Agenda
Ngày 1:
- Giới thiệu về ATTT cho doanh nghiệp
- Các phương pháp bảo mật xác thực cơ bản
- Bảo mật các dịch vụ của Windows như DHCP, DNS, Active Directory
Ngày 2:
- Các phương thức mã hoá dùng Symmetric Key, Public Key
- Bảo vệ sử dụng mạng Wifi với 802.1x
Ngày 3:
- Bảo vệ ứng dụng Web với Web Application Firewall
- Thực hành Bảo vệ ứng dụng Web
Ngày 4:
- Giới thiệu hệ điều hành Linux
- Hướng dẫn sử dụng cơ bản hệ điều hành Linux/Unix
- Hướng dẫn sử dụng nâng cao hệ điều hành Linux
- Bảo mật hệ điều hành Linux
- Thực hành cài đặt và sử dụng OpenVas
- Thực hành cài đặt và sử dụng Nessus
Ngày 5:
- Bảo mật xác thực truy cập SSH sử dụng Certificate
- Bảo mật file hệ thống
- Thực hành Cấu hình bảo mật truy vấn DNS sử dụng Bind RPZ
- Thực hành Cấu hình bảo mật truy cập Web sử dụng Squid Proxy
- Thực hành Cấu hình tường lửa iptables
1
Introductions
HELLO!
Name, nickname, job title,
location...
NETWORK
EXPERIENCE
INDUSTRY
EXPERIENCE
SPECIFIC AREAS
OR TOPICS OF
INTEREST
F5 PRODUCT
EXPERIENCE
Introduction to Security
Objectives
• Describe the challenges of securing information
• Define information security and explain why it is important
• Identify the types of attackers that are common today
• List the basic steps of an attack
• Describe the five steps in a defense
Challenges of Securing Information
• There is no simple solution to securing information
• This can be seen through the different types of attacks that
users face today
• As well as the difficulties in defending against these
attacks
Today’s Security Attacks
• Typical warnings:
• A malicious program was introduced at some point in the
manufacturing process of a popular brand of digital photo
frames
• A new worm disables Microsoft Windows Automatic
Updating and the Task Manager
• Apple has issued an update to address 25 security flaws in
its operating system OS X
Today’s Security Attacks (continued)
Cyber Security Report 2017
Difficulties in Defending against Attacks
• Difficulties include the following:
• Speed of attacks
• Greater sophistication of attacks
• Simplicity of attack tools
• Attackers can detect vulnerabilities more quickly and more
readily exploit these vulnerabilities
• Delays in patching hardware and software products
• Most attacks are now distributed attacks, instead of
coming from only one source
• User confusion
Difficulties in Defending against Attacks (continued)
11
12
What Is Information Security?
• Knowing why information security is important today and
who the attackers are is beneficial
Defining Information Security
• Security can be considered as a state of freedom from a
danger or risk
• This state or condition of freedom exists because protective
measures are established and maintained
• Information security
• The tasks of guarding information that is in a digital format
• Ensures that protective measures are properly implemented
• Cannot completely prevent attacks or guarantee that a
system is totally secure
Defining Information Security (continued)
• Information security is intended to protect information that has
value to people and organizations
• This value comes from the characteristics of the information:
• Confidentiality
• Integrity
• Availability
• Information security is achieved through a combination of
three entities
Defining Information Security (continued)
Information Security Terminology
• Asset
• Something that has a value
• Threat
• An event or object that may defeat the security measures
in place and result in a loss
• Threat agent
• A person or thing that has the power to carry out a threat
Information Security Terminology (continued)
• Vulnerability
• Weakness that allows a threat agent to bypass security
• Risk
• The likelihood that a threat agent will exploit a vulnerability
• Realistically, risk cannot ever be entirely eliminated
Information Security Terminology (continued)
Information Security Terminology (continued)
Understanding the Importance of Information Security
(continued)
• Maintaining Productivity
• Cleaning up after an attack diverts resources such as time
and money away from normal activities
Who Are the Attackers?
• The types of people behind computer attacks are generally
divided into several categories
• These include hackers, script kiddies, spies, employees,
cybercriminals, and cyberterrorists
Script Kiddies
• Script kiddies
•
Want to break into computers to create damage
•
Unskilled users
•
Download automated hacking software (scripts) from Web sites and use it to break into computers
• They are sometimes considered more dangerous than hackers
•
Script kiddies tend to be computer users who have almost unlimited amounts of leisure time, which
they can use to attack systems
Employees
• One of the largest information security threats to a business
actually comes from its employees
• Reasons
• An employee might want to show the company a weakness
in their security
• Disgruntled employees may be intent on retaliating against
the company
• Industrial espionage
• Blackmailing