Professor Messer Comptia Sy0 501 Security Plus Course Notes



Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0

Professor Messer Comptia Sy0 501 Security Plus Course Notes



Uploaded by Adriel Martinez



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music

Professor Messer Sec+ 501 Exam Guide









Save

Embed

Share

Print

Download

Pearson.compTIA.cybersecurity.analyst.c CompTIA Comptia Security Security+ Plus Mini Course

1

of 103

 

Master your semester with Scribd & The New York Times Special offer for students: Only $4.99/month.

 Search document

Read Free Foron 30this Days Sign up to vote title



 Not useful Cancel anytime.

Useful



 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In

Read Free For 30 Days Cancel anytime.

Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



Professor Messer’s CompTIA SY0-501 Security+ Course Notes James “Professor “Professor”” Messer

hp://www.ProfessorMesser.com






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



Professor Messer’s CompTIA SY0-501 Security+ Course Notes

Wrien by James “Professor” Messer Copyright © 2017 by Messer Studios, LLC hp://www.ProfessorMesser.com All rights reserved. No part of this book may be reproduced or transmied in any form or by any means, electronic or mechanical, including photocopying, recording, or by any informaon storage storage and retrieval system, without wrien permission per mission from the publisher publisher.. First Edion: October 2017 Trademark Tr ademark Acknowledgments

All product names and trademarks are the property of their respecve owners, and are in no way associated or aliated with Messer Studios, LLC. “Professor Messer” is a registered trademark of Messer Studios LLC. “CompTIA” and “Security+” are registered trademarks of CompTIA, I nc. Warning and Disclaimer

This book is designed to provide informaon about the CompTIA SY0-501 Security+ cercaon c ercaon exam. However,, there may be typographical and/or content errors. Therefore, However Therefore, this book should serve ser ve only as a general guide and not as the ulmate source of subject informaon. The author shall have no liability or responsibility to any person or enty regarding any loss or damage incurred, or alleged to have incurred, directly or indirectly, by the informaon contained in this book.






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



Contents 1.0 - Threats, Aacks, and Vulnerabilies 1.1 - An Overview of Malware 1.1 - Viruses and Worms 1.1 - Ransomwa Ransomware re and Crypto-Malwar Crypto-Malware e 1.1 - Trojans and RAT RATss 1.1 - Rootkits 1.1 - Keyloggers 1.1 - Adware and Spyware 1.1 - Bots and Botnets 1.1 - Logic Bombs 1.2 - Phishing 1.2 - Tailgang and Impersonao Impersonaon n 1.2 - Dumpster Diving 1.2 - Shoulder Surng 1.2 - Hoaxes 1.2 - Watering Hole Aacks 1.2 - Principles of Social Engineering 1.2 - Denial of Service 1.2 - Man-in-the-Middle 1.2 - Buer Overows 1.2 - Data Injecon 1.2 - Cross-site Scripng - XSS 1.2 - Privilege Escalaon 1.2 - DNS Poisoning and Domain Hijacking 1.2 - Cross-site Request Forgery 1.2 - Zero-day Aacks 1.2 - Replay Aacks 1.2 - Client Hijacking Aacks 1.2 - Client Hijacking Aacks Special offer for students: Only $4.99/month. 1.2 - Driver Manipulaon

Master your semester with Scribd & The New York Times





Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.0 - Technologies and Tools 2.1 - Firewalls 2.1 - VPN Concentrators 2.1 - Network Intrusion Detecon and Prevenon 2.1 - Router and Switch Security 2.1 - Proxies 2.1 - Load Balancers 2.1 - Access Points 2.1 - SIEM 2.1 - Data Loss Prevenon 2.1 - Network Access Control 2.1 - Mail Gateways 2.1 - Other Security Devices 2.2 - Soware Securit Securityy Tools 2.2 - Command Line Security Tools 2.3 - Common Security Issues 2.4 - Analyzing Security Output 2.5 - Mobile Device Connecon Methods 2.5 - Mobile Device Connecon Methods 2.5 - Mobile Device Enforcement 2.5 - Mobile Device Deployment Models 2.6 - Secure Protocols

3.0 - Architecture and Design 3.1 - Compliance and Framework Frameworkss 3.1 - Secure Conguraon Conguraon Guides 3.1 - Defense-in-D Defense-in-Depth epth 3.2 - Secure Network Topologies 3.2 - Network Segmentao Segmentaon n 3.2 - VPN Technologies 3.2 - Security Technology Placement Special offer for students: $4.99/month. 3.2 -Only Securing SDN 3.3 Hardwar Security






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.6 - Provisioning and Deprovisioning 3.6 - Secure Coding Technique echniquess 3.6 - Code Quality and Tesng 3.7 - Cloud and Virtualizaon Overview 3.7 - Virtualizaon Security 3.7 - Security in the Cloud 3.7 - Security in the Cloud 3.8 - Resiliency and Automaon 3.8 - Redundancy, Fault Tolerance, and High Availabili Availability ty 3.9 - Physical Security Controls 1.4 - Storag Storage e Area Networking

4.0 - Identy and Access Management 4.1 - AAA and Authencaon 4.2 - Identy and Access Services 4.2 - PAP, CHAP, and MS-CHAP 4.2 - Federat Federated ed Idenes 4.3 - Access Control Models 4.3 - Access Control Technologies 4.4 - Account Types 4.4 - Account Management 4.4 - Account Policy Enforcemen Enforcementt

5.0 - Risk Management 5.1 - Agreement Types Types 5.1 - Person Personnel nel Management 5.1 - Role-based Awareness Tr Training aining 5.1 - General Security Policies 5.2 - Business Impact Analysis 5.3 - Risk Assessment 5.4 - Incident Response Planning 5.4 - Incident Response Process Special offer for students: Only $4.99/month. 5.5 - Gathering Forensics Data






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

1.8K views



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.0 - Cryptography and PKI 6.1 - Cryptograph Cryptographyy Concepts 6.1 - Symmetric and Asymmetric Encrypon 6.1 - Hashing and Digital Signatures 6.1 - Randomizing Cryptograph Cryptographyy 6.1 - Weak Encrypon 6.1 - Cryptograph Cryptographic ic Keys 6.1 - Steganography 6.1 - Stream and Block Ciphers 6.1 - States of Data 6.1 - Perfect Forward Secrecy 6.1 - Common Cryptograph Cryptographyy Use Cases 6.2 - Symmetric Algorithms 6.2 - Block Cipher Modes 6.2 - Asymmetric Algorithms 6.2 - Hashing Algorithms 6.2 - Key Stretchin Stretching g Algorithms 6.2 - Obfusca Obfuscaon on 6.3 - Wireless Cryptograp Cryptographic hic Protocols 6.3 - Wireless Authencao Authencaon n Protoco Protocols ls 6.3 - Wireless Security 6.4 - PKI Components 6.4 - PKI Concepts 6.4 - Types of Cercates 6.4 - Cercate File Formats






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



Introducon

Informaon technology technology security is a signicant concern for every IT specialist. Our systems are un constant aack, and the next generaon of security professionals will be at the forefront of keepi crical informaon safe.

CompTIA’s Security+ exam tests you on the specics of network security, vulnerabilies and threa cryptography, and much more. I’ve created these Course Notes to help you through the details th to know for the exam. Best of luck with your studies! - Professor Messer

The CompTIA CompTIA Security+ Security+ cercaon To earn the Security+ cercaon, you must pass a single SY0-501 cercaon exam. The exam is in duraon and includes both mulple choice quesons and performance-based quesons. Perfo based quesons can include ll-in-the-blank, matching, sorng, and simulated operaonal enviro You will need to be very familiar with the exam topics to have the best possible exam results. Here’s the breakdown of each technology section and the percentage of each topic on the SY0Secon 1.0 - Threats, Aacks, Aacks, and Vulnerabilies - 21% Secon 2.0 - Technologies and Tools - 22% Secon 3.0 - Architecture and Design - 15% Secon 4.0 - Identy and Access Management - 16% Secon 5.0 - Risk Management - 14% Secon 6.0 - Cryptography and PKI - 12% CompTIA provides a detailed set of exam objecves that provide a list of everything you need to you take your exam. You can nd a link to the exam objecves here:

Master your semester with Scribd hp://www.professormesser.com/objecves/ & The New York Times Special offer for students: Only $4.99/month.

How to use this book





Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 


 Search document





Useful



 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



Professor Messer’s

CompTIA Security+ SY0-501 Course Notes

hp://www.ProfessorMe

1.1 - An Overview of Malware Malware

How you get malware

• Malicious soware - These can be very bad • Gather informaon - Keystrokes • Parcipate in a group - Controlled over the ‘net • Show you adversing - Big money • Viruses and worms • Encrypt your data • Ruin your day

• These all work together • A worm takes advantage of a vulnerability • Installs malware that includes a remote acces ac ces • Bot may be installed later • Your computer must run a program • Email link • Don’t click links • Web page pop-up • Drive-by download • Worm • Your computer is vulnerable • Operang system • Keep your OS updated! • Applicaon • The Adobe Flash vulnerability of the moment

Malware types and methods

• Viruses • Crypto-malware, Ransomware • Worms • Trojan Horse • Rootkit • Keylogger • Adware/Spyware • Botnet

1.1 - Viruses and Worms Virus • Malware that can reproduce itself • It doesn’t need you to to click anything • It needs you to execute a program program • Reproduces through le systems or the network • Just running a program can spread a virus • May or may not cause problems • Some viruses are invisible, invisible, some are annoying annoying • An-virus is very common • Thousands of of new viruses every week • for Is your signature signature le updated? updated? Special offer students: Only $4.99/month.


Types of Viruses

• Program viruses - It’s part of the applicaon applicaon • Boot sector sector viruses - Who needs an OS? • Script viruses - Operang system system and browse • Macro viruses viruses - Common in Microso Microso Oce Worms

• Malware that self-replica self-replicates tes • Doesn’t need you to do anything  Read Free For 30this Days Signnetwork up to vote title • Uses the ason a transmission medium  Not useful  Useful  • Self-propagates Self-propagat es and spreads quickly Cancel anytime. • Worms are prey bad things • Can take over many systems very quickly





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.1 - Ransomware and Crypto-Malware Your data is valuable • Personal data • Family pictures and videos • Important documents • Organizaon data • Planning documents • Employee personally idenable informaon (PII) • Financial informaon • Company private data • How much is it worth? • There’s a number Ransomware

• The bad guys want your money • They’ll take your computer in the meanme • Probably a fake ransom • Locks your computer “by the police” • The ransom may be avoided • A security professional may be able to remove these kinds of malware

• Crypto-malware

• New generaon of ransomware • Your data is unavailable unl you provide cash • Malware encrypts your data les • Pictures, documents, music, movies, etc. • Your OS remains available • They want you you running, but not working working • You must pay the bad guys to obtain the decryp • Untraceable payment payment system system • An unfortunate unfortunate use of public-key cryptograph cryptograph Protecng against ransomware • Always have a backup - an oine backup, ideally • Keep your operang system up to date • Patch those vulnerabilies vulnerabilies • Keep your applicaons up to date • Security patches • Keep your an-virus/an an-virus/an-malware -malware signatures up • New aacks aacks every hour • Keep everything up to date.

1.1 - Trojans and RATs Trojan horse

Remote Access Trojans (RATs)

• Used by the Greeks to capture Troy from the Trojans • A digital wooden horse • Soware that pretends to be something else • So it can conquer your computer • Doesn’t really care much about replicang • Circumvents your exisng security • An-virus may catch it when it runs • The beer Trojans are built to avoid and disable AV • Once it’s inside it has free reign • And it may open the gates for other programs

• Remote Administraon Tool • The ulmate backdoor • Administrave control of a device • Malware installs the server/service/host • Bad guys connect with the client soware • Control a device • Key logging, screen recording /screenshots, c • Embed more malware

Master your semester with Scribd Backdoors • WhyNew go through normalTimes authencaon methods? & The York • Just walk in the back door Special offer for students: Only $4.99/month. • Oen placed on your computer through malware





Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



0

1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.1 - Rootkits (connued) Finding and Removing rootkits

Sheet Music

• Look for the unusual • An-malware scans • Use a remover specic to the rootkit • Usually built aer the rootkit is discovered • Secure boot with UEFI • Security in the BIOS

1.1 - Keyloggers Keyloggers

• Your keystrokes contain valuable informaon • Web site login URLs, passwords, email messages • Save all of your input • Send it to the bad guys • Circumvents encrypon protecons • Your keystrokes are in the clear • Other data logging • Clipboard logging, screen logging, instant messaging, search engine queries

Prevenng Keyloggers • Usually installed with malware • Use an-virus/an an-virus/an-malware -malware • Keep your signatures updated • Block unauthorized communicaon • Block the exltraon aempt • Firewall rules / monitoring • Run a keylogging scanner • Checks for keylogging acvity

DarkComet-RAT Keylogger

Master your semester with Scribd & The1.1New York Times - Adware and Spyware Special offer for students: Only $4.99/month.

Adware





Useful

 

Why is there so much adware and spy





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.1 - Bots and Botnets Botnets • Robot networks • Skynet is self-aware • Once your machine is infected, it becomes a bot • You may not even know • How does it get on your computer? • Trojan Trojan Horse (I just j ust saw a funny video of you! Click here.) You run a program or click an ad you THOUGHT was legit, but... • OS or applicaon vulnerability vulnerability • A day in the life of a bot • Sit around. Check in with the mother ship. Wait for instrucons. Botnets

Stopping the Bots

• Prevent the inial infecon • OS and applicaon patches • An-virus/an-m An-virus/an-malware alware and updated signatures • Idenfy an exisng infecon • On-demand scans • Network monitoring • Prevent command and control • Block at the rewall • Idenfy at the workstaon w host-based host-bas ed rewall or host-b

• A group of bots working together • Nothing good can come from this • Distributed Denial of service (DDoS) • The power of many • Botnets are for sale • Rent me from the bad guys • Not a long-term business proposion

1.1 - Logic Bombs Logic bomb • Waits for a predened event • Oen le by someone with grudge • Time bomb - Time or date • User event - Logic bomb • Dicult to idenfy • Dicult to recover if it goes o Real world logic bombs • March 19, 2013, South Korea • Email with malicious aachment sent to South Korean organizaon organizaonss • Posed as a bank email • Trojan installs malware Special• offer for 20, students: $4.99/month. March 2013,Only 2 p.m. local me • Malware logic-bomb acvates


Real world logic bombs • December 17, 2016, 11:53 p.m. • Kiev, Ukraine, high-voltage substaon • Logic bomb begins disabling electrical ci • Malware mapped out the control netw • Began disabling power at a predetermin • Customized for SCADA networks • Supervisory Control and Data Acquisi Prevenng a logic bomb • Dicult to recognize  signatu • Each isFree unique - 30 No predened Read Foron Days Sign up to vote this title  • Process and procedures Not useful  Useful  anytime. • FormalCancel change control • Electronic monitoring





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Phishing (connued) The big phish • March 19, 2016 • John Podesta, Former White House Chief of Sta, Former Counselor to the President of the United States • Former chairman of the 2016 Hillary Clinton United States presidenal campaign • Gmail personal account with messages from 2007 through 2016

Filling the net

• Podesta used the bit.ly link in the to “reset” his password • Wasn’t actually a Google reset link • Ten years of personal emails were un • And downloaded • Every email was made available on W • The good, the bad, and the ugly • Don’t underesmate the eects of • It can have signicant repercussion

1.2 - Tailgang and Impersonaon Tailgang • Use someone else to gain access to a building • Not an accident • Johnny Long / No Tech Hacking • Blend in with clothing • 3rd-party with a legimate reason • Temporarily take up smoking • I sll prefer bringing doughnuts • Once inside, there’s lile to stop you • Most security stops at the border Watching for tailgang • Policy for visitors • You should be able to idenfy anyone • One scan, one person • A maer of policy or mechanically required • Mantrap / Airlock • You don’t have a choice • Don’t be afraid to ask • Who are you and why are you here?

Master your semester with Scribd - Dumpster & The1.2New York Diving Times Dumpster DivingOnly $4.99/month. Special offer for students: • Mobile garbage bin

Impersonaon • Pretend to be someone you aren’t • Halloween for the fraudster fraudsterss • Use some of those details you got from the d • You You can trust me, I’m with your help desk • Aack the vicm as someone higher in rank • Oce of the Vice President for Scamming • Throw tons of technical details around • Catastrophic feedback due to the depolariz of the dierenal magnetometer • Be a buddy - How about those Cubs? Protect against Impersonaon • Never volunteer informaon - My password • Don’t disclose personal details - The bad guy • Always verify before revealing info • Call back, verify through 3rd pares • Vericaon should be encouraged • Especially if your organizaon owns valuable informaon  Read Free Foron 30this Days Sign up to vote title





Useful  Not useful Cancel anytime. Is it legal to dive in a dumpster? • I am not a lawyer.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Shoulder Surng Shoulder Surng • You have access to important informaon • Many people want to see • Curiosity, industrial espionage, compeve advantage • This is surprisingly easy • Airports / Flights, hallway-facing hallway-facing monitors, coee shops • Surf from afar • Binoculars / Telescopes, webcam monitoring

Prevenng shoulder surng • Control your input • Be aware of your surroundings • Use privacy lters • It’s amazing how well they work • Keep your monitor out of sight • Away from windows and hallways • Don’t sit in front of me on your ight • I can’t help myself

1.2 - Hoaxes Computer hoaxes

De-hoaxing

• A threat that doesn’t actually exist • But they seem like they COULD be real • Sll oen consume lots of resources • Forwarded email messages, printed memorandums, wasted me • Oen an email - Or Facebook wall post, or tweet, or... or... • Some hoaxes will take your money • But not through electronic means • A hoax about a virus can waste as much me as a regular virus

• It’s the Internet. Believe no on • Consider the source • Cross reference • hp://www.hoax-slayer.net • hp://www hp://www.snopes.com .snopes.com • Spam lters can help • If it sounds too good to be true • So many sad stories

Hoax Examples

Master your semester with Scribd Read Free Foron 30this Days Sign up to vote title 1.2 - Watering Hole Aacks & The New York Times Useful  Not useful where Watering Hole Aack Because that’s the money is Special• offer forifstudents: Only $4.99/month. What your network was really secure? • You didn’t even plug in that USB key

 

Cancel anytime.

• January 2017 • Polish Financial Supervision Authority Authority,, Naonal Ba





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Principles of Social Engineering Eecve social engineering • Constantly changing • You You never know what they’ll use next • May involve mulple people • And mulple organiza organizaons ons • There are es connecng many organizaons • May be in person or electronic • Phone calls from aggressive “customers” • Emailed funeral nocaons of a friend or associaon Social engineering principles

• Authority • The social engineer is in charge • I’m calling from the help desk/oce of the CEO/police • Inmidaon • There will be bad things if you don’t help • If you don’t help me, the payroll checks won’t be processed • Consensus / social proof • Convince based on what’s normally expected • Your co-worker Jill did this for me last week • Scarcity • The situaon will not be this way for long • Must make the change before me expires • Urgency • Works alongside scarcity • Act quickly, don’t think • Familiarity / liking • Someone you know, we have common friends • Trust • Someone who is safe • I’m from IT, and I’m here to help

Master your semester with Scribd 1.2 - Denial of Service Denial of Service & The New York Times • Force a serviceOnly to fail Special offer for students: $4.99/month. • Overload the service

How I lost $50,000 Twier Username • Naoki Hiroshima - @N • hps://medium.com hps://medium.com/cyber-security/24 /cyber-security/24 • Bad guy calls PayPal and uses social engin the last four digits of the credit card on  • Bad guy calls GoDaddy and tells them he so he can’t properly validate. But he has t does that help? • GoDaddy let the bad guy guess the rst the card • He was allowed to keep guessing unl h • Social engineering done really really,, really we How to steal $50,000 Twier name • Bad guy is now in control of every domain • And there were some good ones • Bad guy extorts a swap • Domain control for @N • Owner agrees • Twier reviewed the case for a month • Eventually restored restored access to @N


 

Distributed Denial of (DDoS) Not useful  Useful Service Cancel anytime. • Launch an army of computers to bring down • Use all the bandwidth or resources - trac





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Denial of Service (connued) Example of a DNS record used in DDoS amplicaon aack



Sheet Music

$ dig ANY isc.org @75.75.75.75 ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.8.3-P1 <<>> ANY isc.org @75.75.75.75 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27443 ;; ags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;isc.org.

IN

ANY

;; ANSWER SECTION: isc.org. 1712 IN DNSKEY 257 3 5 BEAAAAOhHQDBrhQb tphgq2wQUpEQ5t4Dt UHxoMVFu2hWLDM hhCeFvAZih7yJHf8ZGfW6hd38hXG/xylYCO6Krpbdojwx8YMXLA5/kA+ u50WIL8ZR1R6KTbsYVMf/ Qx5RiNbPClw+vT+U8eXEJmO20jIS1ULgqy3 47cBB1zMnnz/4LJpA0da9CbKj3A254T515sNIMcwsB8/2+2E63/zZrQz Bkj0BrN/9Bexjpiks3jRhZatEsXn3dTy47R09Uix5WcJt+xzqZ7+ysyL KOOedS39Z7SDmsn2eA0FKtQpwA6LXeG2w+jxmw3oA8l rzeC/bB yBNsO70aEFTd isc.org. 1712 IN DNSKEY 256 3 5 AwEAAbDs5ksq3roE gvN+HHzPqErVe5lO pQ6bNjRDH/ BSUisBM8gvgd ZGIdctVRYl8vgAJcpc//YE4vpNrDsfgGyz+Fd2pCJTXGm6mDoAAMLJ FrG64gYVdby2AnI7sonZlT5PHjS0dKBhhf0Pd/+SgKNIf25wh1UzFRCp CXznWdER isc.org. 1712 IN RRSIG DNSKEY 5 2 7200 20170712230419 20170612230419 12892 isc.org. MZ8PU+4k/wwHDw3jdyzUpm74MFhbFvCemlJ61ho0gkDGNhEqn8/yC1Fs oaT7PK9U8hknlrppp/ os08yUifegPsvO1mhezTfIEHTP+JPJS6VO0G5A a9QHQtVO2FOPuR7HW2AQysldFL9pfvwOlKkzm4yuuhrM2BqhMeSZimo6 VvolWqHyE58dOHoyeylmcvmNb45qoR4spKZR9A1hdxesYgI1tosw9tTd PswnkyO3rizmFjABzcXDUeKSlodPRr1hZd6rNRRacIeiskPxw8E6WTnT 0RzOM7nFBDIKeTixA59xlPpIN2t+xh1zu8tQ5NsMF2CJK+b5LZTjovEg 9ho9NA== isc.org. 1712 IN RRSIG DNSKEY 5 2 7200 20170712230419 20170612230419 60321 org. fVnJffUYaDDrUYbo4hhPwKzjyzB6QEExLWao5jyaIDpEYL/aymTk6/51 nAubio2qdlgFinpoHmkaRDVdV1DG/6CWmA2/ tVAzSs77+qw3KkEYJbNq IR/bgkhxPtti/7+65YrPZ9yrNiPpB5LbNTmJyeuuQD4camliS9qHnlv6 618= ;; ;; ;; ;;

Query time: 13 msec SERVER: 75.75.75.75#53(75.75.75.75) WHEN: Fri Jun 16 17:36:51 2017 MSG SIZE rcvd: 912

DNS Amplicaon Open DNS Resolver

Open DNS Resolver

Master your semester with Scribd Read Free Foron 30this Days Sign up to vote title & The New York Times  Useful  Not useful Bots send Special offer for students: Only $4.99/month. 2 spoofed DNS

 

Cancel anytime.

3

DNS send a





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents










Save

Embed

Share

Print

Download


1

of 103

 

Sheet Music



 Search document

1.2 - Man-in-the-Middle Man -in- the-middle





• How can a bad guy watch without you knowing? • Man-in-the-middle • Redirects your trac • Then passes it on to the desnaon • You never know your trac was redirected • ARP poisoning • ARP has no security

Man-in-the-browser • What if the middleman was on the same computer a • The calls are coming from inside the browser! • Malware/Trojan Malware/Trojan does all of the proxy work • Huge advantages for the bad guys • Relavely easy to proxy encrypted trac • Everything looks normal to the vicm • The man-in-the-browser waits for you to login to you • And cleans you out

1.2 - Buer Overows Buer Overows • Overwring a buer of memory • Spills over into other memory areas • Developers need to perform bounds checking • The bad guys spend a lot of me looking for openings • Not a simple exploit • Takes me to avoid crashing things • Takes me to make it do what you want • A really useful buer overow is repeatable • Which means that all systems are owned

Variable A and B before buffer overflow Variable Name

A

Value

[null string]

Hex Value

00

00

00

00

00

00

00

Overflowing variable A changes variable B Variable Name

A

Value

'e'

' x'

'c'

'e'

's'

's'

'i'

Hex Value

65

78

63

65

73

73

69

1.2 - Data Injecon Code Injecon • Code injecon • Adding your own informaon into a data stream • Enabled because of bad programming • The applicaon should properly handle input and output • So many dierent data types • HTML, SQL, XML, LDAP, etc. SQL Injecon • SQL - Structured Query Language • The most common relaonal database management system language • SQL Injecon Special offer for students: Only $4.99/month. • Modifying SQL requests • Your applicaon shouldn’t really allow this


XML injecon and LDAP injecon • XML - Extensible Markup Language • A set of rules for data transfer and storage XML injecon • Modifying XML requests • A good applicaon will validate • LDAP - Lightweight Directory Acce • Created by the telephone compa • Now used by almost everyone • LDAP injecon  Read Free For 30this Days Sign up to vote on title • Modify LDAP requests  Not useful  Useful  toCancel manipulate applicaon results anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Cross-site Scripng - XSS (connued) Persistent (stored) XSS aack • Bad guy posts a message to a social network • Includes the malicious payload • It’s now “persistent” • Everyone gets the payload • No specic target • All viewers to the page • For social networking, this can spread quickly • Everyone who views the message can have it posted to their page • Where someone else can view it and propagate it further... further... Hacking a Subaru • June 2017, Aaron Guzman • Security researcher • When authencang with Subaru, users get a token • This token never expires (bad!) • A valid token allowed any service request • Even adding your email address to someone else’s account • Now you have full access to someone else’s car • Web front-end included an XSS vulnerability • A user clicks a malicious link, and you have their token • Web server and browser-based applicaons

Protecng against XSS • Be careful when clicking untrusted links • Never blindly click in your email inbox. N • Consider disabling JavaScript • Or control with an extension • This oers limited protecon • Keep your browser and applicaons upda • Avoid the nasty browser vulnerabilies • Validate input • Don’t allow users to add their own scrip to an input eld

1.2 - Cross-site Request Forgery Cross-site request forgery

• One-click aack, session riding • XFRF, XFRF, CSRF (sea surf) • Takes advantage of the trust that a web applicaon has for the user • The web site trusts your browser • Signicant web applicaon development • The applicaon should have an-forgery an-forg ery techniques added • Usually a cryptographic token to preve

1.2 - Privilege Escalaon Privilege escalaon • Gain higher-level access to a system • Exploit a vulnerability • Might be a bug or design aw • Higher-level access means more capabilies • This commonly is the highest-lev highest-level el access • This is obviously a concern • These are high-priority vulnerability patches • You You want to get these holes closed very quickly • Any user can be an administrator • Horizontal privilege escalaon Special offer forAstudents: Onlyuser $4.99/month. • User can access B resources

Master your semester with Scribd & The New York Times 1.2 - DNS Poisoning and Domain Hijacking

Migang privilege escalaon • Patch quickly • Fix the vulnerability • Updated an-virus/an an-virus/an-malware -malware sow • Block known vulnerabilies • Data Execuon Prevenon • Only data in executable areas can run • Address space layout randomizaon randomizaon  •Read Prevent buer overrun Free Foron 30this Days Sign up toavote title at  a known memory address  Useful  Not useful Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



1.2 - Zero-day Aacks

Zero-day aacks Zero-day vulnerabilies • Many applicaons have vulnerabilies • March 2017 • We’ve just not found them yet • CVE-2017-0199 - Microso Oce/WordPad • Someone is working hard to nd the next big vulnerability Remote Code Execuon Vulnerability w/Wind • The good guys share these with the developer • Open a Microso Oce or WordPad le • SophosLabs documented aacks in the wild si • Bad guys keep these yet-to-be-discovered November 2016 holes to themselves • They want to use these vulnerabilies for personal gain • June 2017 • CVE-2017-8543 | Windows Search • Zero-day Remote Code Execuon Vulnerability • The vulnerability has not been detected or published • Send a specially craed SMB message to the S • Zero-day exploits are increasingly common • Install programs, view/change/delete view/change/delete data, • Common Vulnerabi Vulnerabilies lies and Exposures (CVE) create new user accounts • hp://cve. hp://cve.mitre.org/ mitre.org/

1.2 - Replay Aacks Replay aack • Useful informaon is transmied over the network • A cray hacker will take advantage of this • Need access to the raw network data • Network tap, ARP poisoning, malware on the vicm computer

• The gathered informaon may help the bad guy • Replay the data to appear as someone else

1

• This is not a MitM aack • The actual replay doesn’t require the original workstaon • Avoid this type of replay aack wit • Use a session ID with the passwo create a unique authencaon ha

Client authen3cates to the server with a username and hashed password

Client Master your semester with Scribd & The New York Times During authen3ca3on authen3ca3on,, Special offer for students: Only $4.99/month.

2

the bad guy captures the username




Useful

 Not useful

 

Serve

Cancel anytime.

Bad guy sends his own





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents










Save

Embed

Share

Print


1

Download

of 103

 

Sheet Music



 Search document

1.2 - Client Hijacking Aacks Clickjacking





• You’re clicking on a buon • But you’re actually clicking on something else • Normal web page underneath • Invisible layer on the top Clickjacking your phone

• May 2017 • Georgia Instute of Technology Technology report • Cloak & Dagger • Android OS up to version 7.1.2 • Invisible informaon drawn over the screen • Monitor keystrokes keystrokes and record user input

Header manipulaon • Informaon gathering • Wireshark, Kismet • Exploits • Cross-site scripng • Modify headers • Tamper, Firesheep, Scapy • Modify cookies • Cookies Manager+ (Firefo (Firefoxx add-on) Prevent session hijacking

Browser cookies and session ID’s

• Cookies • Informaon stored on your computer by the browser • Used for tracking, personalizaon, session management • Not executable, not generally a security risk • Unless someone gets access to them • Could be considered be a privacy risk • Lots of personal data in there t here • Session IDs are oen stored in the cookie • Maintains sessions across mulple browser sessions

• Encrypt end-to-end • They can’t capture your session ID if they • Addional load on the web server (HTTPS • Firefox extension: HTTPS Everywhere, For • Encrypt end-to-somewhere • At least avoid capture over a local wireless • Sll in-the-clear for part of the journey • Personal VPN (OpenVPN, VyprVPN, etc.) • Use session ID monitors • Blacksheep • Applicaon-specic

Vic*m authen*cates to the server

1

Client authen*ca*on Your session ID: 3B0027A38FDF37

Master your semester with 3Scribd Vic*m & The New YorkA"acker Timesintercepts Special offer for students: Only $4.99/month.

the session ID and

2

Read Free Foron 30this Days Sign up to vote title : useful Useful DNot I D  s io nanytime. Se sCancel 7 8 F D F 3 3 A 7 2 3 B 0 0



Server p a session to the cl

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



0

1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Driver Manipulaon (connued) Shimming

Refactoring

• Filling in the space between two objects • A middleman • Windows includes it’s own shim • Backwards compability with previous Windows versions • Applicaon Compability Shim Cache • Malware authors write their own shims • Get around security (like UAC) • January 2015 Microso vulnerability • Elevates privilege

• Metamorphic malware • A dierent program each me it’s downloa • Make it appear dierent each me • Add NOP instrucons • Loops, pointless code strings • Can intelligently redesign itself • Reorder funcons • Modify the applicaon ow • Reorder code and insert unused data types • Dicult to match with signature-based detec • Use a layered approach

1.2 - Spoong Spoong • Pretend to be something you aren’t • Fake web server, fake DNS server, etc. • Email address spoong • The sending address of an email isn’t really the sender • Caller ID spoong • The incoming call informaon is completely fake • Man-in-the-middle aacks • The person in the middle of the conversaon pretends to be both endpoints MAC spoong • Your Your Ethernet device has a MAC address • A unique burned-in address • Most drivers allow you to change this t his • Changing the MAC address can be legimate • Internet provider expects a certain ce rtain MAC address • Certain applicaons require a parcular MAC address

Master your semester with Scribd legimateTimes response to & The NewA York an ARP request is received Special offer for students: Only $4.99/month. from the default gateway.

1

• It might not be legimate • Circumvent MAC-based ACLs • Fake-out a wireless address lter • Very dicult to detect • How do you know it’s not the origin IP address spoong • Take someone else’s IP address • Actual device • Pretend to be somewhere you are n • Can be legimate • Load balancing • Load tesng • May not be legimate • ARP poisoning • DNS amplicaon / DDoS • Easier to idenfy than MAC address sp • Apply rules to prevent invalid trac enable switch security  Read Free Foron 30this Days Sign up to vote title ARP Response: I am 192.168.1.1




Useful

My MAC address is 11:22:33:44:55: 11:22:33:44:55:66 66







Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - Wireless Replay Aacks Wired vs. wireless replay

Cracking WEP

• Similar to a wired replay aacks • Wireless doesn’t change those aacks • Wireless adds some addional capabilies • This is a big concern for the security professional • Much easier to capture the data • Hotspots are generally in the clear • Just like tuning in to a radio staon

• WEP - Wired Equivalent Privacy • A broken security protocol • Could not stop the replay of 802.11 packets • ARP request replay aack • Cracking WEP requires thousands of Inializaon Vector (IV) packets • Wait all day to collect IV informaon • Or replay a ton of ARPs and collect the IV pac • Now you have many thousands of IV packets • You can crack WEP in seconds

1.2 - Rogue Access Points and Evil Twins Rogue Access Points

Wireless Evil Twins

• A signicant potenal backdoor • Huge security concerns • Very easy to plug in a wireless AP • Or enable wireless sharing in your OS • Schedule a periodic survey • Walk around your building/campus • Use third-party tools / WiFi Pineapple • Consider using 802.1X (Network Access Control) • You must authencate, regardless of the connecon type

• Buy a wireless access point • -Less than $100 US • Congure it exactly the same way as an exisn • -Same SSID and security sengs • Overpower the exisng access points • -May not require the same physical physical locaon • WiFi hotspots are easy e asy to fool • -And they’re wide open • You encrypt your communicaon, right? • -Use HTTPS and a VPN

1.2 - Wireless Jamming Radio frequency (RF) jamming

• Denial of Service • Prevent wireless communicaon • Transmit Transmit interfering wireless signals • Decrease the signal-to-noise rao at the receiving device • The receiving device can’t hear the good signal • Somemes it’s not intenonal • Interference, not jamming • Microwave oven, uorescent lights Special offer for students: Only $4.99/month. • Jamming is intenonal


Wireless jamming

• Many dierent types • Constant, random bits / Constant, legimat • Data sent at random mes • Random data and legimate frames • Reacve jamming • Only when someone else tries to communic  Read Free Foron 30this Days Sign to vote title • Needs to be up somewhere close  • Dicult be eecve a distance Useful Notfrom useful  to  Cancel anytime. • Time to go fox hunng • You’ll You’ll need the right equipment to hunt dow





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.2 - WPS Aacks (connued) Other WPA Aacks • Walk up to the access point • Default PIN may be wrien on the device • Or just push the WPS buon on the front • Pixie Dust - Summer 2014 • WPS PIN may be poorly encrypted • Based on the wireless chipset • Oine WPS brute force • Takes a few minutes or less • So much for slowdowns and lockouts • WPS is just awful • Make sure it’s disabled

1.2 - Bluejacking and Bluesnarng Bluejacking

• Sending of unsolicited messages to another device via Bluetooth • No mobile carrier required! • Typical funconal distance distance is about 10 meters • More or less, depending on antenna and interference • Bluejack with an address book object • Instead of contact name, write a message • “You are Bluejacked!” • “You are Bluejacked! Add to contacts?” • Third-party soware may also be used • Blooover, Bluesni

Bluesnarng • Access a Bluetooth-enabled device and • Contact list, calendar, email, pictures, • First major security weakness in Blueto • Marcel Holtmann in September 2003 Adam Laurie in November 2003 • This weakness was patched • Serious security issue • If you know the le, you can download it without authencaon

1.2 - RFID and NFC Aacks

Master your semester with Scribd RFID (Radio-frequency idencaon) • It’s everywhere & The Newbadges York Times • Access Special offer for students: Only $4.99/month. • Inventory/Assembly line tracking • Pet/Animal idencaon

Near eldFree communicaon (NFC) Read Foron 30this Days Sign up to vote title  • Two-way wireless communicaon Useful Not useful   • Builds Cancel on RFID, which was one-way anytime. • Payment systems • Google wallet and MasterCard partne





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents










Save

Embed

Share

Print

Download


1

of 103

 

Sheet Music

 Search document



1.2 - Wireless Disassociaon Di sassociaon Aacks It started as a normal day





• Surng along on your wireless network • And then you’re not • And then it happens again • And again • You may not be able to stop it • There’s (almost) nothing you can do • Time to get a long patch cable • Wireless disassociaon • A signicant wireless denial of service (DoS) aack 802.11 management frames

Protecng against disassociaon • IEEE has already addressed the problem • 802.11w - July 2014 • Some of the important management frame are encrypted • Disassociate, deauthencate, channel switch announcements, etc. • Not everything is encrypted • Beacons, probes, authencaon, associa • Cart before the horse • 802.11w is required for 802.11ac complianc • This will roll out going forward

• 802.11 wireless includes a number of management features • Frames that make everything work • You never see them • Important for the operaon of 802.11 wireless • How to nd access points, manage QoS, associate/ disassociate with an access point, etc. • Original wireless standards did not add protecon for management frames • Sent in the clear • No authencaon or validaon

1.2 - Cryptographic Aacks Aacks Cryptographic aacks • You’ve You’ve encrypted data and sent it to another person • Is it really secure? • How do you know? • The bad guy doesn’t have the combinaon (the key) • So they break the safe (the cryptography) • Finding ways to undo the security • There are many potenal cryptographic shortcomings SpecialBirthday offer for students: aack Only $4.99/month. • In a classroom of 23 students, what is the chance of


• WWII Enigma cipher • Easier to break if you knew some plaintext • Daily weather report (weer) • Numbers were common (eins) • Royal Air Force would “seed” the North Sea w • Future messages would reference the harbor Rainbow tables  Read Free Foron 30this Days Sign up to vote title • An opmized, pre-built set of hashes  Useful Notevery usefulhash • Doesn’t to contain need  Cancel anytime. • The calculaons have already been done • Remarkable speed increase





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

1.8K views

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents










Save

Embed

Share

Print

Download


1

of 103

 

 Search document

Sheet Music



1.2 - Cryptographic Aacks Aacks (connued) Brute force





• The password is the key • Secret phrase • Stored hash • Brute force aacks - Online • Keep trying the login process • Very slow • Most accounts will lockout aer a number of failed aempts • Brute force the hash - Oine • Obtain the list of users and hashes • Calculate a password hash, compare it to a stored hash • Large computaonal resource requirement The password le • Dierent across operang systems • Dierent hash methods

Linux Account Hashes

Downgrade aack • Instead of using perfectly good encr use something that’s not so great • Force the systems to downgrade th • 1995 - SSL/TLS vulnerability FREAK - Factoring RSA Export Keys • Public key pairs can be limited to 51 • 1990 U.S. cryptography export re • Weak keys could be forced during the SSL handshake • Modern systems can easily brute fo the small keys • Vulnerability was patched

Jumper Bay:1001::42e2f19c31c9ff73cb97eb1b26c10 Carter:1007::cf4eb977a6859c76efd21f5094ecf77d: Jackson:1008::e1f757d9cdc06690509e04b5446317d2 O’Neill:1009::78a8c423faedd2f002c6aef69a0ac1af Teal’c:1010::bf84666c81974686e50d300bc36aea01:

Collisions

• Hash digests are supposed to be unique • Dierent input data should never create the same hash • MD5 hash • Message Digest Algorithm 5 • First published in April 1992 • Collisions idened in 1996 • December 2008: Researchers created CA cercate that appeared legimate when MD5 is checked • Built other cercates that appeared to be legit and issued by RapidSSL


Replay aacks • Some cryptographic algorithms are more suscep than others to a replay aack • A hash with no salt, no session ID tracking, t racking, no • Replay countermeasure may be part of the cryp • Kerberos and Kerberos derivaves include m • Anything aer the me to live (TTL) is discarde Weak implementaons • Weak encrypon • One weak link breaks the enre chain • 802.11 WEP  Free For 30this Days • The RC4 Read key bevote recovered by gathering en Signcan up to on title  • The algorithm didn’t suciently Not usefulprotect the  Useful Cancel anytime. • DES - Data Encrypon Standard • Relavely small 56-bit keys





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.3 - Threat Actors (connued) Organized crime • Professional criminals • Movated by money • Almost always an external enty • Very sophiscated • Best hacking money can buy • Crime that’s organized • One person hacks, one person manages the exploits, another person sells the data, another handles customer support • Lots of capital to fund hacking eorts Naon states / APT • Governments • Naonal security, job security • Always an external enty • Highest sophiscaon • Military control, ulies, nancial control • United States and Israel destroyed 1,000 nuclear centrifuges with the Stuxnet worm • Constant aacks • Advanced Persistent Threat (APT) • Massive resources availabl available e

Insiders

• More than just passwords on scky notes • Some insiders are out for no good • Sophiscaon may not be advanced, but the insider has instuonal knowledge • Aacks can be directed at vulnerable syste • The bad guy knows what to hit • Extensive resources • Eang away from the inside Competors • Many dierent movaons • DoS, espionage, harm reputaon • High level of sophiscaon • The compeve upside is huge (and very u • Many dierent intents • Shut down your competor during an even • Steal customer lists • Corrupt manufacturing databases • Take nancial informaon

1.4 - Penetraon Tesng Penetraon Tesng • Pentest • Simulate an aack • Similar to vulnerability scanning • Except we actually try to exploit the vulnerabilies • Oen a compliance mandate • Regular penetraon tesng by a 3rd-party • Technical Technical Guide to Informaon Security Tesng and Assessment • hp://www.professormesser.link/800115 SpecialVerify offer for students: Only $4.99/month. a threat exists • Stay up-to-date


Acve reconnaissance • Trying the doors • Maybe one is unlocked • Don’t open it yet • Relavely easy to be seen • Ping scans, port scans • DNS queries • OS scans, ngerprinng Read Free Foron 30this Days SignOS up to vote title • Service scans, version scans  Useful  Not useful Cancel anytime. Exploing vulnerabilies • Try to break into the system • Be careful; this can cause

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

 Search document

1.4 - Penetraon Tesng (connued) The process

Sheet Music



• Inial exploraon • Get into the network • A challenging hurdle (most of the me) • Persistence • Once you’re there, you need to make sure there’s a way back in • Set up a backdoor • Build user accounts, change or verify default passwords • The pivot • The foothold point • The inside of the network is oen relavely open • Jump from here to the rest of the network

Black box, white box, and grey b • How much do you know about • Many dierent approaches • Black box • The pentester knows nothing about the systems under aa • “Blind” test • White box • Full disclosure • Grey box • A mix of black and white • Focus on certain systems or a

1.5 - Vulnerability Scanning Vulnerability scanning Vulnerability • Usually minimally invasive, unlike a penetraon test • Port scan - Poke around and see what’s open • Idenfy systems and security devices • Test from the outside and inside • Don’t dismiss insider threats • Gather as much informaon as possible • We’ll separate wheat from cha later Scan types

• Scanners are very powerful • Use many dierent techniques to idenfy vulnerabilies • Non-intrusive scans • Gather informaon, don’t try to exploit a vulnerability • Intrusive scans • You’ll You’ll try out the vulnerability to see if it works • Non-credenaled scans • The scanner can’t login to the remote device • Credenaled scan Special offer for students: Onlyuser, $4.99/month. • You’re a normal emulates an insider aack


Vulnerability scan results Vulnerability • Lack of security controls • No rewall, no an-virus, no an-spy • Misconguraons - Open shares, gues • Real vulnerabilies • Especially newer ones, occasionally t Dealing with false posives • False posives • A vulnerability is idened that doesn’t really exist • This is dierent than a low-severity vu • It’s real, but it may not be your highe • False negaves • A vulnerability exists, but you didn’t • Update to the latest signatures • If you don’t know about it, you can’t • Work with the vulnerability detecon manufacturer  Free For 30to Days Sign up to vote on this title their signa •Read They may need update  your environment forUseful  Not useful Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.6 - Vulnerability Types Types Vulnerability types Vulnerability • There are many types of vulnerabilies • Some digital, some physical • Cover a broad scope • Programming, network design, process/procedure • Any of these can be exploited at any me • Or mulples at the same me • Be on your toes Race condion • A programming conundrum • Somemes, things happen at the same me • This can be bad if you’ve not planned for it • Two bank accounts with $100 • User 1 and User 2 transf transfer er $50 from Account A to Account B • Expected outcome: Account A has $50, Account B has $150 • What if you don’t perform proper validaon? • User 1 and User 2 check the account balances ($100 in each account) • User 1 transfers $50 from Account A (now at $50) to Account B (now at $150) • At about the same me, user 2 transf transfers ers $50 from Account A (sll has $100, right?, so now at $50) to Account B (now at $200) • Outcome: Account A has $50, Account B has $200 Race condions can cause big problems • January 2004 - Mars rover “Spirit” • Reboot when a problem is idened • Problem is with the le system and prevents reboong • Reboot because of the le system problem • GE Energy - Energy Management System • When mulple power lines failed at the same me, no alert was sent Special offer for students: Only $4.99/month. • Caused the Northeast Blackout of 2003 • Therac-25 radiaon therapy machine in the 1980s 198 0s


Embedded system vulnerabilies v ulnerabilies • No direct access to the operang system • You’ll probably never see it • These devices are usually connected to the • Very convenient to the hacker • Old, outdated operang system soware • Why upgrade? May not even be upgrada • June 2017 - Wikileaks releases CIA les call • CIA takes advantage of vulnerabilies on Linksys and D-Link routers • They can easily get your administrav administrave e pa • At which point they install their own rm Lack of vendor support

• Security requires diligence • The potenal for a vulnerability is always • Vendors are the only ones who can x their • Assuming they know about the problem • And care about xing it • Trane Comfortlink II thermostats t hermostats • Control the temperature from your phon • Trans Trans noed of three vulnerabilies in A • Two patched patched in April 2015, one in January Improper input handling

• Many applicaons accept user input • We put data in, we get data back • All input should be considered malicious • Check everything. Trust nobody. • Allowing invalid input can be devastang • SQL injecons, buer overows, denial o • It takes a lot of work to nd input that can be used maliciously • But they will nd it  Read Free Foron 30this Days Sign up tohandling vote title Improper error 

Useful  Not useful • Errors happen Cancel anytime. • And you should probably know about it • Messages should be just informaonal eno





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.6 - Vulnerability Types Types (connued) Default conguraon • Every applicaon and network device has a default login • Not all of these are ever changed • Mirai botnet • Takes advantage of default conguraons • Takes Takes over Internet of Things (IoT) devices • 60+ default conguraons • Cameras, routers, doorbells, garage door openers, etc. • Mirai released as open-source soware Untrained users

• It takes one person to allow a breach • And it can happen without the user even knowing • Training is crical • Emails don’t work • This is me consuming and expensive (and important) • Annual reinforcement • Quiz and role play • Become familiar with common situaons Improperly congured accounts • Technical issue and process issue • Frequent audits are important • Accounts without a need • Abandoned and unnecessary accounts • Accounts with administrave access • These should be severely limited • Should not be able to login directly as administrator • Unless it’s on a server console Vulnerable Vulner able business processes • If there’s a way to game the system, the bad guys will nd it • It doesn’t have to be a technical vulnerability • The Society for Worldwide Interbank Financial Telecommunicaon (SWIFT) • Electronically send payment instrucons between banks • February 2016Only - Bangladesh Bank Special offer for students: $4.99/month. • Dridex malware used to steal SWIFT credenals


Memory/buer vulnerabilies • Manipulang memory can be advantag • Relavely dicult to accomplish • Memory leak • Unused memory is not properly relea • Begins to slowly grow in size • Eventually uses all available memory • System crashes • Integer overow • Large number into a smaller sized spa • Where does the extra number go? • You shouldn’t be able to manipulate memory this way • Buer overow • Overwring a buer of memory • Spills over into other memory areas • NULL Pointer dereference • Programming technique that referenc a poron of memory • What happens if that reference point • Applicaon crash, debug informaon Denial of Service, etc. • DLL injecon • The bad guys didn’t write wr ite the applica • But they could write an external libra manipulate the operang system or a to run the library System sprawl/undocumented assets • Hundreds of projects, test plaorms, acve operang systems, producon V • Spin up a new instance with a click • Keeping track is a challenge  • Easy miss a forgoen computer Read Free For 30this Days Signto up to vote on title  • Under a desk Useful  Not useful  • Part ofCancel a rered anytime.applicaon • Not part of regular security patches • These become pivot points





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



1.6 - Vulnerability Types Types (connued) New threats/zero day • What you don’t know can really hurt you • And you won’t even see it coming • Vulnerabilies are sing in your system, waing for someone to nd them • Some problems are hidden for years • As soon as the problem is discovered (day zero), patch it • There isn’t always me to properly test • Balance severity with stability • WannaCry ransomware hit on May 12, 2017 • However, However, the patch had been available since March 14

Improper cercate and key management • Manage your keys and cercates • This needs to be well planned • Important decisions, can’t do this on the • What will be the organizaons cercate a • How will the CA content be protected? • How will intermediate CAs be created and • Who will validate and sign the organiza organizaon’s on’s cercates? • What is the validaon process? • And many more

2.1 - Firewalls The universal security control

• Standard issue • Home, oce, and in your operang system • Control the ow of network trac • Everything passes through the rewall • Corporate control of outbound and inbound data • Sensive materials • Control of inappropriate content • Not safe for work, parental controls • Protecon against evil - An-virus, an-malware Network based rewalls • Filters trac by port number • OSI layer 4 (TCP/UDP) • Some rewalls can lter through OSI layer 7 • Can encrypt trac into/out of the network • Protect your trac between sites • Can proxy trac • A common security technique • Most rewalls can be layer 3 devices (routers) • Usually sits on the ingress/egress of the network Stateless rewall Special• offer students: Onlyof $4.99/month. Doesfor not keep track trac ows • Each packet is individually examined,


Applicaon-aware security devices Applicaon-aware • Network-based Firewalls • Control trac ows based on the app • Microso SQL Server, Twier, YouTube • Intrusion Prevenon Systems • Idenfy the applicaon • Apply applicaon-specic vulnerability to the trac • Host-based rewalls • Work with the OS to determine the ap Firewall rules

• Access control lists (ACLs) • Allow or disallow trac based on tupl • Groupings of categories • Source IP, Desnaon IP, port number, me of day day,, applicaon, etc. • A logical path • Usually top-to-boom • Can be very general or very specic  Read Free For 30usually Days Sign up to vote on this titleat the top • Specic rules are  • Implicit deny  Not useful  Useful Cancel anytime. • Most rewalls include a deny at the • Even if you didn’t put one





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 



 Search document

2.1 - VPN Concentrators VPN Concentrat Concentrator or • Virtual Private Network • Encrypted (private) data traversing a public network • Concentrator • Encrypon/decrypon access device • Oen integrated into a rewall • Many deployment opons • Specialized cryptographic cr yptographic hardware • Soware-based opons available • Used with client soware • Somemes built into the OS Remote access VPN • On-demand access from a remote device • Soware connects to a VPN concentrator • Some soware can be congured as always-on SSL VPN (Secure Sockets Layer VPN) • Uses common SSL/TLS protocol (tcp/443) • (Almost) No rewall issues! • No big VPN clients • Usually remote access communicaon • Authencate users • No requirement for digital cercates or shared passwords (like IPSec) • Can be run from a browser or from a VPN client • Across many operang systems

2

Site-to-site VPN • Always-on • Or almost always • Firewalls oen act as VPN concentrators • Probably already have rewalls in place IP Sec (Internet Protocol Security)

• Security for OSI Layer 3 • Authencaon and encrypon for every • Condenality and integrity/an-r integrity/an-replay eplay • Encrypon and packet signing • Very standardized • Common to use mul-vendor implementa • Two core IPSec protocols • Authencaon Header (AH) • Encapsulaon Security Payload (ESP) Authencaon Header • Hash of the packet and a shared key • MD5, SHA-1, or SHA-2 are common • Adds the AH to the packet header Encapsulaon Security Payload (ESP) • Encrypts the packet • MD5, SHA-1, or SHA-2 for hash, and 3DES or AES for encrypon • Adds a header, a trailer, and an Integrity C

Master your Corporate semester with Scribd Network & The New York Times Special offer for students: Only $4.99/month.

Full VPN

VPN concentrator decrypts the tunneled traffic and routes it into the corporate network

VPN Concentrator

1 Read Free Foron 30this Days Sign up to vote title




Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



0

1.8K views



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 



 Search document

2.1 - VPN Concentrators (connued) Site-to-site

1

VPN

Traffic is encrypted as it passes through the local VPN concentrator

2

Traffic is decrypted in the VPN concentrator on the other side of the tunnel

Remote Site

Corporate Network

Firewall / VPN Concentrator

Firewall / VPN Concentrator

AH (Authencaon Header) • Data integrity • Origin authencaon • Replay aack protecon • Keyed-hash mechanism • No condenality/en condenality/encrypon crypon

IP Packet with Authen/ca/on (tunnel mode)

New IP Header

ESP (Encapsulang Security Payload) • Data condenality (encrypon) • Limited trac ow condenality • Data integrity • An-replay protecon

AH Header

IP Header

Data

Authen/cated

IPsec Datagram with ESP (tunnel mode)

New IP Header

ESP Header

IP Header

ESP Trailer

Data Encrypted Authen;cated

IPsec Transport mode and Tunnel mode AH and ESP Master your semester with Scribd • Combine the data integrity of AH Read Free Foron 30this Days Sign up to vote title with the condenality of ESP & The New York Times  Useful  Not useful Original Packet Cancel anytime.

Special offer for students: Only $4.99/month.

IP Header

Data

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.1 - Network Intrusion Detecon and Prevenon NIDS and NIPS

• Intrusion Detecon System / Intrusion Prevenon System • Watch network trac • Intrusions • Exploits against operang systems, applicaons, etc. • Buer overows, cross-site scripng, other vulnerabilies • Detecon vs. Prevenon • Detecon – Alarm or alert • Prevenon – Stop it before it gets into the network Passive monitoring

• Examine a copy of the trac • Port mirror (SP (SPAN), AN), network tap • No way to block (prevent) trac Out-of-band Out-of-b and response • When malicious trac is idened, IPS sends TCP RST (reset) frames • Aer-the-f Aer-the-fact act • Limited UDP response available Inline monitoring

• IDS/IPS sits physicall physicallyy inline • All trac passes through the IDS/IPS In-band response • Malicious trac is immediately idened • Dropped at the IPS • Does not proceed through the network Idencaon Idencao n technologies • Signature-based - Look for a perfect match • Anomaly-based - Build a baseline of what’s “normal” • Behavior-based - Observe and report • Heuriscs - Use arcial intelligence to idenfy

IPS Rules

• You determine what happens with unwan • Block, allow, send an alert, etc. • Thousands of rules • Or more • Rules can be customized by group • Or as individual rules • This can take me to nd the right balanc • Security / alert “noise” / false posives False Posives • A report that isn’t true • A false alarm or mistak mistaken en identy • IDS/IPS informaon • Only as good as the signatures • Some legimate trac could be marke • Time-consuming to research and resolv • Workstaon anvirus • April 2017: Webroot Anvirus • Windows les quaranned as malicious • Facebook and Bloomberg marked as ph • Consider a second opinion opinion • hp://www.VirusTotal.com False Negaves • A report missed idenfying something • You didn’t get a nocaon • Malicious trac got through your defens • You’ll You’ll probably see the results of this • It’s dicult to know when this happens • It’s completely silent • Get catch/miss rates with industry tests • IPS, an-virus  Read Free Foron 30this Days Sign up to vote title

Master your semester with Scribd Passive monitoring traffic is sent from client to & The New York Times Network  Useful 1 server through the network switch Special offer for students: Only $4.99/month.








Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.1 - Router and Switch Security Routers

Network Access Control (NAC)

• Routes trac between IP subnets • OSI layer 3 device • Routers inside of switches somemes called “layer 3 switches” • Layer 2 = Switch, Layer 3 = Router • Oen connects diverse network types • LAN, WAN, copper, ber

• IEEE 802.1X - Port-based Network Access Control (NAC) • You You don’t get access unl you authen • Makes extensive use of EAP and RAD • Extensible Authencaon Protocol / Remote Authencaon Dial In User S • We’re talking about physical interfaces • Not TCP or UDP ports • Administrave enable/disable • Disable your unused ports • Duplicate MAC address checking • Stop the spoofers

Access Control Lists (ACLs)

• Used to allow or deny trac • Also used for NAT, QoS, etc. • Dened on the ingress or egress of an interface • Incoming or outgoing • ACLs evaluate on certain criteria • Source IP, Desnaon IP, TCP port numbers, UDP port numbers, ICMP • Deny or permit • What happens when an ACL matches the trac? • ACLs have evolved through the years • Standard vs. Extended, numbered vs. named An-spoong • Prevent a bad guy from using someone else’s address • Man-in-the-middle, DDoS, etc. • Filter reserved IP addresses • An RFC 1918 address should not be routed to or from the Internet • A simple ACL will work • Enable Reverse Path Forwarding (RPF) • The response to an inbound packet should return the same way • If it doesn’t, then drop the packet right now

Master your semester with Scribd Switches & The New York Times • Bridging done in hardware Special offer for students: Only $4.99/month. • Applicaon-specic integrated circuit (ASIC)

An OSI layer 2 device

Loop Prevenon • Connect two switches to each other • They’ll send trac back and forth for • There’s no “counng” mechanism at the MAC layer • This is an easy way to bring down a net • And somewhat dicult to troublesho • Relavely easy to resolve • Spanning Tree Protocol • IEEE standard 802.1D to prevent loop in bridged (switched) networks (1990 • Created by Radia Perlman • Used praccally everywhere Flood Guard

• Congure a maximum number of sourc MAC addresses on an interface • You decide how many is too many • You You can also congure specic MAC a • The switch monitors the number  Read Free For 30this Days Sign up to vote on title of unique MAC addresses  • Maintains listNot of useful every source MAC Useful a Cancel anytime. • Once you exceed the maximum, port security acvates





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

2.1 - Proxies Proxies

Sheet Music



 Search document

• Sits between the users and the external network • Receives the user requests and sends the request on their behalf (the proxy) • Useful for caching informaon, access control, URL ltering, content scanning • Applicaons may need to know how to use the proxy (explicit) • Some proxies are invisible (transparent)

Applicaon proxies • One of the simplest “proxies” is NAT NAT • A network-level proxy • Most proxies in use are applicaon proxies • The proxy understands the way the applic • A proxy may only know one applicaon • HTTP • Many proxies are mulpurpose proxies • HTTP, HTTPS, FTP, etc.

Forward Proxy

• An “internal proxy” • Commonly used to protect and control user access to the Internet

Interne User

Proxy

www.examp Internal Network

Reverse Proxy

• Inbound trac from the Internet to your internal service

Internet

Web S

Proxy www.example.com

Internal Network Open your Proxy Master semester with Scribd • A third-party, proxy Times & Theuncontrolled New York • Can be a signicant Special offer for students: Only $4.99/month. security concern • Oen used to

Internet





Useful

 

Interne





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 Search document



2.1 - Load Balancers (connued) Scheduling

Sheet Music

 

• Round-robin • Each server is selected in turn • Weighted round-robin • Priorize the server use • Dynamic round-robin • Monitor the server load and distributed to the server with the lowest use

Acve/Acve load balancing Acve/Acve • Anity - A kinship, a likeness • Many applicaons require communicaon to the • Each user is “stuck” to the same server • Tracked through IP address or session IDs • Source anity Acve/passive load balancing • Some servers are acve • Others are on standby • If an acve server fails, the passive server takes its p

2.1 - Access Points Wireless Access Point (WAP)

Power Level Controls

• Not a wireless router • A wireless router is a router and a WAP in a single device • WAP is a bridge • Extends the wired network onto the wireless network • WAP is an OSI layer 2 device

• Usually a wireless conguraon • Set it as low as you can • How low is low? • This might require some addion • Consider the receiver • High-gain antennas can hear a lot • Locaon, locaon, locaon Band selecon and bandwidth • Throughput • Maximum theorecal throughpu • Actual throughput can vary widel • Frequency • 2.4 GHz and 5 GHz • -And somemes both both • Distance • A combinaon of antennas • Channels • Non-overlapping channels would

SSID management

• Service Set Idener • Name of the wireless network • LINKSYS, DEFAULT, NETGEAR • Change the SSID SSI D to something not-so obvious • Disable SSID broadcasng? • SSID is easily determined through wireless network analysis • Security through obscurity MAC ltering • Media Access Control • The “hardware” address • Limit access through the physical hardware hardware address • Keeps the neighbors out • Addional administraon with visitors • Easy to nd working MAC addresses through wireless LAN analysis • MAC addresses can be spoofed Special offer for students: Only $4.99/month. • Free open-source soware






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.1 - Access Points (connued) Omnidireconal antennas • One of the most common • Included on most access points • Signal is evenly distributed on all sides • Omni=all • Good choice for most environments • You need coverage in all direcons • No ability to focus the signal • A dierent antenna will be required Direconal antennas • Focus the signal • Increased distances • Send and receive in a single direcon • Focused transmission and listening • Antenna performance is measured in dB • Double power every 3dB of gain Direconal antennas • Yagi antenna • Very direconal and high gain • Parabolic antenna • Focus the signal to a single point

Managing wireless congura conguraons ons • LWAPP • Lightweight Access Point Protocol • Cisco proprietary - CAPWAP is an RFC standa based on LWAPP • Manage mulple access points simultaneous • Thick/fat access points • The access point handles most wireless tasks • The switch is not wireless-aware • Thin access points • Just enough to be 802.11 wireless • The intelligence is in the switch • Less expensive Wireless LAN controllers

• Centralized management of WAPs - A single “p • Deploy new access points • Performance and security monitoring • Congure and deploy changes to all sites • Report on access point use • Usually a proprietary system • The wireless controller is paired with the acc

2.1 - SIEM SIEM

• Security Informaon and Event Management • Security events and informaon • Security alerts - Real-me informaon • Log aggregaon and long-term storage • Usually includes advanced reporng features • Data correlaon - Link diverse data types • Forensic analysis - Gather details aer an event Time Synchronizao Synchronizaon n • Switches, routers, rewalls, servers, ser vers, workstaons • Every device has its own clock Special offer for students: Only $4.99/month. • Synchronizing the clocks becomes crical • Log les, authencaon informaon, informaon, outage details


Syslog

• Standard for message logging • Diverse systems, consolidated lo • Usually a central logging receiver • Integrated into the SIEM • You’re You’re going to need a lot of disk • No, more. More than that. • WORM drive technology • Write Once Read Many  Read Free Forimportant 30this Days Sign •up to vote on titlesecurity logs Protect  Useful de-duplicaon Not useful  Event  Cancel anytime. • Event storms • When it rains, it pours





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.1 - Data Loss Prevenon Data Loss Prevenon (DLP) • Where’s your data? • Social Security numbers, credit card numbers, medical records • Stop the data before the bad guys get it • Data “leakage” • So many sources, so many desnaons • Oen requires mulple soluons in dierent places Data Loss Prevenon (DLP) systems • On your computer - Data in use, Endpoint DLP, Data in moon • On your server - Data at rest USB Blocking

• DLP on a workstaon - Allow or deny certain tasks • November 2008 - U.S. Department of Defense • Worm virus “agent.btz” replicates using USB US B storage • Bans removable ash media and storage devices • All devices had to be updated • Local DLP agent handled USB blocking • Ban was lied in February 2010 - Replaced with strict guidelines Cloud based DLP • Located between users and the Internet • Watch every byte of network trac • No hardware, no soware • Block custom dened data strings • Unique data for your organizaon • Manage access to URLs - Prevent le transfer transferss to cloud storage • Block viruses and malware - Anything traversing the network

DLP and email

• Email connues to be the most crical risk vector • Inbound threats, outbound dat • Check every email e mail inbound and o • Internal system or cloud-based c loud-based • Inbound • Block keywords, idenfy impos quaranne email messages • Outbound • Fake wire transfers, W-2 transm employee informaon Emailing a spreadsheet template

• November 2017 • Boeing employee emails spouse a spreadsheet to use as a templa • Contained the personal informa 36,000 Boeing employees • In hidden columns • Social security numbers, date o • Boeing sells its own DLP soware • But only uses it for classied w

2.1 - Network Access Control Edge vs. access control

• Control at the edge • Your Internet link • Managed primarily through rewall rules • Firewall rules rarely change • Access control Special offer for students: Only $4.99/month. • Control from wherever you are • Inside or outside


Health checks/posture assessment • Persistent agents • Permanently installed onto a system  • Periodic updates may be required Read Free Foron 30this Days Sign up to vote title  • Dissolvable agents Useful  Not useful  • No installaon is required Cancel anytime. • Runs during the posture assessment • Terminates Terminates when no longer required





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



2.1 - Mail Gateways Mail gateways

Sheet Music

 Search document

• Unsolicited email • Stop it at the gateway before it reaches the user • On-site or cloud-based Email ltering • Inbound and outbound email • Examine the trac • Unsolicited email adversements - Spam • Control of phishing aempts • Email is a large aack vector • An-virus - Block bad aachments • DLP - Data Loss Prevenon • Block condenal informaon in emails

Mail Gateway Internal Network

Internet

Firewall

Internal Mail Server

Idenfying spam • Whitelist • Only receive email from trusted tr usted sender • SMTP standards checking • Block anything that doesn’t follow RFC • rDNS - Reverse DNS • Block email where the sender ’s domain match the IP address • Tarping • Intenonally slow down the server conv • Recipient ltering • Block all email not addressed to a valid recipient email address Email Encrypon • Mail can be easily intercepted • And most mail is not encrypted • Send and receive sensive informaon • The encrypon mechanisms aren’t alwa • Encrypon can be required on the gatew • Based on policy • Force the encrypon, send a password • Send a text message to the recipient • Many email clients support encrypon • Email gateway recognizes the encrypo

2.1 - Other Security Devices SSL accelerators

• You You have a server farm full of web servers • Asymmetric encrypon is hard • Much more computaonally intense than symmetric encrypon • The SSL handshake uses asymmetric encrypon • Transfers Transfers the symmetric key using the asymmetric encrypon • Ooad the handshake process to hardware Special offer for students: Only $4.99/month. • May use a dierent device


• The CA has ostensibly performed some • Validated Validated against the DNS record, pho • Your Your browser checks the web server • If it’s signed by a trusted CA, the e seamlessly Hardware Security Module (HSM)  Read Free Foron 30this Days Sign up tocryptographic vote title • High-end hardware 

• Plug-in orNot separate Usefulcard useful hardware de Cancel anytime. Key backup • Secured storage





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.2 - Soware Security Tools Passive vs. acve tools • Passive security • You’re a network ninja • Watch the packets go by • There’s a lot to learn • Top talkers, servers, clients, applicaons, operang systems, services • Acve security • Send trac to a device, watch the results • Query a login page • Try a known vulnerability • Check account access Protocol analyzers • Solve complex applicaon issues • Get into the details • Gathers packets on the network • Or in the air • Somemes built into the device • View trac paerns • Idenfy unknown trac • Verify packet ltering and security controls • Large scale storage • Big data analycs Network scanners

• Acve - scan for IP addresses and open ports • And operang systems, services, etc. • Pick a range of IP addresses • See who responds to the scan • Visually map the network • Gather informaon on each device • IP, operang system, services, etc. • Rogue system detecon • It’s dicult to hide from a layer 2 ARP • Nmap/Zenmap, Angry IP Scanner


Wireless scanners and cracker crackerss

• Wireless monitoring - Packet capturing • Wireless aacks • Rogue access point, deauthencaon aa • Cracking - Find a wireless network key • WEP - Cryptographic vulnerabilies vulnerabilies • Relavely straighorward • WPA1 PSK and WPA2 PSK • Diconary brute force, rainbow tables • Many open source projects - Aircrack Aircrack-ng -ng Sui Password crackers

• Passwords are stored as hashes - It ’s a one-w • Some are stored without much complexity • Relavely straighorward straighorward to brute-force a • Get the hashes - Can be the hardest part • Use a good wordlist or use rainbow tables • Common passwords, mulple languages, e • Many tools available • John the Ripper, Ophcrack Vulnerability Vulner ability scanners • Did you miss a security patch? • We’ll nd it • Minimally invasive, but sll acve • Unlike a penetraon test • Gather as much informaon as possible • We’ll separate wheat from cha later • Microso Baseline Security Analyzer, Tenabl • Scan one or many devices • Automate the process, report on ndings Conguraon Congurao n compliance scanners • Do your devices meet your  minimum security conguraons? Read Free For 30this Days Sign up to vote on title  • Need to comply with internal requirement Useful Not useful   or industryCancel regulaons anytime. • Check for various conguraons • Operang system version, installed applica





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.2 - Soware Security Tools Tools (connued) Data sanizaon tools • Time to upgrade that hard drive • What happens to the data on the old drive? • Overwrite the data once, and it’s gone • One and done Sanize enre drives • Darik’s Boot and Nuke (DBAN) • Sanize individual les or folders • Microso SDelete • Don’t forget about caches and temporary les • Data is stored in many places Stenoganography tools

• Greek for “concealed wring” • Security through obscurity • Message is invisible • But it’s really there • The covertext • The container document or le Common steganography techniques

• Network based • Embed messages in TCP packets • Use an image • Embed the message in the image itself • Invisible watermarks • Yellow dots on printers • Serial number and mestamp

Honey pots

• Aract the bad guys - And trap them ther • The bad guys are probably a machine • Makes for interesng recon Honeypots

• Create a virtual world to explore • Many dierent opons • hp://www.projecthoneypot.org/, hp://www.projecthoneypot.org/, hon • Constant bale to discern the real from th Backup Ulies • Protect from unexpected downme • Malware infecon, ransomware, server • Real-me le sync - rsync • Regular paral backups • Hourly incremental backups • Full backups • Complete le backups • System images • Complete coverage, fast recovery Banner grabbing • Applicaons can be chay • They somemes say too much • The banner is always there • But usually behind the scenes • Capture it with telnet, nc, or an automated tool (i.e., Nmap)

2.2 - Command Line Security Tools ping

• Test reachability • Determine round-trip me • Uses Internet Control Message Protocol (ICMP) • One of your primary troubleshoong tools Special offer for students: • Can you pingOnly the $4.99/month. host? • Wrien by Mike Muuss in 1983


traceroute

• Determine the route a packet takes to a des • Map the enre path  Read Free Foron 30this Days Sign up to vote title  (PO • tracert (Windows) or traceroute Useful  Not useful  • Takes Takes advantage ICMP Time to Live Excee Cancelof anytime. message • The me in TTL refers to hops, not seconds





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.2 - Command Line Security Tools Tools (connued) Nmap

Address Resoluon Protocol • Determine a MAC address based on an IP address • You need the hardware address to communicate

• Network mapper • Find and learn more about networ • Port scan • Find devices and idenfy open por • Operang system scan • Discover the OS without logging in • Service scan • What service is available on a devic Name, version, details • Addional scripts • Nmap Scripng Engine (NSE) • Extend capabilies, vulnerability

• arp -a

• View local ARP table ipcong and ipcong and ifcong

• Most of your troubleshoong starts with your IP address • Ping your local router/gateway • Determine TCP/IP and network adapter informaon • And some addional IP details • ipcong – Windows TCP/IP conguraon • ifcong – Linux interface conguraon tcpdump

• Capture packets from the command line • Very convenient • Available in most Unix/Linux operang systems • Included with Mac OS X, available for Windows (WinDump) • Apply lters, view in real-me • Quickly idenfy trac paerns • Save the data, use in another applicaon • Wrien in standard pcap format • Can be an overwhelming amount of data • Takes Takes a bit of pracce to parse and lter

netcat

• “Read” or “write” to the network • Open a port and send or receive so • Many dierent dierent funcons • Listen on a port number • Transfer data • Scan ports and send data to a port • Become a backdoor • Run a shell from a remote device • Other alternaves and OSes - Ncat

2.3 - Common Security Issues Unencrypted credenals • Authencaon is a crical process • All data must be protected • Some protocols aren't encrypted • All trac sent in the clear • Telnet, FTP F TP,, SMTP S MTP,, IMAP I MAP • Verify with a packet capture • View everything sent over the network

Master your semester with Scribd Logs and event anomalies & The New York Times • Gather as much informaon as possible • Will important Special offer forbe students: Onlylater $4.99/month. • Many dierent sources

Access violaons • Segmentaon fault • Your operang system is looking out for you • Prevents access to a restricted area of mem • Might be a programming error • A pointer to the wrong locaon • Could be a security issue • Malware aempng to access restricted me  Read Free For 30 Days Sign up to vote on this title • Denial of service  Useful  Not useful issues Cercate Cancel anytime. • A cercate should be signed by someone yo • It’s really someone your computer trusts





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.3 - Common Security Issues (connued) Miscongured devices • Another example of leaving the door open • The bad guys walk right in • Default username and password - Easy to authencate • Outdated soware - Known vulnerabilies • Running maintenance code • Debug informaon displayed to users • Firewalls • Rules provide too much access • Can be dicult to audit with a large rule base • Content lters • URLs are not specic enough • Some protocols not ltered (i.e., hps) • Access points • No encrypon mechanisms • Open conguraons from the wireless side Weak security congura conguraons ons • Digital security works great • Unl it doesn’t work great any longer • Too Too old - DES (Data Encrypon Standard) encrypon encr ypon • Created in 1975, 56 bit keys • Small key size is easily brute-forced with today’s technologies • Encrypon vulnerabilies - WEP (Wired Equivalent Privacy) • Inial 802.11 encrypon algorithm • Vulnerabilies found with RC4 ciphers and IVs • Hash collisions - SHA-1 (Secure Hash Algorithm 1) • Many collision aacks idened - Dierent documents with the same hash - No longer viable Personnel issues

• The weakest link - People make mistakes • Policy violaons • It’s in your Acceptable Use Policy (AUP) document • Insider threats • Authencated users have more free reign non-authencated Special offerthan for students: Only $4.99/month. • Important to assign the correct rights and permissions


• Licensing • You’re going to pay for that, right? • Ongoing support • Who’s going to upgrade the unautho soware? Security patches? • What happens when it stops workin Baseline deviaon • Everything should be well documente • Hardware, soware, network trac data storage • Any changes to the norm should be id • And alerts should be sent immediate • Common with VPNs • Security posture analysis before con to the network • If something deviates from the base you must x it • An-virus and signature version, O • No remote access unl it matches th License compliance violaon • So many soware licenses • Operang systems, applicaons, hardware appliances • And they all license with dierent m • Availabili Availability ty • Everything works great when the • Meeng the expiraon date may cau • Applicaon may stop working comp • Integrity • Data and applicaons must be accurate and complete • A missing/bad license may cause pro with data integrity  Asset management Read Free Foron 30this Days Sign up to vote title  • Idenfy and track compung assets Useful Not useful   • Usually ananytime. automated process Cancel • Respond faster to security problem • You know who, what, and where





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.4 - Analyzing Security Output Host-based IDS/IPS • Intrusion Detecon System / Intrusion Prevenon System • Started as a separate applicaon • Now integrated into many “endpoint” products • Protect based on signatures • Decrypted data • Protect based on acvity • Why are you modifying that le? Anvirus • The viruses are out there • It’s just a maer of me • From computers running Kaspersky Lab products in Q1 2017: • 479,528,279 malicious aacks blocked • 79,209,775 malicious URLs idened • 240,799 blocked ransomware ransomware aacks • 1,333,605 malicious installaon packages on mobile devices • hp://professormesser.link/q1stats • Anvirus apps will alert and log on malicious soware • Download or execute • Visit known-bad URL File integrity check

• Operang system check • Are the original les sll in place? • Host based rewalls • Protect against others on the network • Restrict access to your personal computer • Protect wherever you go • Required for laptops and mobile devices • Restricts by applicaon and network port numbers • The rewall knows what you’re doing • Log displays connecon aempts Special offer for students: Only $4.99/month. • Allowed and denied access Applicaon whitelisng


• Exltraon - Terabytes of data that ts into yo • Windows Event Log • Security auding • View USB media use, log lenames copied to removable drives Advanced malware tools

• Specialized removal and recovery tools • Malware techniques vary widely • Malware is is pervasive pervasive • Spreads to all parts of your operang system • The best recovery is to delete and restore from good backup • You don’t always have this opon • Research as much as possible • Gather recon from the malware tools • Stop it and prevent it UTM/All-in-one UTM/All-in-on e security appliance • Unied Threat Management (UTM) / Web security gateway • URL lter / Content inspecon, Malware insp Spam lter, CSU/DSU, Router, Router, Switch, Firewal Bandwidth shaper, VPN endpoint Data Loss Prevenon (DLP) • Where’s your data? • Social Security numbers, credit card numbe medical records • Stop the data before the bad guys get it • Data “leakage” • So many sources, so many desnaons • Oen requires mulple soluons in dieren Data Execuon Prevenon (DEP) • No-eXecute bit  Read Free Foron 30 Days Signitup to vote this title Disable) • Intel calls the XD bit (eXecute  Useful Not useful  • AMD calls itCancel Enhanced Virus Protecon anytime. • Designate secons of memory as execung c • Code can’t run from protected memory loca





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.5 - Mobile Device Connecon Methods Cellular networks

NFC security concerns

• Mobile devices • “Cell” phones • Separate land into “cells” • Antenna coverages a cell with certain c ertain frequencies • Security concerns • Trac monitoring • Locaon tracking • Worldwide access to a mobile device

• Remote capture • It’s a wireless network • 10 meters for acve devices • Frequency jamming • Denial of service • Relay / Replay aack • Man in the middle • Loss of RFC device control • Stolen/lost phone ANT/ANT+ • Wireless sensor network protocol • 2.4 GHz ISM band (industrial, scienc, an • An “Internet of Things” ultra-low-power p • Fitness devices, heart rate monitors, etc. • A separate wireless service • Not 802.11 or Bluetooth • Denial of service • Spectrum jamming • Oponal encrypon • And no method to maintain integrity

Wi-Fi

• Local network access • Local security problems • Same security concerns as other Wi-Fi devices • Data capture • Encrypt your data! • Man-in-the-middle • Modify and/or monitor data • Denial of service • Frequency interference Satellite communicaons - SATCOM • Remote locaons, natural disasters • Standard communicaon won’t work • Literally talking to space • Satellites in a low earth orbit or geostaonary • Voice and data communicaon • Communicate from almost anywhere • Handheld devices can be a security risk • Operang system vulnerabilies • Remote code execuon • Similar security issues to other smartphones Near eld communicaon (NFC) • Two-way wireless communicaon • Builds on RFID, which was one-way • Payment systems Special offer for students: Only • Google wallet and$4.99/month. MasterCard partnership • Apple Pay


IR (Infrared)

• Included on many smartphones, tablets, and smartwatches • Not really used much for le transfers an • Control your entertainment center • Almost exclusively IR • File transfers are possible • Other phones can be used to control your I USB (Universal Serial Bus)

• Physical connecvity to your mobile device • USB to your computer  Read Free For 30this Days Sign up to vote title on your ph • USB, Lightning, or on proprietary  Not useful  Useful  • Physical access is always a concern Cancel anytime. • May be easier to gain access than over a remote connecon





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



2.5 - Mobile Device Connecon Methods (connued) Content management

Sheet Music

 Search document

• Mobile Content Management (MCM) • Secure access to data • Protect data from outsiders • File sharing and viewing • On-site content (Microso Sharepoint, le servers) • Cloud-based storage (Box, Oce 365) • Data sent from the mobile device • DLP (Data Loss Prevenon) prevents copy/paste of sensive data • Ensure data is encrypted on the mobile device • Managed from the mobile device manager (MDM) Remote wipe

• Remove all data from your mobile device • Even if you have no idea where it is • Oen managed from the MDM • Connect and wipe from the web • Nuke it from anywhere • Need to plan for this • Congure your mobile device now • Always have a backup • Your data can be removed at any me • As you are walking out the door Geolocaon • Precise tracking details • Tracks within feet • Can be used for good (or bad) • Find your phone • Find you • Most phones provide an opon to disable • Limits funconality of the phones • May be managed by the MDM

Master your semester with Scribd Geofencing & The New York Times • Some MDMs allow for geofencing • Restrict or allow features when the device Special offer for students: Only $4.99/month. is in a parcular area

Push nocaon services • Informaon appears on the mobile devic • The nocaon is “pushed” to your de • No user intervenon • Receive nocaons from one app when using a completely dierent app • Control of displayed nocaons can be managed from the MDM • Or nocaons can be pushed from th

Nocaon Opons

Passwords and PINs

• The universal help desk call • I need to reset my password • Mobile devices use mulple authencao • Password/passphrase, PINs, paerns • Recovery process can be iniated from the • Password reset opon is provided on the mobile device • MDM also has full control • Completely remove all security controls • Not the default or best pracce Biometrics

• You are the authencaon factor • Fingerprint, face  • MayRead not be the most Free For 30secure Days Sign up to vote on this titleauthencao  • Useful in some environments Useful  Not useful  • Completely forbidden Cancel anytime. in others • Availability is managed through the MDM • Organizaon determines the security of





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.5 - Mobile Device Connecon Methods (connued) Containerizaon • Dicult to separate personal from business • Especially when the device is BYOD • Owned by the employee • Separate enterprise mobile apps and data • Create a virtual “container” for company data • A contained area - limit data sharing • Storage segmentaon keeps data separate • Easy to manage ooarding • Only the company informaon is deleted • Personal data is retained • Keep your pictures, video, music, email, etc.

Full device encrypon • Scramble all of the data on the mobile • Even if you lose it, the t he contents are s • Devices handle this in dierent ways • Strongest/stronger/strong Strongest/stronger/strong ? • Encrypon isn’t trivial • Uses a lot of CPU cycles • Complex integraon between hardware and soware • Don’t lose or forget your password! • There’s no recovery

2.5 - Mobile Device Enforcement Third-party app stores

• Centralized app clearinghouses • Apple App Store • Google Play • Microso Store • Not all applicaons are secure • Vulnerabilies, data leakage • Not all applicaons are appropriate for business use • Games, instant messaging, etc. • MDM can allow or deny app store use Roong/jailbreaking • Mobile devices are purpose-built systems • You don’t need access to the operang system system • Gaining access • Android - Roong • Apple iOS - Jailbreaking • Install custom rmware • Replaces the exisng operang system • Uncontrolled access • Circumvent security features, sideload apps without using an app store Special offer for students: Only $4.99/month. • The MDM becomes relavely useless

Master your semester with Scribd & The New York Times Carrier unlocking

• Updates are provided over the air (OTA) • No cable required • Security patches or enre operang system • Signicant changes without connecng th • This may not be a good thing • The MDM can manage what OTA updates Camera use

• Cameras are controversi controversial al • They’re not always a good thing • Corporate espionage, inappropriate use • Almost impossible to control on the device • No good way to ensure the camera won’t • Camera use can be controlled by the MDM • Always disabled • Enabled except for certain locaons (geoSMS/MMS • Short Message Service / Mulmedia Messa • Text messages, video, audio  • Control ofup data can a Days concern Read Free Forbe 30this Sign to vote on title  • Outbound data leaks, nancial disclosure Useful  Not useful  • Inbound nocaons, Cancel anytime. phishing aempts • MDM can enable or disable SMS/MMS • Or only allow during certain meframes o





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.5 - Mobile Device Enforcement (connued) USB OTG • USB On-The-Go • Connect mobile devices directly together • No computer required, only a cable • The mobile device can be both a host and and a device • Read from an external device, then act as a storage device itself • No need for a third-party storage device • A USB 2.0 standard • Commonly seen on Android devices • Extremely convenient • From a security perspecve, it’s too convenient Recording microphone

• Audio recordings • There are microphones on every mobile device • Useful for meengs and note taking • A standard for college classes • A legal liability • Every state has dierent laws • Every situaon is dierent • Disable or geo-fence • Manage from the MDM Geotagging/GPS tagging • Your phone knows where you are • Locaon Services, GPS • Adds your locaon to document metadata • Longitude, latude • Photos, videos, etc. • Every document may contain geotagged informaon • You can track a user quite easily • This may cause security concerns • Take Take picture, upload to social media

Master your semester with Scribd 2.5 New - Mobile Device Deployment Models & The York Times SpecialBYOD offer for students: Only $4.99/month. • Bring Your Own Device / Bring Your Own Technology

WiFi Direct/ad hoc • We’re so used to access points • SSID conguraons • The wireless standard includes an ad hoc mod • Connect wireless devices directly • Without an access point • WiFi Direct simplies the process • Easily connect many devices together • Common to see in home devices • Simplicity can aid vulnerabilies • Invisible access to important devices Hotspot/tethering • Turn your phone into a WiFi hotspot • Your own personal wireless router • Extend the cellular data network to all of you • Dependent on phone type and provider • May require addional charges and data cos • May provide inadvertent access to an internal • Ensure proper security / passcode Payment methods

• Send small amounts of data wirelessly over a l • Built into your phone • Payment systems, transportaon, in-person informaon exchange • A few dierent standards • Apple Pay, Android Pay, Samsung Pay • Bypassing primary authencaon would allow • Use proper security • Or disable completely






Useful  Not useful Cancel anytime. Corporate-owned • The company owns the device







Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.6 - Secure Protocols Voice and video • SRTP • Secure Real-Time Transport Protocol Protocol / Secure Se cure RTP • Adds security features to RTP • Keep conversa conversaons ons private • Encrypon • Uses AES to encrypt the voice/video ow • Authencaon, integrity, and replay protecon • HMAC-SHA1 - Hash-based message authencaon code using SHA1 Time synchroniza synchronizaon on • Classic NTP has no security features • Exploited as ampliers in DDoS aacks • NTP has been around prior to 1985 • NTPsec • Secure network me protocol • Began development in June of 2015 • Cleaned up the code base • Fixed a number of vulnerabilies

LDAP (Lightweight Directory Access Protocol)

Email

Remote access

• S/MIME • Secure/Mulpurpose Internet Mail Extensions • Public key encrypon and digital signing of mail content • Requires a PKI or similar organizaon of keys • Secure POP and Secure IMAP • Use a STARTTLS extension to encrypt POP3 with SSL or use IMAP with SSL • SSL/TLS • If the mail is browser based, always encrypt with SSL Web • SSL/TLS • Secure Sockets Layer • Transport Transpo rt Layer Special offer for students: OnlySecurity $4.99/month. • HTTPS


• Protocol for reading and wring directories over an IP network • An organized set of records, like a phone dire • X.500 specicaon was wrien by the Internaonal Telecommunicaons Telecommunicaons Union (ITU) • They know directories! • DAP ran on the OSI protocol stack • LDAP is lightweight, and uses TCP TCP/IP /IP • LDAP is the protocol used to query and update an X.500 directory • Used in Windows Acve Directory, Apple OpenDirectory, OpenLDAP, etc. Directory services

• LDAPS (LDAP Secure) • A non-standard implementaon of LDAP ove • SASL (Simple Authencaon and Security Se curity Laye • Provides authencaon using many dierent i.e., Kerberos or client cercate

• SSH (Secure Shell) • Encrypted terminal communicaon • Replaces Telnet Domain name resoluon • DNS had no security in the original design • Relavely easy to poison a DNS • DNSSEC • Domain Name System Security Extensions • Validate DNS responses • Origin authencaon, data integrity • Public key cryptography • DNS records are signed with a trusted  third p Read Free For 30 Days Sign up to vote on this title • Signed DNS records are published in DNS  Useful  Not useful  switching Roung and Cancel anytime. • SSH - Secure Shell - Encrypted Encr ypted terminal commu • SNMPv3 - Simple Network





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



2.6 - Secure Protocols (connued) Network address allocaon • DHCP client DoS - Starvaon aack • Use spoofed MAC addresses to exhaust the DHCP pool • Switches can be congured to limit the number of MAC addresses per interface • Disable an interface when mulple MAC addresses are seen

Subscripon services • Automated subscripons • An-virus / An-malware signature updat • IPS updates • Malicious IP address databases / Firewall • Constant updates • Each subscripon uses a dierent update • Check for encrypon and integrity checks • May require an addional public key con • Set up a trust relaonship - Cercates, IP

3.1 - Compliance and Frameworks Compliance

Frameworks

• Compliance • Meeng the standards of laws, policies, and regulaons • A healthy catalog of rules • Across many aspects of business and life • Many are industry-specic or situaonal • Penales • Fines • Incarceraon • Loss of employment • Scope • Domesc and internaonal requirements

• Structure and organizaon • What works best for IT? • Process management • Geng the IT “product” to work best wi organizaon • Best pracces • Guidelines and examples for IT managem • Cost eecve, agile • Lots of training • For everyone Industry-specic frameworks • COBIT • Control Objecves for Informaon and Related Technologies • Created by ISACA, formerly the Informaon Systems Audit and Control A • Focus on regulatory compliance, risk man and aligning IT strategy with organizaon • ITIL  • Formerly the Informaon Technology Read Free Foron 30this Days Sign up to vote title  Infrastructure Library Useful  Not useful  • Mulple stages of the IT I T lifecycle Cancel anytime. • Service Design, Service Transion, Service Operaon, Service Ser vice Strategy

Regulatory

• Sarbanes-Oxley Act (SOX) • The Public Company Accounng Reform and Investor Protecon Act of 2002 • The Health Insurance Portability and Accountability Act (HIP (HIPAA) AA) • Extensive healthcare standards for storage, use, and transmission of health care informaon • The Gramm-Leach-Bliley Act of 1999 (GLBA) • Disclosure of privacy informaon Special offer for nancial students: instuons Only $4.99/month. from HIPPA Non-compliance penales






Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.1 - Secure Conguraon Guides Secure conguraons • No system is secure with the default conguraons conguraons • You You need some guidelines to keep everything safe • Hardening guides are specic to the soware or plaorm • Get feedback from the manufacturer or Internet interest group • They’ll have the best details • Other general-purpose guides are available online Web server hardening • Access a server with your browser • The fundamental server on the Internet • Microso Internet Informaon Server, Server, Apache HTTP Server Ser ver,, et al. • Huge potenal for access issues • Data leaks, server access • Secure conguraon • Informaon leakage: Banner informaon, directory browsing • Permissions: Run from a non-privileged account, congure le permissions • Congure SSL: Manage and install cercates • Log les: Monitor access and error logs Operang system hardening • Many and varied • Windows, Linux, iOS, Android, et al. • Updates • Operang system updates/service packs, security patches

• User accounts • Minimum password lengths and com • Account limitaons • Network access and security • Limit network access • Monitor and secure • An-virus, an-malware Applicaon server • Programming languages, runme libra • Usually between the web server and • Middleware • Very specic funconality • Disable all unnecessary services • Operang system updates • Security patches • File permissions and access controls • Limit rights to what’s what ’s required • Limit access from other devices Network infrastructure devices

• Switches, routers, rewalls, IPS, etc. • You You never see them, but they’re they ’re alwa • Purpose-built devices • Embedded OS, limited OS access • Check with the manufacturer • Security updates • Not usually updated frequently • Updates are usually important

3.1 - Defense-in-Depth Layering the defense

• Physical controls • Keep people away from the technology • Door locks, fences, rack locks, cameras • Technical controls • Hardware and soware to keep things secure Special offer for students: Only $4.99/month. • Firewalls, acve directory authencaon, disk encrypon


Defense in depth

• Firewall • DMZ Read Free For 30this Days Sign to vote on title • up Hashing passwords  Useful  Not useful • Authencaon Cancel anytime.

 

• Intrusion detecon system • VPN access





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

3.2 - Secure Network Topologies Topologies (connued) ( connued) DMZ

Sheet Music



 Search document

DMZ

• Demilitarized zone • An addional layer of security between the Internet and you • Public access to public resources

DMZ Switch

Internal Network

Internet Internal Network Switch Firewall

Extranet

Internal Network

• A private network for partners • Vendors, suppliers • Usually requires addional authencaon • Only allow access to authorized users

Internal Network Switch

Internet

Extranet Firewall Extranet Switch

Intranet

Router

• Private network • Only available internally • Company announcements, important documents, other company business • Employees only • No external access • Internal or VPN access only

Intranet Switch

Switch

Remote Site 2

Master your semester with Scribd Guest network • An oponal & The Newnetwork York Times • Convenient for meengs, demonstraons demonstraons,, etc. Special offer for students: Only $4.99/month. • No access to the internal network

HQ Network

Switch

Remote Site 1

 Read Free ForTranslaon 30this Days Sign up to vote on title NAT - Network Address  • It is esmated that there are over 20 billion de Not useful  Useful  Cancel anytime. connected to the Internet (and growing) • IPv4 supports around 4.29 billion addresses





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.2 - Network Segmentaon Segmenng the network • Physical, logical, or virtual segmentaon • Devices, VLANs, virtual networks • Performance - High-bandwidth applicaons • Security • Users should not talk directly to database servers • The only applicaons in the core are SQL and SSH • Compliance • Mandated segmentaon (PCI compliance) • Makes change control much easier Physical segmentaon • Devices are physicall physicallyy separate • Switch A and Switch B • Must be connected to provide communicaon • Direct connect, or another switch or router • Web servers in one rack • Database servers on another • Customer A on one switch, customer B on another • No opportunity for mixing data • Separate devices • Mulple units, separate infrastructur infrastructure e

Virtualizaon • Get rid of physical devices • All devices become virtualized • Servers, switches, routers, rewalls, load • All virtual devices • Instant and complete control • Build a new network • Route between IP subnets • Drop a rewall between • Drag and drop devices between networ Air gaps

• One step farther than physical segmenta • Physical segmentaon usually has some • Remove any connecvity between compo • No possible way for one device to communicate to another • No shared components • Network separaon • Secure networks • Industrial systems (SCADA, manufacturi • Some technologies can jump the gap • Removable media

Physical segmentaon • Separate Device • Mulple units, separate infrastructure






Useful

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.2 - VPN Technologies Technologies Site-to-Site VPNs • Encrypt trac between sites • Through the public Internet • Use exisng Internet connecon • No addional circuits or costs Host-to-Site VPNs • Also called “remote access VPN” • Requires soware on the user device • May be built-in to exisng operang system

Internet Corporate Network

Remo VPN Appliance

Corporate Network

Host-to-Host VPNs • User to user encrypon • Soware-based • No hardware needed

VPN Appliance

Internet VPN Concentrator

Internet

3.2 - Security Technology Technology Placement Sensors and collectors

• Gather informaon from network devices • Built-in sensors, separate devices • Integrated into switches, routers, servers, rewalls, etc. • Sensors • Intrusion prevenon systems, rewall logs, authencaon logs, web server access logs, Special offer for students: Only $4.99/month. database transacon logs, email logs


Proxy servers

• An intermediate server • Client makes the request to the proxy • The proxy performs the actual request  • The Read proxy provides results back to the clie Free Foron 30this Days Sign up to vote title  • Useful Useful  Not useful features Cancel anytime. • Access control, caching, • URL ltering, content scanning





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



 Search document

3.2 - Security Technology Technology Placement (connued) SSL accelerator acceleratorss

Sheet Music

• The SSL handshake requires some cryptographic overhead • A lot of CPU cycles • Ooad the SSL process to a hardware accelerator acc elerator • Oen integrated into a load balancer

HTTPS

HTTP

Client / Browser

DDoS migaon • Resist a distributed denial of service aack • Minimize the impact • Cloud-based • Internet provider or reverse proxy service • On-site tools • DDoS ltering in a rewall or IPS • Posioned between you and the Internet I nternet • Literally you against the world

SSL Accelerator

Aggregaon switches

Taps and port mirrors

• Intercept network trac • Send a copy to a packet capture device • Physical taps • Disconnect the link, put a tap in the middle • Can be an acve or passive tap • Port mirror • Port redirecon, SPAN (Switched Port ANalyzer) • Soware-based tap • Limited funconality, funconality, but can work well in a pinch

3.2 - Securing SDN

Master your semester with Scribd SDN (Soware Dened Networking) • Networking devices have two funconal planes of operaon & The New York Times • Control plane, data plane Special offer for students: Only $4.99/month. • Directly programmable

• Conguraon is dierent than forwarding

Centrally managed Read Free Foron 30this Days Sign•up to vote title





• Global view, view, single paneof gla Useful  Not useful Cancel anytime. • Programmacally congured • Orchestraon • No human intervenon





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.3 - Hardware Security (connued) Hardware Security Module (HSM)

Secure Boot

• High-end cryptographic hardware • Plug-in card or separate hardware device • Key backup • Secured storage • Cryptographic accelerators • Ooad that CPU overhead from other devices • Used in large environmen e nvironments ts • Clusters, redundant power

• Malicious soware can “own” your system • Malicious drivers or OS soware • Secure boot - Part of the UEFI specicaon • Digitally sign known-good soware • Cryptographically secure • Soware won’t run without the t he proper sig • Support in many dierent operang system • Windows, Linux Fedora, openSUSE, Ubunt • Apple uses their own EFI implementaon Remote aestaon • Nothing on this computer has changed • There have been no malware infecons • How do you know? • Easy when it’s just your computer • More dicult when there are 1,000 • Remote aestaon • Device provides an operaonal report to a vericaon server • Encrypted and digitally signed with the TP • Changes are idened and managed

Hardware root of trust

• Security is based on trust • Is your data safely encrypted? • Is this web site legimate? • The trust has to start somewhere • TPM, HSM • Designed to be the hardware root of the trust • Dicult to change or avoid • It’s It ’s hardware hardware • Won’t work without the hardware UEFI BIOS • Unied Extensible Firmware Interface • Based on Intel’s EFI (Extensible Firmware Interface) • A dened standard • Implemented by the manufacturers • Designed to replace the legacy BIOS • Need a modern BIOS for modern computers computers


Supply chain

• September 2015: Hundreds of Cisco routers infected with “SYNful Knock” • Firmware modied for back-door access • Can you trust your new server/router/switc • Supply chain cyber security • Use trusted vendors • Crical devices should not be connected to • Verify your hardware is genuine EMI/EMP  • Electromagnec interference /Electromagne Read Free Foron 30this Days Sign up to vote title  • EMI leakage Useful Not useful   • DetermineCancel dataanytime. streams based on EMI em • Keyboards, hard drives, network conneco • Modify the security by injecng EMI





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



3.3 - Operang System Security (connued) Patch management

Sheet Music

 Search document

• Incredibly important • System stability, security xes • Service packs • All at once • Monthly updates - Incremental (and important) • Emergency out-of out-of-band -band updates • Zero-day and important security discoveries Update opons • Windows update • Bring Windows up-to-date on each workstaon • Windows Server Update Services (WSUS) • Centralized management for Windows devices • Mac OS • Soware Update • Available on the Apple menu • Linux - Many dierent opons • yum, atp-get, rpm, graphical front-ends The patching process

• Not always seamless • May take some planning • May introduce other problems • The x can cause another problem • Pick and choose • You don’t have to install every single patch • Oen centrally managed • The update server determine when you patch • Test all of your apps, then deploy • Eciently manage bandwidth Disabling unnecessary services • “Unnecessary” isn’t always obvious • Windows XP included almost 90 services by default, Windows 7 has over 130 • Every service has the potenal for trouble Special offer for students: Only $4.99/month. • The worst vulnerabilies are 0-day • This may require a lot of research


Secure conguraons • Fine tuning of the operang system • Make your least funconality very secur • These will apply regardless of the system u • The operang system is common to all • Example secure conguraon policies • Stay updated with the latest patches • Compromised systems are re-imaged (no • Changes to the standard build must go through change management • Perform regular integrity checks of operang system les Evaluaon Assurance Level • Common Criteria for Informaon Technology Security Evaluaon • Also called Common Criteria (or CC) • An internaonal computer security cercaon standard (ISO/IEC 15408) • A common reference for US Federal Gov • Evaluaon Assurance Level (EAL) • EAL1 through EAL7 • Trusted operang system • The operang system is EAL compliant • EAL4 is the most accepted minimum lev Applicaon whitelisng/blacklisng • Any applicaon can be dangerous • Vulnerabilies, trojan horses, malware • Security policy can control app execuon • Whitelisng and blacklisng • Whitelisng • Nothing runs unless it’s it ’s approved approved - Very • Blacklisng  Read Free For 30this Days Sign up tothe vote on title • Nothing on “bad list” can be execute  • An-virus, an-malware Not useful  Useful  Cancel anytime. Examples of applicaon management • Decisions are made in the operang syste





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.3 - Peripheral Security Wireless keyboards and mice • Many wireless keyboards and mice communicate in the clear • Use proprietary wireless communicaon protocols • Over 2.4 GHz frequencies • Easy to capture keystrokes with a receiver • Inject keystr keystrokes okes and mouse movements • Control the computer remotely • Vulnerability called “KeySnier” • Some keyboard manufacturers support AES encrypon Displays

• Electromagnec radiaon • View informaon on a screen by eavesdropping the EM signals • Internal signals of a laptop or external cable • Eavesdrop through the walls • Firmware hacks • Many displays have no security for rmware upgrades • Log informaon on the screen • Ransomware with an LCD display WiFi- enabled microSD • Combinaon SD ash storage device and 802.11 Wi-Fi le transfers • Transfer Transfer from a camera to a computer without removing the SD card • SD card authencaon vulnerabilies • Predictable access, easy to read les over Wi-Fi • API access to the SD card • Manufacturer must implement strong security • API access can result in data leakage or data loss

Printers/mul-funcon devices Printers/mul-funcon • Mul-funcon devices • Printer, scanner, fax • Network connecvity • Local storage • Reconnaissance • Log les for all acvity, acvity, addres • Unauthorized access • Print without authencaon • Capture spool les External storage devices

• Storage outside the computer and oen removable • Very portable, easy to move la • No authencaon • Anyone can connect and read • Always use le/volume encryp • Oen used for exltraon of dat • Manage the use of removal sto Digital cameras

• Capture sll images and video • Save to digital storage • Device operates as external stor • Easy to move data around • Camera rmware can be compr • Security cameras are also vuln

3.4 - Secure Deployments Development to producon • Your programming programming team has been working on a new applicaon • How will you deploy it safely and reliably? • Patch Tuesday Special offer forand students: Only $4.99/month. • Test deploy Wednesday? Thursday? Friday? • Manage the process


• Test Test - Sll in the t he development stage • All of the pieces are put together  • Does it all work? Read Free Foron 30this Days Sign up to vote title tesn • Funconal tests, quality assurance (QA) Useful Not useful   • If it works in test, then it ’s ready for staging Cancel anytime. • Staging - Almost ready to roll it out • Works and feels exactly like the producon en





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.5 - Embedded Systems SCADA/ICS • Supervisory Control and Data Acquision System • Large-scale, mul-site Industrial Control Systems (ICS) • PC manages equipment • Power generaon, rening, manufacturing equipment • Distributed control systems • Real-me informaon • System control • Requires extensive segmentaon • No access from the outside Smart devices/IoT (Internet of Things) • Wearable technology • Glasses, watches, health monitors • Early generaon products • Track our locaon • Where is that data and how is it stored? • Home automaon • Video doorbells • Internet-connected garage door openers • Heang and cooling • It knows when you are home (and when you aren’t) HVAC • Heang, Venlang, and Air Condioning • Thermodynamics, uid mechanics, and heat transfer • A complex science • Not something you can properly design yourself • Must be integrated into the re system • PC manages equipment • Makes cooling and heang decisions for workspaces and data centers • Tradionally Tradionally not built with security in mind • Dicult to recover from an infrastructure DoS

Master your semester with Scribd & The York SoCNew (System on a Chip)Times • Mulple components running on a single chip Special offer for students: Only $4.99/month. • Common with embedded systems

RTOS (Real-TIme Operang System) • An operang system with a determinisc processing schedule • No me to wait for other processes • Industrial equipment, automobiles, • Military environments • Extremely sensive to security issues • Non-trivial systems • Need to always be available • Dicult to know what type of security Printers, scanners, and fax machines

• All-in-one or mulfuncon devices (MF • Everything you need in one single dev • No longer a simple printer • Very sophiscated rmware • Some images are stored locally on the d • Can be retrieved externally • Logs are stored on the device • Contain communicaon and fax detai Camera systems

• Video monitoring for home or oce • 24 hour / 7 day video (and audio) • Video recorders are IP devices • Authencate using a specialized appli • Cameras are IP devices • 4K/high denion • Privacy concerns • Don’t need to ring a doorbell • We know when you are home • We might even see you Special purpose

• Medical devices  Free Foron 30 Days Sign up to vote this title • Read Heart monitors, insulin pumps • Oen use older operang Useful useful systems  Not Cancel anytime. • Vehicles • Internal network is oen accessible acc essible





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.6 - Development Life-Cycle Models (connued) • The waterfall • Requirements: Document the request • Analysis: Build models and business rules • Design: Pick a soware architecture • Coding: Development and integraon work • Tesng: Debug the applicaon • Operaons: Install and support the applicaon

Agile

• Ready, shoot, aim. Repeat. • It’s beer to get moving than to wait aroun • Everyone works together • Co-locaon and pair programming • Get some code out there • An app under construcon is beer than sl • Customer collaboraon - Constant communi • Quick response to change - Development is c

3.6 - Secure DevOps DevOps • Development and Operaons • Bring together the two sides of the house • Create and deploy • Speed, availabi availability lity,, and security • Emphasis on automaon and monitoring • Integraon, tesng, release, and manage • Shrink deployment cycles • And increase the frequency of deployments • How do you do this safely? Security automaon • Automaon is relavely inexpensive • It’s automated, so run them early and oen • Funconal security tests • Login, logout, ensure a secure plaorm • Test against known vulnerabilies • Misconguraons, weak SSL ciphers, etc. • Penetraon tesng • Test Test the OS and applicaon services • Test the applicaon • Manipulate the applicaon to get unexpected results Connuous integraon • Code is constantly wrien • And merged into the central c entral repository many mes a day So many chancesOnly for security problems Special• offer for students: $4.99/month. • Security should be a concern from the beginning


Immutable systems • Update an applicaon every week for a ye • It’s nothing like the original deployment • You couldn’t rebuild it if you had to • Conguraon dri • Immutable systems • Locked down and unable to change c hange • To update an applicaon, a new iteraon is deployed • The enre iteraon is up to date and tes • Must stronger security posture • Test and validate without worrying about a change Infrastructure Infrastructu re as code (IAC)

• Cloud compung • Relies on automaon • If you can automate it, you can quickly and deploy it • Except for the server hardware, switche rewalls, etc. • Tu Turn rn the infrastructure devices into into code • Virtualize everything  • Focus what the applicaon Read Free For 30 Days Signon up to vote on this title needs, rat  on a than building the applicaon based Useful Not useful   infrastructure Cancel anytime. • A clearly dened infrastructure • Security is a known quanty





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.6 - Version Control and Change Management (connued) Change management

Change management and security

• Change control • A formal process for managing change • Avoid downme, confusion, and mistakes • Nothing changes without the process • Plan for a change • Esmate the risk associated with the change • Have a recovery plan if the change doesn’t work • Make the change

• Every change has a security component • Each change must be evaluated separat • Install security patches • Ideally makes the systems more secure • Applicaon update • New version, new code, new security co • Change to the applicaon instance • New servers, updated middleware, etc. • Everything must be evaluated together

3.6 - Provisioning and Deprovisioning Provisioning

• Deploy an applicaon • Web server, database server, middleware server, user workstaon conguraons, conguraons, cercate updates, etc. • Applicaon soware security • Operang system, applicaon • Network security • Secure VLAN, internal access, external access • Soware deployed to workstaons • Check executables for malicious code, verify security sec urity posture of the workstaon Orchestraon • Automaon is the key to cloud c loud compung • Services appear and disappear automacally, automacally, or at the push of a buon • Enre applicaon instances can be instantly provisioned • All servers, networks, switches, rewalls, and policies

• Instances can move around the world as • Follow the sun • The security policies should be part of th orchestraon • As applicaons are provisioned, the pro is automacally included Deprovisioning

• Dismantling and removing an applicaon • All good things • Security deprovisioning is important • Don’t leave open holes, don’t close imp • Firewall policies must be reverted • If the applicaon is gone, so is the acce • What happens to the data? • Don’t leave informaon out there

3.6 - Secure Coding Techniques Techniques Secure coding concepts Master your semester with Scribd • A balance between me and quality • Programming with security in mind is oen secondary & The Newtesng, York Times • Tesng, tesng

Special offer for students: Only $4.99/month. • The Quality Assurance (QA) process

• Vulnerabilies will eventually be found

Input validaon • What is the expected input?  Read Free Foron 30this Days Sign up to vote title  • Validate actual vs. expected Useful Not useful   • Document all input Cancel anytime.methods - Forms, e • Check and correct all input (normalizao • A zip code should be only X characters





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



3.6 - Secure Coding Techniques Techniques (connued) Code signing

Sheet Music

 Search document

• An applicaon is deployed • Users run applicaon executable or scripts • So many security quesons • Has the applicaon been modied in any way? • Can you conrm that the applicaon was wrien by a specic developer? • The applicaon code can be digitally signed by the developer • Asymmetric encrypon • A trusted CA signs the developer’s public key • Developer signs the code with their private key • For internal apps, use your own CA Encrypon • If you can see the source code, you can easily look for security holes • Source code is closely guarded • Development plaorms should use encrypon • If you’re sending data over the network, it should be encrypted • Easy to grab data from the air • Encrypt important data • Some operang systems do this anyway Obfuscaon /camouage • Obfuscate • Make something normally understandable very dicult to understand • Take Take perfectly readable code and turn it into nonsense • The developer keeps the readable code and gives you the chicken c hicken scratch • Both sets of code perform exactly the same way • Helps prevent the search for security holes • Makes it more dicult to gure out Special offer for students: Only $4.99/month. what’s happening • But not impossible


Validaon points • Server-side validaon • All checks occur on the server • Helps protect against malicious user • Bad guys may not even be using your interface • Client-side validaon • The end-user’s app makes the validaon decisions • Can lter legimate input from genu • May provide addional speed to the • Use both • But especially server-side validaon Memory management

• As a developer, you must be mindful of how memory is used • Many opportunies to build vulnera • Never trust data input • Malicious users can aempt to circumvent your code • Buer overows are a huge security r • Make sure your data matches your b • Some built-in funcons are insecure • Use best pracces when designing y Third-party libraries and SDK’s • Your programming programming language does eve • Almost • Third-party libraries and soware development kits • Extend the funconality of a programming language • Security risk  Read Free Forcode 30this Days Sign up to vote on title by someon • Applicaon wrien  • Might secure. Might not be secu Usefulbe  Not useful  Cancel anytime. • Extensive tesng is required • Balancing act





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.6 - Code Quality and Tesng Tesng Stac code analyzers • Stac Applicaon Security Tesng (SAST) • Help to idenfy security aws • Many security vulnerabilies found easily • Buer overows, database injecons, etc. • Not everything can be idened through analysis • Authencaon security security,, insecure cryptography, cryptography, etc. • Don’t rely on automaon for everything • Sll have to verify each nding • False posives are an issue Dynamic analysis (fuzzing) • Send random input to an applicaon • Fault-injecng, robustness tesng, syntax tesng, negave tesng • Looking for something out of the ordinary • Applicaon crash, server error error,, excepon • 1988 class project at the University of Wisconsin • “Operang System Ulity Program Reliability” • Professor Barton Miller • The Fuzz Generator Fuzzing engines and frameworks • Many dierent fuzzing opons • Plaorm specic, language specic, etc. • Very me and processor resource heavy • Many, many dierent iteraons to try • Many fuzzing engines use high-probability tests • Carnegie Mellon Computer Emergency Response Team (CERT) • CERT Basic Fuzzing Framework (BFF) • hp://professormesser.link/b Stress tesng • The soware works with one user • What about 1,000 users? • Inadvertent results can occur at load • Unintended messages Special offer for students: error Only $4.99/month. • Applicaon details and versions


Sandboxing • A bit dierent than the t he developer sandb • A dierent sandbox at a dierent play • Test environment looks and works exact producon • No producon systems are used • No producon data is used • QA can fuzz, overload, and try to break the sandboxed environment • You can’t hurt anything in the sandbox Model vericaon • Vericaon and Validaon (V&V) • You started development with a set of requirements • Vericaon • Does the soware work properly? • Are there any bugs to address? • Are we building the product right? • Validaon • Did you meet the high level requireme • Are we building the right product? Compiled vs. runme code • Compiled code • You You don’t see the source code • The applicaon is an executable compiled from the source • The compiled code is specic to an operang system and CPU • Logical bugs can be idened at comp • Runme code • Source code is usually viewable • The code instrucons execute when the is run  Read Free Foron 30this Days Sign up to applicaon vote title  • No opportunity to nd compile-me Useful  Not useful  Cancel so errors areanytime. detected during or aer





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.7 - Cloud and Virtualizaon Overview Virtualizaon • One computer, many operang systems • Mac OS X, Windows 7, Linux Ubuntu, all at the same me! • Separate OS, independent CPU, memory, network, etc. • But really one computer • Host-based virtualizaon • Your normal desktop plus others • Standalone server that hosts virtual machines • Enterprise-level • Been around since 1967 - IBM mainframe virtualizaon

The hypervisor

• Virtual Machine Manager • Manages the virtual plaorm and guest operang systems • May require a CPU that supports virtualiza • Can improve performance • Hardware management • CPU • Networking • Security Hypervisors

• Type I • Bare metal, Embedded, Nave • Run directly with hardware, no addional • Type II • Run on a host OS • On top of Windows, Linux, Mac OS X, etc. • Applicaon containeriza containerizaon on • Run an applicaon without launching an • Uses just the right resources for the applic • Everything you need to run the app is in the image (container/cell)

3.7 - Virtualizaon Security VM sprawl avoidance • Click a buon • You’ve built a server • Or mulple servers, networks, and rewalls • It becomes almost too easy to build instances • This can get out of hand very quickly • The virtual machines are sprawled everywhere • You aren’t sure which VMs are related to which applicaons Special offer for students: Only $4.99/month. • It becomes extremely dicult to deprovision • Formal process and detailed documentaon


• Virtual machine escape • Break out of the VM and interact with the host operang system or hardware • Once you escape the VM, you have great c • Control the host and control other guest • This would be a huge exploit • Full control of the virtual world Escaping the VM  • March 2017 - Pwn2Own hacking contest Read Free Foron 30this Days Sign up to vote title some • You You pwn it, you own it - along with Not useful  Useful  Cancel anytime. • JavaScript engine bug in Microso Edge • Code execuon in the Edge sandbox





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.7 - Security in the Cloud VDI (Virtual Desktop Des ktop Infrastructure) Infrastructure) • Virtualize the user’s desktop and run it in the data center • Somemes called VDE (Virtual Desktop Environment) • All of the compung power is in the data center • The end-user hardware is a “virtual desktop” • Relavely small compung requirements on the client workstaon • The end-user operang system becomes less important • Enhanced security • Centralized and easier to manage • Changes can be ghtly  ghtly controlled • The data never leaves the data center Cloud access security broker (CASB) • Clients are at work, data is in the cloud • How do you keep everything secure? sec ure? • The organizaon already has well-dened security policies • How do you make your security policies work in the cloud? • Integrate a CASB • Implemented as client soware, local security appliances, or cloud-based security soluons

• Visibility • Determine what apps are in use • Are they authorized to use the ap • Compliance • Are users complying with HIPAA? • Threat prevenon • Allow access by authorized users, prevent aacks • Data security • Ensure that all data transfers are e • Protect the transfer of PII with DL Security as Service (SECaaS)

• Instead of managing your own secu move it to the cloud • Pay for what you use • Scale up and down as needed • Connuously monitoring • Uniformly applies to all trac • An-virus/an-malware signatures are constantly updated • Block emerging threats without deploying updates

3.8 - Resiliency and Automaon Automaon and scripng • Plan for change - Implement automacally • Automated courses of acon • Many problems can be predicted • Have a set of automated responses • Connuous monitoring • Check for a parcular event, and then react • Conguraon validaon • Cloud-based technologies allow for constant change • Automacally validate a conguraon before going live • Perform ongoing Special offer for students: Only automated $4.99/month.checks

Master your semester with Scribd & The New York Times Templates

• You’ll You’ll sll need to make changes when de • IP addresses, rewall rules, licensing up • You’ll have to keep the master image upd • Security patches, operang system upda • This can be administravely challenging Non-persistence

• The cloud is always in moon • App instances are constantly built and to  Read Free Foron 30 Days Sign up to vote this title congura • Snapshots capture the current congura • Preserve the complete state of a device  Useful  Not useful Cancel anytime. or just the conguraon • Revert to known state





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



0

1.8K views



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



3.8 - Redundancy, Fault Tolerance, and High Availability Distribuve allocaon • The bad guys are looking for your data • Most people keep it in the data center • Web servers, database servers, ser vers, middleware, security devices, monitoring systems • Many devices are required to maintain an applicaon instance • Don’t keep everything in one place • Crical assets, data, and other system should be in dierent places • Makes it more dicult to target and exploit an applicaon instance • A distribuve allocaon Redundancy and fault tolerance

• Maintain upme • The organizaon connues to funcon • No hardware failure - Servers keep running • No soware failure - Services always available available • No system failure - Network performing opmally

Redundancy and fault tolerance

• Redundant hardware components • Mulple devices, load balancing powe • RAID • Redundant Array of Independent Disks • Uninterrupble power supplies (UPS) • Prepare for the disconnecons • Clustering • A logical collecve of servers (downm • Load balancing • Shared load across components High availability • Redundancy doesn’t always mean alway • May need to be enabled manually • HA (high availabili availability) ty) • Always on, always available • May include many dierent components working together • Watch for single points of failure

RAID Level

Descrip/on

RAID 0

Stri St ripi ping ng wi with thou outt pa pari rity ty

High Hi gh pe perf rfor orma manc nce, e, no fau ault lt to tole lerran

Mirroring

Duplicates data for fault tolerance but requires twice the disk space

RAID 5

Striping with parity

Fault tolerant, only requires an addi=onal disk for redundancy

RAID 0+1, RAID 1+0, RAID 5+1, etc.

Mul=ple RAID types

RAID 1

Master with Scribd 3.9 - your Physicalsemester Security Controls Proper Lighng & The New York • More light means moreTimes security Special offer forguys students: $4.99/month. • Bad avoidOnly the light • Easier to see when lit

Details

Combine RAID methods to increase redu


Fencing  Useful  Not useful • Build a perimeter

 

Cancel anytime.

• Usually very obvious • May not be what you’re looking for





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.9 - Physical Security Controls (connued) Guards and access lists

Air gap

• Security guard • Physical protecon • Validates idencaon of exisng employees • Provides guest access • ID badge • Picture, name, other details • Must be worn at all mes • Access list • Physical list of names • Enforced by security guard

• Physical separaon between networks • Secure network and insecure network • Separate customer infrastructures • Most environments are shared • Shared routers, switches, rewalls • Some of these are virtualized • Specialized networks require air gaps • Stock market networks • Power systems/SCADA • Airplanes • Nuclear power plant operaons

Alarms

• Circuit-based • Circuit is opened or closed • Door, window, fence • Useful on the perimeter • Moon detecon • Radio reecon or passive infrared • Useful in areas not oen in use • Duress • Triggered by a person • The big red buon

Mantraps

Safe

Faraday cage

• Secure your important hardware and media • Backups, laptops, hard drives • Protecon against the elements • Fire, water • Dicult to steal • Very heavy • Must be carefully managed • Don’t share the combinaon • What happens when you lose the combinaon? Locking cabinets • Data center hardware is oen managed byfor dierent groups Special offer students: Only $4.99/month. • Responsibility lies with the owner


• All doors normally unlocked • Opening one door causes others to lock • All doors normally locked • Unlocking one door prevents others from being unlocked • One door open / other locked • When one is open, the other cannot be • One at a me, controlled groups • Managed control through an area

• Blocks electromagnec elds • Discovered by Michael Faraday in 1836 • A mesh of conducve material • The cage cancels the electromagnec  on the interior • The window of a microwave oven • Not a comprehensive soluon • Not all signal types are blocked • Some signal types are not blocked at al  Free Foron 30 Days Sign up toaccess vote title networks • CanRead restrict tothis mobile  • Some very specic would Notconngencies useful  Useful  Cancel anytime. to be in place for emergency calls Door access controls





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

 Search document

3.9 - Physical Security Controls (connued)

HVAC • Heang, Venlang, and Air Condionin • Thermodynamics, uid mechanics, and heat transfer • A complex science • Not something you can properly design • Must be integrated into the re system • Data center should be separate from the rest of the building • Not too cold, not too hot • Overheang is a huge issue • Closed-loop recirculang and posive pr • Recycle internal air, air, and air is pushed o

Biometrics Sheet Music



• Biometric authencaon • Fingerprint, iris, voiceprint • Usually stores a mathemacal representaon of your biometric • Your actual ngerprint isn’t usually saved • Dicult to change • You can change your password • You can’t change your ngerprint • Used in very specic situaons • Not foolproof Barricades/bollards • Prevent access • There are limits to the prevenon • Channel people through a specic access point • And keep out other things • Allow people, prevent cars and trucks • Idenfy safety concerns • And prevent injuries • Can be used to an extreme • Concrete barriers / bollards • Moats

Fire suppression

Token and cards

• Smart card • Integrates with devices • May require a PIN • USB token • Cercate is on the USB device • Hardware or soware tokens • Generates pseudo-random authencaon codes • Your phone • SMS a code to your phone

Master your semester with Scribd & The New York Times Hot and cold aisles Special offer for students: Only $4.99/month.

Hot Air

• Electronics require unique responses to  • Water is generally a bad thing • Detecon • Smoke detector, ame detector, heat d • Suppress with water • Dry pipe, wet pipe, pre-acon • Suppress with chemicals • Halon - No longer manufactured • Dupont FM-200 / American Ame rican Pacic Hal Cable locks • Temporary security • Connect your hardware to something s • Cable works almost anywhere • Useful when mobile • Most devices have a standard connector • Reinforced notch • Not designed for long-term protecon • Those cables are prey thin  Read Free Foron 30this Days Sign up to vote title




Useful







Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



3.9 - Physical Security Controls (connued) Screen lters • Control your input • Be aware of your surroundings • Use privacy lters • It’s amazing how well they work • Keep your monitor out of sight • Away from windows and hallways • Don’t sit in front of me on your ight • I can’t help myself Video surveillance • CCTV (Closed circuit television) • Can replace physical guards • Camera properes are important • Focal length - Shorter is wider angle • Depth of eld - How much is in focus • Illuminaon requirements - See in the dark • Oen many dierent cameras cameras • Networked together and recorded over me

Logs

• Everything is logged • Entering the parking area • Idencaon upon entering the building • Badge assignment tracks door operaon • Correlate physical locaon with digital access • Someone logged into the console while in the • Need a formal process to collect collect and archive log • Some of the logs are physical, some are digital • May fall under privacy laws Key management

• Cryptographic key management • Policies for the creaon and protecon of imp • Some keys should be physically separated from t • Cercate Authority (CA) root key • If compromised, all keys must be replaced • One good reason for intermediate CAs • The root CA cercate will only be used to sign other intermediate CAs

4.1 - AAA and Authencaon AAA framework

• Idencaon • This is who you claim to be • Usually your username • Authencaon • Prove you are who you say you are • Password and other authencaon factors • Authorizaon • Based on your idencaon and authencaon, what access do you have? • Accounng • Resources used: Login me, data sent and received, logout me Mul-factor authencaon • More than oneOnly factor Special offer for students: $4.99/month. • Something you are


Something you have

• Smart card • Integrates with devices • May require a PIN • USB token - Cercate is on the USB devic • Hardware or soware tokens • Generates pseudo-random authencao • Your phone • SMS a code to your phone Something you know

• Password • Secret word/phrase, string of characters  Read Free Foron 30this Days Sign up to vote title • Very common authencaon factor  Useful Not useful   • PIN Cancel anytime. • Personal idencaon number • Not typically contained anywhere





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



4.1 - AAA and Authencaon (connued) Something you do

Sheet Music

 Search document

• A personal way of doing things • You’re special • Handwring analysis • Signature comparison • Wring technique • Typing technique • Personal typing paern • Very similar to biometrics • Close to something you are Federaon • Provide network access to others • Not just employees • Partners, suppliers, customers, etc. • Third-pares can establish a federated network • Authencate and authorize between the two organiza organizaons ons • Login with your Facebook credenals • The third-pares must establish a trust relaonship • And the degree of the trust

Single sign-on (SSO) • Authencate one me • Gain access to everything! • Saves me • A seamless process • End-user doesn’t see any of the complexies under the surface • Many dierent methods • Kerberos authencaon and authorizaon • 3rd-party opons Transive trust • Trust relaonships relaonships need to be established e stablished early • Dicult to change once in place • One-way trust • Domain B trusts Domain A, Domain A doesn’t trust Domain B • Two-way trust • Both domains are peers, both trust each other equally • Non-transive trust • A trust is specically created and applies only to that domain • Transive trust • Domain A trusts Domain B, Domain B trusts D therefore Domain A trusts Domain C

4.2 - Identy and Access Services RADIUS (Remote Authencaon Dial-in User Service) • One of the more common AAA protocols • Supported on a wide variety of plaorms and devices • Not just for dial-in • Centralize authencaon for users • Routers, switches, rewalls Special offer for students: Only $4.99/month. • Server authencaon • Remote VPN access


LDAP (Lightweight Directory Access Protocol)

• Protocol for reading and wring directories • An organized set of records, like a phone  • X.500 Read specicaon was wrien Free For 30this Days Sign up to vote on title by the Intern  Telecommunicaons Union (ITU) Not useful  Useful  Cancel anytime. • DAP ran on the OSI protocol stack • LDAP is lightweight, and uses TCP/IP (tcp/3 udp/389)





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



4.2 - Identy and Access Services (connued) Microso NTLM • Windows challenge/response • Domain name, username, password hash • LAN Manager (LANMAN) • Microso and 3Com network operang system • NT LAN Manager v2 (NTLM) challenge/response • Hash challenge, similar to CHAP • Somewhat insecure • MD4 password hash (same as NTLMv1) • HMAC-MD5 hash of username and server ser ver name • Variable-length Variable-length challenge of mestamp, random data, domain name Microso NTLM vulnerabilies v ulnerabilies • Some Windows password databases contain LM hash versions of the passwords • Compability with older systems • NTLM vulnerable to a credenals forwarding aack • Use credenals of one computer to gain access to another • Migrate to Kerberos • If you haven’t already

Kerberos • Network authencaon protocol • Authencate once, trusted by the system • No need to re-authencate to everything • Mutual authencaon - the client and the • Protect against man-in-the-middle or • Standard since the 1980s • Developed by the Massachuses Instute of Technology (M • RFC 4120 • Microso starng using Kerberos in Window • Based on Kerberos 5.0 open standard • Compable with other operang systems SSO with Kerberos • Authencate one me • Lots of backend ckeng • No constant username and password input • Save me • Only works with Kerberos • Not everything is Kerberos-friendly

4.2 - PAP, CHAP, and MS-CHAP PPP authencaon • Point-to-Point Protocol • Analog dialup, ISDN • And derivaves • PPTP (Point-to-Point Tunneling Protocol) • PPPoE (Point-to-Point (Point-to-Point Protocol over Ethernet) • Need to authencate through these non-Ethernet networks • PAP, CHAP, and MS-CHAP

PAP (Password Authencaon Protocol) • A basic authencaon method • Used in legacy operang systems • Rare to see singularly used • PAP is in the clear • Weak authencaon scheme • Non-encrypted password exchange • We didn’t require encrypon on analog

Master your semester with Scribd Read Free Foron 30this Days Sign up to vote title PAPNew (Password Authencaon Protocol) - Authencaon process  Useful  Not useful & The York Times Special offer for students: Only $4.99/month.

Cancel anytime.

 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



4.2 - PAP, CHAP, and MS-CHAP (connued) CHAP

MS-CHAP

• Challenge-Handshake Authencaon Protocol • Encrypted challenge sent over the network • Three-way handshake • Aer link is established, server sends a challenge message • Client responds with a password hash calculated from the challenge and the password • Server compares received hash with stored hash • Challenge-Response connues • Occurs periodically during the connecon • User never knows it happens

• Microso’s implementaon of CHAP • Used commonly on Microso’s Microso ’s Point-to-Point Tunneling Tunneling Proto • MS-CHAP v2 is the more recent version • Security issues related to the use of DES • Relavely easy to brute force the 256 poss to decrypt the NTLM hash • Don’t use MS-CHAP! • Consider L2TP, L2TP, IPsec, or some other secure technology

1

Login request is sent to the server

2

Server looks up the credenRals and sends a challenge to the us

I’d like to login, username is james Here’s your challenge message: 15472a309fe22789efa522d45c7af9ad

password111 + 15472a309fe22789efa522d45c7af9ad

Challenge response: db3fc40e6439d4d972870252ccc11f99

3

Username: james Password: password111

Client

password11 15472a309fe22789efa5

Challenge response: db3fc40e6439d4d972870252ccc11f99

User combines the password and challenge to create a response

CHAP Server

4

Expected challeng db3fc40e6439d4d972

Server compares the user’s response with a locally created response

4.2 - Federa Federated ted Idenes Server-based authencaon • HTTP/web browser communicaon is stateless • Each request is unique and has no relaonship to the previous request • Tradionally, the server has kept track of logins • You You are assigned a session ID when you login • The server checks each me you send a request • Adds overhead to the server • Dicult to scale • Adds with redundancy Special offer for challenges students: Only $4.99/month. and cloud services


• Third-pares can establish e stablish a federated netw • Authencate and authorize between the organizaons • Login with your Facebook credenals • The third-pares must establish a trust rela • And the degree of the trust Security Asseron Markup Language(SAML) Read Free For 30this Days Sign up tofor vote on title and autho • Open standard authencaon  Not useful a third-party • You  canUseful authencate through  Cancel anytime. • One standard does it all, sort of • Shibboleth is open-source soware





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



4.3 - Access Control Models Access control

Sheet Music

 Search document

• Authorizaon • The process of ensuring e nsuring only authorized rights are exercised • Policy enforcement • The process of determining rights r ights • Policy denion • Users receive rights based on Access Control models • Dierent business needs or mission requirements Mandatory Access Control (MAC)

• The operang system limits the operaon on an object • Based on security clearance levels • Every object gets a label • Condenal, secret, top secret, etc. • Labeling of objects uses predened rules • The administrator decides who gets access to what security level • Users cannot change these sengs Discreonary Access Control (DAC) • Used in most operang systems • A familiar access control model • You create a spreadsheet • As the owner, you control who has access • You You can modify access at any me • Very exible access control • And very weak security Role based access control (RBAC) • You have a role in your organizaon • Manager, director, director, team lead, project manager • Administrators provide provide access based on the role of the user • Rights are gained implicitly instead of explicitly • In Windows, use Groups to provide role-based access control • You Yfor oustudents: are in shipping and receiving, Special offer Only $4.99/month. so you can use the t he shipping soware


Aribute-based access control (ABAC) • Users can have complex relaonships to applicaons and data • Access may be based on many dierent • ABAC can consider many parameters • A “next generaon” authorizaon mode • Aware of context • Combine and evaluate mulple paramete • Resource informaon, IP address, me desired acon, relaonship to the data, Rule-based access control • Generic term for following rules • Condions other than who you are • Access is determined through system-enf • System administrators, not users • The rule is associated with the object • System checks the ACLs for that object • Rule examples • Lab network access is only available bet • Only Chrome browsers may complete t File system security

• Store les and access them • Hard drive, SSDs, ash drives, DVDs • Part of most operang systems • Accessing informaon • Access control list • Group/user rights and permissions • Can be centrally ce ntrally administered administered and/or u can manage les they own • Encrypon can be built-in • The le system handles encrypon and Database security  Read Free For 30this Days Sign up to vote on title • Databases have their own access control  • Username, password, permissions Not useful  Useful  Cancel anytime. • Encrypon may be an opon • Most databases support data encrypo





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



4.3 - Access Control Technologies Technologies (connued) Biometric factors

Sheet Music

 Search document

• Fingerprint scanner • Phones, laptops, door access • Renal scanner • Unique capillary structure in the back of the eye • Iris scanner • Texture, color • Voice recognion • Talk for access • Facial recognion • Shape of the face and features Biometric acceptance rates

• False acceptance rate (FAR) • Likelihood that an unauthorized user will be accepted • This would be bad • False rejecon rate (FRR) • Likelihood that an authorized user will be rejected • No, it’s really me • Let’s try again • Crossover error rate (CER) • The rate at which FAR and FRR are equal • Adjust sensivity to equalize both values • Used to quantavely compare biometric systems Token generators

• Pseudo-random token generators • A useful authencaon factor • Carry around a physical hardware token generator • Where are my keys again? • Use soware-based token generator on your phone • Powerful and convenient

Master your semester with Scribd & The New York Times TOTP - Time-based One-me Password Algorithm Special offer for students: Only $4.99/month. • Hardware and soware token generator

HOTP • One-me passwords • Use them once, and never again • Once a session, once each authencaon a • HMAC-based One-Time Password algorithm • Keyed-hash message authencaon code • The keys are based on a secret key and a co • Token-based authencaon • The hash is dierent every me • Hardware and soware tokens available • You’ll need addional technology to make TOTP • Time-based One-Time Password algorithm • Use a secret key and the me of day • No incremental counter • Secret key is congured ahead of me • Timestamps are synchronized via NTP • Timestamp usually increments every 30 seco • Put in your username, password, and TOT • One of the more common OTP methods • Used by Google, Facebook, Microso, etc. Cercate-based authencaon • Smart card • Private key is on the card • PIV (Personal Identy Vericaon) card • US Federal Government smart card • Picture and idencaon informaon • CAC (Common Access Card) • US Department of Defense smart card • Picture and idencaon • IEEE 802.1X • Gain access to the network using  a cer Read Free For 30 Days Sign up to vote on this title • On device storage or separate physical  dev  Useful  Not useful Cancel anytime. Proximity cards

• Close range card • Contactless smart card





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



4.4 - Account Types User accounts

Service accounts

• An account on a computer computer associated with a specic person • The computer associates the user with a specic idencaon number • Storage and les can be private private to that user • Even if another person is using the same computer • No privileged access to the operang system system • Speci Specically cally not allowed allowed on a user account • This is the account account type most people will will use • Your user community Shared and gene ric accounts • Shared accou account nt • Used by more more than one person person • Guest login, login, anonymous anonymous login • Very dicult dicult to create an audit trail • No way to know exactly exactly who was working • Dicult to determine the proper proper privileges • Password management becomes dicult • Password changes require nofying nofying everyone • Dicult to remember so many password password changes • Just write it down down on this yellow yellow scky paper • Best pracce: Don’t Don’t use these accounts accounts

• Used exclusively exclusively by services running on a computer • No interacve/user interacve/user access (ideall • Web server, server, database server, server, etc. • Access can be dened dened for a specic • Web server rights rights and permissi be dierent than a database serv • Commonly use usernames usernames and pas • You’ll need to determine determine the best for password updates Privileged accounts

• Elevated access to one or more s • Administra Administrator tor,, Root • Complete access to to the system system • Oen used to manage manage hardware, and soware installaon • This account should should not be used normal administra administraon on • User accounts accounts should should be used • Needs to be be highly secured secured • Strong passwords, passwords, 2FA • Scheduled password changes

4.4 - Account Management Least privilege

• Rights and permissions permissions should be set to to the bare minimum • You only get exactly what’s what’s needed to complete your objecve • All user accounts accounts must be be limited • Applicaons should should run with minimal minimal privileges • Don’t allow allow users users to run Special offer for students: Only $4.99/month. with administrave privileges Limits the scope of malicious behavior


O-boarding • All good good things… things… • But you knew this this day would would come • This process should be pre-planned pre-planned • You don’t want to decide how to do thing  • How will sto systems ystems bethis dissolved? dissolved? Read Free Foron 30 Days Signthe up vote title  • What happens theNot data? Useful to  useful Cancel anytime. • When will the nal connecons be terminat Perform roune audits





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



4.4 - Account Management (connued) Standard naming conveno convenon n • Unique • The username shouldn’t conict with another user • Use the same username across mulple systems • Consistent • Usernames shouldn’t describe a role or status • Persistent • Use the same username for the duraon of employment • Memorable • This shouldn’t be dicult. Make it easy e asy to remember Account maintenance

• Account creaon • Inial provisioning • Password management • Group and permission assignments • Periodic updates • Password resets / forced updates • Permission audits • Deprovisionin De provisioning g • Disable account • Archive user documents and encrypon encr ypon keys

Group-based access control • Set privileges based on what you do • Put many users into a single group • Set privileges on the group • Add/remove users from the group to assign • Users can be members of mulple groups • Group permissions can overlap • How do you determine the eecve permi • Not as straighorward as you might think Locaon-based policies • User access is based on locaon • GPS - mobile devices, very accurate • 802.11 wireless, less accurate • IP address, not very accurate • Restrict applicaon use • Don’t allow this app to run unless you’re near the oce • Apply security rules • Your Your IP address is associated with an IP blo • We don’t have an oce in China • Permission not granted

4.4 - Account Policy Enforcement Credenal management • All that stands between the outside world and all of the data • The data is everything • Passwords must not be embedded in the applicaon • Everything needs to reside on the server, not the client • Communicaon across the network should be encrypted • Authencaon trac should be impossible to see Conguring sengs • Windows Group Policy Management • Apply security and admin sengs across many computers Special offer for students: Only $4.99/month. • Thousands of sengs


Password complexity and length

• Make your password strong • No single words • No obvious passwords • What’s the name of your dog? • Mix upper and lower case • Use special characters • Don’t replace a o with a 0, t with a • A strong password is at least 8 charact Read Free For 30 Days Sign up to vote on this title • Consider a phrase or set of words  Useful Notreuse useful • Prevent password  Cancel anytime. • System remembers password history requires unique passwords





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



5.1 - Agreement Types Standard operang procedure • Important processes to maintain data and system security • Detail roune operaons • Usually quite extensive • Day-to-day processes • New user account creaon • Backup data storage requirements • Encrypon key requests • These should be well documented • Some processes require extensive documentaon • Comply with industry regulaons Interoperability Interoper ability agreements • Third-pares and outsourced services • The legal side of informaon technology • Web hosng, payroll services, rewall management, etc. • Some of your data is in the hands of others • Who do they hire? • What type of access controls are in place? • Include the legal department with these agreements • It can only help you later

Common agreements

• Service Level Agreement (SLA) • Minimum terms for services provided • Upme, response me agreement, etc. • Business Partners Agreement (BP (BPA) A) • Commonly seen between manufacturers • Interconnecon Security Agreement (ISA) • Used by US Federal Government to dene security controls Common agreements

• Memorandum of Understanding (MOU) • Both sides agree on the contents of the m • Usually includes statements of conden • Informal leer of intent; not a signed con • Memorandum of Agreement (MOA) • The next step above a MOU • Both sides agree to the objecves • A legal document, even without legal lan • Unlike a contract, may not contain legally enforceable promises

5.1 - Personnel Management Business policies

• Mandatory vacaons - Rotate others through the job • The longer the vacaon, the beer chance to idenfy fraud • Especially important in high-security environments • Job rotaon • Keep people moving between responsibilies • No one person maintains control for long periods of me • Separaon of dues • Split knowledge • No one person has all of the details Special offer •forHalf students: Only $4.99/month. of a safe combinaon • Dual control


Personnel security procedures

• NDA (Non-disclosure agreement) • Condenality agreement / Legal contra • Prevents the use and disseminaon of condenal informaon • Onboarding • Bring someone into the organiza organizaon on • Inducon / Training - Usually a formal pr • Connuing educaon  • Inial training isn’t30 enough Read Free For Days Sign up to vote on this title • Security is constantly changing   Useful  Not useful Cancel anytime. (AUP) Acceptable use policies • What is acceptable use of company assets • Detailed documentaon





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



5.1 - Role-based Awareness Training Training Role-based awareness training • Before providing access, train your users • Detailed security requirements • Specialized training • Each user role has unique security responsibilies • Also applies to third-pares • Contractors, partners, suppliers • Detailed documentaon and records • Problems later can be severe for everyone

User roles

Roles

• Data owner • Execuve level manager, responsible for data security Ulmately responsible for compliance • System administrat administrator or • Administrator of the systems that enable the applicaons and data • May not necessarily be a user of the app or view the data • System owner • Makes decisions about the overall operaon of the app and data • Denes security policies and backup policies • Manages changes and updates

• User • Applicaon user • Has least privileged access to the applicaon and data • Privileged user • Addional applicaon and data permissions • Area manager, report creaon, user and password changes • Execuve user • Responsible for the overall ope of the applicaon • High-level decision making for • Evaluates goals and makes dec about future direcons

5.1 - General Security Policies Social media policies

• Balance the company reputaon with employee parcipaon • Social media use can be a great thing t hing • Extension of your code of conduct • Dene requirements and expectaons • Idencaon as an employee • Personal responsibility • Condenal informaon • Public companies are legally bound • There’s a company spokesperson forfor public comments Special offer students: Only $4.99/month.


Personal email policies

• Qualify the use of email • Business use, no personal use • Prohibit disrupve or oensive use • Avoid problems in the workplace • Compliance issues • Some organizaons are legally required to prohibit personal email • The line becomes hazy when browser-ba  Read Free Foron 30this Days Signisup to vote title email used  Useful Not useful using  • Is Google Mail at work “personal Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



5.2 - Business Impact Analysis (connued) Removing single points of failure

Impact

• A single event can ruin your day • Unless you make some plans • Network conguraon • Mulple devices (the “Noah’s Ark” of networking) • Facility / Ulies • Backup power, mulple cooling devices • People / Locaon • A good hurricane can disrupt personnel travel • There’s no praccal way to remove all points of failure • Money drives redundancy

• Life - The most important consideraon • Property - The risk to buildings and assets • Safety - Some environments are too dange • Finance - The resulng nancial cost • Reputaon • An event can cause status or character pr

Availability

Annual Down/me (hh:mm:ss)

99.9999%

00:00:32

99.999%

00:05:15

99.99%

00:52:34

99.9%

08:45:36

99%

87:36:00

Privacy compliance

• Some compliance requires a public privacy • Gramm-Leach-Bliley Act (nancial inform HIPAA HIP AA (health care), etc. • Privacy threshold analysis (PTA) • The rst step in the compliance process • Idenfy business processes that are priva • Determines if a privacy impact assessmen • Privacy impact assessment (PIA) • Ensures compliance with privacy laws and • What PII is collected, and why • How the PII data will be collected, used, and secured

5.3 - Risk Assessment Threat assessments

• Environmental threats • Tornado, Tornado, hurricane, earthquake, severe weather • Man-made threats • Internal threats are from employees, external threats are from outside the organiza organizaons ons Quantave risk calculaon • Likelihood - Annualized Rate of Occurrence (ARO) • How likely is it that a hurricane will hit? In Montana? In Florida? • SLE (Single Loss Expectancy) • What is the monetary loss if a single event occurs? • Laptop stolenOnly (asset value) = $1,000 Special offer for students: $4.99/month. • ALE (Annual Loss Expectancy)


Qualitave risk assessment • Idenfy signicant risk factors • Ask opinions about the signicanc • Display visually with trac light g or similar method Business impact analysis

• What are your crical business func • Dene the important business ob • What is impacted?  • Loss revenue, legal requiremen Read Free For 30this Days Sign up toof vote on title  customer service Not useful  Useful  • HowCancel longanytime. will you be impacted? • You’ll need personnel, equipment





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



5.3 - Risk Assessment (connued) Risk response techniques

Change management

• Risk-avoidance • Stop parcipang in high-risk acvity • Transference • Buy some insurance • Acceptance • A business decision; we’ll take the risk! • Migaon • Decrease the risk level • Invest in security systems

• How to make a change • Upgrade soware, change rewall conguraon, modify sw • One of the most common risks in the enterprise • Occurs very frequently • Oen overlooked or ignored • Did you feel that bite? • Have clear policies • Frequency, duraon, installaon process, fallback procedur • Somemes extremely dicult to implement • It’s hard to change corporate culture

5.4 - Incident Response Planning Security incidents

• User clicks an email aachment and executes malware • Malware then communicates with external servers • DDoS • Botnet aack • Condenal informaon is stolen • Thief wants money or it goes public • User installs peer-to-peer soware and allows external access to internal servers Examples of incidents categories

• External/removable media • Aack used removable media • Arion • A brute-force aack • Web • Aack executed from a web site or web-based applicaon • Email • Aack executed from an email message or aachment Special• offer for students: Improper usage Only $4.99/month. • Aack resulted from a violaon of the


Incident nocaon • Get your contact list together • There are a lot of people in the loop • Corporate / Organiza Organizaon on • CIO / Head of Informaon Security / Internal Response Teams • Internal non-IT • Human resources • Public aairs • Legal department • External contacts • System owner, law enforcement • US-CERT (for U.S. Government agencies) Cyber-incident response team (CIRT) • Receives, reviews, and responds • A predened group of professionals • Determine what type of events require a CIRT response • A virus infecon? Ransomware? DDoS?  Read Free Foron 30this Days Sign up to vote title • The CIRT may or may not be part of  Not useful  Useful  the organizaonal structure Cancel anytime. • Pulled together on an as-needed basis • Focuses on incident handling





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



5.4 - Incident Response Process NIST SP800-61

Sheet Music

 Search document

• Naonal Instute of Standards and Technology • NIST Special Publicaon 800-61 • Computer Security Incident Handling Guide • The incident response lifecycle: • Preparaon • Detecon and Analysis • Containment, Eradicaon, and Recovery • Post-incident Acvity Preparing for an incident

• Communicaon methods • Phones and contact informaon • Incident handling hardware and soware • Laptops, removable media, forensic soware, digital cameras, etc. • Incident analysis resources • Documentaon, network diagrams, baselines, crical le hash values • Incident migaon soware • Clean OS and applicaon images • Policies needed for incident handling • Everyone knows what to do The challenge of detecon • Many dierent detecon sources • Dierent levels of detail, dierent levels of percepon • A large amount of “volume” • Aacks are incoming all the me • How do you idenfy the legimate threats? • Incidents are almost always complex • Extensive knowledge needed

Incident precursors Master your semester with Scribd • An incident might occur in the future is your heads-up & The• This New York Times

• Web logOnly $4.99/month. Special offer for server students: • Vulnerability scanner in use

Isolaon and containment • Generally a bad idea to let things run the • An incident can spread quickly • It’s your fault at that point • Sandboxes • The aacker thinks they’re on a real sys • But they’re not • Isolaon can be somemes be problema • Malware or infecons can monitor con • When connecvity is lost, everything co deleted/encrypted/damaged Recovery aer an incident • Get things back to normal • Remove the bad, keep the good • Eradicate the bug • Remove malware • Disable breached user accounts • Fix vulnerabilies • Recover the system • Restore from backups • Rebuild from scratch • Replace compromised les • Tighten down the perimeter Reconstuon • A phased approach • It’s dicult to x everything at once • Recovery may take months • Large-scale incidents require a large am • The plan should be ecient • Start with quick, high-value security ch • Patches, rewall policy changes • Later phases involve much “heavier lii  •Read Infrastructure changes, Free Foron 30this Days Sign up to vote title  large-scale rollouts Useful security Not useful





Cancel anytime. Lessons learned

• Learn and improve





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



5.5 - Gathering Forensics Data Forensic procedures

Capture video

• Collect and protect informaon relang to an intrusion • Dierent data sources and protecon mechanisms • RFC 3227 - Guidelines for Evidence Collecon and Archiving • A good set of best pracces • Standard digital forensic process • Acquision, analysis, and reporng • Must be detail oriented - Take extensive notes Order of volality • How long does data sck around? • Some media is much more volale than others • Gather data in order from the most volale to less volale

• A moving record of the event • Gathers informaon external to the computer and network • Captures the status of the screen and other volale informaon • Today’s mobile video devices are remar • Don’t forget security cameras and your p • The video content must also be archived • May have some of the most important informaon Recording me osets • Windows: 64-bit me stamp • Number of 100-nanosecond intervals si January 1, 1601 00:00:00 GMT • This stops working in 58,000 years • Unix: 32-bit me stamp • Number of seconds since January 1, 1970 00:00:00 GMT • This stops working on Tuesday Tu esday,, January 19, 2038 at 3:14:07 • Dierent le systems store mestamps d • FAT: Time is stored in local me • NTFS: Time is stored in GMT • Record the me oset from the operan • The Windows Registry • Many dierent values (daylight saving  me change informaon, etc.)

Chain of custody

• Control evidence - Maintain integrity • Everyone who contacts the evidence • Avoid tampering - Use hashes • Label and catalog everything - Seal and store Legal hold

• A legal technique to preserve relevant informaon • Prepare for impending ligaon • Iniated by legal counsel • Hold nocaon • Records custodians are instructed to preserve data • Separate repository for electronically stored informaon (ESI) • Many dierent data sources and types • Unique workow and retenon requirements • Ongoing preservaon • Once noed, there’ there’ss an obligaon to preserve data

Master semester with Scribd Captureyour system image • Copy the contents of a disk - bit-for-bit, byte-for-byte byte-for-byte & The New York Times • Get every morsel of informaon Special• offer for students: Only $4.99/month. Soware imaging tools - Use a bootable device • Remove the physical drive

Take hashes

• How can you ensure that there’ there’ss no tamp • Use a digital hash • MD5 (Message Digest 5)  Read Free Foron 30this Sign up to vote title • 128 bits, displayed asDays hexadecimal  • Chance of duplicaon is one in 2128 Not useful  Useful  Cancel anytime. (230 billion billion billion billion) • CRC (Cyclical Redundancy Check)





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



5.5 - Gathering Forensics Data (connued) Most Vola)le

CPU registers, CPU cache

Router table, ARP cache, process table, kernel sta8s8cs, memo Temporary file systems Disk Remote logging and monitoring data Physical configura8on, network topology Least Vola)le

Archival media

5.5 - Using Forensics Data Preservaon • There will be a lot of data • You need to keep it all • Important for the current invesgaon • Immediate need to si through the evidence • There may be a future invesgaon • Or revisit the exisng event • New items of interest may be discovered • You’ll You’ll need the data to explore these new items Recovery

• Strategic intelligence • Collect and process informaon • What important informaon did you nd? • Base security policy changes on this intelligence

• Counterintelligence gathering • What do we know about the aacker? • Learn as much as you can about the aa • Acve logging • Log everything, everywhere • Track every step the aacker takes Track man hours and expenses

• Some incidents can use massive resource • All at once • Over a long period • May have an impact on the boom line • Can be wide ranging • May be required for restuon • Be as accurate as possible

5.6 - Disaster Recovery Sites Cold site Master your semester • No hardware - Empty building with Scribd • No data - Bring it with you & The New York Times • No people - Bus in your team

Special offer for students: Only $4.99/month. Warm site • Somewhere between cold and hot

Hot site

• An exact replica  Read Free Foron 30this Days up to vote title • Sign Duplicate everything  Useful Not useful   • StockedCancel withanytime. hardware • Constantly updated • You buy two of everything





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

5.6 - Applicaon Recovery (connued) Backup Types

Sheet Music



 Search document

• The archive aribute • Set when a le is modied • Full • Everything • You’ll want this one rst • Incremental • All les changed since the last incremental backup • Dierenal • All les changed since the last full backup

Type

Data Selec,on

Backup / Restore Time

Full

All selected data

High / Low (one tape set)

Incremental

New files and files modified since the last backup

Low / High (Mulple tape sets)

Differenal

All data modified since the last full backup

Moderate / Moderate (No more than 2 sets)

Incremental Backup

• A full backup is taken rst • Subsequent backups contain data changed since the last full backup and last incremental backup • These are usually smaller than the full backup • A restoraon requires the full back and all of the incremental backups

Incremental

Incremental

Incremental

Tuesday

Wednesday

Full Backup

Monday

Dierenal Backup • A full backup is taken rst • Subsequent backups contain data changed since the last full backup • These usually grow larger as data is changed • A restoraon requires the full back Special offer for students: Only $4.99/month. and the last dierenal backup

Differen9al

Full Master your semester withBackup Scribd & The New York Times Monday

Differen9al

Thursday

Differen9al


 Tuesday




Useful

Wednesday

Thursday







Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



5.6 - Geographic Consideraons (connued) Distance

Sheet Music

 Search document

• A balancing act • Recovery vs. accessibility • The recovery site should be outside the scope of the disaster • Natural disasters can aect a large area • Travel for support sta • And for employees • Unique business requirements • Specialized printers, bandwidth availability

Locaon selecon • Legal implicaons • Business regulaons vary between states • For a recovery site outside of the country must have a passport and be able to clear • Refer to your legal team • Data sovereignty • Data that resides in a country is subject to the laws of that country • Legal monitoring and court orders • Where is your data stored? • Your compliance laws may prohibit the moving data out of the country

5.6 - Connuity of Operaons Tabletop exercises • Performing a full-scale disaster drill can be costly • And me consuming • Many of the logiscs can be determined through analysis • You You don’t physically have to go through a disaster or drill • Get key players together for a tabletop exercise • Talk through a simulated disaster The scope of a tabletop exercise exercise • Decide on complexity • Invite local rst responders or just discuss internally? • Determine the scope of the disaster • Water main break? Death and injuries? • Involve everyone • Perhaps even make the discussion a surprise • Don’t assume that every piece of informaon is going to be available in a disaster • The tabletop exercise should nd the gaps Aer-acon reports (AAR) • Exercise scope and objecves - What’s the endgame? • Methodology - Detailed explanaon of the exercise Special offer for students: Only $4.99/month. • What worked? What didn’t work? - The good and the bad


Failover

• Recovery site is prepped • Data is synchroniz synchronized ed • A disaster is called • Business processes failover to the alternate processing site • Problem is addressed • This can take hours, weeks, or lo • Revert back to the primary locao • The process must be document for both direcons Alternate business pracces • Not everything goes according to • Disasters can cause a disrupon • We rely on our computer systems • Technology is pervasive • There needs to be an alternave  Manual Read Free Fortransacons 30this Days Sign•up to vote on title  • Paper receipts Not useful  Useful  • Phone calls for transacon appr Cancel anytime. • These must be documented and t before a problem occurs





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



5.7 - Security Controls (connued) Security controls

Sheet Music

 Search document

• Deterrent • May not directly prevent access • Discourages an intrusion aempt • Warning signs, login banner • Prevenve • Physically control access • Door lock • Security guard • Firewall • Detecve • May not prevent access • Idenes and records any intrusion aempt • Moon detector, IPS

• Compensang • Doesn’t prevent an aack • Restores using other means • Re-image or restore from backup • Hot site • Backup power system • Correcve • Designed to migate damage • Correcve controls • IPS can block an aacker • Backups can migate a ransomware infec • A backup site can provide opons when a storm hits

5.8 - Data Destrucon Data destrucon and media sanizaon • Disposal becomes a legal issue • Some informaon must not be destroyed • Consider osite storage • You don’t want crical informaon in the trash • People really do dumpster dive • Recycling can be a security concern • Physically destroy the media • Reuse the storage media • Sanize the media for reuse • Ensure nothing is le behind Protect your rubbish • Secure your garbage • Fence and a lock • Shred your documents • This will only go so far • Governments burn the good stu Burnfor documents Special• offer students: Only $4.99/month. • No going back


Cercate of destrucon • Destrucon is oen done by a 3rd party • How many drills and degaussers do you have • Need conrmaon that your data is destroyed • Service should include a cercate • A paper trail of broken data • You know exactly what happened Sanizing media • Purge data • Remove it from an exisng data store • Delete some of the data from a database • Wipe data • Unrecoverable removal of data on a storage device • Usually overwrites the data  storage locaons Read Free Foron 30this Days Sign up to vote title  • Useful when you need touseful reuse or Not  Useful  Cancel connue using theanytime. media Data security





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



5.8 - Handling Sensive Data Labeling sensive data • Not all data has the same level of sensivity • License tag numbers vs. health records • Dierent levels require dierent security and handling • Addional permissions • A dierent process to view • Restricted network access Data sensivity labels • Public / Unclassied • No restricons on viewing the data • Private / Classied / Restricted / Internal use only • Restricted access, may require a non-disclosure agreement (NDA) • Condenal • Very sensive - Must be approved to view

Sensive data types • Proprietary • Data that is the property of an organiz • May also include trade secrets • Oen data unique to an organiza organizaon on • PII - Personally Idenable Informaon • Data that can be used to idenfy an in • Name, date of birth, mother’s maiden biometric informaon • PHI - Protected Health Informaon • Health informaon associated with • Health status, health care records, pay for health care, and much more

5.8 - Data Roles and Retenon Data roles

• High-level data relaonships • Organizaonal responsibilies, not always technical • Data owner • Accountable for specic data, oen a senior ocer • VP of Sales owns the customer relaonship data • Treasurer Treasurer owns the nancial informaon • Data steward • Responsible for data accuracy, privacy, and security • Associates sensivity labels to the data • Ensures compliance with any applicable laws and standards • Data custodian • Manages the access rights to the data • Implements security controls • Somemes the same person as the data steward • Privacy ocer Special offer for students: for Onlythe $4.99/month. • Responsible organizaon’s data privacy • Sets policies, implements processes and procedures


Data retenon • Keep les that change frequently for version control • Files change oen • Keep at least a week, perhaps m • Recover from virus infecon • Infecon may not be idened • May need to retain 30 days of b • Consider legal requirements for da • Email storage may be required o • Some industries must legally sto certain data types • Dierent data types have diere requirements  • Corporate tax informaon, cu Read Free Foron 30this Days Sign up to vote title  tape backups, etc.  Useful  Not useful Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 

 Search document

6.1 - Cryptography Concepts (connued)

Random numbers • Cryptography relies on randomness • Used to generate keys, salt hashes, and • Random number generaon • It’s very dicult to create true randomne with a program • Usually includes some type of natural inp • Mouse movements, atmospheric noise, la • Pseudo-randomness doesn’t rely on the nat • Approximate true randomness • Based on a starng seed

Cryptographic keys Sheet Music



• Keys • Add the key to the cypher to encrypt • Larger keys are ostensibly more secure • Some encrypon methods use one key • Some use more than one key • Every method is a bit dierent Confusion

• Encrypon is based on confusion and diusion • Confusion • The encrypted data is drascally dierent dierent than the plaintext • The process should be non-linear, with no discernible paerns Diusion • Change one character of the input, and many characters change of the output Security through obscurity • Security should exist, even if the aacker knows everything about the system • Encrypon key would be the only unknown • Cryptography is security through secrecy • Substuon Cipher (Caesar cipher) • Substute one leer with another • ROT13 - “URYYB” is “HELLO” • Hack these ciphers with frequency ROT13 analysis or brute force • If you know how the system works, you can decrypt it

App development and cryptograph cryptography y

• Developers don’t need to be cryptographer • They write to an API (applicaon programming interface) • Crypto modules • The API library does all of the heavy liing • Send plaintext into the box, get ciphertex • No extra programming required • The Windows soware library is the • Cryptographic Service Provider (CSP) • The Microso CryptoAPI is the bridge between the applicaon and the CSP

A B C D E F G H I J K L M

H

N O P Q R S T U VWX Y Z

U

6.1 - Symmetric and Asymmetric Encrypon Symmetric encrypon • A single, shared key • Encrypt with the key • Decrypt with the same key • If it gets out, you’ll need another key Secret algorithm Special• offer forkey students: Only $4.99/month. • A shared secret


The key pair

• Asymmetric encrypon • Public Key Cryptograph Cr yptographyy  Read Free Foron 30this Days Sign up to vote title  • Key generaon Useful Not useful  • Build  both the public and private key at the Cancel anytime. • Lots of randomiza randomizaon on • Large prime numbers





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

1.8K views



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music

Professor Messer Sec+ 501 Exam Guide Pearson.compTIA.cybersecurity.analyst.c CompTIA Comptia Security Security+ Plus Mini Course









Save

Embed

Share

Print

1

Download

of 103

 



 Search document

6.1 - Symmetric and Asymmetric Encrypon (connued)

Alice’s Private K

Alice’s Key Genera/on

Large Random Number

Key Genera)on Program

Alice’s Public K

Asymmetric encrypon sBcBAE BCAAQ BQJYtX ToCRA

Hello, Alice Plaintext

sBcBAE BCAAQ BQJYtX ToCRA

Ciphertext

Ciphertext

Alice’s Computer

Bob’s Laptop Alice’s Public Key

Bob combines Alice’ Al ice’ss public key 1 Master yourwith semester with Scribd plaintext to create ciphertext

& The New York Times

Alice’s Private Key

Alice uses her private key to the ciphertext into the origina Read Free Foron 30this Days Sign up to vote title

2




Useful

Symmetric key from asymmetric keys








Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print


1

Download

of 103

 

6.1 - Hashing and Digital Signatures Hashes

Sheet Music



 Search document

• Represent data as a short string of text • A message digest • One-way trip • Impossible to recover the original or iginal message from the digest • Used to store passwords / condenality • Verify a downloaded document is the same as the original • Integrity • Can be a digital signature • Authencaon, non-repudiaon, and integrity • Will not have a collision (hopefully) • Dierent messages will not have the same hash Collision

• Hash funcons • Take an input of any size • Create a xed size string • Message digest, checksum • The hash should be unique unique • Dierent inputs should never create the same hash • If they do, it’s a collision • MD5 has a collision problem • Found in 1996 - Don’t use MD5

Praccal hashing • Verify a downloaded le • Hashes may be provided on the downlo • Compare the downloaded le hash with posted hash value • Password storage • Instead of storing the password, store t • Compare hashes during the authenca • Nobody ever knows your actual passwo Digital signatures

• Prove the message was not changed • Integrity • Prove the source of the message • Authencaon • Make sure the signature isn’t fake fake • Non-repudiaon • Sign with the private key • The message doesn’t need to be encryp • Nobody else can sign this (obviously) • Verify with the public key • Any change in the message will invalidate the signature

Creang a Digital Signature You’re hired, Bob Plaintext Hash

sBcBAEBCAA QBQJZzBIbCR AW8ZAwUFg

Hash of Plaintext

sBcBAEBCAA QBQJZzBIbCR AW8ZAwUFg

Hashing Algorithm


1

Alice creates a hash

Hash of Plaintext

2

GmdBkELopt 8hF85TetMS

Encrypon

Alice’s Computer Master your semester with Scribd & The New York Times

You’re hired, Bob

Digital Signature

GmdBkELopt 8hF85TetMS

Plaintext

Read Free Foron 30this Days and Digital Sign up to vote title Alice’s Private Key



Signature


Useful

Alice encrypts the hash

3

 

The encrypted hash (digital signature) is





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.1 - Randomizing Cryptography Cryptographic nonce

Salt

• Arbitrary number • Used once • “For the nonce” - For the me being • A random or pseudo-random number • Something that can’t be reasonably guessed • Can also be a counter • Use a nonce during the login process • Server gives you a nonce • Calculate your password hash using the nonce • Each password hash sent to the host will be dierent, so a replay won’t work Inializing vectors • A type of nonce • Used for randomizing an encrypon scheme • The more random the beer • Used in encrypon ciphers, WEP, WEP, and older SSL implementaons

• A nonce most commonly associated with password randomizaon • Make the password hash unpredictab • Password storage should always be salt • Each user gets a dierent salt • If the password database is breached, you can’t correlate any passwords • Even users with the same password have dierent hashes stored

Cryptography without randomiza

6.1 - Weak Encrypon The strength of encrypon • Strong cryptography vs. weak cryptography • It’s all relave • Praccally everything can be brute forced • Try every possible key • Strong algorithms have been around for a while • That’s part of the reason that they are strong • Wired Equivalent Privacy (WEP) had design aws • Strong algorithms • PGP, AES • Weak algorithms • DES (56-bit keys), WEP (design aw)

6.1 your - Cryptographic Keyswith Scribd Master semester Cryptographic keys • There’s veryYork lile that isn’t known about & The New Times theforcryptographic Special offer students: Onlyprocess $4.99/month. • The algorithm is usually a known enty

Give weak keys a workout

• A weak key is a weak key • By itself, it’s not very secure • Make a weak key stronger by performing processes • Hash a password. Hash the hash of the password. And connue… • Key stretching, key strengthening • Brute force aacks would require reversi each of those hashes • The aacker has to spend much more  though the key is small

Read Free Foron 30this Days Sign up to vote title Key exchange • A logiscal Useful  Not useful  challenge Cancel anytime.

 

• How do you transfer an encrypon key acros medium without having an encrypon key?





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.1 - Steganogr Steganography aphy Obfuscaon • The process of making something unclear • It’s now much more dicult to understand • But it’s it ’s not impossible to understand • If you know how to read it • Make source code dicult to read • But it doesn’t change the funconality of the code • Hide informaon inside of an image • Steganography

Common steganography techniques

• Network based • Embed messages in TCP packets • Use an image • Embed the message in the image itself • Invisible watermarks • Yellow dots on printers

Steganography

• Greek for “concealed wring” - security through obscurity • Message is invisible - But it’s really there • The covertext - The container document or le

6.1 - Stream and Block Ciphers Stream ciphers

Block ciphers

• Used with symmetric encrypon • Not used in asymmetric encrypon • Encrypon is done one bit or byte at a me • High speed, low hardware complexity • The starng state should never be the same twice • Key is oen combined with an inializaon vector (IV)

• Symmetric encrypon - Similar to stream ciph • Encrypt xed-length groups • Oen 64-bit or 128-bit blocks • Pad added to short blocks • Each block is encrypted or decrypted indepe • Block cipher modes of operaon • Avoid paerns in the encrypon • Many dierent modes to choose from

6.1 - States of Data Data in-transit

• Data transmied over the network • Also called data in-moon • Not much protecon as it travels • Many dierent switches, routers, devices • Network-based protecon - Firewall, IPS • Provide transport encrypon • TLS (Transport Layer Security) • IPsec (Internet Protocol Security) Special offer for students: Only $4.99/month.

• Apply permissions - Access control lists • Only authorized users can access the data Data in-use

• The data is in memory • System RAM, CPU registers and cache • The data is almost always decrypted  Free Fordo 30this Days Sign to vote on title with it • Otherwise,Read youup couldn’t anything  • The bad guys pick the decrypted Useful Not useful informaon can  Cancel anytime. • A very aracve opon • Target Target Corporaon breach - November 2013

Master your semester with Scribd & The New York Times Data at-rest





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.1 - Common Cryptography Use Cases Finding the balance • Low power devices • Mobile devices, portable systems • Smaller symmetric key sizes • Use ellipc curve cur ve cryptography (ECC) for asymmetric encrypon • Low latency • Fast computaon me • Symmetric encrypon, smaller key sizes • High resiliency • Larger key sizes • Encrypon algorithm quality • Hashing provides data integrity Use cases

• Condenality • Secrecy and privacy • Encrypon (le-level, drive-level, email) • Integrity • Prevent modicaon of data • Validate the contents with hashes • File downloads, password storage

• Obfuscaon • Modern malware • Encrypted data hides the acve malware c • Decrypon occurs during execuon • Authencaon • Password hashing • Protect the original password • Add salts to randomize the stored passwor • Non-Repudiaon • Conrm the authencity of data • Digital signature provides both integrity an repudiaon • Resource vs. security constraints • An ongoing bale • Browser support vs. supported encrypon • VPN soware support vs. supported algori

6.2 - Symmetric Algorithms AES (Advanced Encrypon Standards) • US Federal Government Standard • FIPS 197 in 2001 • It took ve years to standardize standardize on this! • Developed by two Belgian cryptographers c ryptographers • Joan Daemen and Vincent Rijmen • 128-bit block cipher - 128-, 192-, and 256-bit keys • Used in WPA2 - Powerful wireless encrypon

Master semester with • Datayour Encrypon Standard - DES and Triple Trip leScribd DES • Developed between 1972 and 1977 by & The New Times IBM for theYork NSA DES

Special offer for students: Only $4.99/month. • One of the Federal Informaon Processing Standards (FIPS)

RC4

• Rivest Cipher 4 - Ron Rivest (Ron’s (Ron’s Code 4 • Part of the ill-fated WEP standard • Also part of SSL, but removed from TLS • RC4 has “biased output” • If the third byte of the original state is z second byte is not equal to two, then th output byte is always zero • Not common to see RC4 these days • WPA2 moved to AES  Read Free Foron 30this Days Sign up to vote title  Blowsh and Twosh Useful Not useful   • Blowsh Cancel anytime. • Designed in 1993 by Bruce Schneier Sc hneier • 64-bit block cipher, variable length key (





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

1.8K views

0



Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music










Save

Embed

Share

Print


1

Download

of 103

 

 Search document



6.2 - Symmetric Algorithms (connued) Space, the final fron-er. Plaintext Encryp-on

xsRY+wtH LuKUci8n SU0ZRiEn

Ciphertext Decryp-on

Ciphertext

Encrypt the plaintext with the 1st DES key

bcPwJtyyi Z16DqjAN hN4Ry7R

Ciphertext Encryp-on

Ciphertext

DES Key 1

1

bcPwJtyyi Z16DqjAN hN4Ry7R

xsRY+wtH LuKUci8n SU0ZRiEn

Ciphert

DES Key 2

2

Decrypt the ciphertext with the 2nd DES key

dSPvEZ 1s6pp7 W1lOn

DES Key 3

3

Encrypt the ciphertext with the 3rd DES key

6.2 - Block Cipher Modes Block Cipher mode of operaon • Encrypt one xed-length group of bits at a me • A block • Mode of operaon • Denes the method of encrypon • May provide a method of authencaon • The block size is a xed size • Not all data matches the block size perfectly • Split your plaintext into smaller blocks • Some modes require padding before encrypng ECB (Electronic Code book) • The simplest encrypon mode • Too simple for most use cases • Each block is encrypted with the same key • Idencal plaintext blocks create idencal ciphertext blocks

Master your semester with Scribd & The NewBlock York Times CBC (Cipher Chaining) Special• offer for students: $4.99/month. A popular mode Only of operaon • Relavely easy to implement

CTR (Counter)

• Block cipher mode / acts like a stream c • Encrypts successive values of a “coun • Plaintext can be any size, since it’s part of the XOR • i.e., 8 bits at a me (streaming) instead of a 128-bit block GCM (Galois/Counter Mode) • Encrypon with authencaon • Authencaon is part of the block mo • Combines Counter Mode with Galois authencaon • Minimum latency, minimum operaon overhead • Very ecient encrypon  Read Free Foron 30this Days Signauthencaon up to vote title and  Notpackezed useful  Useful  • Commonly used in data Cancel anytime. • Network trac security (wireless, IPse • SSH, TLS





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print


1

Download

of 103

 



 Search document

6.2 - Block Cipher Modes (connued) CBC (Cipher Block Chaining) cipher mode

Sheet Music

Plaintext

Plaintext

Block Cipher Encryp0on


Plainte

Ini0aliza0on Vector (IV)

Block Cipher E

Key

Key

Key

Ciphertext

Ciphertext

Ciphert

CTR (Counter) cipher mode Counter 0

0

0

0

0

0

0

Counter 0

0

0

0

0

0

0


Key

0

0

0

0

0

0

Block Cipher Encryp

Key

Plaintext

Plaintext

Ciphertext

Ciphertext

6.2 - Asymmetric Algorithms Die-Hellman key exchange • A key exchange method • Over an insecure communicaons channel • Published in 1976 • Wiield Die and Marn Hellman (and Ralph Merkle) • DH does not itself encrypt or authencate • It’s It ’s an anonymous key-agreement protocol • Used for Perfect Forward Secrecy Special offer for students:Die-Hellman Only $4.99/month. • Ephemeral (EDH or DHE) • Combine with ellipc curve cur ve cryptography for ECDHE


Ellipc curve cryptograph cry ptography y (ECC) • Used for encrypon, digital signatures, pseudo-random generators, generators, and more • Asymmetric encrypon • Tradionally Tradionally need large integers comp two or more large prime factors  Read Free Foron 30this Days Sign up to vote title • Instead of numbers, use curves!   Not • JustUseful as Cancel infeasible touseful nd the discrete lo anytime. a random ellipc curve element with r publicly known base point





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.2 - Hashing Algorithms MD5 Message Digest Algorithms

HMAC

• Designed by Ronald Rivest • One of the “fathers” of modern cryptography • First published: April 1992 • Replaced MD4 • 128-bit hash value • 1996: Vulnerabilies found • Not collision resistant • December 2008: Researchers created CA cercate that appeared legimate when MD5 is checked • Built other cercates that appeared to be legit and issued by RapidSSL

• Hash-based Message Authencaon Code • Combine a hash with a secret key • e.g., HMAC-MD5, HMAC-SHA1 • Verify data integrity and authencity • No fancy asymmetric encrypon required • Used in network encrypon encr ypon protocols • IPsec, TLS

Secure Hash Algorithm (SHA)

• Developed by the Naonal Security Agency (NSA) • A US Federal Informaon Processing Standard • SHA-1 • Widely used - 160-bit digest • 2005: Collision aacks published • SHA-2 • The preferred SHA variant • Up to 512-bit digests • SHA-1 is now rered for most US Government use

RIPEMD

• A family of message digest algorithms • RACE Integrity Primives Evaluaon Message • RACE • Research and Development in Advanced Communicaons Technologies Technologies in Europe • Created to help with Integrated I ntegrated Broadband Communicaons in Europe • Centralized cryptographic standards and man • Original RIPEMD was found to have collision is • Eecvely replaced with RIPEMD-160 (no known collision issues) • Based upon MD4 design but performs simila • RIPEMD-128, RIPEMD-256, RIPEMD-320

6.2 - Key Stretching Algorithms Give weak keys a workout

• A weak key is a weak key • By itself, it’s not very secure • Make a weak key stronger by performing mulple processes • Hash a password. Hash the hash of the password. And connue… • Key stretching, key strengthening • Brute force aacks would require reversing each of those hashes • The aacker has to spend much more me, even though the keyOnly is small Special offer for students: $4.99/month.

Master your semester with Scribd & The New York Times 6.2 - Obfuscaon

Key stretching libraries • Already built for your applicaon • No addional programming involved • bcrypt • Generates hashes from passwords • An extension to the UNIX crypt library • Uses Blowsh cipher to perform mulple rounds of hashing • Password-Based Key Derivaon  Funcon Read Free Foron 30this Days Sign up to vote title • Part of RSA public key cryptography  NotRFC useful  Useful  standards (PK (PKCS CS #5, 2898) Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



0

1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



 Search document

6.2 - Obfuscaon (connued) XOR (Exclusive OR) cipher - Outputs true when inputs dier

Sheet Music

01010111 01101001 01101011 01101001

⊕ 11110011 11110011 11110011 11110011

Plaintext Key

10100100 10011010 10011000 10011010

Ciphertext

10100100 10011010 10011000 10011010

Ciphertext

⊕ 11110011 11110011 11110011 11110011

Key

01010111 01101001 01101011 01101001 Plaintext

6.3 - Wireless Cryptographic Protocols Protocols Wireless encrypon • All wireless computers are radio transmiers and receivers • Anyone can listen in • Soluon: Encrypt the data • Everyone gets the password • Only people with the password can transmit and listen • WPA and WPA2

Temporal Key Integrity Protocol

WPA WP A (Wi-Fi Protected Access)

WPA2 and CCMP

• 2002: WPA was the replacement for serious cryptographic weaknesses in WEP • Needed a short-term bridge between WEP and whatever would be the successor • Run on exisng hardware • WPA: RC4 with TKIP (Temporal Key Integrity Protocol) • Inializaon Vector (IV) is larger and an encrypted hash • Every packet gets a unique 128-bit encrypon key

Master your semester with Scribd 6.3 - Wireless Authencaon Protocols Protocols & The EAPNew York Times Special offer for students: Only $4.99/month. • Extensible Authencaon Protocol • An authencaon framework

• Combines the secret root key with the • Adds sequence counter - Prevents repl • Implements a 64-bit Message Integrity • Protects against tampering • TKIP has it’s it ’s own set of vulnerabilies • Deprecated in the 802.11-2012 stand

• WPA2 cercaon began in 2004 • AES (Advanced Encrypon Standard) • CCMP (Counter Mode with Cipher Blo Message Authencaon Code Protocol) • A more advanced security protocol • Based on AES for data condenality • Uses a 128-bit key and a 128-bit bloc • Requires addional compung resou • Authencaon and access control with • Provides proof of genuineness of the  Read Free Foron 30this Days Sign up to vote title PEAP


Useful



• Protected Extensible Authencaon Proto • Protected EAP





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.3 - Wireless Authencaon Auth encaon Protocols Protocols (connued) RADIUS Federao Federaon n • Use RADIUS with federaon • Members of one organizaon can authencate to the network of another organizaon • Use their normal credenals

• Use 802.1X as the authencaon method • And RADIUS on the backend, EAP to authen • Driven by eduroam (educaon roaming) • Educators can use their normal authenca when vising a dierent campus • hps://www hps://www.eduroam.org/ .eduroam.org/

6.3 - Wireless Security Wireless security modes

Using WPS

• Congure the authencaon on your wireless access point / wireless router • Open System • No authencaon password is required • WPA-Personal / WPA-PSK • WPA2 with a pre-shared key • Everyone uses the same 256-bit key • WPA-Enterprise / WPA-802.1X • Authencates users individually with an authencaon server (i.e., RADIUS) Capve portal • Authencaon to a network • Common on wireless networks • Access table recognizes a lack of authencaon • Redirects your web access to a capve portal page • Username / password • And addional authencaon factors • Once proper authencaon is provided, the web session connues • Unl the capve portal removes your access

• Wi-Fi Protected Setup • Originally called Wi-Fi Simple Cong • Allows “easy” setup of a mobile device • A passphrase can be complicated to a novice • Dierent ways to connect • PIN congured on access point must be enter on the mobile device • Push a buon on the access point • Near-eld communicaon - Bring the mobile device close to the access point • USB method - no longer used

6.4 - your PKI Components Master semester with Scribd Public Key Infastructure (PKI) • Policies, procedures, soware, people & The New Yorkhardware, Times • Digital cercates: distribute, Special offer for students: Only create, $4.99/month. manage, store, revoke

The WPS hack

• December 2011 - WPS has a design aw • PIN is an eight-digit number • Really seven digits and a checksum • Seven digits, 10,000,000 possible combinao • The WPS process validates each half of the PIN • First half, 4 digits. Second half, 3 digits. • First half, 10,000 possibilies Second half, 1,000 possibilies • It takes about four hours to go through all of th • Most devices never considered a lockout func

 Read Free Foron 30this Days Sign up to vote title • Revocaon  • Manage that have been compro Useful keys Not useful   Cancel anytime. • Expiraon • A cercate may only have a certain





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.4 - PKI Components (connued) Cercate extensions • Add more informaon to a digital cercate cer cate • Extension ID (extnID) - an object idener • Crical - True/False • Value (extnValue) (extnValue) - The string value of the extension • Standard extensions • digitalSignature (0) - used to digitally sign documents • nonRepudiaon (1) - used by a non-repudiaon service • keyEncipherment (2) - used for key exchange • dataEncipherment (3) - used to make data condenal • keyAgreement (4) - used for Die-Hellman key agreement • keyCertSign (5) - used by a CA for cercate signing • cRLSign (6) - used to sign a Cercate Revocaon List • encipherOnly (7) - used with Die-Hellman key agreement • decipherOnly (8) - used with Die-Hellman key agreement • Built-in to your browser • Any browser • Purchase your web site cercate c ercate • It will be trusted by everyone’s browser browser • Create a key pair, send the public key to the CA to be signed • A cercate signing request (CSR) • May provide dierent levels of trust and addional features • Add a new “tag” to your web site Private cercate authories • You are your own CA • Build it in-house • Needed for medium-to-large organizaons • Many web servers and privacy requirements • Implement as part of your overall compung strategy • Windows Cercate Services • OpenCA

Master your semester with Scribd 6.4 - PKI Concepts & The New Online oineYork and CAsTimes • A compromised cercate authority Special offer for students: Only $4.99/month. • A very, very bad thing

PKI trust relaonships • Single CA • Everyone receives their cercate from one authority • Hierarchical • Single CA issues certs to intermed • Distributes the cercate managem • Easier to deal with the revocaon intermediate CA than the root CA Key revocaon • Cercate Revocaon List (CRL) • Maintained by the Cercate Auth • Many dierent reasons • Changes all the me • April 2014 - CVE-2014-0160 • Heartbleed • OpenSSL aw put the private key aected web servers at risk • OpenSSL was patched, every web cercate was replaced • Older cercates were moved to Geng revocaon details to the bro • OCSP (Online Cercate Status Prot • The browser can check cercate • Messages usually sent to an OCSP r via HTTP • Easy to support over Internet links • Not all browsers support OCSP • Early Internet Explorer versions di support OCSP • Some support OCSP, OCSP, but don’t


 Not useful Pinning Useful Cancel anytime.

 

• You’re You’re communicang over TLS/SSL to a • How do you really know it’s a legimate s





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Sign In

Upload

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.4 - PKI Concepts (connued) It’s all about the process • Need clear process and procedures • Keys are incredibly important pieces of informaon • You You must be able to trust your 3rd-party • Access to the keys is at the control of the 3rd-party • Carefully controlled condions • Legal proceedings and court orders

Cercate chaining • Chain of trust • List all of the certs between the server and the root CA • The chain starts with the SSL cercate cer cate • And ends with the Root CA cercate • Any cercate between the SSL cercat the root cercate is a chain cercate • Or intermediate cercate • The web server needs to be congured w proper chain • Or the end user will receive an error e rror

Single CA

• Everyone receives their cercates from one authority • Hierarchical • Single CA issues certs to intermediate CAs

Mesh






Useful

• Cross-cer  • Doesn’t sc 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views



Sheet Music










Save

Embed

Share

Print

Download


1

of 103

 

 Search document



6.4 - Types of Cercates Root cercate • The public key cercate that idenes the CA (Cercate Authority) • Everything starts with this cercate • The root cercate issues other cercates • Intermediate CA cercates • Any other cercates • This is a very important cercate • Take all security precauons • Access to the root cercate allows for the creaon of any trusted tr usted cercate Web server SSL cercates • Domain validaon cercate (DV) • Owner of the cercate has some control over a DNS domain • Extended validaon cercate (EV) • Addional checks have veried the cercate owner’s identy • Green name on the address bar Web server SSL cercates • Subject Alternave Name (SAN) • Extension to an X.509 cercate • Lists addional idencaon informaon • Allows a cercate to support many dierent domains • Wildcard domain • Cercates are based on the name of the server • A wildcard domain will apply to all server names in a domain • *.professormesser.com Self-signed cercates • Internal cercates don’t need to be signed by a public CA • Your company is the only one going to use it • No need to purchase trust for devices Special offerthat for students: already Only trust$4.99/month. you • Build your own CA


Machine and computer cercates • You have to manage many devices • Oen devices that you’ll never physical • How can you truly authencate a device? • Put a cercate on the device that you • Other business processes rely on the cer • Access to the remote access • VPN from authorized devices • Management soware can validate the User cercates • Associate a cercate with a user • A powerful electronic “id card” • Use as an addional authencaon facto • Limit access without the cercate • Integrate onto smart cards • Use as both a physical and digital acces Email cercates • Use cryptography in an email plaorm • You’ll need public key cryptography • Encrypng emails • Use a recipient’s recipient ’s public key to encrypt • Receiving encrypted emails • Use your private key to decrypt • Digital signatures • Use your private key to digitally sign an • Non-repudiaon, integrity Code signing cercates • Developers can provide a level of trust tr ust • Applicaons can be signed by the devel • The user’s user ’s operang system system will examine • Checks the developer signature not bee • Validates Validates that the soware has Read Free Foron 30this Days Sign up to vote title  • Is it from a trusted enty? Useful  Not useful  • The userCancel will anytime. have the opportunity to stop the applicaon execuon





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

Upload

Sign In

Join

RELATED TITLES

0







Bestsellers



Books



Audiobooks



Magazines



News



Documents



1.8K views












Save

Embed

Share

Print

Download


1

of 103

 



6.4 - Cercate File Formats (connued) • A very common format • Generally the format provided by CAs • Supported on many dierent plaorms • ASCII format • Leers and numbers • Easy to email • Readable

CER (Cercate) • Primarily a Windows X.509 le extension • Can be encoded as binary DER format or as the ASCII PEM format • Usually contains a public key • Private keys would be transferred in the .pfx • Common format for Windows cercates • Look for the .cer extension

PKCS #12

PKCS #7

• Public Key Cryptography C ryptography Standards Standards #12 • Personal Informaon Exchange Syntax Standard • Developed by RSA Security, now an RFC standard • Container format for many cercates • Store many X.509 cercates in a single .p12 le • Oen used to transfer a private and public key pair • The container can be password protected • Extended from Microso’s .pfx format • The two standards are very similar • Oen referenced interchangeably

• Public Key Cryptography C ryptography Standards #7 • Cryptographic Message Syntax Standard • Associated with the .p7b le • Stored in ASCII format • Human-readable • Contains cercates and chain cercates • Private keys are not included in a .p7b le • Wide plaorm support • Microso Windows • Java Tomcat

PEM (Privacy-Enhanced Mail) Sheet Music

 Search document

X.509 formaed cercate in readable output format # openssl x509 -in cert.pem -text -noout Certicate: Data: Version: 3 (0x2) Serial Number: 03:23:14:9e:79:07:4c:7f:fb:9a:01:40:c7:05:d3:9d:3c:08 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3 Validity Not Before: Jul 23 15:01:00 2017 GMT Not After : Oct 21 15:01:00 2017 GMT Subject: CN=professormesser.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Read Free Foron 30this Days Sign up to vote title Public-Key: (2048 bit) Modulus:  Useful  Not useful Cancel anytime. 00:c9:57:55:5a:e3:c5:88:5e:8e:8b:9f:af:42:0b:... Special offer for students: Only $4.99/month. Exponent: 65537 (0x10001) X509v3 extensions:


 





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join



Professor Messer Comptia Sy0 501 Security Plus Course Notes

Recommend Documents