Information Security A Practical Introduction
description
Transcript of Information Security A Practical Introduction
![Page 1: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/1.jpg)
Michael McDonnellGIAC Certified Intrusion Analyst
Creative Commons License: You are free to share and remix but you must provide attribution and you must share alike.
Information SecurityInformation SecurityA Practical IntroductionA Practical Introduction
![Page 2: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/2.jpg)
What is (Information) Security About?
![Page 3: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/3.jpg)
InfoSec is… about HackersHackers
![Page 4: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/4.jpg)
InfoSec is… about VandalismVandalism
![Page 5: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/5.jpg)
InfoSec is… about BackupsBackups
![Page 6: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/6.jpg)
InfoSec is… about TheftTheft
![Page 7: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/7.jpg)
InfoSec is… about Uptime
![Page 8: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/8.jpg)
InfoSec is… about PhonesPhones
![Page 9: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/9.jpg)
InfoSec is… about InformationInformation
![Page 10: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/10.jpg)
Information Security is an OutcomeOutcome
"Our systems areare secure from hackers“
"We havehave blocked 17,342 viruses to date“
“Our systems are all online“
“Insiders cannotcannot steal our information”
“We have backups”
““We are Secure”We are Secure”
![Page 11: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/11.jpg)
Information Security is a ProcessProcess
“We want to improveimprove security“
"We need to protect against moremore threats"
"We want to reducereduce risk"
"We want to increaseincrease customer confidence"
"We want to decreasedecrease the number of compromises"
““We want to be We want to be more Secure”more Secure”
![Page 12: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/12.jpg)
InfoSec is… Risk ManagementRisk Management
IdentifyA
nalyzeM
easu
re
PlanImplement
![Page 13: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/13.jpg)
What is at Risk?
ConfidentialityConfidentiality
IntegrityIntegrity
AvailabilityAvailability
![Page 14: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/14.jpg)
Defence in DepthDefence in Depth lowers Risk
![Page 15: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/15.jpg)
ProcessProcess leads to OutcomeOutcome
Firewalls do not make you secureAnti-virusAnti-virus does not make you secure
PoliciesPolicies do not make you secureVPNsVPNs do not make you secure
Guards do not make you securePasswordsPasswords do not make you secure
Together they all make you MOREMORE secure
![Page 16: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/16.jpg)
Threat: Denial of Service
![Page 17: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/17.jpg)
Counter: Firewalls and Switches
![Page 18: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/18.jpg)
An unpatched server was compromised and used to distributed 20 GB of videos with French language titles. The problem was discovered when the server was blocked for excessive bandwidthexcessive bandwidth usage.
??
Threat: Unintentional DoS
![Page 19: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/19.jpg)
French Puppet Videos!
The server was distributing 20 GB of French Puppet VideosFrench Puppet Videos. The cleanup time was 7 hours. If they had just asked we would have probably found someone to host the videos for them!
![Page 20: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/20.jpg)
Counter: Change ManagementChange Management
![Page 21: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/21.jpg)
Counter: Monitoring
![Page 22: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/22.jpg)
Threat: SQL Injection Attack
![Page 23: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/23.jpg)
Counter: Vulnerability Scanning
![Page 24: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/24.jpg)
Counter: Developer Training
![Page 25: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/25.jpg)
Counter: Web Application Firewall
![Page 26: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/26.jpg)
Threat: The Man-in-the-Middle
The Weaponized Pineapple
1. Pretends to be YOURYOUR home wifi network.
2.2. RecordsRecords what you do on the Internet.
![Page 27: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/27.jpg)
Counter: 2 Factor Authentication
YUBIKEY SecurID
Google 2FA
![Page 28: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/28.jpg)
Threat: Insiders
![Page 29: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/29.jpg)
Counter: DLP and DPI
Deep Packet Inspection (DPI): Firewalls inspect every packet on the network and rebuild the entire message.
Data Loss Prevention (DLP): Uses DPI and pattern matching to look for suspicious content being sent FROM your network.
![Page 30: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/30.jpg)
Threat: Malvertisements
![Page 31: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/31.jpg)
Threat: It never rainsrains… it pourspours
1. The OS Vendor stopped providing patches2. The server was hacked3. A hard disk failed4. A cooling fan died & it crashes every 2hr5. The software vendor wanted more money6. Hardware support had not been paid for
![Page 32: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/32.jpg)
Final Threat: The A.P.T.
Advanced Persistent Threat
![Page 33: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/33.jpg)
InfoSec is… Everyone’s Responsibility
ConfidentialityConfidentiality
IntegrityIntegrity
AvailabilityAvailability
![Page 34: Information Security A Practical Introduction](https://reader035.fdocuments.net/reader035/viewer/2022062408/56813d57550346895da719c1/html5/thumbnails/34.jpg)
More Threats
1. Spear-phishing1. Credible emails, highly targeted, but malicious
2. USB Viruses: usb virus scanner, autorun, read-only storage
1. Automated