Академический Документы
Профессиональный Документы
Культура Документы
EXPERIMENT NO - 24
RISK MANAGEMENT
CYBER SECURITY
SECURITY AUDIT
IDENTIFYING LIKELIHOOD/PROBABILITY OF
EXPLOITATION OF EXISTING VULNERABILITY BY A
GIVEN THREAT.
CYBER SECURITY
CORPS/AREA HQ - DCSO/SO1
REMOTE ACCESS.
NETWORK ADMINISTRATORS
ACSE
SECURITY INCIDENT REPORTING AND
RESONSE
SECURITY BREACH.
PROVIDED.
COMPONENT.
ACCESS VIOLATIONS.
CYBER SECURITY EDUCATION
CYBER SECURITY TRAINING INSTITUTE SUCH AS
CDAC, STQC, IIT etc.
FUNDAMENTAL AND ADVANCED CYBER SECURITY
COURSES CONDUCTED AT MCTE.
INFORMATION SECURITY COURSE CONDUCTED AT IIT
KHARAGPUR.
CYBER FORENSICS COURSE CONDUCTED BY C-DAC.
CYBER SECURITY AWARENESS AND EDUCATION
COURSE AT ACSE.
THE VACANCIES FOR SUCH COURSE BE DEMANDED
FROM AHQ FM TIME TO TIME.
CYBER SECURITY TRG COMPETENCE
TRG INSTITUDE SUCH AS MCTE, STCs MUST INCLUDE
AND PERIODICALLY REVIEW CYBER SECURITY MODULES
IN THEIR TRG COURSES
TO KEEP UPDATED ON VARIOUS NATIONAL AND
INTERNATIONAL SECURITY STANDARDS AND SECURITY
PROTOCOLS.
CERT-ARMY WILL BE REPONSIBLE TO CONDUCT
CYBER SECURITY EDU AND AWARENESS PROGRAM FOR
THE ARMY.
CERT-ARMY WILL CONDUCT BASIS CYBER SECURITY
COURSES FOR SYSTEM/ NW ADMIN AT AHQ.
SPECIALIZED CYBER SECURITY COURSES FOR SIGS
OFFRs AND JCO FM COMD AND CORPS CYBER CELLS.
SECURITY AIDE MEMOIRE AT UNIT LEVEL
DOS
USE ONLY REQUIRED AND AUTHORIZED SOFTWARE.
USE LICENSED AND GENUINE COPIES OF SOFTWARE ONLY.
DON’TS
COMPUTER.
DO NOT INSTALL SOFTWARE UTILITIES ON YOUR
COMPUTER ON TRAIL BASIS
INTERNET CONNECTIONS
DOS
INTERNET MUST BE ACCESSED FROM A COMPUTER
SPECIALLY EARMARKED FOR IT.
LOCATE THE INTERNET COMPUTER IN A SEPARATE ACCESS.
KEEP ACCURATE RECORD OF INTERNET ACCESS.
DON’TS
DO NOT USE THE SAME COMPUTER FOR OFFICIAL TASKS
AND LATER CONNECT IT TO THE INTERNET ON A TIME SHARING
BASIS.
DO NOT DO OFFICIAL WORK ON THE INTERNET COMPUTER.
DO NOT INSTALL A DIAL-UP MODEM ON YOUR OFFICE
COMPUTER.
CARRY OUT ACTIVITIES ON IT DAY
NONREPUDIATION
Undeniable proof
of participation
AVAILABILITY
Assured access by
authorised users
RESTORATION CONFIDENTIALITY
Protection, INTEGRITY Protection from
Detection Protection from unauthorised disclosure
& Reaction unauthorised change
capabilities
Personnel Security
Physical Security
Hardware Security
Software Security
Database Security
Comn Security
Network Security
Conventional Measures
Accountability Issues
Password Cont
Loc of Nodes
Fire Protection & Alarm System
Timing Cont
Insider Mole
Auth & Trained Pers
Record of Access
Regular Trg on Cyber Threat &
Counter Measures
Surprise Checks
Audit of Activity Logs
Access to other Service Pers
Access to Civ Pers
Server Access
Hot Standby Systems
On-line UPS for Nodes &
Off-line for other clients
Power Conditioning
Backup Policy
Fire proof Storage Cabinets
Legal Software only
Centralised Modification rights
Sys Administrator to Cont Access
Self Testing Systems
Auto Updation
Updated Virus Protection
Centrally Controlled
Ajit
Hi! Sender
Network
Hi!
?
•Has any unauthorised person seen it?
Recipient
Secure Document Delivery - 2
Hi!
Hi!
Bye!
Ajit
Hi! Sender
Bye!
Network
Bye!
?
Has the message been changed since it
was sent?
Recipient
Secure Document Delivery - 3
Hi!
Ajit
Hi! Sender
Network
Hi!
?
Is the message really from the claimed
sender?
Recipient
Confidentiality
• Asymmetric
PLAINTEXT PLAINTEXT
LOCKING UNLOCKING
KEY KEY
CIPHERTEXT
CIPHERTEXT
What about Key Management?
PUB KEY B
MSG PUBLIC ?????
DIRECTORY
PUBLIC KEY B
PVT KEY B
?????? MSG
Verifying a Digital Signature
Computed Hash Digitally Signed
Hash Function
Message
= ? Decryption Message
Recipient
Certificate
Repository Request for
Signer’s certificate
Advantages
• Key Management
• Authentication using Digital
Signatures
• Integrity of Messages
Simple Secret Key Distribution
• A generates his public-private key pair
• A sends his public key to B
• B generates a secret session key,encrypts it with A’s public
key and sends it to A
• A decrypts the secret key using his private key
• A discards his key pair and B also discards A’s public key
• Now both know the secret key and can communicate
securely
• Using the secret session key
RECORD SESSION
SEND EMAIL INTERNAL
LOG SESSION ATTACK
EMAIL/
EMAIL/
LOG/ RECONFIGURE
LOG/ FIREWALL/
REPORT
REPORT ROUTER
ALERT!
ATTACK
DETECTED
TERMINATE
SESSION
RECORD SESSION
EXTERNAL
ATTACK
SNIFFERS
• Device to grab info travelling along a
NW. Can be H/W or S/W.
• Captures data by placing the NW
adapter in Promiscuous mode.
• Threats :-
– ability to capture passwords
– ability to capture confd or proprietary info
– can be used for security breach
PASSWORD CRACKER
• A program to decrypt passwords or
disable password protection.
• Algorithm :
– Obtain a dictionary file containing list of
words
– Feed each word through a program that
encrypts using DES (Data Encryption
Standard)
– compare each resulting encrypted word with
target password
TROJANS
• An unauthorised program contained in a
legitimate program and performs fns
unknown to the user.
• Likely places:
– OS
– S/W downloaded from Internet
OTHER TOOLS& TECHNIQUES
• Network Scanners
• Email Floods,Forgeries and Spams
• IP spoofing
• Viruses
• Worms
• Buffer Overflows
• Ping Floods
• Counterfeiting
CONCLUSION