What are the seven steps of a computer security defense plan

Please read chapters 4, 5 and 6 of your textbook and answer the following questions:

1) What are the seven steps of a computer security defense plan. review chapter 4.

2) What are the Three Categories of Security Policies. List and briefly discuss each category. Review Chapter 5.

3) What are the Responsibilities of Security Director? Review chapter 6.

Secure Design Principles

Copyright © 2014 by McGraw-Hill Education.

Introduction

This chapter covers information security principles.

Every network security implementation is based on a model.

The CIA triad is perhaps the most well-known model, with focus on confidentiality, integrity, and availability of data.

Other models focus on other aspects of information security

Firewalls as a primary defense is a perimeter security model

Relying on several different security mechanisms is a layered defense model

Every security design includes assumptions about what is trusted and what is not trusted, and who can go where.

Countermeasures

Copyright © 2014 by McGraw-Hill Education.

The CIA Triad

The CIA triad is a data-centric model to help people think about security, although it is neither perfect nor all-inclusive.

Confidentiality: Restriction of access to data only to those who are authorized to use it

“confidential” implies access to one set of data by many sources

“private” means the data is accessible only to a single source

Integrity: Assurance that data has not been altered

Availability: Assurance that a service will be available when needed

Copyright © 2014 by McGraw-Hill Education.

Alternatives to the CIA Triad

Parkerian Hexad

Confidentiality, Integrity, Availability, Control, Authenticity, Utility

U.S. DoD “Five Pillars of Information Assurance”

Confidentiality, Integrity, Availability, Authenticity, Non-repudiation

OECD guidelines The Organization for Economic Co-operation and Development

Confidentiality, Integrity, Availability, Awareness, Responsibility, Response, Ethics, Democracy, Risk Assessment, Security Design and Implementation, Security Management, and Reassessment.

NIST 800-27

Proposes 33 principles for securing technology systems

Copyright © 2014 by McGraw-Hill Education.

Best-known Attributes of Security

Confidentiality

Integrity

Availability

Accountability

Accuracy

Authenticity

Awareness

Completeness

Consistency

Control

Democracy

Ethics

Legality

Non-repudiation

Ownership

Physical possession

Reassessment

Relevance

Response

Responsibility

Risk assessment

Security design and implementation

Security management

Timeliness

Utility

Copyright © 2014 by McGraw-Hill Education.

Defense Models

The Lollipop

Hard, crunchy shell; soft, chewy center

Once the hard, crunchy exterior is broken, the soft, chewy center is exposed

Not the best defense model

The Onion

Layered strategy

Defense in depth

Must be peeled away by the attacker, layer by layer, with plenty of crying

Copyright © 2014 by McGraw-Hill Education.

Zones of Trust

Different areas of a network trust each other in different ways

Copyright © 2014 by McGraw-Hill Education.

Best Practices

Secure the physical environment.

Harden the operating system.

Keep patches updated.

Use an antivirus scanner (with real-time scanning).

Use firewall software.

Secure network share permissions.

Use encryption.

Secure applications.

Back up the system.

Create a computer security defense plan.

Implement ARP poisoning defenses.

Copyright © 2014 by McGraw-Hill Education.

Secure the Physical Environment

Lock down PCs and laptops.

Password-protect boot.

Password-protect CMOS.

Disable peripheral device boot.

Copyright © 2014 by McGraw-Hill Education.

Harden the Operating System

  1. Reduce the attack surface of systems by turning off unneeded services.
  2. Install secure software.
  3. Configure software settings securely.
  4. Patch systems regularly and quickly.
  5. Segment the network into zones of trust and place systems into those zones based on their communication needs and Internet exposure.
  6. Strengthen authentication processes.
  7. Limit the number (and privileges) of administrators.

Copyright © 2014 by McGraw-Hill Education.

Keep Patches Updated

In most cases, the vulnerabilities exploited are widely known, and the affected vendors have already released patches.

Attacks against unpatched systems are widely successful.

Copyright © 2014 by McGraw-Hill Education.

Use an Antivirus Scanner

Essential

Forced, automatic updates

Enabled for real-time protection

Copyright © 2014 by McGraw-Hill Education.

Use Firewall Software

Stateful inspection systems capable of analyzing threats occurring anywhere in layers 3 through 7.

Able to collate separate events into one threat description.

Block unwanted inbound connections.

Block unauthorized software applications (such as Trojans) from initiating outbound traffic.

Copyright © 2014 by McGraw-Hill Education.

Secure Network Share Permissions

One of the most common ways a attacker or worm spreads

By default, Windows assigns the Everyone group Full Control on every newly created share

This is the opposite of the least privilege principle (maybe it should be called the most privilege principle)

Copyright © 2014 by McGraw-Hill Education.

Use Encryption

Protects passwords

Protects data

’nuff said

Copyright © 2014 by McGraw-Hill Education.

Secure Applications

Applications should be configured with the vendors’ recommended security settings.

Block active e-mail content from executing.

Block dangerous file attachments.

Install applications to nonstandard directories and ports.

Enforce policies to designate what software is allowed to run on a particular computer.

Eradicate or secure P2P services.

Make sure any new programs in your environment are developed securely.

Copyright © 2014 by McGraw-Hill Education.

Back Up the System

Recover modified, corrupted, or deleted files.

Worms and viruses often delete files, format hard drives, or intentionally corrupt data.

You cannot always repair the damage and put the system back to the way it was prior to an exploit, so backups are essential.

Copyright © 2014 by McGraw-Hill Education.

Create a Computer Security Defense Plan

  1. Inventory the assets to protect.
  2. Decide the value of each asset and its chance of being exploited in order to come up with a quantifiable exposure risk.
  3. Develop a plan to tighten the security on your protected assets.

Assets with the highest exposure risk should be given the most protection, but make sure all assets get some baseline level of security.

  1. Develop and document security baseline tools and methods.

For example, a security template for end-user workstations

Apply security templates to workstations

  1. Use vulnerability testing tools to confirm appropriate configurations.
  2. Do periodic testing to make sure security settings stay implemented.
  3. Change and update the plan as dictated by new events and risks.

Copyright © 2014 by McGraw-Hill Education.

Implement ARP Poisoning Defenses

ARP poisoning attacks are one of the most common and effective threats against network infrastructures (especially wireless networks).

ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network.

A form of man-in-the-middle attack that allow an attacker to intercept and modify network traffic, invisibly. Thus, these attacks merit their own special countermeasures.

Defenses include

Static ARP tables

Port rate limiting

DHCP snooping with dynamic ARP inspection (DAI).

Dynamic Host Configuration Protocol. This is a method for automatically configuring TCP/IP network settings on computers, printers, and other network devices

Copyright © 2014 by McGraw-Hill Education.

Summary

The CIA triad is a well-known model, but there are many others.

The onion model is a better defense than the lollipop.

Trust is an important consideration in every network.

Attacks can come from automated malicious code or from manual attackers.

You can implement many countermeasures to minimize the risk of a successful attack, including securing the physical environment, keeping patches updated, using an antivirus scanner, using a firewall, securing user accounts, securing the file system, securing network shares, and securing applications.

Security settings should be automated whenever possible and should be part of a computer security defense plan.

Copyright © 2014 by McGraw-Hill Education.

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our Guarantees

Money-back Guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism Guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision Policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy Policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation Guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
error: