Bài giảng CCNA Security - Chapter 9: Managing a Secure Network

tructure of a Security Policy Governing Policy Refer to 9.7.2.1 Technical Policies End-User Policies Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Governing Policy Important components: • A statement of the issue that the policy addresses. • How the policy applies in the environment. • The roles and responsibilities of those affected by the policy. • The actions, activities, and processes that are allowed and those that are not. • The consequences of noncompliance. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Refer to 9.7.2.2 Technical Policies • General policies • E-mail policies • Remote -access policies • Telephony policy • Application policies • Network policies • Wireless communication policy Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Refer to 9.7.2.3 End User Policy • Cover all rules pertaining to information security that end users should know about, comply with, and implement. • May overlap with technical policies. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Refer to 9.7.2.4 Standards, Guidelines, and Procedures • The security policy documents are high-level overview documents • Standards, guidelines, and procedures contain the actual details defined in the policies • Each document serves a different function, covers different specifications and targets a different audience Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Standards Documents Refer to 9.7.3.2 Standards documents include the technologies that are required for specific uses, hardware and software versioning requirements, program requirements, and any other organizational criteria Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Guideline Documents • Provide a list of suggestions • Provide flexibility • Not usually mandatory • Sources: Refer to 9.7.3.3 – National Institute of Standards and Technology (NIST) Computer Security Resource Center – National Security Agency (NSA) Security Configuration Guides – The Common Criteria standard Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Procedure Documents Refer to 9.7.3.4 Procedure documents include the details of implementation, usually with step-by-step instructions and graphics Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Roles and Responsibilities Executive-level management must always be consulted during security policy creation in order to ensure the policy is comprehensive, cohesive, and legally binding. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Roles and Responsibilities • Chief Executive Officer (CEO) • Chief Technology Officer (CTO) • Chief Information Officer (CIO) • Chief Security Officer (CSO) Refer to 9.7.4.2 • Chief Information Security Officer (CISO) Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Security Awareness Program • Reflects the business needs of an organization • Informs users of their IT security responsibilities • Explains all IT security policy and procedures • Explains proper rules of behavior for the use of the IT Refer to 9.7.5 systems and data • Details sanctions for noncompliance • Components – Awareness campaigns – Training and education Security Awareness Program Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Awareness Campaigns Methods for increasing awareness: • Lectures, videos • Posters, newsletter articles, and bulletins • Awards for good security practices • Reminders such as login banners, mouse pads, coffee cups, and notepads Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Training and Education From: IT department To: all Employees Subject: Course Offerings We are currently offering several training opportunities. Please see the list below and contact your manager if interested. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Success A successfully implemented security awareness program measurably reduces unauthorized actions by insiders, increases the effectiveness of existing controls, and helps fight waste, fraud, and abuse of information systems resources. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Laws and Ethics • Types of Laws – Criminal – Civil – Administrative • Ethics – Computer Ethics Institute – Internet Activities Board (IAB) – Generally Accepted System Security Principles (GASSP) – International Information Systems Security Certification Consortium, Inc (ISC)2 Code of Ethics Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Refer to 9.7.6 The ISC2 Code of Ethics • Code of Ethics Preamble Safety of the commonwealth, duty to our principals, and to each other requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior. Therefore, strict adherence to this Code is a condition of certification. • Code of Ethics Canons – Protect society, the commonwealth, and the infrastructure. – Act honorably, honestly, justly, responsibly, and legally. – Provide diligent and competent service to principals. – Advance and protect the profession. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Responding to a Security Breach • Motive answers the question of why a person (or persons) committed the illegal act. • Opportunity answers the question of when and where the person committed the crime. • Means answers the question of how the person committed the crime. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Forensics Procedures • Proper data collection • Data chain of custody • Data storage • Data backups Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Summary • Mitigating network attacks requires a comprehensive end-to-end approach. • Threat identification and risk analysis are the firt steps in creating the protection strategy. • Risk management and risk avoidance are tow distinct approaches to addressing risks. • Ciso Self-Defending Network provides a comprehensive, end-to-end solution for network security. • CSDN solutions include threat control and containment, secure communications, and operational control and policy management. • Cisco Security Manager and Cisco MARS provide management solutions for CSDN. • The Cisco integrated Security Portfolio of security products designed to meet the requirements and diverse deploument models of any network environment. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Summary • Operations security is an important part of managing a secure network. • Separation of duties states that no single individual has control over tow more phases of a transaction or opration. • Rotation of duties is a security measure in which individuals are given a specific assignment for a certain amount of time before moving to a new assignment. • Trusted recovery is an important principle of operations security. • Network security testing is a critical process in maintaining a secure network. • Nmap and SuperScan are two useful tools for network security testing. • Tests include network scanning, vulnerability scanning, password cracking, log review, integrity checking, virus detection, war driving , and penetration testing. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Summary • The security policy is an integral component of an organization’s network security design and implementation. It answers questions about what assets are to be protected and how to protect them. • A security policy typically consists of a goverming policy, a technical policy, and an end-user policy. • Standards, guidelines, and procedures contain the details degined in the policies. • The policy should set out the various roles and responsibilities among the IT professionals. • A securiy awareness program is necessary to ensure all employees within an organization are aware of and adhere to the security policies. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com