SlideShare a Scribd company logo

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

Download as DOCX, PDF
A
aulasnilda

11 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 1 Introduction Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • National infrastructure – Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation • Conventional approach to cyber security not enough • New approach needed – Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Introduction 3 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.1 – National infrastructure cyber and physical attacks 4 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.2 – Differences between small- and large-scale cyber security 5 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n• Three types of malicious adversaries – External adversary – Internal adversary – Supplier adversary National Cyber Threats, Vulnerabilities, and Attacks 6 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.3 – Adversaries and exploitation points in national infrastructure 7 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n• Three exploitation points – Remote access – System administration and normal usage – Supply chain National Cyber Threats, Vulnerabilities, and Attacks 8 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n• Infrastructure threatened by most common security concerns: – Confidentiality – Integrity – Availability – Theft National Cyber Threats, Vulnerabilities, and Attacks 9 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Botnet Threat • What is a botnet attack? – The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. – Sources of attack are scattered and difficult to identify – Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target 10 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n • Five entities that comprise botnet attack: – Botnet operator – Botnet controller – Collection of bots – Botnot software drop – Botnet target • Distributed denial of service (DDOS) attack: bots create “cyber traffic jam” Botnet Threat 11 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.4 – Sample DDOS attack from a botnet 12 National Cyber Security Methodology Components Copyright ...

Education
1 of 32
11 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 1 Introduction Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • National infrastructure – Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation • Conventional approach to cyber security not enough • New approach needed – Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n Introduction 3 Copyright © 2012, Elsevier Inc. All rights Reserved C h
a p te r 1 – In tro d u c tio n Fig. 1.1 – National infrastructure cyber and physical attacks 4 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
te r 1 – In tro d u c tio n Fig. 1.2 – Differences between small- and large-scale cyber security 5 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
In tro d u c tio n• Three types of malicious adversaries – External adversary – Internal adversary – Supplier adversary National Cyber Threats, Vulnerabilities, and Attacks 6 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
– In tro d u c tio n Fig. 1.3 – Adversaries and exploitation points in national infrastructure 7 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In
tro d u c tio n• Three exploitation points – Remote access – System administration and normal usage – Supply chain National Cyber Threats, Vulnerabilities, and Attacks 8 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
In tro d u c tio n• Infrastructure threatened by most common security concerns: – Confidentiality – Integrity – Availability – Theft National Cyber Threats, Vulnerabilities, and Attacks 9 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
te r 1 – In tro d u c tio n Botnet Threat • What is a botnet attack? – The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. – Sources of attack are scattered and difficult to identify – Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target 10 Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n • Five entities that comprise botnet attack: – Botnet operator – Botnet controller – Collection of bots – Botnot software drop – Botnet target • Distributed denial of service (DDOS) attack: bots
create “cyber traffic jam” Botnet Threat 11 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.4 – Sample DDOS attack from a botnet
12 National Cyber Security Methodology Components Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n• Ten basic design and operation principles: – Deception – Discretion – Separation – Collection
– Diversity – Correlation – Commonality – Awareness – Depth – Response 13 • Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary – Computer scientists call this functionality a honey pot • Deception enables forensic analysis of intruder activity • The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
In tro d u c tio n Deception 14 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d
u c tio n Fig. 1.5 – Components of an interface with deception 15 • Separation involves enforced access policy restrictions on users and resources in a computing environment • Most companies use enterprise firewalls, which are complemented by the following: – Authentication and identity management – Logical access controls – LAN controls – Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved C h a
p te r 1 – In tro d u c tio n Separation 16 Fig. 1.6 – Firewall enhancements for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
te r 1 – In tro d u c tio n 17 • Diversity is the principle of using technology and systems that are intentionally different in substantive ways. • Diversity hard to implement – A single software vendor tends to dominate the PC operating system business landscape – Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved C
h a p te r 1 – In tro d u c tio n Diversity 18 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
te r 1 – In tro d u c tio n Fig. 1.7 – Introducing diversity to national infrastructure 19 • Consistency involves uniform attention to security best practices across national infrastructure components • Greatest challenge involves auditing • A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved C h
a p te r 1 – In tro d u c tio n Commonality 20 • Depth involves using multiple security layers to protect national infrastructure assets • Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved C
h a p te r 1 – In tro d u c tio n Depth 21 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
te r 1 – In tro d u c tio n Fig. 1.8 – National infrastructure security through defense in depth 22 • Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure • This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved C h a
p te r 1 – In tro d u c tio n Discretion 23 • Collection involves automated gathering of system- related information about national infrastructure to enable security analysis • Data is processed by a security information management system. • Operational challenges – What type of information should be collected? – How much information should be collected? Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n Collection 24 Copyright © 2012, Elsevier Inc. All rights Reserved C h
a p te r 1 – In tro d u c tio n Fig. 1.9 – Collecting national infrastructure-related security information 25 • Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection – This type of comparison-oriented analysis is indispensable • Past initiatives included real-time correlation of data at fusion center – Difficult to implement
Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Correlation 26 Fig. 1.10 – National infrastructure high- level correlation approach Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n 27 • Awareness involves an organization understanding the differences between observed and normal status in national infrastructure • Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n Awareness 28 Copyright © 2012, Elsevier Inc. All rights Reserved C h
a p te r 1 – In tro d u c tio n Fig. 1.11 – Real-time situation awareness process flow 29 • Response involves the assurance that processes are in place to react to any security-related indicator – Indicators should flow from the awareness layer • Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc.
All rights Reserved C h a p te r 1 – In tro d u c tio n Response 30 Copyright © 2012, Elsevier Inc. All rights Reserved C h
a p te r 1 – In tro d u c tio n Fig. 1.12 – National infrastructure security response approach 31 • Commissions and groups • Information sharing • International cooperation • Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved
C h a p te r 1 – In tro d u c tio n Implementing the Principles Nationally

Recommended

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Lab #1 - Assessment Worksheet Configuring an Active Direct.docx
Lab #1 - Assessment Worksheet Configuring an Active Direct.docxLab #1 - Assessment Worksheet Configuring an Active Direct.docx
Lab #1 - Assessment Worksheet Configuring an Active Direct.docxmanningchassidy
 
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docxoswald1horne84988
 
Botnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxBotnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxjackiewalcutt
 
Botnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxBotnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxhartrobert670
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxbobbywlane695641
 

Recommended

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
11Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Lab #1 - Assessment Worksheet Configuring an Active Direct.docx
Lab #1 - Assessment Worksheet Configuring an Active Direct.docxLab #1 - Assessment Worksheet Configuring an Active Direct.docx
Lab #1 - Assessment Worksheet Configuring an Active Direct.docxmanningchassidy
 
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docxoswald1horne84988
 
Botnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxBotnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxjackiewalcutt
 
Botnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxBotnet attack is where group of devices are infected by malware th.docx
Botnet attack is where group of devices are infected by malware th.docxhartrobert670
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxaulasnilda
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxherminaprocter
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxbobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxdickonsondorris
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxnovabroom
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxhyacinthshackley2629
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxjesusamckone
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docxWiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docxhelzerpatrina
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxjeanettehully
 
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Research
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeDell EMC World
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Getting Started with Android Programming
Getting Started with Android ProgrammingGetting Started with Android Programming
Getting Started with Android ProgrammingStacy David
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptAkfeteAssefa
 
Sit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxSit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxjennifer822
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docxjesusamckone
 
GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07flelmend
 
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxUnit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxouldparis
 
Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?Denim Group
 
The Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptxThe Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptxJamie Coleman
 
1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docx1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docxaulasnilda
 
1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docx1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docxaulasnilda
 

More Related Content

Similar to 11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxdickonsondorris
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxnovabroom
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxhyacinthshackley2629
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxjesusamckone
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docxRAJU852744
 
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docxWiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docxhelzerpatrina
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxjeanettehully
 
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Research
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeDell EMC World
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructureUnisys Corporation
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Getting Started with Android Programming
Getting Started with Android ProgrammingGetting Started with Android Programming
Getting Started with Android ProgrammingStacy David
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptAkfeteAssefa
 
Sit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxSit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxjennifer822
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docxjesusamckone
 
GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07flelmend
 
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxUnit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxouldparis
 
Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?Denim Group
 
The Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptxThe Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptxJamie Coleman
 

Similar to 11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx (20)

Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
1Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docxWiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
Wiki Page  Chapter 10 AwarenessWikis for Learning and Collaborat.docx
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Running Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docxRunning Head Personal Reflection1Personal Reflection1.docx
Running Head Personal Reflection1Personal Reflection1.docx
 
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
 
MT82 IoT Security Starts at Edge
MT82 IoT Security Starts at EdgeMT82 IoT Security Starts at Edge
MT82 IoT Security Starts at Edge
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
Getting Started with Android Programming
Getting Started with Android ProgrammingGetting Started with Android Programming
Getting Started with Android Programming
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
 
Sit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docxSit in a common area and observe. This may be in your office, a co.docx
Sit in a common area and observe. This may be in your office, a co.docx
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
 
GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07GPA Open Source Gpa Users Forum 2011 09 07
GPA Open Source Gpa Users Forum 2011 09 07
 
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docxUnit 3 DiscussionIdentification & Cost Estimation            T.docx
Unit 3 DiscussionIdentification & Cost Estimation            T.docx
 
Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?Software Security: Is OK Good Enough?
Software Security: Is OK Good Enough?
 
The Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptxThe Death Star & The Ultimate Vulnerability.pptx
The Death Star & The Ultimate Vulnerability.pptx
 

More from aulasnilda

1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docx1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docxaulasnilda
 
1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docx1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docxaulasnilda
 
1. Abstract2. Introduction to Bitcoin and Ethereum3..docx
1. Abstract2. Introduction to Bitcoin and Ethereum3..docx1. Abstract2. Introduction to Bitcoin and Ethereum3..docx
1. Abstract2. Introduction to Bitcoin and Ethereum3..docxaulasnilda
 
1. A. Compare vulnerable populations. B. Describe an example of one .docx
1. A. Compare vulnerable populations. B. Describe an example of one .docx1. A. Compare vulnerable populations. B. Describe an example of one .docx
1. A. Compare vulnerable populations. B. Describe an example of one .docxaulasnilda
 
1. A highly capable brick and mortar electronics retailer with a l.docx
1. A highly capable brick and mortar electronics retailer with a l.docx1. A highly capable brick and mortar electronics retailer with a l.docx
1. A highly capable brick and mortar electronics retailer with a l.docxaulasnilda
 
1. A. Research the delivery, finance, management, and sustainabili.docx
1. A. Research the delivery, finance, management, and sustainabili.docx1. A. Research the delivery, finance, management, and sustainabili.docx
1. A. Research the delivery, finance, management, and sustainabili.docxaulasnilda
 
1. All of the following artists except for ONE used nudity as part.docx
1. All of the following artists except for ONE used nudity as part.docx1. All of the following artists except for ONE used nudity as part.docx
1. All of the following artists except for ONE used nudity as part.docxaulasnilda
 
1. According to the article, what is myth and how does it functi.docx
1. According to the article, what is myth and how does it functi.docx1. According to the article, what is myth and how does it functi.docx
1. According to the article, what is myth and how does it functi.docxaulasnilda
 
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docxaulasnilda
 
1. A.Compare independent variables, B.dependent variables, and C.ext.docx
1. A.Compare independent variables, B.dependent variables, and C.ext.docx1. A.Compare independent variables, B.dependent variables, and C.ext.docx
1. A.Compare independent variables, B.dependent variables, and C.ext.docxaulasnilda
 
1. According to the Court, why is death a proportionate penalty for .docx
1. According to the Court, why is death a proportionate penalty for .docx1. According to the Court, why is death a proportionate penalty for .docx
1. According to the Court, why is death a proportionate penalty for .docxaulasnilda
 
1- Prisonization  What if  . . . you were sentenced to prison .docx
1- Prisonization  What if  . . . you were sentenced to prison .docx1- Prisonization  What if  . . . you were sentenced to prison .docx
1- Prisonization  What if  . . . you were sentenced to prison .docxaulasnilda
 
1. 250+ word count What is cultural and linguistic competence H.docx
1. 250+ word count What is cultural and linguistic competence H.docx1. 250+ word count What is cultural and linguistic competence H.docx
1. 250+ word count What is cultural and linguistic competence H.docxaulasnilda
 
1. 200 words How valuable is a having a LinkedIn profile Provid.docx
1. 200 words How valuable is a having a LinkedIn profile Provid.docx1. 200 words How valuable is a having a LinkedIn profile Provid.docx
1. 200 words How valuable is a having a LinkedIn profile Provid.docxaulasnilda
 
1. According to recent surveys, China, India, and the Philippines ar.docx
1. According to recent surveys, China, India, and the Philippines ar.docx1. According to recent surveys, China, India, and the Philippines ar.docx
1. According to recent surveys, China, India, and the Philippines ar.docxaulasnilda
 
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docxaulasnilda
 
1. A vulnerability refers to a known weakness of an asset (resou.docx
1. A vulnerability refers to a known weakness of an asset (resou.docx1. A vulnerability refers to a known weakness of an asset (resou.docx
1. A vulnerability refers to a known weakness of an asset (resou.docxaulasnilda
 
1. According to the readings, philosophy began in ancient Egypt an.docx
1. According to the readings, philosophy began in ancient Egypt an.docx1. According to the readings, philosophy began in ancient Egypt an.docx
1. According to the readings, philosophy began in ancient Egypt an.docxaulasnilda
 
1-Explain what you understood from the paper with (one paragraph).docx
1-Explain what you understood from the paper with (one paragraph).docx1-Explain what you understood from the paper with (one paragraph).docx
1-Explain what you understood from the paper with (one paragraph).docxaulasnilda
 
1-Explanation of how healthcare policy can impact the advanced p.docx
1-Explanation of how healthcare policy can impact the advanced p.docx1-Explanation of how healthcare policy can impact the advanced p.docx
1-Explanation of how healthcare policy can impact the advanced p.docxaulasnilda
 

More from aulasnilda (20)

1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docx1. Analyze the case and determine the factors that have made KFC a s.docx
1. Analyze the case and determine the factors that have made KFC a s.docx
 
1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docx1. A.Discuss how the concept of health has changed over time. B.Di.docx
1. A.Discuss how the concept of health has changed over time. B.Di.docx
 
1. Abstract2. Introduction to Bitcoin and Ethereum3..docx
1. Abstract2. Introduction to Bitcoin and Ethereum3..docx1. Abstract2. Introduction to Bitcoin and Ethereum3..docx
1. Abstract2. Introduction to Bitcoin and Ethereum3..docx
 
1. A. Compare vulnerable populations. B. Describe an example of one .docx
1. A. Compare vulnerable populations. B. Describe an example of one .docx1. A. Compare vulnerable populations. B. Describe an example of one .docx
1. A. Compare vulnerable populations. B. Describe an example of one .docx
 
1. A highly capable brick and mortar electronics retailer with a l.docx
1. A highly capable brick and mortar electronics retailer with a l.docx1. A highly capable brick and mortar electronics retailer with a l.docx
1. A highly capable brick and mortar electronics retailer with a l.docx
 
1. A. Research the delivery, finance, management, and sustainabili.docx
1. A. Research the delivery, finance, management, and sustainabili.docx1. A. Research the delivery, finance, management, and sustainabili.docx
1. A. Research the delivery, finance, management, and sustainabili.docx
 
1. All of the following artists except for ONE used nudity as part.docx
1. All of the following artists except for ONE used nudity as part.docx1. All of the following artists except for ONE used nudity as part.docx
1. All of the following artists except for ONE used nudity as part.docx
 
1. According to the article, what is myth and how does it functi.docx
1. According to the article, what is myth and how does it functi.docx1. According to the article, what is myth and how does it functi.docx
1. According to the article, what is myth and how does it functi.docx
 
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx
1. 6 Paragraph OverviewReflection on Reading Assigbnment Due Before.docx
 
1. A.Compare independent variables, B.dependent variables, and C.ext.docx
1. A.Compare independent variables, B.dependent variables, and C.ext.docx1. A.Compare independent variables, B.dependent variables, and C.ext.docx
1. A.Compare independent variables, B.dependent variables, and C.ext.docx
 
1. According to the Court, why is death a proportionate penalty for .docx
1. According to the Court, why is death a proportionate penalty for .docx1. According to the Court, why is death a proportionate penalty for .docx
1. According to the Court, why is death a proportionate penalty for .docx
 
1- Prisonization  What if  . . . you were sentenced to prison .docx
1- Prisonization  What if  . . . you were sentenced to prison .docx1- Prisonization  What if  . . . you were sentenced to prison .docx
1- Prisonization  What if  . . . you were sentenced to prison .docx
 
1. 250+ word count What is cultural and linguistic competence H.docx
1. 250+ word count What is cultural and linguistic competence H.docx1. 250+ word count What is cultural and linguistic competence H.docx
1. 250+ word count What is cultural and linguistic competence H.docx
 
1. 200 words How valuable is a having a LinkedIn profile Provid.docx
1. 200 words How valuable is a having a LinkedIn profile Provid.docx1. 200 words How valuable is a having a LinkedIn profile Provid.docx
1. 200 words How valuable is a having a LinkedIn profile Provid.docx
 
1. According to recent surveys, China, India, and the Philippines ar.docx
1. According to recent surveys, China, India, and the Philippines ar.docx1. According to recent surveys, China, India, and the Philippines ar.docx
1. According to recent surveys, China, India, and the Philippines ar.docx
 
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx
1. Addressing inflation using Fiscal and Monetary Policy tools.S.docx
 
1. A vulnerability refers to a known weakness of an asset (resou.docx
1. A vulnerability refers to a known weakness of an asset (resou.docx1. A vulnerability refers to a known weakness of an asset (resou.docx
1. A vulnerability refers to a known weakness of an asset (resou.docx
 
1. According to the readings, philosophy began in ancient Egypt an.docx
1. According to the readings, philosophy began in ancient Egypt an.docx1. According to the readings, philosophy began in ancient Egypt an.docx
1. According to the readings, philosophy began in ancient Egypt an.docx
 
1-Explain what you understood from the paper with (one paragraph).docx
1-Explain what you understood from the paper with (one paragraph).docx1-Explain what you understood from the paper with (one paragraph).docx
1-Explain what you understood from the paper with (one paragraph).docx
 
1-Explanation of how healthcare policy can impact the advanced p.docx
1-Explanation of how healthcare policy can impact the advanced p.docx1-Explanation of how healthcare policy can impact the advanced p.docx
1-Explanation of how healthcare policy can impact the advanced p.docx
 

Recently uploaded

Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxPooja Bhuva
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxPooja Bhuva
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 

Recently uploaded (20)

Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

  • 1. 11 Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 1 Introduction Cyber Attacks Protecting National Infrastructure, 1st ed. 2 • National infrastructure – Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation • Conventional approach to cyber security not enough • New approach needed – Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc.
  • 2. All rights Reserved C h a p te r 1 – In tro d u c tio n Introduction 3 Copyright © 2012, Elsevier Inc. All rights Reserved C h
  • 3. a p te r 1 – In tro d u c tio n Fig. 1.1 – National infrastructure cyber and physical attacks 4 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
  • 4. te r 1 – In tro d u c tio n Fig. 1.2 – Differences between small- and large-scale cyber security 5 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
  • 5. In tro d u c tio n• Three types of malicious adversaries – External adversary – Internal adversary – Supplier adversary National Cyber Threats, Vulnerabilities, and Attacks 6 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1
  • 6. – In tro d u c tio n Fig. 1.3 – Adversaries and exploitation points in national infrastructure 7 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In
  • 7. tro d u c tio n• Three exploitation points – Remote access – System administration and normal usage – Supply chain National Cyber Threats, Vulnerabilities, and Attacks 8 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
  • 8. In tro d u c tio n• Infrastructure threatened by most common security concerns: – Confidentiality – Integrity – Availability – Theft National Cyber Threats, Vulnerabilities, and Attacks 9 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
  • 9. te r 1 – In tro d u c tio n Botnet Threat • What is a botnet attack? – The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. – Sources of attack are scattered and difficult to identify – Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target 10 Copyright © 2012, Elsevier Inc.
  • 10. All rights Reserved C h a p te r 1 – In tro d u c tio n • Five entities that comprise botnet attack: – Botnet operator – Botnet controller – Collection of bots – Botnot software drop – Botnet target • Distributed denial of service (DDOS) attack: bots
  • 11. create “cyber traffic jam” Botnet Threat 11 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Fig. 1.4 – Sample DDOS attack from a botnet
  • 12. 12 National Cyber Security Methodology Components Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n• Ten basic design and operation principles: – Deception – Discretion – Separation – Collection
  • 13. – Diversity – Correlation – Commonality – Awareness – Depth – Response 13 • Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary – Computer scientists call this functionality a honey pot • Deception enables forensic analysis of intruder activity • The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 –
  • 14. In tro d u c tio n Deception 14 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d
  • 15. u c tio n Fig. 1.5 – Components of an interface with deception 15 • Separation involves enforced access policy restrictions on users and resources in a computing environment • Most companies use enterprise firewalls, which are complemented by the following: – Authentication and identity management – Logical access controls – LAN controls – Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved C h a
  • 16. p te r 1 – In tro d u c tio n Separation 16 Fig. 1.6 – Firewall enhancements for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
  • 17. te r 1 – In tro d u c tio n 17 • Diversity is the principle of using technology and systems that are intentionally different in substantive ways. • Diversity hard to implement – A single software vendor tends to dominate the PC operating system business landscape – Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved C
  • 18. h a p te r 1 – In tro d u c tio n Diversity 18 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
  • 19. te r 1 – In tro d u c tio n Fig. 1.7 – Introducing diversity to national infrastructure 19 • Consistency involves uniform attention to security best practices across national infrastructure components • Greatest challenge involves auditing • A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved C h
  • 20. a p te r 1 – In tro d u c tio n Commonality 20 • Depth involves using multiple security layers to protect national infrastructure assets • Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved C
  • 21. h a p te r 1 – In tro d u c tio n Depth 21 Copyright © 2012, Elsevier Inc. All rights Reserved C h a p
  • 22. te r 1 – In tro d u c tio n Fig. 1.8 – National infrastructure security through defense in depth 22 • Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure • This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved C h a
  • 23. p te r 1 – In tro d u c tio n Discretion 23 • Collection involves automated gathering of system- related information about national infrastructure to enable security analysis • Data is processed by a security information management system. • Operational challenges – What type of information should be collected? – How much information should be collected? Copyright © 2012, Elsevier Inc.
  • 24. All rights Reserved C h a p te r 1 – In tro d u c tio n Collection 24 Copyright © 2012, Elsevier Inc. All rights Reserved C h
  • 25. a p te r 1 – In tro d u c tio n Fig. 1.9 – Collecting national infrastructure-related security information 25 • Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection – This type of comparison-oriented analysis is indispensable • Past initiatives included real-time correlation of data at fusion center – Difficult to implement
  • 26. Copyright © 2012, Elsevier Inc. All rights Reserved C h a p te r 1 – In tro d u c tio n Correlation 26 Fig. 1.10 – National infrastructure high- level correlation approach Copyright © 2012, Elsevier Inc.
  • 27. All rights Reserved C h a p te r 1 – In tro d u c tio n 27 • Awareness involves an organization understanding the differences between observed and normal status in national infrastructure • Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc.
  • 28. All rights Reserved C h a p te r 1 – In tro d u c tio n Awareness 28 Copyright © 2012, Elsevier Inc. All rights Reserved C h
  • 29. a p te r 1 – In tro d u c tio n Fig. 1.11 – Real-time situation awareness process flow 29 • Response involves the assurance that processes are in place to react to any security-related indicator – Indicators should flow from the awareness layer • Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc.
  • 30. All rights Reserved C h a p te r 1 – In tro d u c tio n Response 30 Copyright © 2012, Elsevier Inc. All rights Reserved C h
  • 31. a p te r 1 – In tro d u c tio n Fig. 1.12 – National infrastructure security response approach 31 • Commissions and groups • Information sharing • International cooperation • Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved