Submit Search
Upload
Ce hv6 module 66 security convergence
•
0 likes
•
441 views
Vi Tính Hoàng Nam
Follow
Ce hv6 module 66 security convergence
Read less
Read more
Technology
Report
Share
Report
Share
1 of 23
Download now
Download to read offline
Recommended
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
Vi Tính Hoàng Nam
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 56 hacking global positioning system
Ce hv6 module 56 hacking global positioning system
Vi Tính Hoàng Nam
Ce hv6 module 55 preventing data loss
Ce hv6 module 55 preventing data loss
Vi Tính Hoàng Nam
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
Ce hv6 module 47 spying technologies
Ce hv6 module 47 spying technologies
Vi Tính Hoàng Nam
File000136
File000136
Desmond Devendran
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 52 hacking rss and atom
Vi Tính Hoàng Nam
Recommended
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
Vi Tính Hoàng Nam
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
Ce hv6 module 56 hacking global positioning system
Ce hv6 module 56 hacking global positioning system
Vi Tính Hoàng Nam
Ce hv6 module 55 preventing data loss
Ce hv6 module 55 preventing data loss
Vi Tính Hoàng Nam
Ceh v5 module 17 physical security
Ceh v5 module 17 physical security
Vi Tính Hoàng Nam
Ce hv6 module 47 spying technologies
Ce hv6 module 47 spying technologies
Vi Tính Hoàng Nam
File000136
File000136
Desmond Devendran
Ce hv6 module 52 hacking rss and atom
Ce hv6 module 52 hacking rss and atom
Vi Tính Hoàng Nam
Ce hv6 module 41 hacking usb devices
Ce hv6 module 41 hacking usb devices
Vi Tính Hoàng Nam
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
File000119
File000119
Desmond Devendran
File000138
File000138
Desmond Devendran
File000139
File000139
Desmond Devendran
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
Vi Tính Hoàng Nam
File000149
File000149
Desmond Devendran
File000114
File000114
Desmond Devendran
File000175
File000175
Desmond Devendran
File000120
File000120
Desmond Devendran
File000143
File000143
Desmond Devendran
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
Vi Tính Hoàng Nam
File000117
File000117
Desmond Devendran
File000115
File000115
Desmond Devendran
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networks
Vi Tính Hoàng Nam
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Vi Tính Hoàng Nam
Week 12
Week 12
Joey Pierce
Ccna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+security
mysoria
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Cellebrite
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
Gerardo Pardo-Castellote
Ce hv6 module 65 patch management
Ce hv6 module 65 patch management
Vi Tính Hoàng Nam
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introduction
Vi Tính Hoàng Nam
More Related Content
What's hot
Ce hv6 module 41 hacking usb devices
Ce hv6 module 41 hacking usb devices
Vi Tính Hoàng Nam
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
Kislaychd
File000119
File000119
Desmond Devendran
File000138
File000138
Desmond Devendran
File000139
File000139
Desmond Devendran
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
Vi Tính Hoàng Nam
File000149
File000149
Desmond Devendran
File000114
File000114
Desmond Devendran
File000175
File000175
Desmond Devendran
File000120
File000120
Desmond Devendran
File000143
File000143
Desmond Devendran
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
Vi Tính Hoàng Nam
File000117
File000117
Desmond Devendran
File000115
File000115
Desmond Devendran
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networks
Vi Tính Hoàng Nam
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Vi Tính Hoàng Nam
Week 12
Week 12
Joey Pierce
Ccna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+security
mysoria
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Cellebrite
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
Gerardo Pardo-Castellote
What's hot
(20)
Ce hv6 module 41 hacking usb devices
Ce hv6 module 41 hacking usb devices
Ce Hv6 Module 44 Internet Content Filtering Techniques
Ce Hv6 Module 44 Internet Content Filtering Techniques
File000119
File000119
File000138
File000138
File000139
File000139
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
File000149
File000149
File000114
File000114
File000175
File000175
File000120
File000120
File000143
File000143
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
File000117
File000117
File000115
File000115
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Week 12
Week 12
Ccna+sec+ch01+ +overview+security
Ccna+sec+ch01+ +overview+security
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
System monitoring and network intrusion using DDS and CEP
System monitoring and network intrusion using DDS and CEP
Viewers also liked
Ce hv6 module 65 patch management
Ce hv6 module 65 patch management
Vi Tính Hoàng Nam
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introduction
Vi Tính Hoàng Nam
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Vi Tính Hoàng Nam
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
Vi Tính Hoàng Nam
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
ITpreneurs
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should Follow
Mercury Solutions Limited
Viewers also liked
(6)
Ce hv6 module 65 patch management
Ce hv6 module 65 patch management
Ceh v5 module 00 student introduction
Ceh v5 module 00 student introduction
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should Follow
Similar to Ce hv6 module 66 security convergence
Automating security hardening
Automating security hardening
Ugljesa Novak, CISSP
Logicalis Security Conference
Logicalis Security Conference
Paul Dutot IEng MIET MBCS CITP OSCP CSTM
OpShield 운영기술 환경 보안 솔루션
OpShield 운영기술 환경 보안 솔루션
GE코리아
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Radita Apriana
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
HP ArcSight
HP ArcSight
Mohamed Zohair
Embedded presentation
Embedded presentation
rohancool
Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
Santiago Cavanna
Safety Verification and Software aspects of Automotive SoC
Safety Verification and Software aspects of Automotive SoC
Pankaj Singh
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsev
Marina Krotofil
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
Hamed Moghaddam
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdf
infosec train
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
Muhammad Mudassar
File000169
File000169
Desmond Devendran
Audit and security application
Audit and security application
Rihab Chebbah
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Splunk
SIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEB
Merlin Govender
Security-by-Design in Enterprise Architecture
Security-by-Design in Enterprise Architecture
The Open Group SA
Similar to Ce hv6 module 66 security convergence
(20)
Automating security hardening
Automating security hardening
Logicalis Security Conference
Logicalis Security Conference
OpShield 운영기술 환경 보안 솔루션
OpShield 운영기술 환경 보안 솔루션
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
HP ArcSight
HP ArcSight
Embedded presentation
Embedded presentation
Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
Segurinfo2014 virtualizacion segura_ardita_cavanna draft v01
Safety Verification and Software aspects of Automotive SoC
Safety Verification and Software aspects of Automotive SoC
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsev
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdf
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
File000169
File000169
Audit and security application
Audit and security application
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
SIEM brochure A4 8pp FINAL WEB
SIEM brochure A4 8pp FINAL WEB
Security-by-Design in Enterprise Architecture
Security-by-Design in Enterprise Architecture
More from Vi Tính Hoàng Nam
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Vi Tính Hoàng Nam
Catalogue 2015
Catalogue 2015
Vi Tính Hoàng Nam
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
Vi Tính Hoàng Nam
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
Vi Tính Hoàng Nam
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Vi Tính Hoàng Nam
Các loại cáp mạng
Các loại cáp mạng
Vi Tính Hoàng Nam
Catalogue 10-2014-new
Catalogue 10-2014-new
Vi Tính Hoàng Nam
Qtx 6404
Qtx 6404
Vi Tính Hoàng Nam
Camera QTX-1210
Camera QTX-1210
Vi Tính Hoàng Nam
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
Vi Tính Hoàng Nam
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
Vi Tính Hoàng Nam
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
Vi Tính Hoàng Nam
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
Vi Tính Hoàng Nam
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
Vi Tính Hoàng Nam
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
Vi Tính Hoàng Nam
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
Vi Tính Hoàng Nam
I phone v1.2_e
I phone v1.2_e
Vi Tính Hoàng Nam
More from Vi Tính Hoàng Nam
(20)
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Catalogue 2015
Catalogue 2015
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Các loại cáp mạng
Các loại cáp mạng
Catalogue 10-2014-new
Catalogue 10-2014-new
Qtx 6404
Qtx 6404
Camera QTX-1210
Camera QTX-1210
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
I phone v1.2_e
I phone v1.2_e
Recently uploaded
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
IES VE
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
HarshalMandlekar2
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
Kari Kakkonen
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
Skynet Technologies
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Pim van der Noll
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
Wes McKinney
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
Rick Flair
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
LoriGlavin3
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
AliaaTarek5
Recently uploaded
(20)
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
How to write a Business Continuity Plan
How to write a Business Continuity Plan
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
Ce hv6 module 66 security convergence
1.
E hi l
H ki dEthical Hacking and Countermeasures V i 6Version 6 Module LXVIModule LXVI Security Convergence
2.
Module Objective This module
with familiarize you with: • Security Convergence • Challenges on Security Convergence • RAMCAPRAMCAP • Open Security Exchange (OSE) • Enterprise Security Management (ESM) Log Collection• Log Collection • Event Storage EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
3.
Module Flow Open Security
ExchangeOpen Security Exchange (OSE) Security Convergence Challenges on Security Convergence Enterprise Security Management (ESM) g Log Collection RAMCAP Event Storage EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited g
4.
Security Convergence Convergence is
a process of reusing and blending various technologies to create new or improved capabilities and productsnew or improved capabilities and products It is the integration of security functions and information into a common IP network Security convergence can leverage technology to improve the performance of the security function both physically and logically It is a three-pronged approach composed of technologies, security processes, and people EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
5.
Challenges Confronting an
Effective Security Convergence Policyy g y Understanding the challenges inherent in the original Internet design specificationsspecifications The ramifications of uncontrolled Internet growth and its effect on the administration policythe administration policy The security issues involved with the Transmission Control Protocol/Internet Protocol (TCP/IP)Protocol/Internet Protocol (TCP/IP) Evolution of the Internet as a global platform for security solutions is expanding aggressively to accommodate convergenceexpanding aggressively to accommodate convergence EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
6.
Benefits of Using
Risk Management in Planning IT Security Administrationg y Benefits for adopting a proactive and positive attitude towards IT security are: • Better demonstration of IT security investment to the board positive attitude towards IT security are: • More meaningful demonstration of business risk management to investors, especially the institutional investors that largely dictate stock prices d i f b i i k• Better demonstration of business risk management to customers • Better employee awareness EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
7.
RAMCAP Risk Analysis and
Management for Critical Asset Protection (RAMCAP) i i i i d b D f H l d(RAMCAP) is a program initiated by Department of Homeland Security (DHS) It is an innovative process for security policy based upon global risk assessment in collaboration with DHS It promotes understanding of the various vulnerabilities that may lead attacker to select a particular target It is composed of integrated steps to evaluate the threat potential, vulnerability, and possibility of a successful attack and its consequences EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited consequences
8.
Open Security Exchange
(OSE) OSE integrates various components of the security infrastructure It is a cross-industry forum dedicated to merge physical and IT security solutions across an enterprise It provides the enterprise with increased operational efficiencies and intelligent security It specifies Physical Security Bridge to IT Security (PHYSBITS) to assist in the integration of physical and IT security management It provides technical integration on three levels:It provides technical integration on three levels: • Common administration of users, privileges, and credentials • Common strong authentication for accessing physical facilities and cyber systems h h h f d l d i l EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited through the use of dual-purpose credentials • Common point of security management and event audit ability
9.
CISO (Chief Information Security
Officer)Security Officer) CISO is typically focused on the issues involved with IT security d i k CISO focuses on information security strategy and IT risk management I f ti it i i d l t CISO focuses on information security strategy within an organization that includes: • Information security mission development • Information security office governance • Information security policy development and management I f i i i i d d l• Information security training and awareness development • Information security project portfolio development • Supervision/management of ethical hackers and chief h k ffi EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited hacker officer
10.
Elements of Building
Secure OperationsOperations Elements of fully secured enterprise operations include: • A sound, comprehensive enterprise protection architecture augmented by a schema of well-documented, well-understood, operations include: and routinely practiced business processes • A rigorous system for the detection, analysis of, and, when appropriate, alert to and protection from threats to enterprise operations and systemsoperations and systems • The ability to sustain continuity of operations during any conceivable threat • Rapid recovery mechanisms to restore full operations once a h ll dthreat is controlled • The ability to analyze and apply forensics to determine what happens when an incident occurs and to incorporate lessons learned to improve future risk mitigation processes EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited learned to improve future risk mitigation processes
11.
Enterprise Security Management (ESM)(ESM) Enterprise
Security Management (ESM) is a general term that hase p se Secu y a age e ( S ) s a ge e a e a as been applied to security event monitoring and analysis solutions ESM is an enhancement and combination of: EEM E t i E t M t• EEM Enterprise Event Management • SIM Security Information Management • SEM Security Event Management • SIEM Security Information and Event Management• SIEM Security Information and Event Management The focus of ESM is to allow an analyst to monitor an organization’s infrastructure in real time, regardless of product, vendor, and version EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited , g p , ,
12.
ESM Deployment Strategies ESM
solutions can be deployed in standard, high-availability, and geographically dispersed configurations ESM systems are designed to receive and process logsESM systems are designed to receive and process logs Log collection appliances provide a solid solution for organizations to adopt an easy-to deploy appliance In case there is no log aggregation strategy, it is possible to simply send logs directly from the point devices to the ESM manager To move logs from point devices to the ESM manager, deploy log connectors at any natural aggregation points such as device EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited connectors at any natural aggregation points, such as device managers
13.
Convergence of Network
Operations and Security Operationsand Security Operations Network operation centers (NOCs) and Security operation centers (SOC ) f d b i i t th h d d(SOCs) are more focused on business impact than hardware and software impact S ti f d ti d h k d b l i t t tSeparation of duties and checks and balances are important concepts to maintain when any groups converge Th NOC i d ith k i thi i ffi i tl d thThe NOC is concerned with keeping things moving efficiently and the SOC is concerned with security, rendered through analysis within the ESM EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
14.
Log Collection Log collection
is important to increase operational efficiencies, reduce risk, and enhance an organization’s security posture A log collection mechanism needs to be scalable, extensible, and flexible ESM solution needs to be able to process the raw log data and turn it into actionable information Mechanism to collect logs is to simply send logs directly to the ESM manager for processing The Log collectors installed on various operating systems listen for raw logs being sent to them preprocess the logs enrich them and EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited raw logs being sent to them, preprocess the logs, enrich them, and prepare them for transport
15.
Log Normalization In log
normalization, each log data field is converted to a particular d t t ti d t i d i t tldata representation and categorized consistently Most common use of normalization is to store dates and times in a single formatsingle format Normalizing the data makes analysis and reporting much easier when multiple log formats are in usemultiple log formats are in use In Normalization, the logs need to be parsed without deleting any information by defaultinformation by default Log parsing is the process of extracting data from a log so that the parsed values can be used as input for another logging process EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited p p gg g p
16.
Log Severity E h
l h i it l l i d t itEach log source may have a unique severity level assigned to it The severity of what the point device discovered correlated with otherThe severity of what the point device discovered correlated with other logs, asset information, business relevance, and other factors can yield an overall priority score within most ESMs Device severity captures the language used by the data source to describe its interpretation of the danger posed by a particular log Connector severity is the translation of device severity into a normalized value EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited normalized value
17.
Log Time Correction An
important factor in log analysis is timeAn important factor in log analysis is time In an idealistic situation, everything would be synced with the N k Ti P l (NTP) d h NTP d i ld i iNetwork Time Protocol (NTP) and the NTP device would get its time from a reliable source Most ESM connectors are configurable to allow for time correction EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
18.
Log Categorization A methodology
for describing logs, which enables analysts to understand h l f f l l d f d ff dthe real significance of a particular log as reported from different devices is called categorization Categorization can be applied to several other fields within a log besides the actual field expressing the content of the log It includes detailing the log’s behavior, which techniques it uses, its outcome, and various other categories EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
19.
Event Storage ESMs uses
a variety of databases mostly enterprise-level databases due toESMs uses a variety of databases, mostly enterprise-level databases, due to its advanced features d b k d d i l iFor data management, backups, and data restoration, many ESM solutions divide the stored events into logical segments R dl f th d t b i t d ffli li ESM tiliRegardless of the data being stored offline or online, ESMs utilizes compression and indexing techniques to save space and reduce search times respectively ESMs feature hashing of the database partitions to ensure that a tape loaded from several years ago has content that matches what was backed up EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
20.
Discovering and Interacting with
PatternsInteracting with Patterns Pattern discovery features are designed to identify patterns amongPattern discovery features are designed to identify patterns among events that an analyst may not have been specifically looking for An analyst may desire to run a pattern discovery sweep across an hour, day, month, or more of the historic data in search of patterns Interactive discovery reports are dynamic and allow an analyst or even a nontechnical individual to review and manipulate the data Events can be displayed in various graphical representations, sections can be highlighted, and the output can be easily shared and reviewed i i di id l f i i i i EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited among various individuals performing an investigation
21.
Discovering and Interacting
with Patterns: Data SourcesPatterns: Data Sources T d t t f d l t ti it d li i ’ b h iTo detect fraudulent activity and anomalies in user’s behavior, you need to analyze more than just intrusion detection system data Similar to intrusion detection systems Information Leak PreventionSimilar to intrusion detection systems, Information Leak Prevention (ILP) products go through the content as it crosses the network E-mail transactions generally are not analyzed in real time; they haveg y y y been used as part of forensic investigations EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
22.
Intelligent Platform Management Interface
(IPMI) StandardInterface (IPMI) Standard IPMI is a standard for monitoring and managing computer systems They are out-of-band interfaces, meaning that even if a system is powered down, communication is still possible IPMI standard consists of the following key information:IPMI standard consists of the following key information: • Packet format • Other communication mechanisms• Other communication mechanisms • Sensor codes • How to retrieve information EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
23.
Summary Security convergence can
leverage technology to improve the f f th it f tiperformance of the security function Security convergence is the identification of security risks and interdependencies between business functions and processes withininterdependencies between business functions and processes within the enterprise RAMCAP is an innovative process for security policy based upon l b l i k i ll b i i h DHSglobal risk assessment in collaboration with DHS Enterprise Security Management (ESM) is a general term that has b li d i i i d l i l ibeen applied to security event monitoring and analysis solutions IPMI is a standard for monitoring and managing computer systems EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited IPMI is a standard for monitoring and managing computer systems
Download now