Reducing Vulnerabilities

8/13/2019 Reducing Vulnerabilities

http://slidepdf.com/reader/full/reducing-vulnerabilities 1/16

REDUCING VULNERABILITIES



The security of any system or network is

a combination of technology, policy, and

people.

To prevent security breaches.

Systems and procedure must bemonitored.



An organization review of potential threats to itscomputers and network.

To identify investments time and resources thatcan protect the organization from serious threats.

To balance the risk of a security breach.

The risk areas with the highest estimated cost andthe poorest level of protection are where securitymeasures need to be improved.

RISK ASSESSMENT



Risk Estimated

probability

of such an

event

occurring

Estimated

cost of a

successful

attack

Probability

x cost =

expected

cost impact

Assessment

of current

level of

protection

Relative

priority to

be fixed

Denial of

serviceattack

80% $500,000 $400,00 Poor 1

E-mailattachment w/ harmful

worm

70% $200,000 $140,000 Poor 2

Harmful virus

90% $50,000 $45,000 Good 3

Invoice &payment

fraud

10% $200,000 $20,000 Excellent 4

RISK ASSESSMENT FOR HYPOTHETICAL COMPANY



An organizations security requirements and thecontrols and sanctions needed to meet those

requirements. A security policy outlines what needs to be

done, but not how to do it.

These policies can often be put into practiceusing the configuration options in a softwareprogram.

ESTABLISHING A SECURITY POLICY



Must be educated about the importance of security so they will bemotivated to understand and follow the security policy.

Users must help protect an organization’s information systems and data by

doing the following:- Guarding their passwords to protect against unauthorized access to

their accounts

- Not following others to use their passwords

- Applying strict access controls (file and directory permissions) toprotect data from disclosure or destruction

- Reporting all unusual activity to the organization’s IT security group

EDUCATING EMPLOYEES, CONTRACTORS, & PART-TIME WORKERS



The key is to implement a layer securitysolution to make break-ins harder than the

attacker is willing to work, so that if an attackerbreaks through one layer of security, there isanother layer to overcome. These layers of

protective measures are explained in moredetail in the following sections:

PREVENTION



Firewall stands guard between your organizations internalnetwork and the internet limits network access based on theorganizations policy.

INSTALLING A CORPORATE

FIREWALL



To reduce the threat of attack by maliciousinsiders.

Another important safeguard is to create rolesand user accounts so that employees have theauthority to perform their responsibilities and

no more.

IMPLEMENTING SAFEGUARDS AGAINST ATTACKS BY MALICIOUS

INSIDERS



The overwhelming majority of successfulcomputer attacks are made possible by taking

advantage of well known vulnerabilities.Computer attackers know that many

organizations are slow to fix problems.

ADDRESSING THE MOST CRITICAL INTERNET SECURITY THREATS



All backups should be created with enoughfrequency to enable a full and quick restoration

of data if an attack destroys the original.

VERIFYING BACKUP PROCESSES FOR CRITICAL SOFTWARE AND

DATABASES



A security audit evaluates whether anorganization has a well considerer security

policy in place and if its being followed. The audit will also review who has access to

particular systems and data and what level of

authority. Also maintain security for their information

systems and data.

CONDUCTING PERIODIC IT SECURITY AUDITS



To minimize the impact of intruders.

To secure the system from determined attack.

DETECTION



Monitors system and network resources and activities.

Two fundamental approaches to intrusion

- Knowledge based intrusioncontain information about specific attacks and

system vulnerability.

- Behavior based intrusiondetection system models normal behavior of a

system and its users from reference informationcollected by various means.

INTRUSION DETECTION SYSTEMS



To prevent an attack by blocking viruses,malformed packets, and other treats from

getting into the company network.IPS lets everything trough what it is told to do.

INTRUSION PREVENTION SYSTEM



To provide hacker with fake information about thenetwork.

Is a well isolated from the rest of the network and canextensively log the activities of intruders.

Identifies this reconnaissance activity, and whennetwork responds back to the potential attacker, itprovides fictitious data that mimics the type ofinformation the attacker would get from legitimatenetwork resources.

HONEYPOTS

Reducing Vulnerabilities

Documents

Transcript of Reducing Vulnerabilities