Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 59 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
59
Dung lượng
1,34 MB
Nội dung
.c om cu u du o ng th an co ng Introduction To Information Systems Security CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Contents an co Information Systems Security ng History of information security ng th Risks, Threats, and Vulnerabilities du o Tenets of Information Systems Security cu u The Seven Domains of a Typical IT Infrastructure CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om cu u du o ng th an co ng History of information security CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security ng The 1960s co The 1970s and 80s th an The 1990s cu u du o ng 2000 to Present CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security (cont.) ng The history of information security begins with computer security cu u du o ng th an co Secure physical locations, hardware, and software from threats CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security (cont.) ng The 1960s: co During the Cold War, many more mainframes were brought online to th an accomplish more complex and sophisticated tasks du o ng Larry Roberts, known as the founder of the Internet, developed the project cu u which was called ARPANET CuuDuongThanCong.com https://fb.com/tailieudientucntt ng The 1970s and 80s: Network security c om History of information security (cont.) co ARPANET became popular and more widely used, and the potential for its th an misuse grew: ng protect data from unauthorized remote users du o lack of safety procedures for dial-up connections cu u nonexistent user identification and authorization to the system CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security (cont.) ng The 1990s: co The Internet has become an interconnection of millions of networks th an Industry standards for interconnection of networks: de facto standards cu u du o ng e-mail encryption CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security (cont.) ng 2000 to Present co Today, the Internet brings millions of unsecured computer networks into th an continuous communication with each other cu u du o ng Security? CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Risks, Threats, and Vulnerabilities Commonly Found in the LAN Domain MITIGATION Unauthorized access to LAN Computer rooms are secure Unauthorized access to systems, applications, and data Access control policies read/write/delete privileges on specific documents an co ng RISK, THREAT, OR VULNERABILITY vulnerability assessments th LAN server operating system software vulnerabilities software patching Unauthorized access WLANs Access control cu u du o ng LAN server application software vulnerabilities and software patch updates Compromised confidentiality of data transmissions via WLAN CuuDuongThanCong.com Implement encryption between workstation and WAP to maintain confidentiality https://fb.com/tailieudientucntt .c om LAN-to-WAN Domain The LAN-to-WAN Domain is where the IT infrastructure links to a wide cu u du o ng th an co ng area network and the Internet CuuDuongThanCong.com https://fb.com/tailieudientucntt ng Transmission Control Protocol (TCP) .c om LAN-to-WAN Domain co User Datagram Protocol (UDP) th an Both TCP and UDP use port numbers to identify the application or cu u du o ng function CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om LAN-to-WAN Domain co Routers: routing, access control lists ng Roles and tasks: th an Firewalls: Packet filtering ng Demilitarized zone (DMZ): web, proxy, email servers du o Intrusion detection system (IDS) cu u Intrusion prevention system (IPS) CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Risks, Threats, and Vulnerabilities Commonly Found in the LAN-to-WAN Domain MITIGATION Unauthorized network probing and port scanning Disable ping IDS/IPS DOS/DDOS attack ? co an th vulnerability assessments ng IP router, firewall, and network appliance operating system software vulnerability ng RISK, THREAT, OR VULNERABILITY update devices IP router, firewall, and network appliance configuration file errors or weaknesses Firewall, Encryption Unknown email attachments and embedded URL links received by local users Antivirus, Conduct security awareness training cu u du o LAN server application software vulnerabilities and software patch updates CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om WAN Domain ng The Wide Area Network (WAN) Domain connects remote locations co Roles and tasks: th an WAN communication links ng IP network design du o Firewall cu u router configuration VPNs, SNMP CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Risks, Threats, and Vulnerabilities Commonly Found in the WAN Domain MITIGATION Most Internet traffic sent in cleartext Use encryption and VPN tunnels DOS/DDOS attack ? Vulnerable to eavesdropping Use encryption and VPN tunnels th an co ng RISK, THREAT, OR VULNERABILITY IDS/IPS du o ng Vulnerable to malicious attacks Use encryption and VPN tunnels cu u Vulnerable to corruption of information and data CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Remote Access Domain The Remote Access Domain connects remote users to the organization’s IT co ng infrastructure th du o Secure browser software ng Laptop VPN client software an Roles and tasks: u Cell phones, smartphones cu VPN routers, VPN firewalls Secure Sockets Layer (SSL)/VPN web server CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Risks, Threats, and Vulnerabilities Commonly Found in the Remote Access Domain MITIGATION Brute-force user ID and password attacks Password policies Unauthorized remote access to IT systems, applications, and data ? A mobile worker’s laptop is stolen Multi-factor authentication th an co ng RISK, THREAT, OR VULNERABILITY Encrypt all private data within the database or hard drive cu u du o ng Private data or confidential data compromised remotely CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om System/Application Domain The System/Application Domain holds all the mission-critical systems, co ng applications, and data th an Roles and tasks: The System/Application Domain consists of hardware, cu u du o ng operating system software, applications, and data CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om RISK, THREAT, OR VULNERABILITY MITIGATION Unauthorized access to data centers, computer rooms, and wiring closets Password policies Downtime of servers to perform maintenance ? th an co ng RISK, THREAT, OR VULNERABILITY Backup du o ng Loss or corruption of data update cu u Server operating systems software vulnerability CuuDuongThanCong.com https://fb.com/tailieudientucntt cu u du o ng th an co ng c om Common threats and vulnerabilities in the seven domains of an IT infrastructure CuuDuongThanCong.com https://fb.com/tailieudientucntt cu u du o ng th an co ng c om Common threats and vulnerabilities in the seven domains of an IT infrastructure CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt ....c om Contents an co Information Systems Security ng History of information security ng th Risks, Threats, and Vulnerabilities du o Tenets of Information Systems Security cu u The... 19 60s co The 19 70s and 80s th an The 19 90s cu u du o ng 2000 to Present CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om History of information security (cont.) ng The history... called ARPANET CuuDuongThanCong.com https://fb.com/tailieudientucntt ng The 19 70s and 80s: Network security c om History of information security (cont.) co ARPANET became popular and more widely