SlideShare a Scribd company logo

Information Security Lesson 4 - Baselines - Eric Vanderburg

Download as PPT, PDF
Eric Vanderburg
Eric Vanderburg

Information Security Lesson 4 - Baselines - Eric Vanderburg

Technology
1 of 21
Information Security Chapter 4 Security Baselines Information Security © 2006 Eric Vanderburg
Basic Security • TSR (Terminate and Stay Resident) programs – Applications that are running even when you close them so that they can be loaded faster. • Process – program or program component that runs in the background. Information Security © 2006 Eric Vanderburg
Services • Perform a specific function for the OS. Each requires a process or processes to function. They run in these modes: – Automatic – Manual – Disabled • Services.msc Information Security © 2006 Eric Vanderburg
Services • Netstat - Displays active TCP connections, ports on which the computer is listening Information Security © 2006 Eric Vanderburg
Services • Disable unused services – Difficult because it is hard to find which ones are not used – Processes can be monitored but many services could use a process • Unused services are great for attackers because you do not see their activity and they are always running. • Malicious code could be added to the service to run with it. • Network services have an associated port that must be open for them to function. This is an entry point for an attacker. – Port numbers? Review Information Security © 2006 Eric Vanderburg
TCP/IP • Socket – Protocol, Address, Port – TCP 13.154.33.61:53 • IP Address review • 65,535 ports, 1000 and lower are most used Information Security © 2006 Eric Vanderburg
Securing the system • OS Hardening – securing the system against vulnerabilities. (see guides for each system) – Patch management is one component – Patch – fixes an issue and is tested – Hot fix – less tested than a patch – Service Pack – Group of patches together. The entire group is tested together for stability. Information Security © 2006 Eric Vanderburg
Patch Management • SUS (Software Update Services) or 3rd party tools • Define patches for groups of computers • Update computers on a schedule • Verify that patches have been installed (log) Information Security © 2006 Eric Vanderburg
MMC (Microsoft Management Console) • Custom MMCs – Saved as .msc in your documents and settings – Can work for local or remote computers – Taskpad – Snap-ins • Security Policy – Security Configuration and Analysis MMC snap-in – Command-line SECEDIT utility Information Security © 2006 Eric Vanderburg
Security Templates (Windows) • Security Templates – Setup Security - default security settings. – Compatible (compatws.inf) - members of the Users group can run applications that are not a part of the Designed for Windows Logo Program. – Secure (securedc.inf / securews.inf) - modifies security settings that impact the operating system and network protocols such as the password policy, account policy, and various Registry settings. It also removes all members from the Power Users group. – Highly Secure (hisecdc.inf / hisecws.inf) - This template increases the security of the parameters defined within the secure template. This template also removes all members from the Power Users group. – Internet Explorer (lesacls.inf) – locks down IE – Reset file permissions (rootsec.inf) – reset permissions starting from the root. Information Security © 2006 Eric Vanderburg
Group Policy • Make environmental changes to groups of clients or servers • Change policies such as password length or complexity for a domain • Enforce restrictions on users or computers • Restrict available software Information Security © 2006 Eric Vanderburg
Default GPOs • Default Domain Policy – Applied to domain – Password policy, account policy, & kerberos can only be set here • Default Domain Controllers Policy – Applied to DC container • Create others in the Group Policy Object Editor MMC or from AD Users & Computers Information Security © 2006 Eric Vanderburg
Hardening • Application Hardening – Patch – MBSA (Microsoft Baseline Security Analyzer) can check for patch compliance with Microsoft applications – Cisco Security Agent can restrict the abilities of certain applications • Web Server Hardening – – – – ACLs Patch Delete sample web pages Put the web server in a separate area of the network DMZ (Demilitarized Zone) – Delete scripts and applications that are not used – Enable encryption for sensitive data Information Security © 2006 Eric Vanderburg
Hardening • Mail Server Hardening – Use a single purpose machine – Require authentication for mail protocols to protect against open mail relay (bouncing messages from your mail server to another). – Set an ACL for those who can send messages – Enable logging for defense and legal purposes. • File Servers Hardening – Set appropriate permissions – Log access to sensitive files – Keep behind the firewall Information Security © 2006 Eric Vanderburg
Hardening • NNTP (Network News Transfer Protocol) Hardening – ACLs – Authentication – Patch • FTP Server Hardening – – – – Disable anonymous logon Use an ACL Set appropriate privileges Set account logon restrictions such as time-outs, lockouts for failed logon, and auditing. Information Security © 2006 Eric Vanderburg
Hardening Data Repositories • Directory Services – Windows • • • • • – – – – AD (Active Directory) SAM (Security Accounts Manager) – Local database DC (Domain Controller) PDC (Primary Domain Controller) BDC (Backup Domain Controller) Novell (eDirectory) LDAP (Lightweight Directory Access Protocol) Use ACLs Restrict the right to log on locally to domain controllers Information Security © 2006 Eric Vanderburg
Hardening Data Repositories • DBMS (Database Management System) – Oracle, SQL Server, Informix, Sybase, DB2 – Buffer Overflow – SQL (Structured Query Language) Injection – send a malformed SQL query • • • • • Utilize user views Segment the database Keep the database tables behind the firewall Utilize authentication Stored procedures and web forms should use proper coding techniques to protect against buffer overflow, SQL injection, and other attacks. Information Security © 2006 Eric Vanderburg
Hardening Networks • Update firmware on network devices – EEPROM (Electrically Erasable Programmable Read Only Memory) • Filter data at the edge of the network (Firewalls) • Filter by: – – – – – – Address (IP or MAC) Domain name Protocol Port Message content Session Information Security © 2006 Eric Vanderburg
Hardening Networks • ACLs and Rule bases are used in filtering – Keep rule bases small to increase efficiency in filtering (max: 40 rules) Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • BDC, Backup Domain Controller DNS, Domain Name Service DHCP, Dynamic Host Configuration Protocol EEPROM, Electrically Erasable Programmable Read Only Memory EPROM, Erasable Programmable Read Only Memory FTP, File Transfer Protocol MMC, Microsoft Management Console NNTP, Network News Transfer Protocol Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • NOS, Network Operating System PDC, Primary Domain Controller ROM, Read Only Memory SAM, Security Accounts Manager TSR, Terminate and Stay Resident DBMS, Database Management System AD, Active Directory LDAP, Lightweight Directory Access Protocol • SQL, Structured Query Language Information Security © 2006 Eric Vanderburg

Recommended

501 ch 4 securing your network
501 ch 4 securing your network501 ch 4 securing your network
501 ch 4 securing your networkgocybersec
 
Chapter09
Chapter09Chapter09
Chapter09Muhammad Ahad
 
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Eric Vanderburg
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataNasser Hassan
 
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Studynicholas njoroge
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and datagocybersec
 
Chapter08
Chapter08Chapter08
Chapter08Muhammad Ahad
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...EC-Council
 

Recommended

501 ch 4 securing your network
501 ch 4 securing your network501 ch 4 securing your network
501 ch 4 securing your networkgocybersec
 
Chapter09
Chapter09Chapter09
Chapter09Muhammad Ahad
 
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Eric Vanderburg
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataNasser Hassan
 
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case StudyCisco Standard Network Platform (SNP) - Catholic Relief Services Case Study
Cisco Standard Network Platform (SNP) - Catholic Relief Services Case Studynicholas njoroge
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and datagocybersec
 
Chapter08
Chapter08Chapter08
Chapter08Muhammad Ahad
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...EC-Council
 
Secure nets-and-data
Secure nets-and-dataSecure nets-and-data
Secure nets-and-dataKevin Mayo
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Network Management
Network ManagementNetwork Management
Network ManagementLeo Thiha
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsPrecisely
 
01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructure01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructureMuhammad Ahad
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code ScannerLuigi Perrone
 
07. datacenters
07. datacenters07. datacenters
07. datacentersMuhammad Ahad
 
10. compute-part-2
10. compute-part-210. compute-part-2
10. compute-part-2Muhammad Ahad
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 ReviewAmy McMullin
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoNCCOMMS
 
Final project
Final projectFinal project
Final projectrippea
 
Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.Aakash Panchal
 
Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 EraShinsuke SUZUKI
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
11. operating-systems-part-1
11. operating-systems-part-111. operating-systems-part-1
11. operating-systems-part-1Muhammad Ahad
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Cisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric VanderburgCisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric VanderburgEric Vanderburg
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 

More Related Content

What's hot

Secure nets-and-data
Secure nets-and-dataSecure nets-and-data
Secure nets-and-dataKevin Mayo
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Network Management
Network ManagementNetwork Management
Network ManagementLeo Thiha
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...EnergySec
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsPrecisely
 
01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructure01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructureMuhammad Ahad
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code ScannerLuigi Perrone
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 ReviewAmy McMullin
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoNCCOMMS
 
Final project
Final projectFinal project
Final projectrippea
 
Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.Aakash Panchal
 
Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 EraShinsuke SUZUKI
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
11. operating-systems-part-1
11. operating-systems-part-111. operating-systems-part-1
11. operating-systems-part-1Muhammad Ahad
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 

What's hot (20)

Secure nets-and-data
Secure nets-and-dataSecure nets-and-data
Secure nets-and-data
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
Network Management
Network ManagementNetwork Management
Network Management
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
 
01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructure01. 03.-introduction-to-infrastructure
01. 03.-introduction-to-infrastructure
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
 
07. datacenters
07. datacenters07. datacenters
07. datacenters
 
10. compute-part-2
10. compute-part-210. compute-part-2
10. compute-part-2
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 Review
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
 
Final project
Final projectFinal project
Final project
 
Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.Fundamentals of Servers, server storage and server security.
Fundamentals of Servers, server storage and server security.
 
Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 Era
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
11. operating-systems-part-1
11. operating-systems-part-111. operating-systems-part-1
11. operating-systems-part-1
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 

Similar to Information Security Lesson 4 - Baselines - Eric Vanderburg

Cisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric VanderburgCisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric VanderburgEric Vanderburg
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...xKinAnx
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Ch 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS VulnerabilitesCh 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS VulnerabilitesSam Bowne
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11Waqas Ahmed Nawaz
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfThangDang53
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesSam Bowne
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgEric Vanderburg
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Ch 9: Embedded Operating Systems: The Hidden Threat
Ch 9: Embedded Operating Systems: The Hidden ThreatCh 9: Embedded Operating Systems: The Hidden Threat
Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Srinivasa Addepalli
 
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgNetworking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgEric Vanderburg
 
CNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS VulnerabilitiesCNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS VulnerabilitiesSam Bowne
 

Similar to Information Security Lesson 4 - Baselines - Eric Vanderburg (20)

Cisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric VanderburgCisco Security Agent - Eric Vanderburg
Cisco Security Agent - Eric Vanderburg
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
 
Ensuring your plant is secure
Ensuring your plant is secureEnsuring your plant is secure
Ensuring your plant is secure
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Ch 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS VulnerabilitesCh 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS Vulnerabilites
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Ch 9: Embedded Operating Systems: The Hidden Threat
Ch 9: Embedded Operating Systems: The Hidden ThreatCh 9: Embedded Operating Systems: The Hidden Threat
Ch 9: Embedded Operating Systems: The Hidden Threat
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
 
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric VanderburgNetworking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
Networking Concepts Lesson 10 part 1 - Network Admin & Support - Eric Vanderburg
 
W982 05092004
W982 05092004W982 05092004
W982 05092004
 
CNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS VulnerabilitiesCNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS Vulnerabilities
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Information Security Lesson 4 - Baselines - Eric Vanderburg

  • 1. Information Security Chapter 4 Security Baselines Information Security © 2006 Eric Vanderburg
  • 2. Basic Security • TSR (Terminate and Stay Resident) programs – Applications that are running even when you close them so that they can be loaded faster. • Process – program or program component that runs in the background. Information Security © 2006 Eric Vanderburg
  • 3. Services • Perform a specific function for the OS. Each requires a process or processes to function. They run in these modes: – Automatic – Manual – Disabled • Services.msc Information Security © 2006 Eric Vanderburg
  • 4. Services • Netstat - Displays active TCP connections, ports on which the computer is listening Information Security © 2006 Eric Vanderburg
  • 5. Services • Disable unused services – Difficult because it is hard to find which ones are not used – Processes can be monitored but many services could use a process • Unused services are great for attackers because you do not see their activity and they are always running. • Malicious code could be added to the service to run with it. • Network services have an associated port that must be open for them to function. This is an entry point for an attacker. – Port numbers? Review Information Security © 2006 Eric Vanderburg
  • 6. TCP/IP • Socket – Protocol, Address, Port – TCP 13.154.33.61:53 • IP Address review • 65,535 ports, 1000 and lower are most used Information Security © 2006 Eric Vanderburg
  • 7. Securing the system • OS Hardening – securing the system against vulnerabilities. (see guides for each system) – Patch management is one component – Patch – fixes an issue and is tested – Hot fix – less tested than a patch – Service Pack – Group of patches together. The entire group is tested together for stability. Information Security © 2006 Eric Vanderburg
  • 8. Patch Management • SUS (Software Update Services) or 3rd party tools • Define patches for groups of computers • Update computers on a schedule • Verify that patches have been installed (log) Information Security © 2006 Eric Vanderburg
  • 9. MMC (Microsoft Management Console) • Custom MMCs – Saved as .msc in your documents and settings – Can work for local or remote computers – Taskpad – Snap-ins • Security Policy – Security Configuration and Analysis MMC snap-in – Command-line SECEDIT utility Information Security © 2006 Eric Vanderburg
  • 10. Security Templates (Windows) • Security Templates – Setup Security - default security settings. – Compatible (compatws.inf) - members of the Users group can run applications that are not a part of the Designed for Windows Logo Program. – Secure (securedc.inf / securews.inf) - modifies security settings that impact the operating system and network protocols such as the password policy, account policy, and various Registry settings. It also removes all members from the Power Users group. – Highly Secure (hisecdc.inf / hisecws.inf) - This template increases the security of the parameters defined within the secure template. This template also removes all members from the Power Users group. – Internet Explorer (lesacls.inf) – locks down IE – Reset file permissions (rootsec.inf) – reset permissions starting from the root. Information Security © 2006 Eric Vanderburg
  • 11. Group Policy • Make environmental changes to groups of clients or servers • Change policies such as password length or complexity for a domain • Enforce restrictions on users or computers • Restrict available software Information Security © 2006 Eric Vanderburg
  • 12. Default GPOs • Default Domain Policy – Applied to domain – Password policy, account policy, & kerberos can only be set here • Default Domain Controllers Policy – Applied to DC container • Create others in the Group Policy Object Editor MMC or from AD Users & Computers Information Security © 2006 Eric Vanderburg
  • 13. Hardening • Application Hardening – Patch – MBSA (Microsoft Baseline Security Analyzer) can check for patch compliance with Microsoft applications – Cisco Security Agent can restrict the abilities of certain applications • Web Server Hardening – – – – ACLs Patch Delete sample web pages Put the web server in a separate area of the network DMZ (Demilitarized Zone) – Delete scripts and applications that are not used – Enable encryption for sensitive data Information Security © 2006 Eric Vanderburg
  • 14. Hardening • Mail Server Hardening – Use a single purpose machine – Require authentication for mail protocols to protect against open mail relay (bouncing messages from your mail server to another). – Set an ACL for those who can send messages – Enable logging for defense and legal purposes. • File Servers Hardening – Set appropriate permissions – Log access to sensitive files – Keep behind the firewall Information Security © 2006 Eric Vanderburg
  • 15. Hardening • NNTP (Network News Transfer Protocol) Hardening – ACLs – Authentication – Patch • FTP Server Hardening – – – – Disable anonymous logon Use an ACL Set appropriate privileges Set account logon restrictions such as time-outs, lockouts for failed logon, and auditing. Information Security © 2006 Eric Vanderburg
  • 16. Hardening Data Repositories • Directory Services – Windows • • • • • – – – – AD (Active Directory) SAM (Security Accounts Manager) – Local database DC (Domain Controller) PDC (Primary Domain Controller) BDC (Backup Domain Controller) Novell (eDirectory) LDAP (Lightweight Directory Access Protocol) Use ACLs Restrict the right to log on locally to domain controllers Information Security © 2006 Eric Vanderburg
  • 17. Hardening Data Repositories • DBMS (Database Management System) – Oracle, SQL Server, Informix, Sybase, DB2 – Buffer Overflow – SQL (Structured Query Language) Injection – send a malformed SQL query • • • • • Utilize user views Segment the database Keep the database tables behind the firewall Utilize authentication Stored procedures and web forms should use proper coding techniques to protect against buffer overflow, SQL injection, and other attacks. Information Security © 2006 Eric Vanderburg
  • 18. Hardening Networks • Update firmware on network devices – EEPROM (Electrically Erasable Programmable Read Only Memory) • Filter data at the edge of the network (Firewalls) • Filter by: – – – – – – Address (IP or MAC) Domain name Protocol Port Message content Session Information Security © 2006 Eric Vanderburg
  • 19. Hardening Networks • ACLs and Rule bases are used in filtering – Keep rule bases small to increase efficiency in filtering (max: 40 rules) Information Security © 2006 Eric Vanderburg
  • 20. Acronyms • • • • • • • • BDC, Backup Domain Controller DNS, Domain Name Service DHCP, Dynamic Host Configuration Protocol EEPROM, Electrically Erasable Programmable Read Only Memory EPROM, Erasable Programmable Read Only Memory FTP, File Transfer Protocol MMC, Microsoft Management Console NNTP, Network News Transfer Protocol Information Security © 2006 Eric Vanderburg
  • 21. Acronyms • • • • • • • • NOS, Network Operating System PDC, Primary Domain Controller ROM, Read Only Memory SAM, Security Accounts Manager TSR, Terminate and Stay Resident DBMS, Database Management System AD, Active Directory LDAP, Lightweight Directory Access Protocol • SQL, Structured Query Language Information Security © 2006 Eric Vanderburg