SlideShare a Scribd company logo

Cyber AttacksProtecting National Infrastructure, 1st ed.Ch.docx

Download as DOCX, PDF
D
dorishigh

Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 6 Depth Copyright © 2012, Elsevier Inc. All Rights Reserved 1 Introduction Anylayerofdefensecanfailatanytime,thusthe introduction of defense in depth Aseriesofprotectiveelementsisplacedbetweenan asset and the adversary Theintentistoenforcepolicyacrossallaccesspoints Copyright © 2012, Elsevier Inc. All rights Reserved 2 Chapter 6 – Depth Fig. 6.1 – General defense in depth schema Copyright © 2012, Elsevier Inc. All rights Reserved 3 Chapter 6 – Depth Effectiveness of Depth Quantifyingtheeffectivenessofalayereddefenseis often difficult Effectivenessisbestdeterminedbyeducatedguesses Thefollowingarerelevantforestimating effectiveness – Practical experience – Engineering analysis – Use-case studies – Testing and simulation Copyright © 2012, Elsevier Inc. All rights Reserved 4 Chapter 6 – Depth Fig. 6.2 – Moderately effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 5 Chapter 6 – Depth Effectiveness of Depth • Whenalayerfails,wecanconcludeitwaseither flawed or unsuited to the target environment • Nolayeris100%effective—thegoalofmakinglayers “highly” effective is more realistic Copyright © 2012, Elsevier Inc. All rights Reserved 6 Chapter 6 – Depth Fig. 6.3 – Highly effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 7 Chapter 6 – Depth Fig. 6.4 – Multiple moderately effective layers of protection Copyright © 2012, Elsevier Inc. All rights Reserved 8 Chapter 6 – Depth Layered Authentication Anationalauthenticationsystemforeverycitizen would remove the need for multiple passwords, passphrases, tokens, certificates, and biometrics that weaken security Singlesign-on(SSO)wouldaccomplishthis authentication simplification objective However,SSOaccessneedstobepartofa multilayered defense Copyright © 2012, Elsevier Inc. All rights Reserved 9 Chapter 6 – Depth Fig. 6.5 – Schema showing two layers of end-user authentication Copyright © 2012, Elsevier Inc. All rights Reserved 10 Chapter 6 – Depth Fig. 6.6 – Authentication options including direct mobile access Copyright © 2012, Elsevier Inc. All rights Reserved 11 Chapter 6 – Depth Layered E-Mail Virus and Spam Protection Commercialenvironmentsareturningtovirtual,in- the-cloud solutions to filter e-mail viruses and spam Tothatsecuritylayerisaddedfilteringsoftwareon individual computers Antivirussoftwarehelpful,butuselessagainstcertain attacks (like botnet) Copyright © 2012, Elsevier Inc. All rights Reserved 12 Chapter 6 – Depth Fig. 6.7 – Typical architecture with layered e-mail filtering Copyright © 2012, Elsevier Inc. All rights Reserved 13 Chapter 6 – Depth Layered Access Controls • Layeringaccesscontrolsincreasessecurity • Addtothisthelimitingofphysicalaccesstoassets • Fornationalinfrastructure,assetsshouldbecovered by as many l.

Education
1 of 11
Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 6 Depth Copyright © 2012, Elsevier Inc. All Rights Reserved 1 Introduction Anylayerofdefensecanfailatanytime,thusthe introduction of defense in depth Aseriesofprotectiveelementsisplacedbetweenan asset and the adversary Theintentistoenforcepolicyacrossallaccesspoints Copyright © 2012, Elsevier Inc.
All rights Reserved 2 Chapter 6 – Depth Fig. 6.1 – General defense in depth schema Copyright © 2012, Elsevier Inc. All rights Reserved 3 Chapter 6 – Depth Effectiveness of Depth Quantifyingtheeffectivenessofalayereddefenseis often difficult Effectivenessisbestdeterminedbyeducatedguesses Thefollowingarerelevantforestimating effectiveness – Practical experience – Engineering analysis
– Use-case studies – Testing and simulation Copyright © 2012, Elsevier Inc. All rights Reserved 4 Chapter 6 – Depth Fig. 6.2 – Moderately effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 5 Chapter 6 – Depth Effectiveness of Depth • Whenalayerfails,wecanconcludeitwaseither flawed or unsuited
to the target environment • Nolayeris100%effective—thegoalofmakinglayers “highly” effective is more realistic Copyright © 2012, Elsevier Inc. All rights Reserved 6 Chapter 6 – Depth Fig. 6.3 – Highly effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 7 Chapter 6 – Depth Fig. 6.4 – Multiple moderately effective layers of protection Copyright © 2012, Elsevier Inc. All rights Reserved
8 Chapter 6 – Depth Layered Authentication Anationalauthenticationsystemforeverycitizen would remove the need for multiple passwords, passphrases, tokens, certificates, and biometrics that weaken security Singlesign-on(SSO)wouldaccomplishthis authentication simplification objective However,SSOaccessneedstobepartofa multilayered defense Copyright © 2012, Elsevier Inc. All rights Reserved 9 Chapter 6 – Depth Fig. 6.5 – Schema showing two layers of end-user authentication Copyright © 2012, Elsevier Inc.
All rights Reserved 10 Chapter 6 – Depth Fig. 6.6 – Authentication options including direct mobile access Copyright © 2012, Elsevier Inc. All rights Reserved 11 Chapter 6 – Depth Layered E-Mail Virus and Spam Protection Commercialenvironmentsareturningtovirtual,in- the-cloud solutions to filter e-mail viruses and spam Tothatsecuritylayerisaddedfilteringsoftwareon individual computers Antivirussoftwarehelpful,butuselessagainstcertain attacks (like botnet) Copyright © 2012, Elsevier Inc.
All rights Reserved 12 Chapter 6 – Depth Fig. 6.7 – Typical architecture with layered e-mail filtering Copyright © 2012, Elsevier Inc. All rights Reserved 13 Chapter 6 – Depth Layered Access Controls • Layeringaccesscontrolsincreasessecurity • Addtothisthelimitingofphysicalaccesstoassets • Fornationalinfrastructure,assetsshouldbecovered by as many layers possible – Network-based firewalls – Internal firewalls – Physical security
Copyright © 2012, Elsevier Inc. All rights Reserved 14 Chapter 6 – Depth Fig. 6.8 – Three layers of protection using firewall and access controls Copyright © 2012, Elsevier Inc. All rights Reserved 15 Chapter 6 – Depth Layered Encryption • Fiveencryptionmethodsfornationalinfrastructure protection – Mobile device storage – Network transmission – Secure commerce – Application strengthening – Server and mainframe data storage
Copyright © 2012, Elsevier Inc. All rights Reserved 16 Chapter 6 – Depth Fig. 6.9 – Multple layers of encryption Copyright © 2012, Elsevier Inc. All rights Reserved 17 Chapter 6 – Depth Layered Intrusion Detection Thepromiseoflayeredintrusiondetectionhasnot been fully realized, though it is useful Theinclusionofintrusionresponsemakesthe layered approach more complex Therearethreeopportunitiesfordifferentintrusion detection systems to provide layered protection
– In-band detection – Out-of-band correlation – Signature sharing Copyright © 2012, Elsevier Inc. All rights Reserved 18 Chapter 6 – Depth Fig. 6.10 – Sharing intrusion detection information between systems Copyright © 2012, Elsevier Inc. All rights Reserved 19 Chapter 6 – Depth National Program of Depth • Developingamultilayereddefensefornational infrastructure would require a careful architectural analysis of all assets and protection systems
– Identifying assets – Subjective estimations – Obtaining proprietary information – Identifying all possible access paths Copyright © 2012, Elsevier Inc. All rights Reserved 20 Chapter 6 – Depth

Recommended

Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
bobbywlane695641
 
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docxPROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
woodruffeloisa
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
jesusamckone
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
Mukesh Chinta
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JSFestUA
 
Deterring hacking strategies via
Deterring hacking strategies viaDeterring hacking strategies via
Deterring hacking strategies via
IJNSA Journal
 
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESDETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
IJNSA Journal
 
Cyber security innovation_imho v4
Cyber security innovation_imho v4Cyber security innovation_imho v4
Cyber security innovation_imho v4
W Fred Seigneur
 

Recommended

Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docxCopyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
Copyright © 2012, Elsevier Inc. All Rights ReservedCh.docx
bobbywlane695641
 
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docxPROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
woodruffeloisa
 
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
1Running head SHORTENED VERSION OF TITLE8SHORTENE.docx
jesusamckone
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
Mukesh Chinta
 
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JS Fest 2019. Анастасия Войтова. "Defense in depth": trench warfare principle...
JSFestUA
 
Deterring hacking strategies via
Deterring hacking strategies viaDeterring hacking strategies via
Deterring hacking strategies via
IJNSA Journal
 
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIESDETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
DETERRING HACKING STRATEGIES VIA TARGETING SCANNING PROPERTIES
IJNSA Journal
 
Cyber security innovation_imho v4
Cyber security innovation_imho v4Cyber security innovation_imho v4
Cyber security innovation_imho v4
W Fred Seigneur
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
dickonsondorris
 
Portfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coatPortfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coat
Ronaldo Cesar Espíndola Ferreira
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
IBM Security
 
Beating ips 34137
Beating ips 34137Beating ips 34137
Beating ips 34137
Spiros Fraganastasis
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the Cloud
SVForum Cloud SIG
 
Cyber security innovation imho v5
Cyber security innovation imho v5Cyber security innovation imho v5
Cyber security innovation imho v5
W Fred Seigneur
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
phanleson
 
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
oswald1horne84988
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
Lancope, Inc.
 
Application Security
Application SecurityApplication Security
Application Security
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
 
OWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention MethodsOWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention Methods
IRJET Journal
 
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUEScompTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
EMERSON EDUARDO RODRIGUES
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Trend Micro
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
IBM Security
 
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
AI Frontiers
 
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. DImperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
scoopnewsgroup
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
amber724300
 
Cyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docxCyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docx
dorishigh
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docx
dorishigh
 

More Related Content

Similar to Cyber AttacksProtecting National Infrastructure, 1st ed.Ch.docx

Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
bobbywlane695641
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
dickonsondorris
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
IBM Security
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
phanleson
 
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
oswald1horne84988
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
Lancope, Inc.
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
IBM Security
 
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. DImperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
scoopnewsgroup
 

Similar to Cyber AttacksProtecting National Infrastructure, 1st ed.Ch.docx (20)

Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docxCopyright © 2012, Elsevier Inc. All Rights Reserved.docx
Copyright © 2012, Elsevier Inc. All Rights Reserved.docx
 
Portfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coatPortfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coat
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
 
Beating ips 34137
Beating ips 34137Beating ips 34137
Beating ips 34137
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the Cloud
 
Cyber security innovation imho v5
Cyber security innovation imho v5Cyber security innovation imho v5
Cyber security innovation imho v5
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
 
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
1 1 Copyright © 2012, Elsevier Inc. All Rights Reserved .docx
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
 
Application Security
Application SecurityApplication Security
Application Security
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 
OWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention MethodsOWASP Top 10 Web Attacks (2017) with Prevention Methods
OWASP Top 10 Web Attacks (2017) with Prevention Methods
 
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUEScompTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
 
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
 
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. DImperative Induced Innovation - Patrick W. Dowd, Ph. D
Imperative Induced Innovation - Patrick W. Dowd, Ph. D
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 

More from dorishigh

Cyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docxCyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docx
dorishigh
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docx
dorishigh
 
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docxCyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
dorishigh
 
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docxCyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
dorishigh
 
Cyber Security and the Internet of ThingsVulnerabilities, T.docx
Cyber Security and the Internet of ThingsVulnerabilities, T.docxCyber Security and the Internet of ThingsVulnerabilities, T.docx
Cyber Security and the Internet of ThingsVulnerabilities, T.docx
dorishigh
 
Cyber Security Gone too farCarlos Diego LimaExce.docx
Cyber Security Gone too farCarlos Diego LimaExce.docxCyber Security Gone too farCarlos Diego LimaExce.docx
Cyber Security Gone too farCarlos Diego LimaExce.docx
dorishigh
 
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docxCW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
dorishigh
 
CW 1 Car Industry and AIby Victoria StephensonSubmission.docx
CW 1 Car Industry and AIby Victoria StephensonSubmission.docxCW 1 Car Industry and AIby Victoria StephensonSubmission.docx
CW 1 Car Industry and AIby Victoria StephensonSubmission.docx
dorishigh
 
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docxCWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
dorishigh
 
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docxCw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
dorishigh
 
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docxCVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
dorishigh
 
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docxCYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
dorishigh
 
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docxCUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
dorishigh
 
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docxCustomer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
dorishigh
 
Customer requests areProposed Cloud Architecture (5 pages n.docx
Customer requests areProposed Cloud Architecture (5 pages n.docxCustomer requests areProposed Cloud Architecture (5 pages n.docx
Customer requests areProposed Cloud Architecture (5 pages n.docx
dorishigh
 
Customer Relationship Management Presented ByShan Gu Cris.docx
Customer Relationship Management Presented ByShan Gu Cris.docxCustomer Relationship Management Presented ByShan Gu Cris.docx
Customer Relationship Management Presented ByShan Gu Cris.docx
dorishigh
 
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docx
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docxCustom Vans Inc. Custom Vans Inc. specializes in converting st.docx
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docx
dorishigh
 
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docxCurtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
dorishigh
 

More from dorishigh (20)

Cyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docxCyber War versus Cyber Realities Cyber War v.docx
Cyber War versus Cyber Realities Cyber War v.docx
 
Cyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docxCyber terrorism, by definition, is the politically motivated use.docx
Cyber terrorism, by definition, is the politically motivated use.docx
 
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docxCyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
Cyber Security ThreatsYassir NourDr. Fonda IngramETCS-690 .docx
 
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docxCyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
Cyber Security in Industry 4.0Cyber Security in Industry 4.0 (.docx
 
Cyber Security and the Internet of ThingsVulnerabilities, T.docx
Cyber Security and the Internet of ThingsVulnerabilities, T.docxCyber Security and the Internet of ThingsVulnerabilities, T.docx
Cyber Security and the Internet of ThingsVulnerabilities, T.docx
 
Cyber Security Gone too farCarlos Diego LimaExce.docx
Cyber Security Gone too farCarlos Diego LimaExce.docxCyber Security Gone too farCarlos Diego LimaExce.docx
Cyber Security Gone too farCarlos Diego LimaExce.docx
 
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docxCW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
CW 1R Checklist and Feedback Sheet Student Copy Go through this.docx
 
CW 1 Car Industry and AIby Victoria StephensonSubmission.docx
CW 1 Car Industry and AIby Victoria StephensonSubmission.docxCW 1 Car Industry and AIby Victoria StephensonSubmission.docx
CW 1 Car Industry and AIby Victoria StephensonSubmission.docx
 
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docxCWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
CWTS CWFT Module 7 Chapter 2 Eco-maps 1 ECO-MAPS .docx
 
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docxCw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
Cw2 Marking Rubric Managerial Finance0Fail2(1-29) Fail.docx
 
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docxCVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
CVPSales price per unit$75.00Variable Cost per unit$67.00Fixed C.docx
 
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docxCYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
CYB207 v2Wk 4 – Assignment TemplateCYB205 v2Page 2 of 2.docx
 
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docxCUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
CUSTOMERSERVICE-TRAINIGPROGRAM 2 TA.docx
 
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docxCustomer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
Customer Service Test (Chapter 6 - 10)Name Multiple Choice.docx
 
Customer Value Funnel Questions1. Identify the relevant .docx
Customer Value Funnel Questions1. Identify the relevant .docxCustomer Value Funnel Questions1. Identify the relevant .docx
Customer Value Funnel Questions1. Identify the relevant .docx
 
Customer service is something that we have all heard of and have som.docx
Customer service is something that we have all heard of and have som.docxCustomer service is something that we have all heard of and have som.docx
Customer service is something that we have all heard of and have som.docx
 
Customer requests areProposed Cloud Architecture (5 pages n.docx
Customer requests areProposed Cloud Architecture (5 pages n.docxCustomer requests areProposed Cloud Architecture (5 pages n.docx
Customer requests areProposed Cloud Architecture (5 pages n.docx
 
Customer Relationship Management Presented ByShan Gu Cris.docx
Customer Relationship Management Presented ByShan Gu Cris.docxCustomer Relationship Management Presented ByShan Gu Cris.docx
Customer Relationship Management Presented ByShan Gu Cris.docx
 
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docx
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docxCustom Vans Inc. Custom Vans Inc. specializes in converting st.docx
Custom Vans Inc. Custom Vans Inc. specializes in converting st.docx
 
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docxCurtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
Curtis HillTopic 07 Assignment Long-Term Care ChartHA30.docx
 

Recently uploaded

Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
Excellence Foundation for South Sudan
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
joachimlavalley1
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Denish Jangid
 

Recently uploaded (20)

Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
 
B.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdfB.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdf
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptx
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resources
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
 
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxStudents, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
 
Gyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxGyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptx
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
 
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 
[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resources
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
 

Cyber AttacksProtecting National Infrastructure, 1st ed.Ch.docx

  • 1. Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 6 Depth Copyright © 2012, Elsevier Inc. All Rights Reserved 1 Introduction Anylayerofdefensecanfailatanytime,thusthe introduction of defense in depth Aseriesofprotectiveelementsisplacedbetweenan asset and the adversary Theintentistoenforcepolicyacrossallaccesspoints Copyright © 2012, Elsevier Inc.
  • 2. All rights Reserved 2 Chapter 6 – Depth Fig. 6.1 – General defense in depth schema Copyright © 2012, Elsevier Inc. All rights Reserved 3 Chapter 6 – Depth Effectiveness of Depth Quantifyingtheeffectivenessofalayereddefenseis often difficult Effectivenessisbestdeterminedbyeducatedguesses Thefollowingarerelevantforestimating effectiveness – Practical experience – Engineering analysis
  • 3. – Use-case studies – Testing and simulation Copyright © 2012, Elsevier Inc. All rights Reserved 4 Chapter 6 – Depth Fig. 6.2 – Moderately effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 5 Chapter 6 – Depth Effectiveness of Depth • Whenalayerfails,wecanconcludeitwaseither flawed or unsuited
  • 4. to the target environment • Nolayeris100%effective—thegoalofmakinglayers “highly” effective is more realistic Copyright © 2012, Elsevier Inc. All rights Reserved 6 Chapter 6 – Depth Fig. 6.3 – Highly effective single layer of protection Copyright © 2012, Elsevier Inc. All rights Reserved 7 Chapter 6 – Depth Fig. 6.4 – Multiple moderately effective layers of protection Copyright © 2012, Elsevier Inc. All rights Reserved
  • 5. 8 Chapter 6 – Depth Layered Authentication Anationalauthenticationsystemforeverycitizen would remove the need for multiple passwords, passphrases, tokens, certificates, and biometrics that weaken security Singlesign-on(SSO)wouldaccomplishthis authentication simplification objective However,SSOaccessneedstobepartofa multilayered defense Copyright © 2012, Elsevier Inc. All rights Reserved 9 Chapter 6 – Depth Fig. 6.5 – Schema showing two layers of end-user authentication Copyright © 2012, Elsevier Inc.
  • 6. All rights Reserved 10 Chapter 6 – Depth Fig. 6.6 – Authentication options including direct mobile access Copyright © 2012, Elsevier Inc. All rights Reserved 11 Chapter 6 – Depth Layered E-Mail Virus and Spam Protection Commercialenvironmentsareturningtovirtual,in- the-cloud solutions to filter e-mail viruses and spam Tothatsecuritylayerisaddedfilteringsoftwareon individual computers Antivirussoftwarehelpful,butuselessagainstcertain attacks (like botnet) Copyright © 2012, Elsevier Inc.
  • 7. All rights Reserved 12 Chapter 6 – Depth Fig. 6.7 – Typical architecture with layered e-mail filtering Copyright © 2012, Elsevier Inc. All rights Reserved 13 Chapter 6 – Depth Layered Access Controls • Layeringaccesscontrolsincreasessecurity • Addtothisthelimitingofphysicalaccesstoassets • Fornationalinfrastructure,assetsshouldbecovered by as many layers possible – Network-based firewalls – Internal firewalls – Physical security
  • 8. Copyright © 2012, Elsevier Inc. All rights Reserved 14 Chapter 6 – Depth Fig. 6.8 – Three layers of protection using firewall and access controls Copyright © 2012, Elsevier Inc. All rights Reserved 15 Chapter 6 – Depth Layered Encryption • Fiveencryptionmethodsfornationalinfrastructure protection – Mobile device storage – Network transmission – Secure commerce – Application strengthening – Server and mainframe data storage
  • 9. Copyright © 2012, Elsevier Inc. All rights Reserved 16 Chapter 6 – Depth Fig. 6.9 – Multple layers of encryption Copyright © 2012, Elsevier Inc. All rights Reserved 17 Chapter 6 – Depth Layered Intrusion Detection Thepromiseoflayeredintrusiondetectionhasnot been fully realized, though it is useful Theinclusionofintrusionresponsemakesthe layered approach more complex Therearethreeopportunitiesfordifferentintrusion detection systems to provide layered protection
  • 10. – In-band detection – Out-of-band correlation – Signature sharing Copyright © 2012, Elsevier Inc. All rights Reserved 18 Chapter 6 – Depth Fig. 6.10 – Sharing intrusion detection information between systems Copyright © 2012, Elsevier Inc. All rights Reserved 19 Chapter 6 – Depth National Program of Depth • Developingamultilayereddefensefornational infrastructure would require a careful architectural analysis of all assets and protection systems
  • 11. – Identifying assets – Subjective estimations – Obtaining proprietary information – Identifying all possible access paths Copyright © 2012, Elsevier Inc. All rights Reserved 20 Chapter 6 – Depth