Security Guide to Network Security Fundamentals Fourth Edition
- Slides: 44
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 4 Vulnerability Assessment and Mitigating Attacks
Objectives • Define vulnerability assessment and explain why it is important • List vulnerability assessment techniques and tools • Explain the differences between vulnerability scanning and penetration testing • List techniques for mitigating and deterring attacks Security+ Guide to Network Security Fundamentals, Fourth Edition 2
Vulnerability Assessment • Systematic evaluation of asset exposure – Attackers – Forces of nature – Any potentially harmful entity • Aspects of vulnerability assessment – – – Asset identification Threat evaluation Vulnerability appraisal Risk assessment Risk mitigation Security+ Guide to Network Security Fundamentals, Fourth Edition 3
Vulnerability Assessment (cont’d. ) • Asset identification – Process of inventorying items with economic value • Common assets – – – People Physical assets Data Hardware Software Security+ Guide to Network Security Fundamentals, Fourth Edition 4
Vulnerability Assessment (cont’d. ) • Determine each item’s relative value – – Asset’s criticality to organization’s goals How much revenue asset generates How difficult to replace asset Impact of asset unavailability to the organization • Could rank using a number scale Security+ Guide to Network Security Fundamentals, Fourth Edition 5
Vulnerability Assessment (cont’d. ) • Threat evaluation – List potential threats • Threat modeling – Goal: understand attackers and their methods – Often done by constructing scenarios • Attack tree – Provides visual representation of potential attacks – Inverted tree structure Security+ Guide to Network Security Fundamentals, Fourth Edition 6
Table 4 -1 Common threat agents Security+ Guide to Network Security Fundamentals, Fourth Edition 7
Figure 4 -1 Attack tree for stealing a car stereo © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 8
Figure 4 -2 Attack tree for breaking into grading system © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 9
Vulnerability Assessment (cont’d. ) • Vulnerability appraisal – Determine current weaknesses • Snapshot of current organization security – Every asset should be viewed in light of each threat – Catalog each vulnerability • Risk assessment – Determine damage resulting from attack – Assess likelihood that vulnerability is a risk to organization Security+ Guide to Network Security Fundamentals, Fourth Edition 10
Table 4 -2 Vulnerability impact scale Security+ Guide to Network Security Fundamentals, Fourth Edition 11
Vulnerability Assessment (cont’d. ) • Single loss expectancy (SLE) – Expected monetary loss each time a risk occurs – Calculated by multiplying the asset value by exposure factor – Exposure factor: percentage of asset value likely to be destroyed by a particular risk Security+ Guide to Network Security Fundamentals, Fourth Edition 12
Vulnerability Assessment (cont’d. ) • Annualized loss expectancy (ALE) – Expected monetary loss over a one year period – Multiply SLE by annualized rate of occurrence – Annualized rate of occurrence: probability that a risk will occur in a particular year Security+ Guide to Network Security Fundamentals, Fourth Edition 13
Vulnerability Assessment (cont’d. ) • Estimate probability that vulnerability will actually occur • Risk mitigation – Determine what to do about risks – Determine how much risk can be tolerated • Options for dealing with risk – Diminish – Transfer (outsourcing, insurance) – Accept Security+ Guide to Network Security Fundamentals, Fourth Edition 14
Table 4 -3 Risk identification steps Security+ Guide to Network Security Fundamentals, Fourth Edition 15
Assessment Techniques • Baseline reporting – Baseline: standard for solid security – Compare present state to baseline – Note, evaluate, and possibly address differences Security+ Guide to Network Security Fundamentals, Fourth Edition 16
Assessment Techniques (cont’d. ) • Application development techniques – Minimize vulnerabilities during software development • Challenges to approach – Software application size and complexity – Lack of security specifications – Future attack techniques unknown Security+ Guide to Network Security Fundamentals, Fourth Edition 17
Assessment Techniques (cont’d. ) • Software development assessment techniques – Review architectural design in requirements phase – Conduct design reviews • Consider including a security consultant – Conduct code review during implementation phase • Examine attack surface (code executed by users) – Correct bugs during verification phase – Create and distribute security updates as necessary Security+ Guide to Network Security Fundamentals, Fourth Edition 18
Figure 4 -3 Software development process © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 19
Assessment Tools • IP addresses uniquely identify each network device • TCP/IP communication – Involves information exchange between one system’s program and another system’s corresponding program • Port number – Unique identifier for applications and services – 16 bits in length Security+ Guide to Network Security Fundamentals, Fourth Edition 20
Assessment Tools (cont’d. ) • Well-known port numbers – Reserved for most universal applications • Registered port numbers – Other applications not as widely used • Dynamic and private port numbers – Available for any application to use Security+ Guide to Network Security Fundamentals, Fourth Edition 21
Table 4 -4 Commonly used default network ports Security+ Guide to Network Security Fundamentals, Fourth Edition 22
Assessment Tools (cont’d. ) • Knowledge of what port is being used – Can be used by attacker to target specific service • Port scanner software – Searches system for available ports – Used to determine port state • Open • Closed • Blocked Security+ Guide to Network Security Fundamentals, Fourth Edition 23
Figure 4 -4 Port scanner © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 24
Table 4 -5 Port scanning Security+ Guide to Network Security Fundamentals, Fourth Edition 25
Assessment Tools (cont’d. ) • Protocol analyzers – Hardware or software that captures packets: • To decode and analyze contents – Also known as sniffers – Example: Wireshark • Common uses for protocol analyzers – Used by network administrators for troubleshooting – Characterizing network traffic – Security analysis Security+ Guide to Network Security Fundamentals, Fourth Edition 26
Figure 4 -5 Protocol analyzer © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 27
Assessment Tools (cont’d. ) • Attacker can use protocol analyzer to display content of each transmitted packet • Vulnerability scanners – Products that look for vulnerabilities in networks or systems – Most maintain a database categorizing vulnerabilities they can detect Security+ Guide to Network Security Fundamentals, Fourth Edition 28
Figure 4 -6 Vulnerability scanner © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 29
Assessment Tools (cont’d. ) • Examples of vulnerability scanners’ capabilities – Alert when new systems added to network – Detect when internal system begins to port scan other systems – Maintain a log of all interactive network sessions – Track all client and server application vulnerabilities – Track which systems communicate with other internal systems Security+ Guide to Network Security Fundamentals, Fourth Edition 30
Assessment Tools (cont’d. ) • Problem with assessment tools – No standard for collecting, analyzing, reporting vulnerabilities • Open Vulnerability and Assessment Language (OVAL) – Designed to promote open and publicly available security content – Standardizes information transfer across different security tools and services Security+ Guide to Network Security Fundamentals, Fourth Edition 31
Figure 4 -7 OVAL output © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition 32
Honeypots and Honeynets • Honeypot – Computer protected by minimal security – Intentionally configured with vulnerabilities – Contains bogus data files • Goal: trick attackers into revealing their techniques – Compare to actual production systems to determine security level against the attack • Honeynet – Network set up with one or more honeypots Security+ Guide to Network Security Fundamentals, Fourth Edition 33
Vulnerability Scanning vs. Penetration Testing • Vulnerability scan – Automated software searches a system for known security weaknesses – Creates report of potential exposures – Should be conducted on existing systems and as new technology is deployed – Usually performed from inside security perimeter – Does not interfere with normal network operations Security+ Guide to Network Security Fundamentals, Fourth Edition 34
Penetration Testing • • Designed to exploit system weaknesses Relies on tester’s skill, knowledge, cunning Usually conducted by independent contractor Tests usually conducted outside the security perimeter – May even disrupt network operations • End result: penetration test report Security+ Guide to Network Security Fundamentals, Fourth Edition 35
Penetration Testing (cont’d. ) • Black box test – Tester has no prior knowledge of network infrastructure • White box test – Tester has in-depth knowledge of network and systems being tested • Gray box test – Some limited information has been provided to the tester Security+ Guide to Network Security Fundamentals, Fourth Edition 36
Table 4 -6 Vulnerability scan and penetration testing features Security+ Guide to Network Security Fundamentals, Fourth Edition 37
Mitigating and Deterring Attacks • Standard techniques for mitigating and deterring attacks – – Creating a security posture Configuring controls Hardening Reporting Security+ Guide to Network Security Fundamentals, Fourth Edition 38
Creating a Security Posture • Security posture describes strategy regarding security • Initial baseline configuration – Standard security checklist – Systems evaluated against baseline – Starting point for security • Continuous security monitoring – Regularly observe systems and networks Security+ Guide to Network Security Fundamentals, Fourth Edition 39
Creating a Security Posture (cont’d. ) • Remediation – As vulnerabilities are exposed, put plan in place to address them Security+ Guide to Network Security Fundamentals, Fourth Edition 40
Configuring Controls • Properly configuring controls is key to mitigating and deterring attacks • Some controls are for detection – Security camera • Some controls are for prevention – Properly positioned security guard • Information security controls – Can be configured to detect attacks and sound alarms, or prevent attacks Security+ Guide to Network Security Fundamentals, Fourth Edition 41
Configuring Controls (cont’d. ) • Additional consideration – When normal function interrupted by failure: • Which is higher priority, security or safety? – Fail-open lock unlocks doors automatically upon failure – Fail-safe lock automatically locks • Highest security level – Firewall can be configured in fail-safe or fail-open state Security+ Guide to Network Security Fundamentals, Fourth Edition 42
Hardening • Purpose of hardening – Eliminate as many security risks as possible • Techniques to harden systems – – Protecting accounts with passwords Disabling unnecessary accounts Disabling unnecessary services Protecting management interfaces and applications Security+ Guide to Network Security Fundamentals, Fourth Edition 43
Reporting • Providing information regarding events that occur • Alarms or alerts – Sound warning if specific situation is occurring – Example: alert if too many failed password attempts • Reporting can provide information on trends – Can indicate a serious impending situation – Example: multiple user accounts experiencing multiple password attempts Security+ Guide to Network Security Fundamentals, Fourth Edition 44
- Guide to network security
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Computer security fundamentals 4th edition
- Project 2 fourth edition
- Pathways algebra 2
- Ethics in information technology fourth edition
- Ethics in information technology 6th edition answers
- Html code for creating web page
- Discrete math susanna epp
- Expert systems: principles and programming, fourth edition
- William stallings network security essentials 5th edition
- Cryptography and network security 6th edition
- Cryptography and network security 6th edition pdf
- Cryptography and network security 4th edition
- Cryptographic systems are generically classified by
- Cryptography and network security 7th edition
- Fundamentals of information systems 9th edition
- Fundamentals of information systems 9th edition
- Fluid mechanics fundamentals and applications
- Digital fundamentals floyd
- Machining fundamentals 10th edition
- Fundamentals of organizational communication
- Fundamentals of organizational communication 9th edition
- Sujata madan
- Digital fundamentals floyd 10th edition
- Digital fundamentals by floyd
- Dc/ac fundamentals a systems approach
- Management fundamentals 8th edition
- Fundamentals of information systems
- Fundamentals of corporate finance third canadian edition
- Fundamentals of corporate finance fifth edition
- Corporate finance 6th edition
- Lysanx
- Fundamentals of information systems 9th edition
- Thermal resistance formula
- The fundamentals of political science research 2nd edition
- Osi standard for security architecture is
- Wireless security in cryptography
- Electronic mail security in network security
- Using mis 10th edition
- Report
- Provate security
- Ccna exploration network fundamentals
- Campus network design fundamentals