Information Security



Similar documents
2012 Risk Assessment Workshop

Activity 1: Scanning with Windows Defender

Penetration testing & Ethical Hacking. Security Week 2014

Developing Network Security Strategies

Windows Operating Systems. Basic Security

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

INFORMATION SECURITY TRAINING CATALOG (2015)

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Quick Installation Guide-For MAC users

Chapter 15: Computer and Network Security

Quick Installation Guide

Detailed Description about course module wise:

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

The Risks that Pen Tests don t Find. OWASP 13 April The OWASP Foundation

CYBERTRON NETWORK SOLUTIONS

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Network Services One Washington Square, San Jose, CA

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

FREQUENTLY ASKED QUESTIONS

Airnet-Student is a new and improved wireless network that is being made available to all Staffordshire University students.

How To. Simply Connected. XWR-1750 Basic Configuration INTRODUCTION

Quick Installation Guide For Mac users

Penetration testing. A step beyond missing patches and weak passwords

Open Source Toolkit. Penetration Tester's. Jeremy Faircloth. Third Edition. Fryer, Neil. Technical Editor SYNGRESS. Syngrcss is an imprint of Elsevier

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

CRYPTUS DIPLOMA IN IT SECURITY

EC-Council Certified Security Analyst (ECSA)

CRYPTOGEDDON: HEALTH CARE COMPROMISE. Todd Dow, CISA, PMP Founder,

Student Tech Security Training. ITS Security Office

Wireless Network Best Practices for General User

Healthcare Information Security Governance and Public Safety II

Mac OS X. Staff members using NEIU issued laptops and computers on Active Directory can access NEIU resources that are available on the wired network.

Reliance Bank Fraud Prevention Best Practices

How We're Getting Creamed

Payment Card Industry Self-Assessment Questionnaire

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Online Banking Fraud Prevention Recommendations and Best Practices

PCI Requirements Coverage Summary Table

Quick Installation Guide

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

University of Hawaii at Manoa Professor: Kazuo Sugihara

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

How To Protect A Wireless Lan From A Rogue Access Point

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Connecticut Justice Information System Security Compliance Assessment Form

How To Protect Data From Attack On A Network From A Hacker (Cybersecurity)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

White Paper: Consensus Audit Guidelines and Symantec RAS

Security Management. Keeping the IT Security Administrator Busy

California State Polytechnic University, Pomona. Desktop Security Standard and Guidelines

Smarter Security for Smarter Local Government. Craig Sargent, Solutions Specialist

Print Server Application Guide. This guide applies to the following models.

Hackers are here. Where are you?

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Security Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems

Security. TestOut Modules

Edith Cowan University Information Technology Services Centre

Where every interaction matters.

Securing SharePoint 101. Rob Rachwald Imperva

Attack and Penetration Testing 101

MN-700 Base Station Configuration Guide

Quick Installation Guide

Information Security Services

United States Trustee Program s Wireless LAN Security Checklist

PCI Requirements Coverage Summary Table

Protecting Your Organisation from Targeted Cyber Intrusion

Microsoft Baseline Security Analyzer (MBSA)

Potential Security Vulnerabilities of a Wireless Network. Implementation in a Military Healthcare Environment. Jason Meyer. East Carolina University

Introduction. PCI DSS Overview

Business Internet Banking / Cash Management Fraud Prevention Best Practices

User Guide for eduroam

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Business ebanking Fraud Prevention Best Practices

Network Security Administrator

Footprinting and Reconnaissance Tools

Print Server Application Guide

Topics in Network Security

Presented by Evan Sylvester, CISSP

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Wireless Security for Hotspots & Home PCCW Feb, 2009

Hosts HARDENING WINDOWS NETWORKS TRAINING


Best Practices for Cyber Security Testing. Tyson Jarrett Compliance Risk Analyst, Cyber Security

iscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi

Certified Secure Computer User

Module 6, Assignment 5

How To Protect Yourself From A Hacker Attack

Ethical Hacking Course Layout

How To Use Truecrypt For Free On A Pc Or Mac Or Mac (For A Laptop) For A Long Time (For Free) For Your Computer Or Ipad Or Ipa (For Mac) For Free (For Your Computer) For Long

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

DATA PROJECTOR XJ-A147/XJ-A247/XJ-A257 XJ-M146/XJ-M156 XJ-M246/XJ-M256. XJ-A Series. XJ-M Series. Network Function Guide

9 Simple steps to secure your Wi-Fi Network.

Quick Installation Guide

Transcription:

Information Security Level II Office of the Vice President for Information Technology Mr. Corbett Consolvo, IT Security Analyst Ms. Lori McElroy, IT Security Officer Iffat Jabeen, IT Security GRA

Agenda University server management requirements Securing your OS how to avoid most attacks Sensitive information scanning File share and permissions management Google scanning Vulnerability scanning Wireless security best practices Risk assessment

Introduction A word about this class This is NOT a hacking class, it s not even an ethical hacking class The goal for this class is to better prepare you to manage security on the systems you are responsible for Why do we care about information security?

How to Avoid Most Attacks The Big 4 OS patches AV update Firewall Use multiple accounts User, Admin

Securing Your OS The Big 4 first Activity 1: Using Windows XP Professional Security Checklist (on your CD)

Windows Security Tools Activity 2: Scanning with Windows Defender Activity 3: Scanning with Microsoft Security Baseline Analyzer

Windows Permissions Activity 4: Share Permissions Check active permission on share Activity 5: Security Permissions Security permissions are more granular permissions on the folders and files inside the share Beware "Inherit Permissions"

Web Site Scanning Open source tools for web site scanning OWASP project www.owasp.org Activity 6: Google Scanning Google Reconnaissance Defenses

Wireless Security Change default Admin password and user name Change default SSID Turn on encryption: WPA, WPA2 Enable MAC Address Filteringin Disable SSID broadcast Do not auto-connect to open WiFi nets Position router and access point to prevent data leakage

Risk Assessment and Auditing Vulnerability Scanning and Log Review Activity 7: NMap for Windows Activity 8: Windows Event Viewer Activity 9: Identity Finder Scanning Optional: Systinternals Optional: Wireshark

Tools and References (some on CD) Windows Server Management Procedures security.vpit.txstate.edu/awareness/best_practices/server/stand ards_procedures.html SANS and other Operating System Hardening and Security Checklists Google Checklists and Cheat Sheets Web Applications list of open source scanning tools and checklists Oracle Hardening Checklist Microsoft Security Baseline Analyzer (MSBA) microsoft.com/technet/security/tools/mbsahome.mspx Nmap for Windows (nmap.org) Windows Defender Sysinternals http://live.sysinternals.com/ Identity Finder www.tr.txstate.edu/software/download/identity-finder.html

Contact and Resources Texas State Sites IT Security - http://www.vpit.txstate.edu/security Texas State Software Downloadswww.tr.txstate.edu/software/download.html Phishing - /awareness/phishing.html Report an Incident to IT Security or /tools/incident_report.html Contacts Information Technology Security 512-245-HACK(4225), Information Technology Assistance Center (Help Desk) 512-245-ITAC(4822) or 512-245-HELP, itac@txstate.edu

Q & A

Q & A

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information