CEHv6 module 55 preventing data loss
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (4.23 MB, 55 trang )
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Ethical Hacking and
Countermeasures
Version 6
Module LV
Preventing Data Loss
Ethical Hacking and Countermeasures v6
Module LV: Preventing Data Loss
Exam 312-50
Module LV Page | 3877
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
News
Source: />
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
News
Personal Data Lost on 650,000 Credit Card Holders
A data loss has been reported by GE Money, which maintains credit card operations for JC Penney and
many other retailers. The missing information includes Social Security numbers of more than 150,000
people.
The credit card information that was stored on a backup computer tape, stored at a warehouse run by Iron
Mountain Inc., was found missing.
But according to Richard C. Jones, a spokesman for GE Money, there was "no sign of theft or anything of
that kind happened," and no proof of fraudulent activity on the accounts has been found.
Module LV Page | 3878
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Module Objective
This module will familiarize you with:
•
•
•
•
•
Data Loss
Causes of Data Loss
How to Prevent Data Loss
Impact Assessment for Data Loss Prevention
Tools to Prevent Data Loss
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Module Objective
This module will familiarize you with:
Data Loss
Causes of Data Loss
How to Prevent Data Loss
Impact Assessment for Data Loss Prevention
Tools to Prevent Data Loss
Module LV Page | 3879
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Module Flow
Data Loss
Causes of Data Loss
How to Prevent Data Loss
Impact Assessment for Data
Loss Prevention
Tools to Prevent Data Loss
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Module Flow
Module LV Page | 3880
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Introduction: Data Loss
Data loss refers to the unexpected loss of
data or information
Backup and recovery schemes must
be developed to restore lost data
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Introduction: Data Loss
Data loss refers to the unexpected loss of data or information. Data can be lost by any one number of
issues, such as application errors in the software, configuration errors, physical damage of the system, or
the accidental deletion of data by the user.
Organizations should follow the policy of backing up their critical data at regular intervals. A backup and
recovery policy should be implemented within the organization so that employees follow the procedure to
safely retrieve the lost data in the event of a disaster.
Module LV Page | 3881
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Causes of Data Loss
Intentional Action
• Intentional deletion of a file or program
Unintentional Action
• Accidental deletion of a file or program
• Misplacement of CDs or floppies
• Administration errors
Failure
•
•
•
•
Power failure, resulting in data not being saved to permanent memory
Hardware failure, such as a head crash in a hard disk
A software crash or freeze, resulting in data not being saved
Software bugs or poor usability, such as not confirming a file delete
command
• Data corruption, such as filesystem corruption or database corruption
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Causes of Data Loss (cont’d)
EC-Council
Disaster
Crime
• Natural disaster, earthquake,
flood, tornado, etc.
• Fire
• Theft, hacking, sabotage, etc.
• A malicious act, such as a
worm, virus, hacker, or theft
of physical media
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Causes of Data Loss
Intentional Action:
A disgruntled employee my intentionally delete critical data to mark his protest.
Unintentional Action:
When data is unrecognizable, overridden by other data, or deleted by other human error, a user can
accidentally or unintentionally delete data.
Failure:
The data can be lost due to some failures in the system or any corruption in the files. Data can be lost due
to the following failures in the system:
When the data is in the process of saving and the power is off
Hardware failure when there is a headcrash in the hard disk
An operating system failure that results in file system corruption or invalid file directories
Any software failure due to some bugs or improper installation
Module LV Page | 3882
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Data corruption of file system or database corruption
Disaster:
Data can be lost due to earthquakes, floods, and some natural disasters, for example when a fire explosion
takes place near the system and the system catches the fire.
Crime:
Data can be lost if the system in which the data resides is compromised. Hackers may steal data from the
compromised system and delete them. Hackers may install Time Bombs/Logic Bombs that are
programmed to delete the data of the target system. A Time Bomb is software that is executed at the
particular time set by the hacker. Logic Bomb is software triggered automatically when the predefined
conditions are met.
Module LV Page | 3883
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
How to Prevent Data Loss
Tips to prevent Data loss:
• Back-up critical files: Backup regularly using windows in-built backup
utilities or use any backup tool
• Run Anti-Virus Program: Install Anti-Virus Software and run them
regularly to cleanup your Computer System from Viruses & Trojans
• Use power surge protectors: A power surge, is one of the most
common occurrences that can damage data and potentially cause a hard
drive failure
• Experience required: Never attempt any operation, like hard drive
installations or hard drive repairs, if you do not have such skills
• Shut down your computer: Always quit programs before shutting
down the computer
• Never shake or remove the covers on hard drives or tapes
• Store your backup data offsite: Use Tape Drives, Compact
Disk(CD),and Floppy Drives to Store your backups
• Be aware of your surroundings: Keep your computers and servers in
safest and secure locations
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
How to Prevent Data Loss
When the data is lost, there are some recovery techniques, which, if followed, will help in retrieving the
lost data.
The tips to prevent data loss are as follows:
Backup the critical files: Backup critical files at regular intervals using inbuilt software in the OS
or external third party applications.
Run antivirus to check for viruses and Trojans: Run antivirus programs to check the sanity of the
data and other system files.
Use power surge protectors: There is a chance of hard disk being corrupted incase of power
fluctuations. Use power surge protectors to protect the computer from such power failures.
Experience required: Always seek expert advice while installing any applications or modifying the
files. It is recommended that an expert should be called in to sort out issues related to operating
systems.
Shut down your computer: Ensure that the programs/applications running on the system are
closed before you shut down the computer.
Avoid physical shocks on the system while it is switched on.
Store your backup data offsite: An alternative of storing the backup data other than system are
devices such as compact disks (CDs), floppy drives, or removable devices.
Be aware of your surroundings: Keep the system and server in a secured and safe location away
from the heat.
Module LV Page | 3884
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Impact Assessment for Data Loss
Prevention
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Impact Assessment for Data Loss Prevention
Source: />
Module LV Page | 3885
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Tools to Prevent Data Loss
EC-Council
Module LV Page | 3886
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Security Platform
BorderWare Security Platform removes the need to deploy a new device to
protect against new messaging applications by integrating Email, IM, and Web
security with a single policy and single security platform
It is a content monitoring and filtering tool which prevents data leakage
Benefits:
• Consolidated content monitoring and filtering to prevent data leakage
• Comprehensive, stronger security for Email, IM, and Web
• Reduced time, effort, and costs with a set-and-forget policy management
approach
• On-demand scalability and flexible deployment
• Modular approach enables enterprises to buy what they need now and add
on later
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Security Platform
Source: />BorderWare Security Platform removes the need to deploy a new device to protect against new messaging
applications by integrating email, IM, and web security with a single policy and single security platform.
Benefits:
Comprehensive, stronger security for email, IM, and web
Reduces time, effort, and costs with a set-and-forget policy management approach
Consolidated content monitoring and filtering to prevent data leakage, enforce corporate
compliance, and ensure acceptable web use
Module LV Page | 3887
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Check Point Software: Pointsec
Data Security
Pointsec data encryption solutions by Check Point provide data
protection on laptops, PCs, mobile devices, and removable media
By leveraging a strong and efficient blend of full disk encryption,
access control, port management and removable media encryption, it
delivers a comprehensive data security
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Check Point Software: Pointsec Data Security
Source: />Pointsec data encryption solutions by Check Point provide data protection on laptops, PCs, mobile
devices, and removable media. By leveraging a strong and efficient blend of full disk encryption, access
control, port management, and removable media encryption, Pointsec solutions deliver comprehensive
data security.
Module LV Page | 3888
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Cisco (IronPort)
IronPort delivers high-performance and comprehensive data loss
prevention for data in motion
It helps organizations to prevent data leaks, enforce compliance, and
protect their brand and reputation
Features:
• Web and Instant Messaging Protection
• Email Encryption
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Cisco (IronPort)
Source: />IronPort delivers high-performance, and comprehensive data loss prevention. It helps both large and
small organizations to prevent leaks, enforce compliance, and protect their brand and reputation.
Features:
IronPort’s pre-defined content filters for HIPAA, GLB, SOX, and other regulations automatically
scan emails for protecting financial and health information.
Industry-leading encryption technology enables IronPort users to comply with regulatory
requirements related to the security of health and financial information.
Its high-performance content scanning engine provides flexibility and fine-grained controls for
effective monitoring of outbound messages for sensitive information.
Not limited to email messaging, IronPort delivers state-of-the-art functionality to detect and
block the loss of sensitive data via the web and instant messaging.
Detailed logs and reports identify messages that trigger specific policy rules and track the actions
taken on these messages.
Module LV Page | 3889
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Module LV Page | 3890
Exam 312-50 Certified Ethical Hacker
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Content Inspection Appliance
The Code Green Network’s line of Content Inspection Appliances is a solution
for protecting customer data and safeguarding intellectual property
It provides a complete solution for preventing the loss of personal information
across the network
Features:
• Monitors, enforces, and audits all popular Internet communication
channels including email, WebMail, IM, FTP, and online collaboration
tools (such as Blogs and Wikis)
• Automatically encrypts sensitive email messages according to policy
• Deploys quickly with pre-defined policy templates
• Demonstrates and manages compliance using policy and incident
management capabilities
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Content Inspection Appliance
Source: />The Code Green Networks line of Content Inspection protects customer data and safeguards intellectual
property. Connected at the network egress point, the appliances provide complete, enterprise content
protection in affordable, easy-to-deploy, and easy-to-manage packages. The Code Green Networks
Content Inspection Appliances provide a complete solution for preventing the loss of personal
information and safeguarding intellectual property across the network.
Features:
Code Green Networks line of Content Inspection monitors, enforces, and audits all popular
Internet communication channels including email, web mail, IM, FTP, and online collaboration
tools (such as blogs and wikis).
It automatically encrypts sensitive email messages according to the policy.
It deploys quickly with pre-defined policy templates.
It demonstrates and manages compliance using policy and incident management capabilities.
Module LV Page | 3891
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
CrossRoads Systems: DBProtector
It provides database security at a logical business policy level and stops
'authorized misuse' of database information
DBProtector provides policy-based intrusion detection, prevention, and
compliance auditing
DBProtector sits in the data path and inspects SQL statements before they reach
the database
Features:
•
•
•
•
Inspects database activities
Enforces security policies
Alerts on suspicious activities
Captures audit trails for compliance reporting, security forensics, and
electronic discovery
• Provides separation of duty between security personnel and
database/network administrators ensuring regulatory compliance
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
CrossRoads Systems: DBProtector
Source: />Crossroads Strongbox DBProtector provides database security at a logical business policy level and stops
'authorized misuse' of database information. DBProtector provides policy-based intrusion detection,
prevention, and compliance auditing. It sits in the data path and inspects SQL statements before they
reach the database. This non-intrusive, zero impact, plug, and play approach minimizes network
application and database server impact and deployment risks.
Features:
Crossroads Strongbox DBProtector inspects database activities.
It enforces security policies.
It gives alerts on suspicious activities.
It captures audit trails for compliance reporting, security forensics, and electronic discovery.
It provides separation of duty between security personnel and database/network administrators
ensuring regulatory compliance.
Module LV Page | 3892
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Module LV Page | 3893
Exam 312-50 Certified Ethical Hacker
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
DeviceWall
DeviceWall protects data, both on and off the
network, by:
• Preventing the transfer of files to or from unauthorized portable
devices
• Automatically encrypting data copied to approved devices
• Providing complete audit trails of device and file accesses
DeviceWall prevents unwanted data transfer to or from portable
devices such as USB flash drives, iPods, PDAs, and wireless
connections by automatically enforcing security policies
User access can be blocked, limited to read-only, or left unrestricted
according to individual’s security privileges and device type in use
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
DeviceWall
Source: />DeviceWall protects the data, both on and off the network, by:
Preventing the transfer of files to or from unauthorized portable devices
Automatically encrypting the data copied to approved devices
Providing complete audit trails of device and file accessed
Features:
DeviceWall prevents the unwanted transfer of data to or from portable devices such as USB flash
drives, iPods, PDAs, and even wireless connections by automatically enforcing security policies
User access can be blocked, limited to read-only, or left unrestricted according to the individual’s
security privileges and device type in use
It can automatically encrypt all the data copied to authorized storage devices such as USB flash
drives
It provides complete visibility of all user and administrator actions, recording everything from
individual device connections to the most popular files accessed on the portable devices
Module LV Page | 3894
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Module LV Page | 3895
Exam 312-50 Certified Ethical Hacker
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures v6
Preventing Data Loss
Exam 312-50 Certified Ethical Hacker
Exeros Discovery
Exeros Discovery software automates discovery and maintenance of business
rules, transformations, hidden sensitive data, and data inconsistencies across
structured data sources
It uses a unique technology of data-driven mapping to replace the traditional
manual process of analyzing source data and mapping it to another data set
Exeros Discovery has two main components:
• Discovery Studio: A graphical user interface for data analyst to view data,
maps, and transformations discovered by Discovery and to edit, test, and
approve any remaining data maps and business rules
• Discovery Engine: Multiple, scalable, and high-performance engines that
automatically discover business rules, transformations, sensitive data,
and data inconsistencies
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Exeros Discovery
Source: />Exeros Discovery software automates the discovery and maintenance of business rules, transformations,
hidden sensitive data, and data inconsistencies across structured data sources. It uses a unique technology
of data-driven mapping to replace the traditional manual process of analyzing source data and mapping it
to another data set. Using Discovery, there is involvement of lower risk and costs, faster deployment, and
greater completeness and accuracy for any data relationship management project.
It has two main components:
Discovery Studio: A graphical user interface for the data analyst to view data, maps, and
transformations discovered by Discovery and to edit, test, and approve any remaining data maps
and business rules.
Discovery Engine: Multiple, scalable, and high-performance engines that automatically discover
business rules, transformations, sensitive data, and data inconsistencies.
Module LV Page | 3896
Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
