This document discusses disaster recovery and business continuity planning. It defines disaster recovery as focusing on recovering technical components like computers, software, and data. Business continuity planning is broader and includes disaster recovery as well as procedures to restore business operations and infrastructure. The document notes that a disaster is defined as any event that prevents an organization from providing critical functions for a set period. It stresses the importance of organizations defining what constitutes a disaster for their specific needs through a business impact analysis.
Abstract The major objective of this paper is to seek towa.docx
1. Abstract
The major objective of this paper is to seek towards answering
the question about the development of the effective form of
leadership globally. The paper relies on the research studies
carried with the use of qualitative methodology that entails in-
depth interview of the selected study participants who are
experienced in the leadership field in the selected area of study.
The interviews after that had their transcription in analyzed,
coded and in a verbatim manner. In the future, the world will be
putting a lot of efforts into becoming a more developed universe
in the years to come. Global transformation starting from the
middle up to the higher levels of income will need leaders who
will be robust in facing the diversity and complicated
environment. With drastic globalization, there is the need for
global form of leadership growth and development. Global form
of leadership refers to the type of a leader who carries his or her
operations on global perspective with an open form of mindset
in a complicated and diverse form of an environment.
As at present, there are few leaders globally. Firms admit this
reality and must undertake the improvement of developing
leaders who serve global wise. Since the operations by the
organizations are continuing with the expansion across the
globe, the need for the leaders globally is at the same time
rising. Regardless of this organizations are facing hurdles with
sensitive shortages of the effective leaders globally. Hence,
they deserve to have the opportunity for developing their
respective knowledge, abilities, skills and their respective
personal traits into performing effectively as global leaders
when on stage. Not forgetting, various approaches are in place
towards the development of competencies for the global based
leaders. Previously, more emphasis was diverted to the
2. experience oriented and action based learning as the global
tasks, serving the multicultural organizations and very first
global leadership form of experience. Following the findings,
recommendations have been suggested for the development of
the effective global form of leadership.
Security Assessment
& Penetration testing
Marcus Murray, MVP [email protected]
1
Riskhantering hanteras av Management.
Vi kommer att prata om risk ur ett tekniker perspektiv.
Som tekniker måste vi veta vad som kan hända och förstå
konsekvenserna av det. Dessutom bör vi förstå hur man skall
mitigera.
Vi behöver inte kunskapen om att beräkna hur många kronor
saker kostar
3. Agenda
Planning Security Assessments
Gathering Information About the Organization
Penetration Testing for Intrusive Attacks
Marcus Murray, MVP [email protected]
2
Planning Security Assessments
Planning Security Assessments
Gathering Information About the Organization
Penetration Testing for Intrusive Attacks
Marcus Murray, MVP [email protected]
3
Why Does Network Security Fail?
Network security fails in several common areas, including:
Human awareness
Policy factors
Hardware or software misconfigurations
Poor assumptions
4. Ignorance
Failure to stay up-to-date
Marcus Murray, MVP [email protected]
Understanding Defense-in-Depth
Using a layered approach:
Increases an attacker’s risk of detection
Reduces an attacker’s chance of success
Guards, locks, tracking devices
Application hardening
OS hardening, authentication,
security update management, antivirus updates, auditing
Network segments, NIDS
Firewalls, boarder routers, VPNs with quarantine procedures
Strong passwords, ACLs, backup and restore strategy
Marcus Murray, MVP [email protected]
5. Why Perform Security Assessments?
Security assessments can:
Answer the questions “Is our network secure?” and “How do we
know that our network is secure?”
Provide a baseline to help improve security
Find configuration mistakes or missing
security updates
Reveal unexpected weaknesses in your
organization’s security
Ensure regulatory compliance
Marcus Murray, MVP [email protected]
Planning a Security AssessmentProject phasePlanning
elementsPre-assessmentScope
Goals
Timelines
Ground rulesAssessmentChoose technologies
Perform assessment
Organize resultsPreparing resultsEstimate risk presented by
discovered weaknesses
Create a plan for remediation
Identify vulnerabilities that have not been remediated
Determine improvement in network security over timeReporting
your findingsCreate final report
Present your findings
Arrange for next assessment
6. Marcus Murray, MVP [email protected]
Understanding the Security Assessment
ScopeComponentsExampleTargetAll servers running:
Windows 2000 Server
Windows Server 2003Target areaAll servers on the subnets:
192.168.0.0/24
192.168.1.0/24TimelineScanning will take place from June 3rd
to June 10th during non-critical business hoursVulnerabilities to
scan forRPC-over-DCOM vulnerability (MS 03-026)
Anonymous SAM enumeration
Guest account enabled
Greater than 10 accounts in the local Administrator group
Marcus Murray, MVP [email protected]
Understanding Security Assessment GoalsProject goalAll
computers running Windows 2000 Server and Windows Server
2003 on the subnets 192.168.0.0/24 and 192.168.1.0/24 will be
scanned for the following vulnerabilities and will be remediated
as statedVulnerabilityRemediationRPC-over-DCOM
vulnerability
(MS 03-026)Install Microsoft security updates
03-026 and 03-39Anonymous SAM enumerationConfigure
RestrictAnonymous to:
2 on Windows 2000 Server
1 on Windows Server 2003Guest account enabledDisable Guest
accountGreater than 10 accounts in the local administrator
groupMinimize the number of accounts on the administrators
group
7. Marcus Murray, MVP [email protected]
Types of Security Assessments
Vulnerability scanning:
Focuses on known weaknesses
Can be automated
Does not necessarily require expertise
Penetration testing:
Focuses on known and unknown weaknesses
Requires highly skilled testers
Carries tremendous legal burden in certain
countries/organizations
IT security auditing:
Focuses on security policies and procedures
Used to provide evidence for industry regulations
Marcus Murray, MVP [email protected]
Using Vulnerability Scanning to Assess Network Security
Develop a process for vulnerability scanning that will do the
following:
Detect vulnerabilities
8. Assign risk levels to discovered vulnerabilities
Identify vulnerabilities that have not been remediated
Determine improvement in network security over time
Marcus Murray, MVP [email protected]
Using Penetration Testing to Assess Network Security
Steps to a successful penetration test include:
Determine how the attacker is most likely to go about attacking
a network or an application
1
Determine how an attacker could exploit weaknesses
3
Locate assets that could be accessed, altered, or destroyed
4
Locate areas of weakness in network or application defenses
2
Determine whether the attack was detected
5
Determine what the attack footprint looks like
6
Make recommendations
7
Marcus Murray, MVP [email protected]
9. Understanding Components of an IT Security Audit
Process
Technology
Implementation
Documentation
Operations
Start with policy
Build process
Apply technology
Security Policy Model
Policy
Marcus Murray, MVP [email protected]
Implementing an IT Security Audit
Compare each area to standards and best practices
Security policy
Documented procedures
Operations
What you must do
What you say you do
What you really do
10. Marcus Murray, MVP [email protected]
Reporting Security Assessment Findings
Organize information into the following
reporting framework:
Define the vulnerability
Document mitigation plans
Identify where changes should occur
Assign responsibility for implementing approved
recommendations
Recommend a time for the next security assessment
Marcus Murray, MVP [email protected]
Gathering Information About the Organization
Planning Security Assessments
Gathering Information About the Organization
Penetration Testing for Intrusive Attacks
Marcus Murray, MVP [email protected]
16
What Is a Nonintrusive Attack?
11. Examples of nonintrusive attacks include:
Information reconnaissance
Port scanning
Obtaining host information using
fingerprinting techniques
Network and host discovery
Nonintrusive attack: The intent to gain information about an
organization’s network in preparation for a more intrusive
attack at a later time
Marcus Murray, MVP [email protected]
17
Information Reconnaissance Techniques
Common types of information sought by attackers include:
System configuration
Valid user accounts
Contact information
Extranet and remote access servers
Business partners and recent acquisitions or mergers
Information about your network may be obtained by:
Querying registrar information
Determining IP address assignments
Organization Web pages
Search engines
Public discussion forums
12. Marcus Murray, MVP [email protected]
18
Countermeasures Against Information Reconnaissance
Only provide information that is absolutely required to your
Internet registrar
Review your organization’s Web site content regularly for
inappropriate information
Create a policy defining appropriate public discussion forums
usage
Use e-mail addresses based on job roles on your company Web
site and registrar information
ü
ü
ü
ü
Marcus Murray, MVP [email protected]
19
What Information Can Be Obtained by Port Scanning?
Port scanning tips include:
13. Start by scanning slowly, a few ports at a time
To avoid detection, try the same port across
several hosts
Run scans from a number of different systems, optimally from
different networks
Typical results of a port scan include:
Discovery of ports that are listening or open
Determination of which ports refuse connections
Determination of connections that time out
Marcus Murray, MVP [email protected]
20
Port-Scanning Countermeasures
Port scanning countermeasures include:
Implement defense-in-depth to use multiple layers
of filtering
Plan for misconfigurations or failures
Run only the required services
Implement an intrusion-detection system
ü
ü
ü
ü
Expose services through a reverse proxy
14. ü
Marcus Murray, MVP [email protected]
21
What Information Can Be Collected About Network Hosts?
Types of information that can be collected using fingerprinting
techniques include:
IP and ICMP implementation
TCP responses
Listening ports
Banners
Service behavior
Remote operating system queries
Marcus Murray, MVP [email protected]
22
Countermeasures to Protect Network Host
InformationFingerprinting sourceCountermeasuresIP, ICMP,
and TCPBe conservative with the packets that you allow to
reach your system
Use a firewall or inline IDS device to normalize traffic
Assume that your attacker knows what version of operating
15. system is running, and make sure it is secureBannersChange the
banners that give operating system information
Assume that your attacker knows what version of operating
system and application is running, and make sure it is
securePort scanning, service behavior, and remote
queriesDisable unnecessary services
Filter traffic coming to isolate specific ports on the host
Implement IPSec on all systems in the managed network
Marcus Murray, MVP [email protected]
23
Penetration Testing for Intrusive Attacks
Planning Security Assessments
Gathering Information About the Organization
Penetration Testing for Intrusive Attacks
Marcus Murray, MVP [email protected]
24
What Is Penetration Testing for Intrusive Attacks?
Examples of penetration testing for intrusive attack methods
include:
16. Automated vulnerability scanning
Password attacks
Denial-of-service attacks
Application and database attacks
Network sniffing
Intrusive attack: Performing specific tasks that result in a
compromise of system information, stability, or availability
Marcus Murray, MVP [email protected]
25
What Is Automated Vulnerability Scanning?
Automated vulnerability scanning makes use of scanning tools
to automate the following tasks:
Banner grabbing and fingerprinting
Exploiting the vulnerability
Inference testing
Security update detection
Marcus Murray, MVP [email protected]
26
17. Scale/Performance
Basis: Fully patched remote Windows XP SP1 on a busy 100-
Mbps LANCheckDuration (seconds)Network Resources
(bytes)Windows vulnerabilities91 MBWeak passwords163.2
MBIIS vulnerabilities2130 KBSQL vulnerabilities5200
KBSecurity Updates (/nosum)46.5 MBTotal3611 MBSecurity
Updates (/sum)1064 MB
Marcus Murray, MVP [email protected]
27
What Is a Password Attack?
Two primary types of password attacks are:
Brute-force attacks
Password-disclosure attacks
Countermeasures to protect against password attacks include:
Require complex passwords
Educate users
Implement smart cards
Create policy that restricts passwords in batch files, scripts, or
Web pages
Marcus Murray, MVP [email protected]
28
18. What Is a Denial-of-Service Attack?
DoS attacks can be divided into three categories:
Flooding attacks
Resource starvation attacks
Disruption of service
Denial-of-Service (DoS) attack: Any attempt by an attacker to
deny his victim’s access to a resource
Note: Denial-of-service attacks should not be launched against
your own live production network
Marcus Murray, MVP [email protected]
29
Countermeasures for Denial-of-Service AttacksDoS
attackCountermeasuresFlooding attacksEnsure that your routers
have anti-spoofing rules in place and rules that block directed
broadcasts
Set rate limitations on devices to mitigate
flooding attacks
Consider blocking ICMP packetsResource starvation
attacksApply the latest updates to the operating system and
applications
Set disk quotasDisruption of serviceMake sure that the latest
update has been applied to the operating system and
applications
Test updates before applying to production systems
Disable unneeded services
19. Marcus Murray, MVP [email protected]
30
Understanding Application and Database Attacks
Common application and database attacks include:
Buffer overruns:
Write applications in managed code
SQL injection attacks:
Validate input for correct size and type
Marcus Murray, MVP [email protected]
31
What Is Network Sniffing?
An attacker can perform network sniffing by performing the
following tasks:
Compromising the host
Installing a network sniffer
Using a network sniffer to capture sensitive data such as
network credentials
Using network credentials to compromise
additional hosts
Network sniffing: The ability of an attacker to eavesdrop on
20. communications between network hosts
1
2
3
4
Marcus Murray, MVP [email protected]
32
Countermeasures for Network Sniffing Attacks
To reduce the threat of network sniffing attacks on your
network consider the following:
Use encryption to protect data
Use switches instead of hubs
Secure core network devices
Use crossover cables
Develop policy
Conduct regular scans
Marcus Murray, MVP [email protected]
21. 33
How Attackers Avoid Detection During an Attack
Common ways that attackers avoid detection include:
Flooding log files
Using logging mechanisms
Attacking detection mechanisms
Using canonicalization attacks
Using decoys
Marcus Murray, MVP [email protected]
34
How Attackers Avoid Detection After an Attack
Common ways that attackers avoid detection after an attack
include:
Installing rootkits
Tampering with log files
Marcus Murray, MVP [email protected]
22. 35
Countermeasures to Detection-Avoidance
TechniquesAvoidance TechniqueCountermeasuresFlooding log
files Back up log files before they are overwrittenUsing logging
mechanisms Ensure that your logging mechanism is using the
most updated version of software and all updatesAttacking
detection mechanisms Keep software and signatures
updatedUsing canonicalization attacks Ensure that applications
normalize data to its canonical formUsing decoys Secure the
end systems and networks being attackedUsing rootkits
Implement defense-in-depth strategiesTampering with log files
Secure log file locations
Store logs on another host
Use encryption to protect log files
Back up log files
Marcus Murray, MVP [email protected]
36
Session Summary
Plan your security assessment to determine scope and goals
Disclose only essential information about your organization on
Web sites and on registrar records
Educate users to use strong passwords or pass-phrases
Assume that the attacker already knows the exact operating
system and version and take as many steps as possible to secure
53. Note:
Critical systems are those systems a business must have, and
without which it would be critically damaged, or whose failure
might be life-threatening. Which systems are critical to a
business must be determined by the business. For some it will
be their e-commerce site, for others the billing system, and for
others their customer information databases. Everyone
recognizes the critical nature of air traffic control systems and
life support systems used in hospitals.
Two methods can be used to evaluate where and how much
redundancy is needed . The first, more traditional method is to
weigh the cost of providing redundancy against the cost of
downtime without redundancy. These costs can be calculated
and compared directly. (Is the cost of downtime greater or less
than the cost of redundancy?) The second method, which is
harder to calculate but is increasingly easier to justify, is to
decide based on the likelihood that customers will gravitate to
the organization that can provide the best availability of
service. This, in turn, is based on the increasing demands that
online services, unlike traditional services, be available
24×7×365. High availability can be a selling point that directly
leads to more business. Indeed, some customers will demand it.
There are automated methods for providing system redundancy,
62. Summary
In this chapter, we covered the four related business resumption
strategies that are all necessary for recovery from incidents,
outages, and disasters that result in service or data loss: disaster
recovery, business continuity planning, backups, and high-
availability. Together, these form the core of a strategy to keep
the organization’s information infrastructure operational.
Here in summary are the principal points, roles, and
responsibilities of a good disaster recovery and business
continuity program:
Develop and maintain disaster recovery and business continuity
plans for all your organization’s enterprise technologies.
Schedule and oversee disaster recovery rehearsals for all
enterprise systems.
Ensure disaster awareness by planning and conducting
awareness programs, hazard fairs, lunch-and-learn sessions, and
other informative events and materials.
Activate the plan.
Ensure community involvement by participating in local
community disaster mitigation and planning initiatives and
professional groups.
The disaster recovery and business continuity process is
92. 5) Describe what is SQL injection and what is/are the
countermeasure to prevent SQL injection?
Running head: GLOBAL LEADERSHIP ASSIGNMENT
OUTLINE 1
Global Leadership4
Global Leadership Outline
Introduction
Thesis statement: to understand the meaning and importance of
global leadership and how it can be attained.
Main point 1: Meaning and importance of global leadership
from different point of views
Main point 2: Qualities and skills of a global leader
Main point 3: Ways of attaining global leadership
Main point 4: Challenges facing and hindering the development
of global leadership skills and qualities
Body
Literature review
Main point 1: Meaning and importance of global leadership
from different point of views
Meaning of global leadership from Levy, Peiperl, &
Jonsen, (2016); explanation as the article expounds on the
meaning from different countries and understanding point of
93. view.
Elaboration of global leadership meaning from Perruci, (2018)
point of view as well as the importance of the topic thereby
linking why it is important to attain global leadership. Also, use
of an article by Reiche, Bird, Mendenhall, & Osland, (2015)
also expounds on importance of global leadership.
Main point 2: Qualities and skills of a global leader
· Basis of global leadership Reiche, et al., (2015)
· Relevant qualities and skills that makes one an effective
leader as described by Hassanzadeh, et al., (2015).
· How identified skills and qualities of a global leadership
makes one an effective global leader as featured in
(Carrillo, 2019)
· Perruci, (2018); features of a global leader
Main point 3: Ways of attaining global leadership
· Roots of global leadership (Mendenhall, 2017)
· How education can be used to install and train leaders to
develop global leadership skills and qualities (Deshpande, 2017
and Longo, & McMillan, 2015)
· Hassanzadeh, et al., (2015); strategies of developing and
acquiring global leadership
· Herd, et al., (2018); methodologies that teachers can use to
train learners on different global leadership skill
Main point 4: Challenges facing and hindering the development
of global leadership skills and qualities
94. · Why some leaders despite going through training and global
leadership skills acquisition fail to do so
·