joe budzyn jeff goeke-smith jeff utter. risk analysis match the technologies used with the security...
DESCRIPTION
Firewalls What is a firewall? A technology for the selective allowance of network traffic. Types of firewalls Stateful or Stateless Software or Hardware Border or IntranetTRANSCRIPT
![Page 1: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/1.jpg)
Joe BudzynJeff Goeke-Smith
Jeff Utter
![Page 2: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/2.jpg)
Risk Analysis Match the technologies used with the security
need Spend time and resources covering the most
likely and most expensive risks
![Page 3: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/3.jpg)
Firewalls What is a firewall?
A technology for the selective allowance of network traffic.
Types of firewallsStateful or StatelessSoftware or Hardware
Border or Intranet
![Page 4: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/4.jpg)
Firewalls Rule Set Methodology
Mostly OpenMostly Closed
ZonesUntrustTrustDMZ
![Page 5: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/5.jpg)
IDS / IPS Network Device that identifies and
optionally stops hostile network traffic Signature based detection
Signatures can match on packet contentSignatures can match on behavior
Deployed at network choke points Generally in conjunction with a firewallBorder of an office, a workgroup, a building,
or a campus
![Page 6: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/6.jpg)
Encryption Encryption is the process of transforming
information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
Public Key / Private Key Pre-shared Key Example Uses
Disk Encryption, File EncryptionSecure Email (i.e. PGP)
![Page 7: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/7.jpg)
VPN Network tunnel over a more general
network Implies channel encryption,
authentication, authorization May be used to avoid firewalls and
IPS/IDS systems on the path of the tunnel Deployed next to firewalls for remote
access or administrative access.
![Page 8: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/8.jpg)
Secure Remote Access Remote Desktop Client SSH Network Tunnels Two Factor Authentication Key Based Authentication
![Page 9: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/9.jpg)
Tripwire Tripwire watches for changes to files for
monitored systems. Enterprise Tripwire runs with a server and
clients. Remote monitoring of changes, with alerts.Ability to approve or roll back some changes.
Useful in the detection of intentional and unintentional changes.
![Page 10: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/10.jpg)
Network Flow Analysis Look for ‘odd’ behavior rather than ‘odd’
content. Traffic sent to an analysis engine via a
mirror, or summarized by the routers Multiple products exist with differing
emphasisArbor NetworksQ1 labs
![Page 11: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/11.jpg)
Anti-Malware Malware is any piece of malicious code
or a program that embeds itself onto a computer without the user’s knowledge.
Examples
VirusSpamTrojanRoot kit
SpywareAdwareKey Logger
![Page 12: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/12.jpg)
Anti-Malware What to do about it?
DON’T OPEN ATTACHMENTS THAT YOU ARE NOT EXPECTING.○ ESPECIALLY IF YOU DON’T TRUST THE
SOURCEKeep an up to date Anti-Malware application
(or suite) installed and running.○ Many different vendors and some free apps
do this.
![Page 13: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/13.jpg)
Security Practices - Servers Patch Management
All systems are vulnerable, patching makes them less so
Log AnalysisLearn what is normal, then watch for the
abnormal Secure Configuration
Pick a standard and follow it
![Page 14: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/14.jpg)
Security Practices - Users All users on the network are integral to
overall securityUser Education Campaigns
User Policy ToolsGroup Policy, reviewing logs
![Page 15: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/15.jpg)
Denial of Service Protection Types of DoS
UDP flood, SYN flood, ICMP flood, backscatter, distributed, packet of death, BGP route injection
Type of protectionRouting infrastructureFirewallsSpecial adaptive devices
![Page 16: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/16.jpg)
Advanced Network Tricks Honey Pots – a weakened computer
meant to attract attackers Tar Pits – a series of fake computers
meant to slow attackers down Dark Nets – a network of fake
computers meant to determine what attackers are doing
![Page 17: Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis Match the technologies used with the security need Spend time and resources covering the most](https://reader035.vdocument.in/reader035/viewer/2022081507/5a4d1b757f8b9ab0599b7188/html5/thumbnails/17.jpg)
Managing Your Identities Common complaint: I have too many
passwords to remember!This may lead to sticky notes under
keyboards Password Wallet or Password Safe Public key / private key encryption Password generation algorithms