Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Lecture - 3 - Layered Approach To IT Security

    Загружено:

    Muntaquir Hasnain
    28 просмотров15 страниц
    IT

    Оригинальное название

    Lecture - 3 - Layered Approach to IT Security

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    PPT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    IT

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PPT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    28 просмотров15 страниц

    Lecture - 3 - Layered Approach To IT Security

    Загружено:

    Muntaquir Hasnain
    IT

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате PPT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 15

    Layered approach to Security

    Intelligent Quotient System Pvt. Ltd.

    Traditional approach to security

    Intelligent Quotient System Pvt. Ltd.

    If you spend more on coffee than on IT security, then

    you will be hacked. What's more, you deserve to be hacked.


    Richard Clarke, Special Adviser on cybersecurity to the US President.

    Intelligent Quotient System Pvt. Ltd.

    Threat is everywhere

    Intelligent Quotient System Pvt. Ltd.

    Layered security approach

    IT IS ABOUT MAINTAINING APPROPRIATE

    SECURITY MEASURES AND PROCEDURES AT FIVE DIFFERENT LEVELS WITHIN YOUR IT ENVIRONMENT
    ALSO KNOWN AS DEFENCE IN DEPTH

    Intelligent Quotient System Pvt. Ltd.

    Perimeter Level
    Perimeter is the first line of defense from outside,

    un-trusted networks
    First and last point of contact for security defences

    protecting the network


    It is the area where your network ends and the

    Internet begins
    E.g. Makemytrip.com server hack revenue loss
    Intelligent Quotient System Pvt. Ltd.

    Perimeter Level
    Firewall Network-based anti-virus

    VPN encryption

    Intelligent Quotient System Pvt. Ltd.

    Network Level
    Internal LAN and WAN May include desktops and servers

    Once you break perimeter you are inside and once

    inside, you can travel across the network unimpeded

    Intelligent Quotient System Pvt. Ltd.

    Network Level
    Intrusion detection /prevention system (IDS/IPS) Vulnerability management system

    Network Access Control


    Access control /user authentication

    Intelligent Quotient System Pvt. Ltd.

    Host Level
    Individual devices on the network, such as servers, desktops,

    switches, routers, etc.


    Configuration parameters if set inappropriately, can create

    exploitable security holes


    Includes - registry settings, services (applications) operating

    on the device or patches to the operating system or important


    applications
    Configured to meet the specific operational characteristics of

    a single device
    Intelligent Quotient System Pvt. Ltd.

    Host Level
    Hardware Component OS Security Host IDS Host vulnerability assessment (VA) Network access control

    Anti-virus
    Access control/user authentication

    Intelligent Quotient System Pvt. Ltd.

    Application Level
    Poorly protected applications can provide easy access

    to confidential data and records Hard truth - most programmers dont code with security in mind

    Intelligent Quotient System Pvt. Ltd.

    Application Level
    Application shield Access control/user authentication

    Input validation

    Intelligent Quotient System Pvt. Ltd.

    Data Level
    Blend of policy and encryption Access control/user authentication

    Intelligent Quotient System Pvt. Ltd.

    Intelligent Quotient System Pvt. Ltd.

    Вам также может понравиться