Submit Search
Upload
Hacking3e ppt ch15
•
Download as PPTX, PDF
•
0 likes
•
36 views
S
Skillspire LLC
Follow
cybersecurity
Read less
Read more
Education
Report
Share
Report
Share
1 of 35
Download now
Recommended
Hacking3e ppt ch13
Hacking3e ppt ch13
Skillspire LLC
Â
Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
Â
Hacking3e ppt ch09
Hacking3e ppt ch09
Skillspire LLC
Â
Hacking3e ppt ch01
Hacking3e ppt ch01
Skillspire LLC
Â
Funsec3e ppt ch05
Funsec3e ppt ch05
Skillspire LLC
Â
Hacking3e ppt ch10
Hacking3e ppt ch10
Skillspire LLC
Â
Hacking3e ppt ch04
Hacking3e ppt ch04
Skillspire LLC
Â
Hacking3e ppt ch11
Hacking3e ppt ch11
Skillspire LLC
Â
Recommended
Hacking3e ppt ch13
Hacking3e ppt ch13
Skillspire LLC
Â
Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
Â
Hacking3e ppt ch09
Hacking3e ppt ch09
Skillspire LLC
Â
Hacking3e ppt ch01
Hacking3e ppt ch01
Skillspire LLC
Â
Funsec3e ppt ch05
Funsec3e ppt ch05
Skillspire LLC
Â
Hacking3e ppt ch10
Hacking3e ppt ch10
Skillspire LLC
Â
Hacking3e ppt ch04
Hacking3e ppt ch04
Skillspire LLC
Â
Hacking3e ppt ch11
Hacking3e ppt ch11
Skillspire LLC
Â
Funsec3e ppt ch14
Funsec3e ppt ch14
Skillspire LLC
Â
Hacking3e ppt ch02
Hacking3e ppt ch02
Skillspire LLC
Â
Hacking3e ppt ch06
Hacking3e ppt ch06
Skillspire LLC
Â
Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
Â
Forensic3e ppt ch03
Forensic3e ppt ch03
Skillspire LLC
Â
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Joann Davis
Â
Funsec3e ppt ch06
Funsec3e ppt ch06
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Â
Forensic3e ppt ch13
Forensic3e ppt ch13
Skillspire LLC
Â
Forensic3e ppt ch07
Forensic3e ppt ch07
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Â
Funsec3e ppt ch13
Funsec3e ppt ch13
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Â
Funsec3e ppt ch10
Funsec3e ppt ch10
Skillspire LLC
Â
Security and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to Know
TechSoup
Â
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
seadeloitte
Â
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
Â
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
Â
September 2019 part 9
September 2019 part 9
seadeloitte
Â
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Withum
Â
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
jeffreye3
Â
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
kenjordan97598
Â
More Related Content
What's hot
Funsec3e ppt ch14
Funsec3e ppt ch14
Skillspire LLC
Â
Hacking3e ppt ch02
Hacking3e ppt ch02
Skillspire LLC
Â
Hacking3e ppt ch06
Hacking3e ppt ch06
Skillspire LLC
Â
Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
Â
Forensic3e ppt ch03
Forensic3e ppt ch03
Skillspire LLC
Â
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Joann Davis
Â
Funsec3e ppt ch06
Funsec3e ppt ch06
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Â
Forensic3e ppt ch13
Forensic3e ppt ch13
Skillspire LLC
Â
Forensic3e ppt ch07
Forensic3e ppt ch07
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Â
Funsec3e ppt ch13
Funsec3e ppt ch13
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Â
Funsec3e ppt ch10
Funsec3e ppt ch10
Skillspire LLC
Â
Security and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to Know
TechSoup
Â
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
seadeloitte
Â
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
Â
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
Â
September 2019 part 9
September 2019 part 9
seadeloitte
Â
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Withum
Â
What's hot
(20)
Funsec3e ppt ch14
Funsec3e ppt ch14
Â
Hacking3e ppt ch02
Hacking3e ppt ch02
Â
Hacking3e ppt ch06
Hacking3e ppt ch06
Â
Funsec3e ppt ch11
Funsec3e ppt ch11
Â
Forensic3e ppt ch03
Forensic3e ppt ch03
Â
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Â
Funsec3e ppt ch06
Funsec3e ppt ch06
Â
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Â
Forensic3e ppt ch13
Forensic3e ppt ch13
Â
Forensic3e ppt ch07
Forensic3e ppt ch07
Â
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Â
Funsec3e ppt ch13
Funsec3e ppt ch13
Â
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Â
Funsec3e ppt ch10
Funsec3e ppt ch10
Â
Security and Privacy: What Nonprofits Need to Know
Security and Privacy: What Nonprofits Need to Know
Â
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
Â
Cyber Threat Intelligence
Cyber Threat Intelligence
Â
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
Â
September 2019 part 9
September 2019 part 9
Â
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Â
Similar to Hacking3e ppt ch15
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
jeffreye3
Â
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
kenjordan97598
Â
IT Audit - Shadow IT Systems
IT Audit - Shadow IT Systems
Dam Frank
Â
The Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
Onward Security
Â
ENSA_Module_3.pptx
ENSA_Module_3.pptx
SkyBlue659156
Â
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
Â
MikroTik Security
MikroTik Security
Rofiq Fauzi
Â
A REVIEW ON INTRUSION DETECTION SYSTEM
A REVIEW ON INTRUSION DETECTION SYSTEM
Laurie Smith
Â
Emulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect Intelligence
Adam Pennington
Â
CyberSecurity Update Slides
CyberSecurity Update Slides
Jim Kaplan CIA CFE
Â
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
Â
info-sys-security3.pptx
info-sys-security3.pptx
MhndHTaani
Â
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Belayet Hossain
Â
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Inno Eroraha [NetSecurity]
Â
Presentation given at Bio-IT World 2016 as a Senior Member of the IEEE on the...
Presentation given at Bio-IT World 2016 as a Senior Member of the IEEE on the...
Brian Bissett
Â
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
Â
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
Â
Information Technology Security Basics
Information Technology Security Basics
Mohan Jadhav
Â
105 Common information security threats
105 Common information security threats
SsendiSamuel
Â
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Gabriel Dusil
Â
Similar to Hacking3e ppt ch15
(20)
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
Â
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
Â
IT Audit - Shadow IT Systems
IT Audit - Shadow IT Systems
Â
The Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
Â
ENSA_Module_3.pptx
ENSA_Module_3.pptx
Â
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Â
MikroTik Security
MikroTik Security
Â
A REVIEW ON INTRUSION DETECTION SYSTEM
A REVIEW ON INTRUSION DETECTION SYSTEM
Â
Emulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect Intelligence
Â
CyberSecurity Update Slides
CyberSecurity Update Slides
Â
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
Â
info-sys-security3.pptx
info-sys-security3.pptx
Â
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
3.8 Ways to Establish Secure Protocols in a Digital Organization.pdf
Â
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Â
Presentation given at Bio-IT World 2016 as a Senior Member of the IEEE on the...
Presentation given at Bio-IT World 2016 as a Senior Member of the IEEE on the...
Â
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Â
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
Â
Information Technology Security Basics
Information Technology Security Basics
Â
105 Common information security threats
105 Common information security threats
Â
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Â
More from Skillspire LLC
Logistics
Logistics
Skillspire LLC
Â
Introduction to analytics
Introduction to analytics
Skillspire LLC
Â
Lecture 31
Lecture 31
Skillspire LLC
Â
Lecture 30
Lecture 30
Skillspire LLC
Â
Lecture 29
Lecture 29
Skillspire LLC
Â
Review
Review
Skillspire LLC
Â
Review version 4
Review version 4
Skillspire LLC
Â
Review version 3
Review version 3
Skillspire LLC
Â
Review version 2
Review version 2
Skillspire LLC
Â
Lecture 25
Lecture 25
Skillspire LLC
Â
Lecture 24
Lecture 24
Skillspire LLC
Â
Lecture 23 p1
Lecture 23 p1
Skillspire LLC
Â
Lecture 21
Lecture 21
Skillspire LLC
Â
Lecture 17
Lecture 17
Skillspire LLC
Â
Lecture 16
Lecture 16
Skillspire LLC
Â
Lecture 15
Lecture 15
Skillspire LLC
Â
Lecture 14
Lecture 14
Skillspire LLC
Â
Lecture 14
Lecture 14
Skillspire LLC
Â
Lecture 13
Lecture 13
Skillspire LLC
Â
Lecture 12
Lecture 12
Skillspire LLC
Â
More from Skillspire LLC
(20)
Logistics
Logistics
Â
Introduction to analytics
Introduction to analytics
Â
Lecture 31
Lecture 31
Â
Lecture 30
Lecture 30
Â
Lecture 29
Lecture 29
Â
Review
Review
Â
Review version 4
Review version 4
Â
Review version 3
Review version 3
Â
Review version 2
Review version 2
Â
Lecture 25
Lecture 25
Â
Lecture 24
Lecture 24
Â
Lecture 23 p1
Lecture 23 p1
Â
Lecture 21
Lecture 21
Â
Lecture 17
Lecture 17
Â
Lecture 16
Lecture 16
Â
Lecture 15
Lecture 15
Â
Lecture 14
Lecture 14
Â
Lecture 14
Lecture 14
Â
Lecture 13
Lecture 13
Â
Lecture 12
Lecture 12
Â
Recently uploaded
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
iammrhaywood
Â
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
AvyJaneVismanos
Â
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
SafetyChain Software
Â
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Â
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
iammrhaywood
Â
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Â
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Â
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
David Douglas School District
Â
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
akmcokerachita
Â
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
VS Mahajan Coaching Centre
Â
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
UnboundStockton
Â
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
adityarao40181
Â
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
Sakshi Ghasle
Â
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
InMediaRes1
Â
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
OH TEIK BIN
Â
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
Marc Dusseiller Dusjagr
Â
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
Â
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Krashi Coaching
Â
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
SoniaTolstoy
Â
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
thorishapillay1
Â
Recently uploaded
(20)
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
Â
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
Â
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
Â
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
Â
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
Â
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Â
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Â
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
Â
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
Â
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Â
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
Â
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
Â
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
Â
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
Â
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
Â
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
Â
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
Â
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Â
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
Â
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
Â
Hacking3e ppt ch15
1.
© 2020 Jones
and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Hacker Techniques, Tools, and Incident Handling Chapter 15 Defensive Technologies
2.
Page 2 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved.  Identify security controls and defensive technologies. Learning Objective
3.
Page 3 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved.  Intrusion detection/prevention systems  Firewalls and other detection methods  Common security issues Key Concepts
4.
Page 4 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Defense in Depth
5.
Page 5 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Intrusion Detection Systems: Key Terms Intrusion Misuse Intrusion detection Misuse detection
6.
Page 6 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. IDS Mechanisms Signature recognition Anomaly detection
7.
Page 7 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. IDS Response Matrix
8.
Page 8 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of IDSs Network-based intrusion detection system (NIDS) Host-based intrusion detection system (HIDS) Log file monitoring File integrity checking
9.
Page 9 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. NIDS and HIDS Features
10.
Page 10 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. IDS Components  Pattern recognition and pattern matching to known attacks  Analysis of traffic for abnormal communication  Integrity checking of files  Tracking of user and system activity  Traffic monitoring  Traffic analysis  Events log monitoring and analysis
11.
Page 11 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Components of a NIDS
12.
Page 12 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Components of a NIDS (Cont.) Steps an IDS uses for signature-based detection: 1. A host creates a network packet. At this point nothing is known other than the packet exists and was sent from a host in the network. 2. The sensor sniffs the packet off the network segment. This sensor is placed so it can read the packet. 3. The IDS and the sensor match the packet with known signatures of misuse. When a match is detected, an alert is generated and sent to the command console.
13.
Page 13 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Components of a NIDS (Cont.) Steps an IDS uses for signature-based detection: 4. The command console receives and displays the alert, which notifies the security administrator or system owner of the intrusion. 5. The system owner responds based on the information the IDS provides. 6. The alert is logged for future analysis and reference. This information can be logged in a local database or in a central location shared by several systems.
14.
Page 14 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Components of a HIDS
15.
Page 15 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Setting Goals Response Capability Response Accountability
16.
Page 16 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Limitations of an IDS  Know strength and weaknesses of your IDS technology  IDS supplements existing security technologies  IDS only detects and reports what you tell it to  Understand and update your network  If hardware supporting the IDS fails, the IDS may become ineffective or worthless  IDS provides a way to detect an attack but not how to deal with it — this belongs to the organization’s intrusion prevention system (IPS)  IDS may generate extensive data which must be analyzed to ensure attacks are caused
17.
Page 17 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Intrusion Prevention Systems IPS responses to an attack Regulating and stopping suspicious traffic Blocking access to systems Locking out misused user accounts
18.
Page 18 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Purpose of Firewalls  Control the flow of network traffic  Separate networks and organizations into different zones of trust  On perimeter, form a logical and physical barrier between the organization’s network and everything outside  Segment a network internally or within the organization
19.
Page 19 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Firewall Modes Packet filtering Stateful inspection Application proxying
20.
Page 20 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Limitations of a Firewall Viruses Misuse Secondary connections Social engineering Poor design
21.
Page 21 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Implementing Firewalls: Single Packet-Filtering Device  Network is protected by a single packet-filtering device configured to permit or deny access
22.
Page 22 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Implementing Firewalls: Multi-homed Device  Device has multiple network interfaces that use rules to determine how packets will be forwarded between interfaces
23.
Page 23 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Implementing Firewalls: Screened Host  Network is protected by a device that combines the features of proxy servers with packet filtering
24.
Page 24 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Implementing Firewalls: Demilitarized Zone (DMZ)  Region of network or zone that is sandwiched between two firewalls  Set up to host publicly available services
25.
Page 25 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Firewall Policy  The blueprint that dictates how the firewall is installed, configured, and managed  Represents a subset of the overall organizational security policy  Two common approaches: • Implicitly allow everything, explicitly deny only those things you do not want • Implicitly deny everything, allow only those things you know you need
26.
Page 26 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Connectivity Policy  Network scanning prohibited except by approved personnel  Only certain types of network communication allowed  Users may access the web via port 80, as required  User may access email on port 25, as required  Users may not access Network News Transfer Protocol (NNTP)  Antivirus software and updates must be installed and running and computers and servers  Only network administrators may install new hardware on any computer  Don’t allow unauthorized connections to the Internet
27.
Page 27 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Contracted Worker Statement No access to unauthorized resources Not permitted to scan the network May not use FTP unless granted permission in writing
28.
Page 28 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Firewall Administrator Statement Be trained on firewall in use Be aware of all authorized applications and services Reports to an entity such as chief information officer Must have procedure to reach firewall administrator in even of a security incident
29.
Page 29 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Honeynets and Honeypots  Honeypot: A computer configured to attract attackers to it; acts as a decoy • Placed in a location so that if an attacker is able to get around the firewall and other security devices, honeypot draws attention away from more sensitive assets  Honeynet: A group of vulnerable systems (honeypots) or a network
30.
Page 30 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Legal Issues Legal Entrapment
31.
Page 31 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Role of Controls  Administrative, technical, and physical controls are part of a layered approach  By combining layers, you gain: • Advantage of multiple mechanisms to protect systems • Advantage of having a hedge against failure; if one layer or mechanism fails, you have others to fall back on
32.
Page 32 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Common Controls  Administrative • Implicit deny, least privilege, separation of duties, job rotation, required vacation, privilege management  Technical • Access control software, malware solutions, passwords, security tokens, biometrics, antivirus software  Physical • Alternative power sources, flood management, fences, guards, locks, fire suppression system, biometrics, building design and location
33.
Page 33 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Information and Event Management (SIEM) Collection of software and devices that help security professionals manage their environments Monitors log files, network traffic, and processes for security events Provides real-time analysis, stores activity for trend analysis, and triggers alerts for suspect activity Provides tools to manage security controls and the collection of security event data
34.
Page 34 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Sources for Guidance  A Security Technical Implementation Guide (STIG): • National Institute of Standards and Technology (NIST) National Checklist Program Repository (https://nvd.nist.gov/ncp/repository) • Information Assurance Support Environment (IASE) STIGs (https://iase.disa.mil/stigs/Pages/index.aspx) • STIG search tool (https://stigviewer.com/)
35.
Page 35 Hacker Techniques,
Tools, and Incident Handling © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Intrusion detection/prevention systems  Firewalls and other detection methods  Common security issues
Download now