170 likes | 323 Views
Unit 9 Seminar – The LAST ONE !. Unit 9 Chapter 9 in CompTIA Security +. Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS, Security+ Contact Information: AIM – JMcDanolds Email – jmcdanolds@kaplan.edu
E N D
Unit 9 Seminar – The LAST ONE ! Unit 9 Chapter 9 in CompTIA Security + Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS, Security+ Contact Information: AIM – JMcDanolds Email – jmcdanolds@kaplan.edu Office Hours: Tuesday, 7:00 PM ET or Thursday, 7:00 PM ET
Unit 8 Review Security Policies and Procedures • In Chapter 8 we covered: • Understanding Business Continuity • Business Continuity Planning, Disaster Recovery Planning, • Continuity of Operations (COOP) Plan • Cyber Incident Response Plan • Occupant Emergency Plan (OEP) • The five nines…99.999 • Backups • Reinforcing Vendor Support • Generating Policies and Procedures • Enforcing Privilege Management
Unit 9 Security Administration • Unit 9: • Understanding Security ManagementDrafting Best Practices and Documentation • Simplifying Security AdministrationCommon Logical Access Control Methods/Topics • Understanding Security Awareness and Education • Staying on Top of Security OS Updates - WSUS (Windows Server Update Service) Security TechCenter, other websites • Regulating Privacy and SecurityLaws and Regulations, Federal and International
Chapter 9 Understanding Security Management • The management of security is EVERYTHING!Best Practices and Documentation • Using Policies and Procedures • Allocating Resources • Defining Responsibility • Minimizing Mistakes • Enforcing the Policies and Procedures • We need tools!!!
Chapter 9 Examples of FREE Administration Tools… Windows Baseline Security Analyzer (MBSA) – Free downloadfor Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 http://technet.microsoft.com/en-us/security/cc184924.aspx Foglight from Quest – FREE Network Management System – VIEW Videos - Traffic Mgt, Configuration http://www.quest.com/landing/?ID=7483&s_kwcid=TC-24146-%7BOrderItemId%7D-%7BMatchType%7D-%7BAdId%7D Solarwinds – IT monitoring and management software for SysAdminsFree Tools and Free Trials – http://www.solarwinds.com/downloads/ Spiceworks-FREE Network Management toolhttp://www.spiceworks.com/
Chapter 9 Example: Spiceworks Features http://www.spiceworks.com/ Inventory Your Network - Network Inventory - IT Asset Management - IT Audit Software - Warranty Tracking - Virtualization Management Monitor Your Network - Network Monitoring - Power Management Software - SNMP Network Management - SQL Server Monitoring Run an IT Help Desk - Help Desk Software - Active Directory Management - IT Purchasing Management - Help Desk iPhone App Manage Configuration Changes - TFTP Server - Change Management Map Your Network - Network Mapping Troubleshoot Network Problems - Remotecontrol of PCs & servers with RDP or VNC, ping from one console, compare configurations
Chapter 9 Examples of Administration Tools • These tools are notfree… • HP – Network Management/Security Software E-Series • http://h17007.www1.hp.com/us/en/products/network-management/index.aspx • IBM – Tivoli NetView distributed network management software • http://www-01.ibm.com/software/tivoli/products/netview/ • Others: • Solarwinds • Cisco • Avaya • Network Management Solutions • SysAid • LanDesk • Mach5, Etc. Etc.
Chapter 9 Simplifying Security Administration • Common Logical Access Control Methods/Topics • Access Control Lists (ACLs) • Account Expiration • Domain Password Policy • Group Policies • Logical Tokens • Password Policy • Time-of-day restrictions • Usernames and passwords
Chapter 9 Understanding Security Awareness and Education • Using Communications and Awareness • Providing Education – explaining policies, procedures, and current threats to users and management • 1 - Organization as a whole • 2 - Management • 3 - Technical staff
Chapter 9 Staying on Top of Security • Operating Systems Updates • Applications Updates • Network Device Updates • Policies and Procedures • Personal Development • Web Sites – next slide… • Trade Publications
Chapter 9 Security websites • Ones we have discussed: • CERT, SANS, McAfee • Symantec http://www.symantec.com/connect/ http://www.securityfocus.com/ • Computer Security Institute - http://gocsi.com/webinars • http://www.databreaches.net/ • Others: • SC Magazine - http://www.scmagazine.com/ • http://www.itsecurity.com/ • http://hakin9.org/ • http://www.privacyrights.org/data-breach
Chapter 9 Regulating Privacy and Security • HIPAA – Health Insurance Portability and Accountability Act • Gramm-Leach Bliley Act of 1999 • Computer Fraud and Abuse Act • FERPA – Family Educational Rights & Privacy Act • Computer Security Act of 1987 • Cyberspace Electronic Security Act (CESA) • Cyber Security Enhancement Act • Patriot Act • International Efforts
UNIT 9 UNIT 9 Reading Web Resources
UNIT 9 Assignment UNIT 9 Assignment Three separate questions – review the Rubric
Chapter 9 Unit 9 Assignment • Unit Nine Project • 1. Table 9.1 on page 445 lists common logical access control methods/topics. Perform Internet research and examine past chapters of the text to describe critical aspects for 4 of the 8 topics listed. You must have at least 2 references besides our text book. • 2. Describe what you feel is the most difficult aspect of education as it refers to end users in an organization. • 3. Summarize one of the 8 Acts listed (between pages 454 thru 457) in terms of specific topics covered, need to know items and specifics as to how the ACT helps or hurts IT security efforts.
Final Exam Unit 10 Assignment • There is no Final Project • There IS a Final Exam: 50multiple choice questions, one hour • One of the questions… Where might be the most up-to-date place to find out about security issues? Think about the quickest way to notify clients of a security breach.
Final Slide Questions ???? Comments !!! Do you feel you have a good basis for security after taking this course? Are you planning on taking the CompTIA Security+ certification? What amazed you most about this information? • I hope you have enjoyed this class! All the best to each of you! Stay secure!!