SlideShare a Scribd company logo

Security Strategies in Windows Platforms and ApplicationsL.docx

Download as DOCX, PDF
K
kenjordan97598

Security Strategies in Windows Platforms and Applications Lesson 1 Microsoft Windows and the Threat Landscape © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cover image © Sharpshot/Dreamstime.com Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objective(s) Describe information systems security and the inherent security features of the Microsoft Windows operating system. Describe threats to Microsoft Windows and applications. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 2 Key Concepts Information systems security and the C-I-A triad Microsoft Windows and a typical IT infrastructure Vulnerabilities of Microsoft Windows systems and their applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 3 Information Systems Security Defense in depth A collection of strategies to make a computer environment safe Information security Main goal is to prevent loss Most decisions require balance between security and usability Security controls are mechanisms used to protect information Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 4 Security Controls Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 5 Type of Control Administrative Type of Function Preventive Detective Corrective Technical Physical C-I-A Triad Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The practice of securing information involves ensuring three tenets of information security: confidentiality, integrity, and availability Known as the C-I-A triad Also known as the availability, integrity, and confidentiality (A-I-C) triad Each tenet interacts with the other two and, in some cases, may conflict 6 Confidentiality The assurance that the information cannot be accessed or viewed by unauthorized users Examples of confidential information: Financial information Medical information Secret military plans Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advan.

Education
1 of 19
Security Strategies in Windows Platforms and Applications Lesson 1 Microsoft Windows and the Threat Landscape © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cover image © Sharpshot/Dreamstime.com Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objective(s) Describe information systems security and the inherent security features of the Microsoft Windows operating system. Describe threats to Microsoft Windows and applications. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
All rights reserved. 2 Key Concepts Information systems security and the C-I-A triad Microsoft Windows and a typical IT infrastructure Vulnerabilities of Microsoft Windows systems and their applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 3 Information Systems Security Defense in depth A collection of strategies to make a computer environment safe Information security Main goal is to prevent loss Most decisions require balance between security and usability Security controls are mechanisms used to protect information Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
All rights reserved. 4 Security Controls Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 5 Type of Control Administrative Type of Function Preventive Detective Corrective
Technical Physical C-I-A Triad Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The practice of securing information involves ensuring three tenets of information security: confidentiality, integrity, and availability Known as the C-I-A triad Also known as the availability, integrity, and confidentiality (A-I-C) triad Each tenet interacts with the other two and, in some cases, may conflict 6 Confidentiality The assurance that the information cannot be accessed or viewed by unauthorized users Examples of confidential information: Financial information
Medical information Secret military plans Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advantage or to extort compensation through threats to divulge the information. 7 Integrity The assurance that the information cannot be changed by unauthorized users Ensuring integrity means applying controls that prohibit unauthorized changes to information Examples of integrity controls: Security classification User clearance Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company www.jblearning.com All rights reserved. 8 Availability The assurance that the information is available to authorized users in an acceptable time frame when the information is requested is availability Examples of attacks that affect availability: Denial of service (DoS) Hacktivist Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 9 Microsoft Windows and Applications in a Typical IT Infrastructure IT infrastructure Collection of computers, devices, and network components that make up an IT environment
Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 10 Microsoft Windows and Applications in a Typical IT Infrastructure Common infrastructure components: Client platforms Network segments Network devices Server instances (often listed by function) Cloud-based offerings, such as Microsoft Office 365 and Microsoft Azure Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 11 A Sample IT Infrastructure
Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Windows Clients Client systems provide functionality to end users; customer- facing systems Include desktops, laptops, and mobile devices Each application can be deployed on client systems as either a thin or a thick client Windows 10 Newest and most popular Windows client operating system Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 13 Windows Servers Server computers provide services to client applications Common server applications: Web servers, application servers, and database servers Windows Server 2019 Essentials, for small businesses Standard, for most server functions Datacenter, for large-scale deployments
Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 14 Microsoft’s End-User License Agreement (EULA) Software license agreement that contains the Microsoft Software License Terms Must be accepted prior to installation of any Microsoft Windows product Located in the Windows install folder or on the Microsoft website Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 15 Microsoft EULA Sections Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company www.jblearning.com All rights reserved. Updates Additional Notices—Networks, Data, and Internet Usage Limited Warranty Exclusions from Limited Warranty Windows Threats and Vulnerabilities Successful attack: One that realizes, or carries out, a threat against vulnerabilities Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 17 Risk Any exposure to a threat
Threat Any action that could lead to damage, disruption, or loss Vulnerability Weakness in an operating system or application software Windows Threats and Vulnerabilities A threat is not necessarily dangerous Fire in fireplace = desirable Fire in data center = dangerous For damage to occur, there has to be a threat Attackers look for vulnerabilities, then devise an attack that will exploit the weakness Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 18 Anatomy of Microsoft Windows Vulnerabilities
Ransomware Malicious software that renders files or volumes inaccessible through encryption Attacker demands payment using cryptocurrency for the decryption key Well-known ransomware attacks CryptoLocker Locky WannaCry Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Most ransomware encrypts data and demands a payment using cryptocurrency in exchange for the decryption key. 19 Discovery-Analysis-Remediation Cycle Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A recurring three-step process for addressing attacks
20 Discovery Once an attack starts, attackers become as inconspicuous as possible Need to compare suspect activity baseline (normal activity) to detect anomalies Common method of accomplishing this is to use activity and monitoring logs Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 21 Analysis Security information and event management (SIEM) tools Collect and aggregate security-related information from multiple sources and devices Help prepare data for correlation and analysis Current vulnerability and security bulletin databases Help you determine if others are experiencing same activity Page ‹#› Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. SIEM tools can often cross-reference known vulnerability databases to help identify suspect behavior. The analysis phase includes validating suspect activity as abnormal and then figuring out what is causing it. 22 Remediation Contain any damage that has occurred, recover from any loss, and implement controls to prevent a recurrence Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 23 Common Forms of AttackThreatDescriptionPhishingGenerally start with a message that contains a link or image to click, or a file to open; taking these actions launches malware attacksMalwareMalicious software designed to carry out tasks that the user would not normally allowDenial of service (DoS)Any action that dramatically slows down or blocks access
to one or more resourcesInjection attackDepends on ability to send instructions to an application that causes the application to carry out unintended actions; SQL injection is common Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 24 Common Forms of Attack (Cont.)ThreatDescriptionUnprotected Windows Share A situation that allows attackers to install tools, including malicious softwareSession hijacking and credential reuseAttempts by attackers to take over valid sessions or capture credentials to impersonate valid usersCross-site scriptingSpecially crafted malicious code used to attack web applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 25 Common Forms of Attack (Cont.)ThreatDescriptionPacket sniffing The process of collecting network messages as they
travel across a network in hopes of divulging sensitive information, such as passwords Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 26 Summary Information systems security and the C-I-A triad Microsoft Windows and a typical IT infrastructure Vulnerabilities of Microsoft Windows systems and their applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 27 Week 5 Assignment Application: ANOVA Study: The Alpha Shoe Company When you read published research studies, you find experimental studies in which one or more variables are
manipulated. One example is a study on whether students with windows in their classrooms give their instructors higher evaluations than students with no windows in their classrooms. You could do a basic comparison of these two groups with a t test, which you studied in Week 4. Perhaps it would be more interesting to have additional levels of environment. You might compare instructor evaluations when students are in a class with no windows, a class with windows that look out to a parking lot, a class with windows that look out to a park, or a class with no windows but pictures of windows on the wall. Since you have multiple levels of the factor, environment, an ANOVA would help you understand the differences between each. This Assignment will give you practice conducting a study with multiple levels of a factor by working once again with the Alpha Shoe Company. Since many research studies rely on the ANOVA for analysis, you will enhance your ability to understand the results of research studies that you evaluate in the future. Scenario: Imagine that Alpha Shoe Company wants to do a second study on the vertical lift basketball players can gain from their shoes. Recall that they believe that how high a player can jump is affected by the type of shoe that player wears. They identified 25 professional basketball players and randomly assigned each of them to wear one of the five types of shoe, then measured how high each player jumped. Each player’s jumping height is given below in inches: Pluto Omega II Beta Super Delta Gamma 29.1 29.2 28.5 28.4
27.7 29.8 29.1 28.9 28.0 27.9 30.0 28.8 29.2 28.8 28.0 29.0 28.7 28.3 29.0 28.2 31.1 28.8 30.0 28.9 28.0 Assignment: To complete this Assignment, submit by Day 7 answers to the following. Use SPSS to compare the means of the scores of these five shoes with a one-way ANOVA. Save and submit both your SPSS data file and your output. · Before comparing the scores with an ANOVA, state your null and alternative hypotheses in words (not formulas). · Identify the independent and dependent variables. · Name the levels in your identified factor. · State the within-group degrees of freedom and explain how you calculate it. · State the between-group degrees of freedom and explain how you calculate it. · Identify the obtained F value. · Identify the p value.
· Explain whether the F test is significant. Explain how you know and what it tells you. · Explain what you can conclude about the effect of shoe choice on vertical lift (jumping height). · Should you conduct a post hoc test? Why or why not? If yes, conduct a Tukey HSD post hoc analysis. Explain what the results tell you about type of shoe choice and vertical lift. · Submit three documents for grading: your text (Word) document with your answers and explanations to the application questions, your SPSS Data file, and your SPSS Output file. · Provide an APA reference list.

Recommended

Current Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxCurrent Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxannettsparrow
 
Documentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxDocumentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxpetehbailey729071
 
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies MorganLudwig40
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaChris Bailey
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for JavaTim Ellison
 
CHAPTER 1Risk Management FundamentalsCopyright © 202
CHAPTER 1Risk Management FundamentalsCopyright © 202CHAPTER 1Risk Management FundamentalsCopyright © 202
CHAPTER 1Risk Management FundamentalsCopyright © 202EstelaJeffery653
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 

Recommended

Current Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxCurrent Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxannettsparrow
 
Documentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxDocumentation Artifact 5Long Term Care Plan-Continuing to .docx
Documentation Artifact 5Long Term Care Plan-Continuing to .docxpetehbailey729071
 
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies MorganLudwig40
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaChris Bailey
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for JavaTim Ellison
 
CHAPTER 1Risk Management FundamentalsCopyright © 202
CHAPTER 1Risk Management FundamentalsCopyright © 202CHAPTER 1Risk Management FundamentalsCopyright © 202
CHAPTER 1Risk Management FundamentalsCopyright © 202EstelaJeffery653
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesIRJET Journal
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15Skillspire LLC
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Cenzic
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013Andris Soroka
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcowinhelen
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing ProfessionalsTechWell
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Inno Eroraha [NetSecurity]
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Education & Training Boards
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
Teknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeemu Tiainen
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Information security
Information securityInformation security
Information securityAlaaMahmoud108
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
You are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docxYou are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docxkenjordan97598
 
You are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docxYou are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docxkenjordan97598
 

More Related Content

Similar to Security Strategies in Windows Platforms and ApplicationsL.docx

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesIRJET Journal
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Cenzic
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013Andris Soroka
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcowinhelen
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing ProfessionalsTechWell
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Inno Eroraha [NetSecurity]
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Education & Training Boards
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
Teknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeemu Tiainen
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 

Similar to Security Strategies in Windows Platforms and ApplicationsL.docx (20)

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and Defenses
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
 
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docxcase analysis 2.1.docxby Urusha PandeySubmission date 2.docx
case analysis 2.1.docxby Urusha PandeySubmission date 2.docx
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing Professionals
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
 
Teknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimuksetTeknisen tietoturvan minimivaatimukset
Teknisen tietoturvan minimivaatimukset
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Information security
Information securityInformation security
Information security
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices Framework
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 

More from kenjordan97598

You are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docxYou are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docxkenjordan97598
 
You are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docxYou are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docxkenjordan97598
 
You are working on an address book database with a table called Cont.docx
You are working on an address book database with a table called Cont.docxYou are working on an address book database with a table called Cont.docx
You are working on an address book database with a table called Cont.docxkenjordan97598
 
You are the new Security Manager for a small bank in Iowa. They are .docx
You are the new Security Manager for a small bank in Iowa. They are .docxYou are the new Security Manager for a small bank in Iowa. They are .docx
You are the new Security Manager for a small bank in Iowa. They are .docxkenjordan97598
 
You are working in a rural Family Planning Health clinic and a 16 y.docx
You are working in a rural Family Planning Health clinic and a 16 y.docxYou are working in a rural Family Planning Health clinic and a 16 y.docx
You are working in a rural Family Planning Health clinic and a 16 y.docxkenjordan97598
 
You are working in a family practice when your newly diagnosed T.docx
You are working in a family practice when your newly diagnosed T.docxYou are working in a family practice when your newly diagnosed T.docx
You are working in a family practice when your newly diagnosed T.docxkenjordan97598
 
You are working for the Chief of Staff (CoS) for a newly elected Gov.docx
You are working for the Chief of Staff (CoS) for a newly elected Gov.docxYou are working for the Chief of Staff (CoS) for a newly elected Gov.docx
You are working for the Chief of Staff (CoS) for a newly elected Gov.docxkenjordan97598
 
You are working at Johnson and Cohen law firm and have recently .docx
You are working at Johnson and Cohen law firm and have recently .docxYou are working at Johnson and Cohen law firm and have recently .docx
You are working at Johnson and Cohen law firm and have recently .docxkenjordan97598
 
You are working for a community counseling agency, and you are taske.docx
You are working for a community counseling agency, and you are taske.docxYou are working for a community counseling agency, and you are taske.docx
You are working for a community counseling agency, and you are taske.docxkenjordan97598
 
You are working as the software tester for a big enterprise comp.docx
You are working as the software tester for a big enterprise comp.docxYou are working as the software tester for a big enterprise comp.docx
You are working as the software tester for a big enterprise comp.docxkenjordan97598
 
You are working as HelpDesk Support for an organization where your u.docx
You are working as HelpDesk Support for an organization where your u.docxYou are working as HelpDesk Support for an organization where your u.docx
You are working as HelpDesk Support for an organization where your u.docxkenjordan97598
 
You are working as an APRN in your local primary care office. Th.docx
You are working as an APRN in your local primary care office. Th.docxYou are working as an APRN in your local primary care office. Th.docx
You are working as an APRN in your local primary care office. Th.docxkenjordan97598
 
You are the new Public Information Officer (PIO) assigned by the.docx
You are the new Public Information Officer (PIO) assigned by the.docxYou are the new Public Information Officer (PIO) assigned by the.docx
You are the new Public Information Officer (PIO) assigned by the.docxkenjordan97598
 
You are welcome to go to the San Diego Zoo any time you would li.docx
You are welcome to go to the San Diego Zoo any time you would li.docxYou are welcome to go to the San Diego Zoo any time you would li.docx
You are welcome to go to the San Diego Zoo any time you would li.docxkenjordan97598
 
You are visiting one of your organization’s plants in a poor nation..docx
You are visiting one of your organization’s plants in a poor nation..docxYou are visiting one of your organization’s plants in a poor nation..docx
You are visiting one of your organization’s plants in a poor nation..docxkenjordan97598
 
You are to write a four-page (typed, double-spaced) essay addressing.docx
You are to write a four-page (typed, double-spaced) essay addressing.docxYou are to write a four-page (typed, double-spaced) essay addressing.docx
You are to write a four-page (typed, double-spaced) essay addressing.docxkenjordan97598
 
You are to write a 7-page Biographical Research Paper of St Franci.docx
You are to write a 7-page Biographical Research Paper of St Franci.docxYou are to write a 7-page Biographical Research Paper of St Franci.docx
You are to write a 7-page Biographical Research Paper of St Franci.docxkenjordan97598
 
You are to write a 1050 to 1750 word literature review (in a.docx
You are to write a 1050 to 1750 word literature review (in a.docxYou are to write a 1050 to 1750 word literature review (in a.docx
You are to write a 1050 to 1750 word literature review (in a.docxkenjordan97598
 
You are to take the uploaded assignment and edit it. The title shoul.docx
You are to take the uploaded assignment and edit it. The title shoul.docxYou are to take the uploaded assignment and edit it. The title shoul.docx
You are to take the uploaded assignment and edit it. The title shoul.docxkenjordan97598
 
You are to use a topic for the question you chose.WORD REQUIRE.docx
You are to use a topic for the question you chose.WORD REQUIRE.docxYou are to use a topic for the question you chose.WORD REQUIRE.docx
You are to use a topic for the question you chose.WORD REQUIRE.docxkenjordan97598
 

More from kenjordan97598 (20)

You are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docxYou are the Nursing Director for the medical-surgical area of a .docx
You are the Nursing Director for the medical-surgical area of a .docx
 
You are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docxYou are the newly appointed director of the Agile County Airport.docx
You are the newly appointed director of the Agile County Airport.docx
 
You are working on an address book database with a table called Cont.docx
You are working on an address book database with a table called Cont.docxYou are working on an address book database with a table called Cont.docx
You are working on an address book database with a table called Cont.docx
 
You are the new Security Manager for a small bank in Iowa. They are .docx
You are the new Security Manager for a small bank in Iowa. They are .docxYou are the new Security Manager for a small bank in Iowa. They are .docx
You are the new Security Manager for a small bank in Iowa. They are .docx
 
You are working in a rural Family Planning Health clinic and a 16 y.docx
You are working in a rural Family Planning Health clinic and a 16 y.docxYou are working in a rural Family Planning Health clinic and a 16 y.docx
You are working in a rural Family Planning Health clinic and a 16 y.docx
 
You are working in a family practice when your newly diagnosed T.docx
You are working in a family practice when your newly diagnosed T.docxYou are working in a family practice when your newly diagnosed T.docx
You are working in a family practice when your newly diagnosed T.docx
 
You are working for the Chief of Staff (CoS) for a newly elected Gov.docx
You are working for the Chief of Staff (CoS) for a newly elected Gov.docxYou are working for the Chief of Staff (CoS) for a newly elected Gov.docx
You are working for the Chief of Staff (CoS) for a newly elected Gov.docx
 
You are working at Johnson and Cohen law firm and have recently .docx
You are working at Johnson and Cohen law firm and have recently .docxYou are working at Johnson and Cohen law firm and have recently .docx
You are working at Johnson and Cohen law firm and have recently .docx
 
You are working for a community counseling agency, and you are taske.docx
You are working for a community counseling agency, and you are taske.docxYou are working for a community counseling agency, and you are taske.docx
You are working for a community counseling agency, and you are taske.docx
 
You are working as the software tester for a big enterprise comp.docx
You are working as the software tester for a big enterprise comp.docxYou are working as the software tester for a big enterprise comp.docx
You are working as the software tester for a big enterprise comp.docx
 
You are working as HelpDesk Support for an organization where your u.docx
You are working as HelpDesk Support for an organization where your u.docxYou are working as HelpDesk Support for an organization where your u.docx
You are working as HelpDesk Support for an organization where your u.docx
 
You are working as an APRN in your local primary care office. Th.docx
You are working as an APRN in your local primary care office. Th.docxYou are working as an APRN in your local primary care office. Th.docx
You are working as an APRN in your local primary care office. Th.docx
 
You are the new Public Information Officer (PIO) assigned by the.docx
You are the new Public Information Officer (PIO) assigned by the.docxYou are the new Public Information Officer (PIO) assigned by the.docx
You are the new Public Information Officer (PIO) assigned by the.docx
 
You are welcome to go to the San Diego Zoo any time you would li.docx
You are welcome to go to the San Diego Zoo any time you would li.docxYou are welcome to go to the San Diego Zoo any time you would li.docx
You are welcome to go to the San Diego Zoo any time you would li.docx
 
You are visiting one of your organization’s plants in a poor nation..docx
You are visiting one of your organization’s plants in a poor nation..docxYou are visiting one of your organization’s plants in a poor nation..docx
You are visiting one of your organization’s plants in a poor nation..docx
 
You are to write a four-page (typed, double-spaced) essay addressing.docx
You are to write a four-page (typed, double-spaced) essay addressing.docxYou are to write a four-page (typed, double-spaced) essay addressing.docx
You are to write a four-page (typed, double-spaced) essay addressing.docx
 
You are to write a 7-page Biographical Research Paper of St Franci.docx
You are to write a 7-page Biographical Research Paper of St Franci.docxYou are to write a 7-page Biographical Research Paper of St Franci.docx
You are to write a 7-page Biographical Research Paper of St Franci.docx
 
You are to write a 1050 to 1750 word literature review (in a.docx
You are to write a 1050 to 1750 word literature review (in a.docxYou are to write a 1050 to 1750 word literature review (in a.docx
You are to write a 1050 to 1750 word literature review (in a.docx
 
You are to take the uploaded assignment and edit it. The title shoul.docx
You are to take the uploaded assignment and edit it. The title shoul.docxYou are to take the uploaded assignment and edit it. The title shoul.docx
You are to take the uploaded assignment and edit it. The title shoul.docx
 
You are to use a topic for the question you chose.WORD REQUIRE.docx
You are to use a topic for the question you chose.WORD REQUIRE.docxYou are to use a topic for the question you chose.WORD REQUIRE.docx
You are to use a topic for the question you chose.WORD REQUIRE.docx
 

Recently uploaded

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonJericReyAuditor
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 

Recently uploaded (20)

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Science lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lessonScience lesson Moon for 4th quarter lesson
Science lesson Moon for 4th quarter lesson
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 

Security Strategies in Windows Platforms and ApplicationsL.docx

  • 1. Security Strategies in Windows Platforms and Applications Lesson 1 Microsoft Windows and the Threat Landscape © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cover image © Sharpshot/Dreamstime.com Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 1 Learning Objective(s) Describe information systems security and the inherent security features of the Microsoft Windows operating system. Describe threats to Microsoft Windows and applications. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
  • 2. All rights reserved. 2 Key Concepts Information systems security and the C-I-A triad Microsoft Windows and a typical IT infrastructure Vulnerabilities of Microsoft Windows systems and their applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 3 Information Systems Security Defense in depth A collection of strategies to make a computer environment safe Information security Main goal is to prevent loss Most decisions require balance between security and usability Security controls are mechanisms used to protect information Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com
  • 3. All rights reserved. 4 Security Controls Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 5 Type of Control Administrative Type of Function Preventive Detective Corrective
  • 4. Technical Physical C-I-A Triad Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The practice of securing information involves ensuring three tenets of information security: confidentiality, integrity, and availability Known as the C-I-A triad Also known as the availability, integrity, and confidentiality (A-I-C) triad Each tenet interacts with the other two and, in some cases, may conflict 6 Confidentiality The assurance that the information cannot be accessed or viewed by unauthorized users Examples of confidential information: Financial information
  • 5. Medical information Secret military plans Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A successful attack against confidential information enables the attacker to use the information to gain an inappropriate advantage or to extort compensation through threats to divulge the information. 7 Integrity The assurance that the information cannot be changed by unauthorized users Ensuring integrity means applying controls that prohibit unauthorized changes to information Examples of integrity controls: Security classification User clearance Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
  • 6. Company www.jblearning.com All rights reserved. 8 Availability The assurance that the information is available to authorized users in an acceptable time frame when the information is requested is availability Examples of attacks that affect availability: Denial of service (DoS) Hacktivist Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 9 Microsoft Windows and Applications in a Typical IT Infrastructure IT infrastructure Collection of computers, devices, and network components that make up an IT environment
  • 7. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 10 Microsoft Windows and Applications in a Typical IT Infrastructure Common infrastructure components: Client platforms Network segments Network devices Server instances (often listed by function) Cloud-based offerings, such as Microsoft Office 365 and Microsoft Azure Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 11 A Sample IT Infrastructure
  • 8. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Windows Clients Client systems provide functionality to end users; customer- facing systems Include desktops, laptops, and mobile devices Each application can be deployed on client systems as either a thin or a thick client Windows 10 Newest and most popular Windows client operating system Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 13 Windows Servers Server computers provide services to client applications Common server applications: Web servers, application servers, and database servers Windows Server 2019 Essentials, for small businesses Standard, for most server functions Datacenter, for large-scale deployments
  • 9. Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 14 Microsoft’s End-User License Agreement (EULA) Software license agreement that contains the Microsoft Software License Terms Must be accepted prior to installation of any Microsoft Windows product Located in the Windows install folder or on the Microsoft website Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 15 Microsoft EULA Sections Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
  • 10. Company www.jblearning.com All rights reserved. Updates Additional Notices—Networks, Data, and Internet Usage Limited Warranty Exclusions from Limited Warranty Windows Threats and Vulnerabilities Successful attack: One that realizes, or carries out, a threat against vulnerabilities Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 17 Risk Any exposure to a threat
  • 11. Threat Any action that could lead to damage, disruption, or loss Vulnerability Weakness in an operating system or application software Windows Threats and Vulnerabilities A threat is not necessarily dangerous Fire in fireplace = desirable Fire in data center = dangerous For damage to occur, there has to be a threat Attackers look for vulnerabilities, then devise an attack that will exploit the weakness Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 18 Anatomy of Microsoft Windows Vulnerabilities
  • 12. Ransomware Malicious software that renders files or volumes inaccessible through encryption Attacker demands payment using cryptocurrency for the decryption key Well-known ransomware attacks CryptoLocker Locky WannaCry Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Most ransomware encrypts data and demands a payment using cryptocurrency in exchange for the decryption key. 19 Discovery-Analysis-Remediation Cycle Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A recurring three-step process for addressing attacks
  • 13. 20 Discovery Once an attack starts, attackers become as inconspicuous as possible Need to compare suspect activity baseline (normal activity) to detect anomalies Common method of accomplishing this is to use activity and monitoring logs Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 21 Analysis Security information and event management (SIEM) tools Collect and aggregate security-related information from multiple sources and devices Help prepare data for correlation and analysis Current vulnerability and security bulletin databases Help you determine if others are experiencing same activity Page ‹#› Security Strategies in Windows Platforms and Applications
  • 14. © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. SIEM tools can often cross-reference known vulnerability databases to help identify suspect behavior. The analysis phase includes validating suspect activity as abnormal and then figuring out what is causing it. 22 Remediation Contain any damage that has occurred, recover from any loss, and implement controls to prevent a recurrence Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 23 Common Forms of AttackThreatDescriptionPhishingGenerally start with a message that contains a link or image to click, or a file to open; taking these actions launches malware attacksMalwareMalicious software designed to carry out tasks that the user would not normally allowDenial of service (DoS)Any action that dramatically slows down or blocks access
  • 15. to one or more resourcesInjection attackDepends on ability to send instructions to an application that causes the application to carry out unintended actions; SQL injection is common Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 24 Common Forms of Attack (Cont.)ThreatDescriptionUnprotected Windows Share A situation that allows attackers to install tools, including malicious softwareSession hijacking and credential reuseAttempts by attackers to take over valid sessions or capture credentials to impersonate valid usersCross-site scriptingSpecially crafted malicious code used to attack web applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 25 Common Forms of Attack (Cont.)ThreatDescriptionPacket sniffing The process of collecting network messages as they
  • 16. travel across a network in hopes of divulging sensitive information, such as passwords Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 26 Summary Information systems security and the C-I-A triad Microsoft Windows and a typical IT infrastructure Vulnerabilities of Microsoft Windows systems and their applications Page ‹#› Security Strategies in Windows Platforms and Applications © 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. 27 Week 5 Assignment Application: ANOVA Study: The Alpha Shoe Company When you read published research studies, you find experimental studies in which one or more variables are
  • 17. manipulated. One example is a study on whether students with windows in their classrooms give their instructors higher evaluations than students with no windows in their classrooms. You could do a basic comparison of these two groups with a t test, which you studied in Week 4. Perhaps it would be more interesting to have additional levels of environment. You might compare instructor evaluations when students are in a class with no windows, a class with windows that look out to a parking lot, a class with windows that look out to a park, or a class with no windows but pictures of windows on the wall. Since you have multiple levels of the factor, environment, an ANOVA would help you understand the differences between each. This Assignment will give you practice conducting a study with multiple levels of a factor by working once again with the Alpha Shoe Company. Since many research studies rely on the ANOVA for analysis, you will enhance your ability to understand the results of research studies that you evaluate in the future. Scenario: Imagine that Alpha Shoe Company wants to do a second study on the vertical lift basketball players can gain from their shoes. Recall that they believe that how high a player can jump is affected by the type of shoe that player wears. They identified 25 professional basketball players and randomly assigned each of them to wear one of the five types of shoe, then measured how high each player jumped. Each player’s jumping height is given below in inches: Pluto Omega II Beta Super Delta Gamma 29.1 29.2 28.5 28.4
  • 18. 27.7 29.8 29.1 28.9 28.0 27.9 30.0 28.8 29.2 28.8 28.0 29.0 28.7 28.3 29.0 28.2 31.1 28.8 30.0 28.9 28.0 Assignment: To complete this Assignment, submit by Day 7 answers to the following. Use SPSS to compare the means of the scores of these five shoes with a one-way ANOVA. Save and submit both your SPSS data file and your output. · Before comparing the scores with an ANOVA, state your null and alternative hypotheses in words (not formulas). · Identify the independent and dependent variables. · Name the levels in your identified factor. · State the within-group degrees of freedom and explain how you calculate it. · State the between-group degrees of freedom and explain how you calculate it. · Identify the obtained F value. · Identify the p value.
  • 19. · Explain whether the F test is significant. Explain how you know and what it tells you. · Explain what you can conclude about the effect of shoe choice on vertical lift (jumping height). · Should you conduct a post hoc test? Why or why not? If yes, conduct a Tukey HSD post hoc analysis. Explain what the results tell you about type of shoe choice and vertical lift. · Submit three documents for grading: your text (Word) document with your answers and explanations to the application questions, your SPSS Data file, and your SPSS Output file. · Provide an APA reference list.