GESTION Y SEGURIDAD INFORMATICA
CARLOS JAVIER JIMENEZ HINCAPIE APRENDIZ
SERVICIO NACIONAL DE APRENDIZAJE SENA 2016
AMENAZA A LA BASE DE DATOS Ranking Amenaza 1 Privilei!" e#$e"iv!" % &rivilei!" '! ()ili*+,!" 2 A-("! ,e &rivilei!" le.)i/!" I'%e$$i' SL 3 M+l4+re 5 Pr!$e"! ,e +(,i)!r.+ ,-il 6 E#&!"i$i' ,e l!" /e,i!" ,e +l/+$e'+/ie')! 7 E#&l!)+$i' ,e v(l'er+-ili,+,e" % -+"e" ,e ,+)!" /+l $!'8(r+,+" 9 D+)!" "e'"i-le" '! +,/i'i")r+,!" : Ne+$i' ! ,e'e+$i' ,e "ervi$i!" 10 E,($+$i' % e#&erie'$i+ li/i)+,+ e' "e(ri,+, MALWARE M+l4+re e" (' )r/i'! ;(e "e ()ili*+ &+r+ ,e"$ri-ir "!<)4+re /+li')e'$i!'+,!= ;(e "e >+ ,i"e?+,! &+r+ !$+"i!'+r ,+?!" ! re+li*+r +$$i!'e" '! ,e"e+,+" e' (' "i")e/+ i'
Solución ante las amenazas M+')e'er l!" e;(i&!" +$)(+li*+,!" % el ("! ,e >err+/ie')+" ,e eli/i'+$i' ,e "!<)4+re /+li')e'$i!'+,! Re+li*+r (' +'@li"i" $!/&le)! ,el e;(i&! $!' el 8' ,e eli/i'+r $,i!" /+li$i!"!" ;(e &(,ier+' "er e'$!')r+,!" C+/-i+r )!,+" l+" $!')r+"e?+" ,e "ervi$i!" $!/! -+'$!"= $!rre! ele$)r'i$!= re,e" "!$i+le"= e)$= $!' el 8' ,e evi)+r ;(e el $i-er$ri/i'+l &(e,+ i're"+r + e")!" "i)i!" e' $+"! ;(e el /+l4+re >+%+ r!-+,! ,i$>+ i'
•
•
Controles ara !isminuir los riesgos ocasiona!os or las osi"les amenazas El &(')! e"e'$i+l e" +,!&)+r (' $!/&!r)+/ie')! "e(r! % &re$+vi,! Evi)e ,e"$+r+r e i'")+l+r &r!r+/+" ,e"$!'!$i,!"= '! "i+ e'l+$e" &r!ve'ie')e" ,e $!rre!" % /e'"+Be" &+r+ +$$e,er + "ervi$i!" -+'$+ri!"= ,(,e ,e $(+l;(ier e/+il "!"&e$>!"! E" i/&!r)+')e= )+/-i'= ;(e /+')e'+ &r!)ei,! el "i")e/+ $!' "!l($i!'e" ,e "e(ri,+, $!/! $!r)+<(e!"= 8l)r!" +')i"&+/= e)$ E' e")e "e')i,!= e" /(% i/&!r)+')e /+')e'er +$)(+li*+,! el "i")e/+ !&er+)iv! % )!,!" l!" &r!r+/+" i'")+l+,!"
#n$ección S%L E" (' /)!,! ,e i'8l)r+$i' ,e $,i! i')r("! ;(e "e v+le ,e ('+ v(l'er+-ili,+, i'err+/ie')+" ;(e )e")e' '(e")r+" +&li$+$i!'e" e' -("$+ ,e v(l'er+-ili,+,e" &!r i'%e$$i' SL Al('+" ,e e")+" >err+/ie')+" "!' + S%Li&eler '() S%L #n*ection+ Se )r+)+ ,e ('+ +&li$+$i' $(%! !-Be)iv! e" <+$ili)+r l+ e#)r+$$i' ,e i'err+/ie')+ ,e &+! ;(e !err+/ie')+ ,e &r(e-+" ,e $,i! +-ier)! ;(e +()!/+)i*+ el &r!$e"! ,e ,e)e$)+r % e#&l!r+r l!" err!re" ,e i'%e$$i' SL Controles ara !isminuir los riesgos ocasiona!os or las osi"les amenazas A l+ >!r+ ,e ,e"+rr!ll+r ('+ +&li$+$i'= e" /(% $!/&li$+,! $re+r ('+ >err+/ie')+ )!)+l/e')e "e(r+ + l+" &ri/er+" ,e $+/-i! L+ <+l)+ ,e )ie/&! % l+ i')erve'$i' ,e v+ri!" &r!r+/+,!re" &+r+ "( ,e"+rr!ll!= "!' <+$)!re" ;(e B(e+' e' $!')r+ ,e l+ "e(ri,+, A &e"+r ,e e")!" i'$!'ve'ie')e"= "ie/&re "e &(e,e' )!/+r /e,i,+" ,e "e(ri,+, ;(e '!" +%(,e' + ,e"+rr!ll+r +&li$+$i!'e" /@" r!-(")+"= +Be'+" + e")e )i&! ,e &r!-le/+" Me,i,+" &+r+ evi)+r "(
•
Deli/i)+r l!" v+l!re" ,e l+" $!'"(l)+" Veri8$+r "ie/&re l!" ,+)!" ;(e i')r!,($e el ("(+ri! A"i'+r /.'i/!" &rivilei!" +l ("(+ri! ;(e $!'e$)+r@ $!' l+ -+"e ,e ,+)!" Pr!r+/+r -ie' • • •
•
