1 - ns overview
TRANSCRIPT
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 1/16
Network Security
Overview
Information?
Assets?
Information and Assets
data stored on computers transmitted across
networks
printed out
written on a paper sent by fax
stored on disks
Information assets
Paper documents
Software assets
Physical assets
People
Company image and
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
spoken in conversationsover the telephone
Has value to organization .
Services
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 2/16
Protection of Integrity,
Network Security
Availability &
Confidentiality of
Network Assets and
Services from
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Vulnerabilities
3
• Increased security increases cost of the
s stem.
Cost of Security
• Cost of security is a combination of many
factors:
Cost for decreased system performance Cost for increased system complexity
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Increased operation and maintenance
cost
4
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 3/16
Security Vs Cost
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 5
•To make the decisions
concernin securit of
Security Vs Convenience
computer networks involve a
tradeoff between security
and convenience.•More security measures may
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
complaints from users.
6
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 4/16
Difficulty in Securing Network
Securin network is
more difficult than a
standalone computer
because of its
Connectivit
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Complexity
7
Connectivity
More people are
Difficulty in Securing Network
connected.
Sometimes outsiders
through Internet or Extranet. One attacker in one computer may
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
pose potential threat to all the
connected computers.
Difficult to enforce discipline among
users.8
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 5/16
Difficulty in Securing Network
Complexity
of changes.
Multiple Operating
Systems.
Difficult to enforce
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
technical security
measures.
9
An asset is something to which an organization
assigns value.
Asset and Network Asset
sse requ res pro ec on.
Network Assets are:
Hardware Servers, Client stations, Communications devices
(router, bridge, hub, switch, gateway, modem etc.),Peripheral devices, Cables , UPS etc.
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 10
, ,tools , software under development etc.
Data /Information
Organization data: Database, e-mail, spreadsheet,Word processing etc.Network Data: Users access privileges, password, audittrail, network configuration and settings.User data: Personal processed data, user owned files,etc.
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 6/16
Threat is anything that
Threat
harm / loss to assets.
Threat would need to
exploit vulnerability of
the assets.
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Threat can be accidental
or deliberate.
11
Threat (Contd.)
Malicious software
communication
lines/cables
Deterioration of
storage media Eavesdropping
Misuse of resources
Unauthorizednetwork access
Administrator error User error
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
ar ware a ure
Maintenance error
Transmission error
--- etc.
12
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 7/16
Vulnerability is
weakness associated
Vulnerability
with assets.
Weakness may be
exploited by threats
causing loss / damage
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
.
A vulnerability in itself does not cause harm
until exploited.
13
Vulnerability (Contd.)
Insufficient security Lack of identification
Lack of security
awareness
Inadequate
recruitment
procedures
mechanisms
Transfer of passwords in clear
Unprotected publicnetwork connections
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Insufficient preventive
maintenance
management
…… etc
14
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 8/16
Threats & Vulnerabilities
Vulnerability Threat
Uncontrolled copying Theft
Unprotected communication lines Eavesdropping
Services having authentication
credentials are in clear text
Eavesdropping
Lack of proof of sending / receiving
message
repudiation
Dial-up lines Unauthorized access
Wireless network Unauthorized access
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Uncontrolled Internet Access Malicious code(virus,
warm,trojans,spywares etc)
Poor network design Unauthorized network access
Poor network design Traffic overloading
15
A security risk is the potential that a
given threat will exploit
Security Risk
vulnerabilities to cause loss/damage
to asset and hence directly /
indirectly to the organization
It is a function of the impact of the
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
of the event occurring.
16
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 9/16
The process of identifying
securit risks and determinin
Risk Assessment
their magnitude.
Sometimes referred to as
risk analysis.
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 17
Risk Assessment (Contd.)
Risk Assessment produces an estimate of the
risk to an asset at a given point in time. It
answers the following questions
What can go wrong
How bad could it be
How likely is it to occur
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 18
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 10/16
Security for most organizations is in a
comfortable sleep in the lap of firewalls
Security ! Who Cares
an nt v rus-so tware
Lack of structured approach to deal with
security
Security looked upon as a static issue
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
oo cos y - n a u na pro em
Top management not concerned
19
30%Lack of training
Barriers to Security
10%
15%
20%
25%Pace of change
Poorly defined policy
Lack of management
support
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
0%
5%
Insufficient capital
budget
Complexity of
technology
PwC IT Security Survey20
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 11/16
Market reputation Technical
Management concerns Security measures
Solution
ISMS through
Risk
Assessment
Business continuity
Disaster recovery
Business loss
Loss of confidential
data
Procedural
Physical
Logical
Personnel
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
confidence
Legal liability
Cost of security
Management
21
ISMS Standards
ISO/IEC 27001
ISMS - Requirements
A specification
Used as a basis for certification
ISO/IEC 27002
A code of practice (not a specification)
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Provides best practice guidance
Use as required within your business
Not for certification
22
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 12/16
Types of testing
Penetration Testing
Lookin the network in an Attacker’s e e from outside
the network.
Application Security Testing.
Vulnerability assessment
Review of network architecture and segmentation
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Critically examine the network and its components for
their weakness in configuration and deployment.
23
Attack Types
External Attacks
carried through the Internal Attacks
carried through the
Company
Intranet
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
59% of the attacks are carried out using the Internet38% of the attacks are carried out by employees internally
24
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 13/16
Hacking life cycle
Reconnaissance Active / passive
Clearing
Gaining access Operating system level /
application level
Network level
Denial of service
Maintaining access
Tracks
Maintaining Access
Scanning
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Uploading / altering /downloading programs or
dataCovering tracks
Gaining Access
25
Hacker’s starting points
www.netcraft.com
. .
www.defaultpassword.com
www.archive.org
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview 26
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 14/16
Penetration testing
’
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
.
Helps to understand the security preparednessagainst evolving threats.
Unearths security vulnerabilities and configurationmistakes in the target system.
27
Vulnerability assessment
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
Detailed analysis of vulnerabilities present in theservers, operating systems and application,which can be exploited by external attackers orby an internal compromise.
28
8/3/2019 1 - NS Overview
http://slidepdf.com/reader/full/1-ns-overview 15/16
VA - Review of configuration
Default installations are focused more .
In general, many unnecessary services
are present.
New vulnerabilities are discovered almost
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
.
29
Sources of Information
CERT-IN (www.cert-in.org.in)
. .
CERT Advisories, Incident Notes,
Vulnerability Notes …
SANS (www.sans.org)AUSCERT www.auscert.or .au
Certified Network Security Manager Ver. 1.0 #Module 1: NSM - Overview
NIST (http://icat.nist.gov/icat.taf)
FIRST (www.first.org)
30