Revision [139]
Most recent edit made on 2008-06-18 00:22:09 by GaelReignierAdditions:
Deletions:
Revision [110]
Edited on 2008-06-03 18:47:10 by WikiSecretary (unregistered user)Additions:
3/06/08
RAS = VPN server from microsoft802.11i = WPA, WPA2
802.11a 802.11b 802.11g ] layer 1 - hardware
WPA personal : local credential system
WPA, WPA2 enterprise : Directory (AD, LDAP, OpenLDAP, ...)
nap : network access protocol from Microsoft
Revision [103]
Edited on 2008-05-28 19:02:20 by WikiSecretary (unregistered user)Additions:
Phishing
Security Tools
Supervision Tools :
Nagios ( http://fr.wikipedia.org/wiki/Nagios∞ )
Cacti
munin-hardware
syslog-ng
Network
PABX (Private Automatic Branch Exchange)
Security Tools
Supervision Tools :
Nagios ( http://fr.wikipedia.org/wiki/Nagios∞ )
Cacti
munin-hardware
syslog-ng
Network
PABX (Private Automatic Branch Exchange)
Revision [83]
Edited on 2008-05-21 19:03:13 by WikiSecretary (unregistered user)Additions:
=21/05/2008
Security ID (SID) is an ID for user, group
Tokens privilege :
-SeBackup
-SeDebug
-SeShutdown
-SeTakeOwnership
Physical security :
Threat are :
Sensible area and building
Be carreful of compromising signal (like screen, bluetooth ...) they could be spied !
We can use hardware solution for improve the software security (virtualization)
On database limit the privilege at a minimum
Give the good privilege to each group of user.
You can also encrypt the data on your hard disk
Authenticication and Identification are two level of security (password and login is enough for Authenticate but not for identify)
Malware :
Worm : infect your computer
Trojan : give the control off your machine to anyone else (opening port, change parameter)
Spyware : using tojan or worm
Revision [80]
Edited on 2008-05-20 23:06:54 by GaelReignierDeletions:
big black stronger than small chinese
Revision [79]
Edited on 2008-05-20 18:57:43 by WikiSecretary (unregistered user)Additions:
20/05/2008
Access control:
DAC : Discretionary Access
MAC : Mandatory Access Control
RADIUS:
-mainly used by ISP
-AAA protocol
-Remote Authentification
OS security:
TCB : Trusted Computing Base
has to bbe protected
if corrupted, all the security goes down
Biba concept:
deals with the integrity issue, based on integrity level
Threats:
hidden channel: way for an entity to receive informations in an unauthorize way
Trusted Solaris:
Using roles, running profiles, trusting path from keyboard to windows
Event Logger:
-windows: Event Viewer
-linux: Syslog /var/log/messages
Revision [78]
Edited on 2008-05-14 19:03:59 by WikiSecretary (unregistered user)Additions:
14-05-2008
big black stronger than small chineseRSA 512 < EAS 256
Symmetric cryptography : one key to encode and decode a message
- fast, increase easily the encoding key length
ETHEREAL : protocol analyser (man in the middle attack)
Asymmetric cryptography : one public key, one private key
- 1000 time slower than symmetric cryptography
On linux : /home/user/.ssh : folder using for ssh stuffs
public file : id_dsa.pub
private file: id_dsa
can be used to connect to an other host
Hash:
md5sum file to check the integrity of a file after a transfert (before and after)
-collisionless
spoofing : redirect on a private website
Certificates use PKI (Public Key Infrastructure)
Access Control:
Identification
Authorization
Permission
passwords:
/etc/passwd
/etc/shadows
Kerberos:
KDC : Key Distribution Center
AS : Authentication Service
TGT : Ticket Granding Ticket
TGS : Ticket Granting Service
ST : System Ticket
Revision [70]
Edited on 2008-05-12 21:02:11 by GaelReignierAdditions:
Revision [44]
Edited on 2008-05-08 00:01:18 by WikiSecretary (unregistered user)Deletions:
Answer: D.
Revision [43]
Edited on 2008-05-08 00:00:42 by WikiSecretary (unregistered user)Additions:
i add also this from : http://cissp.meetup.com/64/messages/boards/thread/2203587∞
SLE, ARO, ALE, residual risk
Answer: D.
The quantitative assessment process involves the following steps: Estimate potential losses (SLE), conduct a threat analysis (ARO), determine annual loss expectancy (ALE), and determine the residual risk after a countermeasure has been applied.
Revision [42]
Edited on 2008-05-07 23:57:23 by WikiSecretary (unregistered user)Additions:
some infos on google: http://www.google.com/search?hl=en&client=safari&rls=en&q=SLE+ARO&btnG=Search∞
Revision [41]
Edited on 2008-05-07 19:08:38 by WikiSecretary (unregistered user)Additions:
2.Security basis
2.Security Basis
C Confidentiality
I Integrity
A Availability
OSI
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
Risk management
Where do you need to start?
defining rights for people
password
On what do we need to focus on?
users
How much we need to invest?
How would you do?
insurance testings: employ hackers to secure your network
ARO: Annualized Rate of Occurence
whole risk = value of the assets x threats x vulnerabilities
Slide 63 Burfer Overflow Example
Worm for W2K: http://en.wikipedia.org/wiki/Nimda_(computer_worm∞)
SQL Injection: http://xkcd.com/327/∞
Stored Procedures: sql statements save on the server, that you can execute.
2.Security Basis
C Confidentiality
I Integrity
A Availability
OSI
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
Risk management
Where do you need to start?
defining rights for people
password
On what do we need to focus on?
users
How much we need to invest?
How would you do?
insurance testings: employ hackers to secure your network
ARO: Annualized Rate of Occurence
whole risk = value of the assets x threats x vulnerabilities
Slide 63 Burfer Overflow Example
Worm for W2K: http://en.wikipedia.org/wiki/Nimda_(computer_worm∞)
SQL Injection: http://xkcd.com/327/∞
Stored Procedures: sql statements save on the server, that you can execute.
Deletions:
2.Security basics
Revision [40]
Edited on 2008-05-07 18:16:42 by WikiSecretary (unregistered user)Additions:
Security Basics
Teacher: Gael Reignier - gael.reigner@supinfo.com
Slides: Cyril Voisin
CISSP (Certified Information Systems Security Professional)
1.Introduction
2.Security basics
3.Introduction to cryptology
1.Introduction
Why Security ?
Definition:
make feel safe
stealing documents
encrypting
integrity
Expects:
learn how to set up a security policy
how to test & fix our security policy
Security depends on the context, so ti is all RELATIVE !
3 sides of security:
Human
Physical
Technologies (antivirus, directory, ipsec, pki ...)
People (enterprise admin, domain admin, users, soft engineer, service support)
Processes ( Risks, perf management, fixes, archives, incident response, backups ...)
Teacher: Gael Reignier - gael.reigner@supinfo.com
Slides: Cyril Voisin
CISSP (Certified Information Systems Security Professional)
1.Introduction
2.Security basics
3.Introduction to cryptology
1.Introduction
Why Security ?
Definition:
make feel safe
stealing documents
encrypting
integrity
Expects:
learn how to set up a security policy
how to test & fix our security policy
Security depends on the context, so ti is all RELATIVE !
3 sides of security:
Human
Physical
Technologies (antivirus, directory, ipsec, pki ...)
People (enterprise admin, domain admin, users, soft engineer, service support)
Processes ( Risks, perf management, fixes, archives, incident response, backups ...)