1 / 24

IS3340 Windows Security Unit 3 Setting up Windows Systems Using Encryption and Application Rules

IS3340 Windows Security Unit 3 Setting up Windows Systems Using Encryption and Application Rules. Learning Objective and Key Concepts. Learning Objective Set up encryption in a given organization to secure Windows environment. Key Concepts

penney
Download Presentation

IS3340 Windows Security Unit 3 Setting up Windows Systems Using Encryption and Application Rules

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS3340 Windows Security Unit 3 Setting up Windows Systems Using Encryption and Application Rules

  2. Learning Objective and Key Concepts Learning Objective • Set up encryption in a given organization to secure Windows environment. Key Concepts • Setting bitlocker, applocker, file, folder, and volume level encryption • Setting up secure communication protocols • Security certificate • Public key infrastructure (PKI)

  3. EXPLORE: CONCEPTS

  4. Secure Communications

  5. Secure Protocols in Windows • Secure Sockets Layer (SSL) or Transport Layer Security (TLS) • Wi-Fi Protected Access (WPA)

  6. Secure Protocols in Windows (Continued) • Virtual Private Network (VPN) protocols • Internet Protocol Security or Layer 2 Tunneling Protocol (IPsec or L2TP) • Point-to-Point Tunneling Protocol (PPTP) • Secure Socket Tunneling Protocol (SSTP)

  7. Encryption Algorithms

  8. Security Certificates • Solutions to balance encryption algorithms strengths • Use asymmetric encryption to exchange a symmetric key. • Use symmetric encryption after key exchanges further messages. • Security certificate • Use identity information in addition to Public key for encryption.

  9. Server Certificates • Purchase a certificate • Use Internet information server (IIS) to request a server certificate. • Send request to issuer. • Import purchased certificate into IIS.

  10. Server Certificates (Continued) • Create your own using Active Directory certificate services • Use IIS to create a self-signed certificate. • Export the certificate from IIS. • Import the certificate to each client.

  11. Self-Signed Certificate Create Certificate Export Certificate Import Certificate on Clients

  12. PKI • General approach to handling keys • Uses trusted entities and certificates • Trusted entity—Certificate Authority (CA)

  13. PKI (Continued) • To set up a connection: • Get a certificate from a CA for the connection target. • Decrypt the certificate using the CA’s public key. • The decrypted certificate contains the public key of the connection target.

  14. EXPLORE: PROCESS

  15. Encrypted Data Transmission Encrypted data transmission

  16. Virtual Private Network (VPN)

  17. EXPLORE: ROLES

  18. Key Roles Involve in Encryption Setting

  19. EXPLORE: CONTEXT

  20. Encryption for Compliance • Many regulations mandate encryption for transmitting sensitive data • Health Insurance Portability and Accountability Act (HIPAA)–Private medical information • Gramm-Leach-Bliley Act (GLBA)–Financial information • Payment Card Industry Data Security Standards (PCI DSS)–Payment card information • Multiple state laws–Personal information

  21. EXPLORE: RATIONALE

  22. PKO Bank Polski • One of Poland’s largest banks • PKO’s needs • Authorize users, devices, and applications • Protect documents and e-mail messages • Central administration

  23. PKO Bank Polski (Continued) • Solution–Windows Server 2008 • With System Center Operations Manager 2007 • Improved security and efficiency

  24. Summary In this presentation, the following topics were covered: • Secure communication • Encryption • Security, server, and self-signed certificates • PKI

More Related