* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Essentials of Security
Survey
Document related concepts
Multilevel security wikipedia , lookup
Cyberwarfare wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Deep packet inspection wikipedia , lookup
Information security wikipedia , lookup
Unix security wikipedia , lookup
Airport security wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Microsoft Security Essentials wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Wireless security wikipedia , lookup
Distributed firewall wikipedia , lookup
Mobile security wikipedia , lookup
Security-focused operating system wikipedia , lookup
Transcript
Essentials of Security Steve Lamb Technical Security Advisor http://blogs.msdn.com/steve_lamb [email protected] Session Prerequisites Hands-on experience installing, configuring, administering, and planning the deployment of Windows 2000 Server or Windows Server 2003 Knowledge of Active Directory and Group Policy concepts Level 200 Business Case Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security Impact of Security Breaches Loss of Revenue Damage to Reputation Damage to Investor Confidence Loss or Compromise of Data Damage to Customer Confidence Interruption of Business Processes Legal Consequences The cost of implementing security measures is not trivial; however, it is a fraction of the cost of mitigating security compromises Benefits of Investing in Security Reduced downtime and costs associated with non-availability of systems and applications Reduced labor costs associated with inefficient security update deployment Reduced data loss due to viruses or information security breaches Increased protection of intellectual property Security Risk Management Discipline Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security Security Risk Management Discipline (SRMD) Processes Assessment Assess and valuate assets Identify security risks and threats Analyze and prioritize security risks Security risk tracking, planning, and scheduling Development and Implementation Develop security remediation Test security remediation Capture security knowledge Operation Reassess assets and security risks Stabilize and deploy new or changed countermeasures Assessment: Assess and Valuate Assets Asset Priorities (Scale of 1 to 10) – Example * * For example purposes only – not prescriptive guidance Assessment: Identify Security Risks and Threats – STRIDE Types of threats Examples Forge e-mail messages Spoofing Replay authentication packets Alter data during transmission Tampering Change data in files Delete a critical file and deny it Repudiation Purchase a product and later deny it Information disclosure Expose information in error messages Expose code on Web sites Flood a network with SYN packets Denial of service Elevation of privilege Flood a network with forged ICMP packets Exploit buffer overruns to gain system privileges Obtain administrator privileges illegitimately Assessment: Analyze and Prioritize Security Risks – Example Worksheet DREAD DREAD Damage Reproducibility Exploitability Affected Users Discoverability Risk Exposure = Asset Priority x Threat Rank Assessment: Security Risk Tracking, Planning, and Scheduling Types of threats Examples Forge e-mail messages Spoofing Replay authentication packets Alter data during transmission Tampering Change data in files Delete a critical file and deny it Repudiation Information disclosure Purchase a product and later deny it Expose information in error messages Expose code on Web sites Denial of service Elevation of privilege Flood a network with SYN packets Flood a network with forged ICMP packets Exploit buffer overruns to gain system privileges Obtain administrator privileges illegitimately Example Worksheets Detailed Security Action Plans Development and Implementation Security Remediation Strategy Detailed Security Action Plans Configuration management Patch management System monitoring System auditing Operational policies Operational procedures Production Environment Testing Lab Knowledge Documented for Future Use Operation: Reassess Assets and Security Risks Reassess risks when there is a significant change in assets, operation, or structure Assess risks continually Production Environment Documented Knowledge Testing Lab New Web Site Internet Services Operation: Stabilize and Deploy New or Changed Countermeasures System Administration Team New or Changed Countermeasures Production Environment Security Administration Team Network Administration Team Defense in Depth Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security The Defense-in-Depth Model Using a layered approach: Increases an attacker’s risk of detection Reduces an attacker’s chance of success Data ACLs, encryption, EFS Application Application hardening, antivirus Host OS hardening, authentication, patch management, HIDS Network segments, IPSec, NIDS Internal Network Perimeter Physical Security Policies, Procedures, & Awareness Firewalls, Network Access Quarantine Control Guards, locks, tracking devices Security documents, user education Description of the Policies, Procedures, and Awareness Layer I think I will wedge Hey, I need to configure a firewall. Which ports should I block? They have blocked my favorite Web site. Lucky I have a modem. the computer room door open. Much easier. I think I will use my first name as a password. Policies, Procedures, and Awareness Layer Compromise Say, I run a network too. How do you configure your firewalls? Hey, nice modem. What's the number of that line? Hi, do you know where the computer room is? I can never think of a good password. What do you use? Policies, Procedures, and Awareness Layer Protection Employee security training helps users support the security policy Description of the Physical Security Layer All of the assets within an organization’s IT infrastructure must be physically secured Physical Security Layer Compromise View, Change, or Remove Files Damage Hardware Remove Hardware Install Malicious Code Physical Security Layer Protection Lock doors and install alarms Employ security personnel Enforce access procedures Monitor access Limit data input devices Use remote access tools to enhance security Description of the Perimeter Layer Business Partner LAN Main Office LAN Internet Internet Services Internet Services Network perimeters can include connections to: The Internet Branch offices Business partners Remote users Wireless networks Internet applications Branch Office Remote User Wireless Network LAN Perimeter Layer Compromise Business Partner LAN Main Office LAN Internet Internet Services Internet Services Network perimeter compromise may result in a successful: Attack on corporate network Attack on remote users Attack from business partners Attack from a branch office Attack on Internet services Attack from the Internet Branch Office Remote User Wireless Network LAN Perimeter Layer Protection Business Partner LAN Main Office LAN Internet Internet Services Internet Services Network perimeter protection includes: Firewalls Blocking communication ports Port and IP address translation Virtual private networks (VPNs) Tunneling protocols VPN quarantine Branch Office Remote User Wireless Network LAN Description of the Internal Network Layer Sales Wireless Network Marketing Finance Human Resources Internal Network Layer Compromise Unauthorized Access to Systems Unexpected Communication Ports Unauthorized Access to Wireless Networks Sniff Packets from the Network Access All Network Traffic Internal Network Layer Protection Require mutual authentication Segment the network Encrypt network communications Restrict traffic even when it is segmented Sign network packets Implement IPSec port filters to restrict traffic to servers Description of the Host Layer Contains individual computer systems on the network Often have specific roles or functions The term “host” is used to refer to both clients and servers Host Layer Compromise Exploit Unsecured Operating System Configuration Distribute Viruses Exploit Operating System Weakness Unmonitored Access Host Layer Protection Harden client and server operating systems Disable unnecessary services Monitor and audit access and attempted access Install and maintain antivirus software Use firewalls Keep security patches and service packs up to date Windows XP SP2 Advanced Security Technologies Network protection Memory protection Safer e-mail handling More secure browsing Improved computer maintenance Get more information on Windows XP Service Pack 2 at http://www.microsoft.com/sp2preview Description of the Application Layer Layer includes both client and server network applications Functionality must be maintained Client Applications Examples: Microsoft Outlook, Microsoft Office Suite Server Applications Examples: Web Servers, Exchange Server, SQL Server Application Layer Compromise Loss of application functionality Execution of malicious code Extreme use of application – DoS attack Undesirable use of application Application Layer Protection Enable only required services and functionality Secure internally developed applications Install security updates for all applications Install and update antivirus software Run applications with least privilege necessary Use latest security practices when developing new applications Description of the Data Layer Documents Directory Files Application Files Data Layer Compromise Interrogate Directory Files View, Change, or Remove Information Replace or Modify Application Files Documents Directory Files Application Files Data Layer Protection Encrypt files with EFS Use NTFS for file and folder-level security Use a combination of access control lists and encryption Move files from the default location Perform regular backups of data Protect documents and e-mail with Windows Rights Management Services Security Incident Response Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security Incident-Response Checklist Recognize that an attack is under way Identify the attack Communicate the attack Contain the attack Implement preventive measures Document the attack Containing the Effects of the Attack Shut down affected servers Remove affected computers from the network Block inbound and outbound network traffic Take precautionary measures to protect computers not yet compromised Preserve the evidence Best Practices Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security Security Best Practices Follow the defense-in-depth model Strive for systems that are secure by design Apply the principle of least privilege Learn from experience Use monitoring and auditing Train users to be aware of security issues Develop and test incident-response plans and procedures Security Checklist Create security policy and procedure documents Subscribe to security alert e-mails Keep up to date with patch management Maintain regular backup and restore procedures Think like an attacker 10 Immutable Laws of Security Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security The 10 Immutable Laws of Security, Part 1 1 If an attacker can persuade you to run his program on your computer, it is not your computer anymore 2 If an attacker can alter the operating system on your computer, it is not your computer anymore 3 If an attacker has unrestricted physical access to your computer, it is not your computer anymore 4 If you allow an attacker to upload programs to your Web site, it is not your Web site any more 5 Weak passwords prevail over strong security The 10 Immutable Laws of Security, Part 2 6 A computer is only as secure as the administrator is trustworthy 7 Encrypted data is only as secure as the decryption key 8 Out-of-date antivirus software is only marginally better than no antivirus software at all 9 Absolute anonymity is not practical in real life nor on the Web 10 Technology is not a panacea http://www.microsoft.com/technet/columns/security/essays/10imlaws.asp Session Summary Business Case Security Risk Management Discipline Defense in Depth Security Incident Response Best Practices 10 Immutable Laws of Security Next Steps Find additional security training events: http://www.microsoft.com/seminar/events/security.ms Sign up for security communications: http://www.microsoft.com/technet/security/signup/ default.mspx Get additional security tools and content: http://www.microsoft.com/security/guidance Event Information What’s Next? Technical Roadshow Post Event Website www.microsoft.com/uk/techroadshow/postevents Available from Monday 18th April Please complete your Evaluation Form! http://www.microsoft.com/TwC © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.