Beyond the Fortress Network

•Download as PPTX, PDF•

0 likes•85 views

Security in a Cloud World. One of the biggest issues with moving to the cloud is the concern for security. How do we protect our information when it leaves the control of our servers and networks? The good news is that Microsoft has been working hard to provide us with tools that allow us to secure our information no matter where it travels, even outside of our network. Find out Microsoft’s approach to security and what tools we have to ensure our information is safe and secure in a cloud first, mobile first world.

Technology

Beyond the Fortress
Network
David C. Broussard
Principal Consultant
@dbroussa
Blogs.catapultsystems.com/dbroussard

What are we concerned about again?





Malicious INTERNAL Actor

−
−
−
−

−
−

DELIVERY
Employee A opens infected
email on workstation2
A
Malware
EXPLOITATION
Employee B opens infected
email using mobile device2
BMalware
Infected phone disables
Antivirus; and compromised
credentials used to access
Email service
3Control Evasion
Password/Hash Dumping
3
Threat Actor gather
credentials on
compromised machine
COMMAND AND
CONTROL
Credentials harvested after
Employee attempts login
to bogus site
2
4
Threat Actors move
laterally within network
using compromised
credentials
Compromised Credential
ACTIONS ON
OBJECTIVE
5
Threat Actors use compromised
devices/accounts to exfiltrate PII
48 Hours 200+ Days
PII
Leak/Exfiltrate Data
Threat Actor targets employees
via phishing campaign1
Phishing
3
Compromised credentials
used to access service

Data Loss Prevention and Encryption




Threat Detection and Prevention

−
−
−
−

Tools that you didn’t know you had







http://get.catapultsystems.com/0365-business-registration
http://get.catapultsystems.com/0365-bootcamp-registration-it-track/
@CloudWhisperers
Learn More

Information Security has traditionally been about controlling the access to data. We build massive and complex network security to ensure that our data is protected. The problem is that as we become more Cloud based and mobile that Fortress we built around our network has become less effective. 80%+ of hacks are coming from inside of that fortress via phishing style attacks. We need a new approach and new tools to securing our data. This presentation looks at the old way and why it failed, as well as the tools that Microsoft Office 365 and EM-S provide to secure out data in the new world, no matter where it resides.

Code protection

whitecryption

Past, Present & Future of Credentials Theft

Lavi Lazarovitz

Security Requirements in eBusiness

We Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.

Domain 5 of the CEH: Web Application Hacking

ShivamSharma909

Considering that most people have used mobile applications like PUB-G, Instagram, and WhatsApp. I will give you an example of a web application that is also a mobile app. Now assume you’ve lost your mobile or your mobile is switched off, and you are willing to scroll the insta feed. What will you do? Login to your account through Google Chrome. Right? And that’s it, as you can use your Instagram by using a web browser. It is called a web application. A few famous examples of web applications are Facebook, MakeMyTrip, Flipboard, and the 2048 Game. https://www.infosectrain.com/blog/domain-5-of-the-ceh-web-application-hacking/

Domain 4 of CEH V11: Network and Perimeter Hacking

ShivamSharma909

Cyber crime

Ramrao Desai

Ethical hacking

Nitheesh Adithyan

Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s viewpoint so systems can be better secured. Its part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.

As organizations in recent years continue to increase their investment into the advancements of technology to upsurge productivity and efficiently, more and more companies begin to realize that protecting of this technology is just as significant (Information Security), if not; even more important in order to protect their reputation and integrity as a company. This paper provides a comprehensive high-level view of ethical hacking, such as what it is, what it entails, and why companies hack into their own technology. Additionally, counter measures including penetration testing and real-world examples will be examined to give the reader a better understanding of ethical hacking and why it’s such an essential element of Information Security in the Information Systems/Technology field.

Hass and associates cyber security

brn8brwn

Vulnerabilities The larger and more complex information systems are, the greater the possibility of error in logic and loopholes in algorithm. These are weak points that could enable hackers to breach a system and compromise the integrity of information stored. Programmers themselves who are not yet adept in writing software code can unknowingly misuse the code and lead to a vulnerability. A classic example of vulnerabilities that can be exploited is a weak password or its repeated use on various services or software. There are also websites containing malware that installs automatically once visited. Even legitimate software could be a venue for an exploit due to unknown errors (bugs) generated by the program. The end-user or the human element in information systems is arguably the weakest point that hackers easily utilize. 0-day exploits 0-hour or 0-day attack is the exploitation by outside parties of a security hole in a computer program which is unknown from its developers. The term comes from the premise that the attack unfolds on the “day 0, meaning no awareness as of yet from the developers so there is no opportunity and time to issue a fix for the threat. Zero-day exploits are usually shared among hackers even before the developer knew. Programmers could use the vulnerabilities via several avenues: on web browsers and email. Web browsers allow for a wider target. Meanwhile, using email, hackers can send a message that includes an executable file on the attachments, set to run once downloaded. Such 0-day threats are in the time frame where a security hole is exploited up to the time that the program developers issued a patch for it.

Cyber security

colebassett

Ethical Hacking

Mukul Agarwal

PowerPoint Presentation On Ethical Hacking in Brief (Simple)

Shivam Sahu

8 Types of Cyber Attacks That Can Bother CISOs in 2020

SecPod Technologies

What are cyber attacks? In simple terms, cyber attacks are attempts of disabling or stealing information from other computers, by gaining access to admin privileges to them. Why should businesses be worried? An average ransomware attack costs a company $5 million. Attackers target all types of businesses, small and large, healthcare, banking & finance, manufacturing, education, even government. The internet has made life a lot easier for business owners, at the same time it has made them easier to get hacked.

Ethical hacking introduction to ethical hacking

MissStevenson1

Types of Malware (CEH v11)

EC-Council

Introduction to Hacking

Rishabha Garg

Network Security Presentation

Allan Pratt MBA

2011 training presentationkaspersky-lab

Hacking

VipinYadav257

ethical hackingsamprada123

Cyber Crime and Security

Sanguine_Eva

Cyber security

Sakib Sami

Ethical hacking for information security

Jayanth Vinay

Select ONE of the following security incidents and provide the f.docx

lvernon1

Select ONE of the following security incidents and provide the following information: 1. A SQL Injection was performed by a hacker, resulting in the loss of PII data. 2. You have discovered a covert leak (exfiltration) of sensitive data to China. 3. Malcious code or malware was reported on multiple users' systems. 4. Remote access for an internal user was compromised - resulting in the loss of PII data. 5. Wireless access. You discovered an "evil twin" access point that resulted in many of your users connecting to the hacker's access point while working with sensitive data. 6. Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised. 7. A DoS or DDoS was performed against your system, resulting in the loss of 3 hours of downtime and lost revenue. Paragraph 1: IRT Team . What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices. Paragraph 2: Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident? What tools would you use to contain/recover from the incident? Paragraph 3: Metrics. Who would you measure your team's response effectivenss? What measurements/metrics would you track? Note: Paper should have minimum 250 words, Proper references and inline citations. .

Security chian417

What's hot

Introduction ethical hacking

Vishal Kumar

History & Future of Credentials Theft

Lavi Lazarovitz

Research Review - Cyberark Labs

Lavi Lazarovitz

Ethical hacking

Vishesh Singhal

Ethical Hacking A high-level information security study on protecting a comp...

Quinnipiac University

Hass and associates cyber security

brn8brwn

Cyber security

colebassett

Ethical Hacking

Mukul Agarwal

PowerPoint Presentation On Ethical Hacking in Brief (Simple)

Shivam Sahu

8 Types of Cyber Attacks That Can Bother CISOs in 2020

SecPod Technologies

Ethical hacking introduction to ethical hacking

MissStevenson1

Types of Malware (CEH v11)

EC-Council

Introduction to Hacking

Rishabha Garg

Network Security Presentation

Allan Pratt MBA

2011 training presentationkaspersky-lab

Hacking

VipinYadav257

ethical hackingsamprada123

Cyber Crime and Security

Sanguine_Eva

Cyber security

Sakib Sami

Ethical hacking for information security

Jayanth Vinay

What's hot (20)

Introduction ethical hacking

History & Future of Credentials Theft

Research Review - Cyberark Labs

Ethical hacking

Ethical Hacking A high-level information security study on protecting a comp...

Hass and associates cyber security

Cyber security

Ethical Hacking

PowerPoint Presentation On Ethical Hacking in Brief (Simple)

8 Types of Cyber Attacks That Can Bother CISOs in 2020

Ethical hacking introduction to ethical hacking

Types of Malware (CEH v11)

Introduction to Hacking

Network Security Presentation

2011 training presentation

Hacking

ethical hacking

Cyber Crime and Security

Cyber security

Ethical hacking for information security

Similar to Beyond the Fortress Network

Select ONE of the following security incidents and provide the f.docx

lvernon1

Security chian417

Computer security and privacy

eiramespi07

Security & Compliance for Startups

Symosis Security (Previously C-Level Security)

Introduction of hacking and crackingHarshil Barot

CyberSecurity and Importance of cybersecurity

Home

Cybersecurity is important because it protects all categories of data from theft and damage. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. in the modern day, there are dozens or possibly even hundreds of different interconnected assets, networks, and systems that we rely on every day for the normal functioning of society. Without these various infrastructure components, we wouldn’t be able to enjoy the benefits of living in the 21st century – small-scale disruptions to these components would result in the temporary loss of crucial capabilities. But, if escalated to a larger scale, society would be plunged into a catastrophic black sky event, resulting in cascading failures and a serious threat to human continuity. Examples include conflicts between nations where an aggressor seeks to disable their opponent’s ability to communicate or mobilize. And what better way for a domestic or international terrorist group to sow confusion and fear than to prevent our critical infrastructure from functioning and, in turn, our successful ability to respond and recover? In other words, it is fundamental to the safety and prosperity of a nation to provide reliable critical infrastructure security.

Refer the attached docs to understand Min 250 wordsSelect O.docx

lorent8

Refer the attached docs to understand: Min 250 words Select ONE of the following security incidents and provide the following information: 1. A SQL Injection was performed by a hacker, resulting in the loss of PII data. 2. You have discovered a covert leak (exfiltration) of sensitive data to China. 3. Malcious code or malware was reported on multiple users' systems. 4. Remote access for an internal user was compromised - resulting in the loss of PII data. 5. Wireless access. You discovered an "evil twin" access point that resulted in many of your users connecting to the hacker's access point while working with sensitive data. 6. Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised. 7. A DoS or DDoS was performed against your system, resulting in the loss of 3 hours of downtime and lost revenue. Paragraph 1: IRT Team . What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices. Paragraph 2: Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident? What tools would you use to contain/recover from the incident? Paragraph 3: Metrics. Who would you measure your team's response effectivenss? What measurements/metrics would you track? .

Network security

mena kaheel

Analysis of RSA Lockheed Martin AttackGavin Davey

Web security chapter#2

Ishaq Shinwari

Sheet1WeaknessViolates a policy or procedureThreatWhat is th.docx

bjohn46

Sheet1Weakness Violates a policy or procedureThreat What is the danger that exploits the weaknessRisk What ASSET could be lost (qualitative/quantitative)Countermeasure How can it be safeguardedRisk Factor & Reason “1” Critical: impacts company viability “2” Major: impacts asset or IT infrastructure “3” Minor: impacts productivity / availability Ex1Client records left out in the office after hours Janitors or others having access to the building after hours can gain access to files in the cabinetsa. Client sensitive information to include social security numbers can be stolen and used to open new accounts. b. Client financial account numbers can be obtained and finances can be stolen. c. Negative publicity can impact company's reputation.1. Enforce policies requiring client records to be stored securely. 2. Discipline employess who left records out."1" (company may have to pay penalities for each incident; negative publicity could destroy company's reputation) "3" (stolen files must be replaced)EX2Office areas unlocked after everyone left for dayVisitors and others can gain access to office areas without being seena. Company assets can be stolen or vandalized b. IT infrastruture can be destoyed c. File cabinets can be broken into and client files can be stolen or destroyed d. Negative publicity can impact company's reputation.1. Enforce policies requiring securing offices. 2. Discipline employess who left offices unlocked. 3. Add contact information to office entryways so janitors or others can call to report unsecured offices."1" (company may have to pay penalities for each incident; negative publicity could destroy company's reputation) "2" (stolen company assets and destroyed IT Infrastructure must be replaced) "3" (stolen files must be replaced)1Employee taped password to screen 2LAN/WAN UPS not operational3Regular Firewall maintenance not conducted4SysAdmin has little-to-no security awareness training5Servers does not contain latest patches6Databases/systems not backed-up7Computer always left logged-in 8Computer login shared by everyone 9Employee uses a very simple password 10InfoSec audits not conducted11Employees using personal laptops to do corporate business12Client files left out on the desk overnight13Client personal data shared with everyone via email14Password hasn't been changed in over a year15Office left unlocked during lunch/breaks and overnight16Retired employee able to login 17Inventory control and access control policies not followed18Record cabinets cannot be locked or are left unlocked19Computers do not have latest software patches20Unauthorized software discovered on corporate computers21Default password still being used22Laptops with sensitive data not encrypted23Master login created by IT and used by offices24Users can download data to USB drives Student Name: ISOL 533 &P of &N .

ETHICAL HACKING

miltonnancy

Client server network threat

Raj vardhan

5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...

ClearDATACloud

Sophisticated ransomware attacks on healthcare organizations by ruthless cybercriminals are on the rise. Savvy HIT leaders are taking immediate action to protect their IT systems and data. During this webinar you’ll gain insight into the 5 most important precautions that healthcare providers should take and what steps should be followed in event your system is compromised to minimize the impact on patient care and restore your systems as quickly as possible. In this presentation you’ll learn: - 5 most important ways to protect your organizations from a ransomware attack - What steps to take in the event your system is compromised by a ransomware attack Link to On-Demand Webinar: https://www.cleardata.com/knowledge-hub/5-ways-to-protect-your-healthcare-organization-from-a-ransomware-attack/

Introduction to Ethical Hacking

Kevin Chakre

Final Project – Incident Response Exercise SAMPLE.docx

lmelaine

Final Project – Incident Response Exercise SAMPLE 1. Contact Information for the Incident Reporter and Handler – Mruga Patel – Cyber Incident Response Team Lead – Organizational Information - Sifers-Grayson Corporation (Blue Team), Information Technology Department – [email protected] – 410-923-9221 – Location - 100 Fairway Ave, Suite 101, Catonsville, MD 21228 2. Incident Details – The attack occurred during off-hours at 22:00 EST. Incident was discovered when the system became unusable due to high volume traffic from an unauthorized IP Address. The incident ended at approximately 22:45 EST. – Catonsville, MD – Attack has ended – The attack occurred from an IP address of 11.125.22.198 with no host name. The cause of the incident has yet to be determined. – The attack was discovered when the system became unusable due to high levels of latency. It was detected using logging information from a server from the Task Manager. – The system remains unaffected. Only data was stolen from our company. The server which was extracted from the Employee server. IP address- 192.168.1.0, hotname SifersHouston.com. – N/A – The system resumed to normal function after attacked occurred. – Data stolen was from the server containing employee information. – Network was turned off once attack was discovered. The system logged all necessary information for forensic evidence. – N/A 3. Cause of Incident was from an unsecured network which was uses to steal company information. 4. The cost of the incident has yet to be determined. PII stolen has no calculated price. However, estimated person hours are about 200. It would cost around $100 per hour for IT staff to perform “clean-up” activities. As of now it would cost around $20,000.00. 5. The impact of the incident is significant. The necessary measures to combat this problem has yet to be determined. 6. General Comments- Our network poses a lot of security risks. Going forward, we need to implement certain security measures from further incidents from taking place. Background The Sifers-Grayson company has hired an outside organization to penetrate our network and report on vulnerabilities found within the network. Upon penetration testing and weeks of trying to exploit our system, the red team (testing team) has been successful. Holding a government contract, the Department of Defense (DoD) requires additional security requirements for the R&D and SCADA lab operations. Both of which hold classified and secret information and happen to be where the red team was able to exploit. The company is now required to use the NIST publications for protection controlled unclassified information in Nonfederal information systems and organizations. Failure to comply can result in fines and even contract termination. The (DFARS) Defense Federal Acquisition Regulations also outlines the safeguarding of Cyber Security Incident Reporting. Fortunately, identifying these risks before hacke ...

455845434-Chapter-2-Cyber-Security-pptx.pptx

DrVPadmavathiAssocia

Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets

Samuel862293

Cybersecurity tips to protecting your digital asset In an increasingly digital world, safeguarding your digital assets is essential. This presentation delves into key cybersecurity practices to ensure your data remains secure from cyber threats. We'll explore the importance of strong, unique passwords and the implementation of two-factor authentication to enhance security. Regular software updates are crucial, as they fix vulnerabilities that cybercriminals could exploit. Encryption is a vital tool, protecting your data both in transit and at rest, ensuring that even if intercepted, your information remains unreadable to unauthorized users. Regular backups, stored both locally and offsite, safeguard against data loss from breaches or system failures. We'll also cover email security, highlighting the dangers of phishing and the importance of secure communication channels. Network security practices, including secure Wi-Fi usage and firewall implementation, are essential to protect against unauthorized access. Mobile devices, often overlooked, need robust security measures and careful management of app permissions. User education is a continuous process, equipping you and your team with knowledge to identify and respond to threats effectively. Finally, consistent monitoring and auditing of your digital environment help detect anomalies early and ensure compliance with security protocols. This presentation provides a comprehensive guide to protecting your digital assets, emphasizing that cybersecurity is an ongoing process of vigilance and adaptation to emerging threats.

Cyper security & Ethical hacking

Cmano Kar

IRJET- An Overview of Ethical Hacking

IRJET Journal

Similar to Beyond the Fortress Network (20)

Select ONE of the following security incidents and provide the f.docx

Security

Computer security and privacy

Security & Compliance for Startups

Introduction of hacking and cracking

CyberSecurity and Importance of cybersecurity

Refer the attached docs to understand Min 250 wordsSelect O.docx

Network security

Analysis of RSA Lockheed Martin Attack

Web security chapter#2

Sheet1WeaknessViolates a policy or procedureThreatWhat is th.docx

ETHICAL HACKING

Client server network threat

5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...

Introduction to Ethical Hacking

Final Project – Incident Response Exercise SAMPLE.docx

455845434-Chapter-2-Cyber-Security-pptx.pptx

Cybersecurity : Tips and Tools to Properly Protect Your Digital Assets

Cyper security & Ethical hacking

IRJET- An Overview of Ethical Hacking

More from David Broussard

SPSHOU18 Working on the Go With Microsoft

Beyond the Fortress Network

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Beyond the Fortress Network

Similar to Beyond the Fortress Network (20)

More from David Broussard

More from David Broussard (16)

Recently uploaded

Recently uploaded (20)

Beyond the Fortress Network

Editor's Notes