|
The Need for Computer / Network Security:
What I said. It isn't the conclusion that the actual about Asset Manager. You look at this article for home elevators a person wish to know is Asset Manager.
Asset Manager
Computer / network protection includes: Control of bodily accessibility to computers / network
Prevention of accidental data
Erasure, modification, compromise
Detection and arresting of
Intentional internal protection breaches
Unauthorized external intrusions (hacking) All three legs of the triangle must exist for a network intrusion to occur:
Motive
A hypothesize to want to breach your security
Means
The ability
Opportunity
The occasion to enter the network
This last item is the administrator's only occasion at controlling events. Principles of Network Security:
Network protection goals are sometimes identified as Confidentiality.
Only the sender and intended recipient should "see" the message Integrity.
Sender and receiver want to make sure that the message is not altered in transit, or afterwords. Authentication
The sender and receiver want to confirm each other's identity Availability.
Services and resources must be available and accessible. Understanding Risk Management:
A key principle of protection is that no network is completely secure.
Information protection deals principally with risk management.
The more important an asset, the more it is exposed to protection threats, thus the more resources you must put into securing it. Understanding Risk supervision - 2:
In general, without training, administrators sass to a protection threat in one of three ways:
Ignore the threat, or sass it but do nothing to forestall it from occurring.
Address the threat in an ad hoc fashion.
Attempt to completely protection all assets to the utmost degree, without regard for usability or manageability
None of these strategies take into inventory what the actual risk is, and all of them will ordinarily lead to long-term failure. What are Some Risks?
Eavesdropping
Interception of messages
Hijacking
Taking over the role of a sender or receiver.
Insertion
Of messages into an active connection
Impersonation
Spoofing a source address in a packet or any field in a packet
Denial of assistance (Dos).
Prevent others from gaining passage to resources, ordinarily by overloading system. Managing Risk:
Once the assets and their corresponding threats have been identified risk supervision can consist of:
Acceptance
Mitigation
Transference
Avoidance Accepting Risk:
If you take no proactive measures, you accept the full exposure and consequences of the protection threats to an asset.
Should accept risk only as a last resort when no other cheap alternatives exist, or when the costs are very high.
When accepting risk, it is always a good idea to generate a contingency plan.
A contingency plan details a set of actions that will be taken after the risk is realized and will lessen the impact of the compromise of loss of the asset. Mitigating Risk:
The most coarse method of securing computers and networks is to mitigate protection risks.
By taking proactive measures either to sacrifice an asset's exposure to threats or sacrifice the organizations dependency on the asset, you are mitigating the protection risk.
A simple example: installing antivirus software. Transferring Risk:
Transfer protection risk to an additional one party has many benefit including:
Economies of scale, such as insurance.
Use of an additional one society expertise and services.
Example: using a web hosting service.
When undertaking this type of risk transference, the details of the arrangement should be clearly stated in a contract known as a assistance level business agreement (Sla). Avoiding Risk:
The opposite of accepting risk is to avoid the risk entirely.
To avoid risk, you must take off the source of the threat, exposure to the threat, or your society reliance on the asset.
Generally, you avoid risk when there are exiguous to no possibilities for mitigating or transferring the risk, or when the consequences of realizing the risk far outweigh the benefits gained from undertaking the risk.
An example can be a troops or law promulgation dBase that, if compromised, could put lives at risk. Implementing Security:
Think of protection in terms of granting the least estimate of privileges required to carry out the task.
Example: reconsider the case of a network administrator unwittingly occasion an e-mail attachment that launches a virus.
If the administrator is logged on as the domain administrator, the virus will have administrator privileges on all computers in the domain and thus unrestricted passage to nearly all data on the network. Defense in Depth:
Imagine the protection of your network as a series of layers.
Each layer you pull away gets you closer to the center, where the valuable asset exists.
On your network, defend each layer as though the previous outer layer is ineffective or nonexistent.
The total protection of your network will dramatically increase if you defend at all levels and increase the fault tolerance of security.
Example: to safe users from launching an e-mail-borne virus, in addition to antivirus software on the users' computers, you could use e-mail client software that blocks potentially dangerous file types from being executed, block potentially dangerous attachments agreeing to their file type, and ensures that the user is running under a exiguous user account. Reducing the charge Surface:
An attacker needs to know of only one vulnerability to charge your network successfully, whereas you must pinpoint all you vulnerabilities to defend your network.
The smaller your charge surface, the great occasion you have of accounting for all assets and their protection.
Attackers will have fewer targets, and you will have less to monitor and maintain.
Example: to lower the charge exterior of private computers on your network, you can disable services that are not used and take off software that is not necessary. Addressing protection Objectives:
Controlling bodily passage to
Servers
Networked workstations
Network devices
Cabling plant
Being aware of protection considerations with wireless media associated to portable computers.
Recognizing the protection risk.
Of allowing data to be printed out.
Involving floppy disks, Cds, tapes, other detachable media. Recognizing Network protection threats:
To safe your network, you must reconsider the following:
Question: from whom or what are you protecting if?
Who: types of network intruders and their motivations.
What: types of network attackers and how they work.
These questions form the basis for performing a threat analysis.
A total threat determination should be the goods of brainstorming among population who are knowledgeable about the firm processes, industry, security, and so on. Classifying exact Types of Attacks:
Social engineering attacks
Dos attacks
Scanning and spoofing
Source routing and other protocol exploits
Software and system exploits
Trojans, Viruses and worms It is important to understand the types of threats in order to deal with them properly. Designing a total protection Plan:
Rfc2196, the Site protection Handbook.
Identify what your are trying to protect.
Determine what you are trying to safe it from.
Determine how likely the unbelievable threats are.
Implement measures that will safe your assets in a cost-effective manner.
Review the process continually and make improvements each time a feebleness is discovered. Steps to Creating a protection Plan:
Your protection plan will ordinarily consist of three separate aspects of protecting your network.
Prevention: the measures that are implemented to keep your information from being modified, destroyed, or compromised.
Detection: the measures that are implemented to recognize when a protection breach has occurred or has been attempted, and possibly, the origin of the breach.
Reaction: the measures that are implemented to recover from a protection breach to recover lost or altered data, to restore system or network operations, and to forestall time to come occurrences. Security Ratings:
The U.S. Government provides specifications for the rating of network protection implementations in a publication often referred to as the Orange Book, formally called the Dod Trusted Computer System.
Evaluation criteria, or Tcsec.
The Red book, or Trusted Network Interpretation of the Tcsec (Tni) explains how the Tcsec evaluation.
criteria are applied to computer networks.
Canada has protection rating systems that work in a similar way.
Ctpec Security Ratings -2:
To collect a government contract, companies are often required to collect a C2 rating.
A C2 rating has any requirements.
That the operating system in use be capable of tracking passage to data, including both who accessed it and when it was accessed.
That users' passage to objects be branch to control (access permissions).
That users are uniquely identified on the system (user inventory name and password).
That security-related events can be tracked and constantly recorded for auditing (audit log).
I hope you obtain new knowledge about Asset Manager. Where you possibly can offer use in your everyday life. And most importantly, your reaction is passed about Asset Manager. Read more.. Planning Network protection.
|
No comments:
Post a Comment