introduction to security, giới thiệu về an toàn thông tin
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (8.17 MB, 76 trang )
Agenda
Ngày 1:
- Giới thiệu về ATTT cho doanh nghiệp
- Các phương pháp bảo mật xác thực cơ bản
- Bảo mật các dịch vụ của Windows như DHCP, DNS, Active Directory
Ngày 2:
- Các phương thức mã hoá dùng Symmetric Key, Public Key
- Bảo vệ sử dụng mạng Wifi với 802.1x
Ngày 3:
- Bảo vệ ứng dụng Web với Web Application Firewall
- Thực hành Bảo vệ ứng dụng Web
Ngày 4:
- Giới thiệu hệ điều hành Linux
- Hướng dẫn sử dụng cơ bản hệ điều hành Linux/Unix
- Hướng dẫn sử dụng nâng cao hệ điều hành Linux
- Bảo mật hệ điều hành Linux
- Thực hành cài đặt và sử dụng OpenVas
- Thực hành cài đặt và sử dụng Nessus
Ngày 5:
- Bảo mật xác thực truy cập SSH sử dụng Certificate
- Bảo mật file hệ thống
- Thực hành Cấu hình bảo mật truy vấn DNS sử dụng Bind RPZ
- Thực hành Cấu hình bảo mật truy cập Web sử dụng Squid Proxy
- Thực hành Cấu hình tường lửa iptables
1
Introductions
HELLO!
Name, nickname, job title,
location...
NETWORK
EXPERIENCE
INDUSTRY
EXPERIENCE
SPECIFIC AREAS
OR TOPICS OF
INTEREST
F5 PRODUCT
EXPERIENCE
Introduction to Security
Objectives
• Describe the challenges of securing information
• Define information security and explain why it is important
• Identify the types of attackers that are common today
• List the basic steps of an attack
• Describe the five steps in a defense
Challenges of Securing Information
• There is no simple solution to securing information
• This can be seen through the different types of attacks that
users face today
• As well as the difficulties in defending against these
attacks
Today’s Security Attacks
• Typical warnings:
• A malicious program was introduced at some point in the
manufacturing process of a popular brand of digital photo
frames
• A new worm disables Microsoft Windows Automatic
Updating and the Task Manager
• Apple has issued an update to address 25 security flaws in
its operating system OS X
Today’s Security Attacks (continued)
Cyber Security Report 2017
Difficulties in Defending against Attacks
• Difficulties include the following:
• Speed of attacks
• Greater sophistication of attacks
• Simplicity of attack tools
• Attackers can detect vulnerabilities more quickly and more
readily exploit these vulnerabilities
• Delays in patching hardware and software products
• Most attacks are now distributed attacks, instead of
coming from only one source
• User confusion
Difficulties in Defending against Attacks (continued)
11
12
What Is Information Security?
• Knowing why information security is important today and
who the attackers are is beneficial
Defining Information Security
• Security can be considered as a state of freedom from a
danger or risk
• This state or condition of freedom exists because protective
measures are established and maintained
• Information security
• The tasks of guarding information that is in a digital format
• Ensures that protective measures are properly implemented
• Cannot completely prevent attacks or guarantee that a
system is totally secure
Defining Information Security (continued)
• Information security is intended to protect information that has
value to people and organizations
• This value comes from the characteristics of the information:
• Confidentiality
• Integrity
• Availability
• Information security is achieved through a combination of
three entities
Defining Information Security (continued)
Information Security Terminology
• Asset
• Something that has a value
• Threat
• An event or object that may defeat the security measures
in place and result in a loss
• Threat agent
• A person or thing that has the power to carry out a threat
Information Security Terminology (continued)
• Vulnerability
• Weakness that allows a threat agent to bypass security
• Risk
• The likelihood that a threat agent will exploit a vulnerability
• Realistically, risk cannot ever be entirely eliminated
Information Security Terminology (continued)
Information Security Terminology (continued)
Understanding the Importance of Information Security
(continued)
• Maintaining Productivity
• Cleaning up after an attack diverts resources such as time
and money away from normal activities
Who Are the Attackers?
• The types of people behind computer attacks are generally
divided into several categories
• These include hackers, script kiddies, spies, employees,
cybercriminals, and cyberterrorists
Script Kiddies
• Script kiddies
•
Want to break into computers to create damage
•
Unskilled users
•
Download automated hacking software (scripts) from Web sites and use it to break into computers
• They are sometimes considered more dangerous than hackers
•
Script kiddies tend to be computer users who have almost unlimited amounts of leisure time, which
they can use to attack systems
Employees
• One of the largest information security threats to a business
actually comes from its employees
• Reasons
• An employee might want to show the company a weakness
in their security
• Disgruntled employees may be intent on retaliating against
the company
• Industrial espionage
• Blackmailing
