Advisor
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Clinic Security and Policy Enforcement in Windows Server 2008.

Clinic Security and Policy Enforcement in Windows Server 2008.

Similar presentations

Ads by Google