Click here to load reader

Supplement V1.2

  • View
    943

  • Download
    6

Embed Size (px)

DESCRIPTION

第一,二,三,四,五天補充資料

Text of Supplement V1.2

  • 1. The slide is for education purpose only. Please leave your comment if there is any copyright infringement. I will delete it immediately. Thank you.

2. ) () 3. Qualitative Risk Analysis Example TANet http://cissnet.edu.tw/download_tanet.aspx 4. FMEA Output RPN=SEV x PF x DETPRN: Risk Priority NumberSEV:SeverityPF:Probability FactorDET:Detection Effectiveness Rers: http://www.siliconfareast.com/fmea_quickref.htm#table 5. Fault Tree Analysis 6. I. Risk Assessment in NIST SP-800 30source: NIST Sp800-30 7. I. Risk Assessment in NIST SP-800 30(cont.)source: NIST Sp800-30 8. Risk Management Threats Risk IdentificationVulnerabilitiesQuantitative AnalysisQualitativeAnalysisRisk Risk AnalysisFMEAAssessment FTAOCTAVERisk Likelihood Management RiskEvaluation Impact AcceptanceReduction RiskMitigation TransferenceAvoidance 9. Access Control 10. Access Control Conceptual DiagramAccess Control 2007/6/8AnythingYou DoIdentify IdentificationWill Be YouselfLoggedProve ItAccountability Authentication(I need toVerify you) Do What I AuthorizationTell You toDo 11. TACACS+ and RADIUS Comparison Criterion TACACS+RADIUSTransport TCP (reliable; more overhead)UDP (unreliable; higher performance)Authentication Can be separated (more flexible)CombinedandAuthorizationMultiprotocol Supported (IP, Apple, NetBIOS, IP onlySupport Novell, X.25)Access to Supports two methods to controlNot supportedRouter CLIthe authorization of routerCommandscommands on a per-user or per-group basisEncryptionPacket payload Passwords only http://etutorials.org/Networking/network+management/Part+II+Implementations+on+the+Cisco+Devices/Chapter+9.+AAA+Accounting/Diameter+Det ails/ 12. RADIUS and Diameter Comparison Characteristic RADIUSDiameter Transport protocol Connectionless (UDP 1812).Connection-oriented (TCP, SCTP,3868). Transport security Optional IPsec. IPsec or Transport Layer Security(TLS) is required. Architecture Client-Server model Peer-to-peer model StateStateless Stateful(Session ID, transactionstatus) Authentication Pre-shared keyPre-Shared key, digital certificatePAP, CHAP, EAPPAP, CHAP, EAPOnly client to server re- Mutual re-authenticationauthentication AuthorizationBind with re-authentication Re-authorization any time Accounting Real-time accountingReal-time accounting ConfidentialityOnly encrypt password Encrypt all data, or IP header(IPSec) IntegrityPoorGood ScalabilityPoorGood ExtensibilityVendor-specific Public use Security model Supports only hop-by-hop security. Supports end-to-end and hop-to-Every hop can modify information hop security. End-to-end guaranteesthat cannot be traced to its origin. that information cannot be modified without notice. 13. XACML Policy Sample SampleServer 14. SPML Scenario http://www.computerworld.com/s/article/86225/SPML 15. Cryptography 16. 2DES Meet-in-the-Middle AttackIf DES1 encrypted output equals DES2 decrypted output, then key1 and key2 crackedknown knownSource: www.giac.org/ 17. Keyed Hash HMAC Source: http://www.unixwiz.net/ 18. Algebraic Cryptanalysis EE Message E 19. Null Cipher A re you deaf, Father W illiam ! the young m an said,D id you hear w hat I told you just now ? E xcuse m e for shouting! D ont w aggle your headLike a blundering, sleepy old cow !A little m aid dw elling in W allington Tow n, Is m y friend, so I beg to rem ark:D o you think shed be pleased if a book w ere sent dow n E ntitled The H unt of the Snark? - Pack it up in brow n paper! the old m an cried,A nd seal it w ith olive-and-dove. I com m and you to do it! he added w ith pride, N or forget, m y good fellow , to send her besideE aster G reetings, and give her m y love. 20. Diffie-Hellman Key Agreement Operation 21. Diffie-Hellman Key Agreement Operation 22. Security Architecture and Design 23. Zachman Framework An Overview of Enterprise Architecture Framework Deliverables by Frank Goethals 24. DoDAF Framework Enterprise Architecture A-to-Z 25. EAL Stats www.commoncriteriaportal.org 26. Common Criteria Flowan implementation- independent Protection Category of Product statement of security Profile(i.e., firewalls) needs for a TOE type.a set of software, firmware and/or Target of Specific Product (i.e., hardware possibly EvaluationCisco PIX 5xx) accompanied by guidance. Security Vendor claims: an implementation- Specifications and dependent statement Target features of security needs for a specific identified TOEFunctional Assurance Requirements Requirements 27. Implementation of Evaluated ProductsTEST plan based onEvaluationstated requirements EAL Levels1 Functionally Tested 2 Structurally Tested 3 Methodically Tested 4 Methodically Designed, Tested, Reviewed 5 Semiformal testing 6 Semiformal verification 7 Formal verification and testing Based on production Certificationenvironment Accreditation 28. Storage Systems http://en.wikipedia.org/wiki/Storage_area_network 29. Application Security 30. KDD Process 31. Neural Network 32. Expert SystemSource:idrinfo.idrc.ca 33. Waterfall Method http://www.softwebsolutions.com/our_process.html 34. Spiral Method http://en.wikipedia.org/wiki/Spiral_model 35. Iterative Method Wikipedia 36. Inheritance Parent Class Animal Virtual Function Talk() Child Class Child Class Cat Dog Function Talk("") Function Talk("") 37. Polymorphism 1. class Animal { 2. virtual public Talk(){ } 3. } 4. class Dog extends Animal { 5. public Talk() { speak "" } 6. } 7. class Cat extends Animal { 8. public Talk() { speak "" } 9. } 10.Function AnimalTalk( Animal objSomeAnimal) 11.{ 12. objSomeAnimal.Talk; //polymophism; late binding 13.} 14.Animal objCat = new Cat; 15.Animal objDog = new Dog; 16.//Without polymorphism 17.objCat .Talk;//"" 18.objDog .Talk;//"" 19.//With polymorphism 20.AnimalTalk(objCat); //"" 21.AnimalTalk(objDog); //"" AnimalTalk (Accept) Animal objSomeAnimal run-time CatDog Animal Animal AnimalTalk 38. 2-phase commit 39. LRCI 40. EnCase File System 41. EnCase Timeline 42. 43. Telecommunication and Network Security 44. Attack Tree http://commons.wikimedia.org/wiki/File:Attack_tree_virus.png 45. Honeynet http://www.iu.hio.no/ 46. Partial Mesh as HA 47. Link Layer Encryption vs. End-to-end Encryption 48. ISDN Application 49. MPLShttp://www.isoc.org/ 50. IPSec Mode - Concise http://technet.microsoft.com/en-us/library/cc759130(WS.10).aspx#w2k3tr_ipsec_how_vvlc 51. PPTP and L2TP Data Format 52. Smurf http://www.techexams.net 53. FDDI Dual Counter-Rotating Ring 54. Routing ProtocolsOpen HopClass Authentica Category NetworklesstionRIPv1 RFC15 No None InteriorSmall1058Distance vectorRIPv2 RFC15 YesPassword InteriorSmall2453 MD5Distance vector MediumIGRPCisco255No None InteriorSmallDistance vectorEIGRP Cisco255YesPassword InteriorLarge MD5HybridOSPFRFCnone YesPassword InteriorLarge2328 MD5Link-stateHeteroISISISO YesPassword InteriorLarge10589 Link-stateEGP ExteriorAS-ASDistance vectorBGP RFC CIDR MD5ExteriorAS-AS1771Distance vector Cisco Certified Network Associate Study Guide 55. Subnetting vs. supernetting One Class C 8 contiguous Class C http://medusa.sdsu.edu/network/CS576/Lectures/ch05_Subnetting.pdf 56. VPN Site to Site 57. NetBios 58. War Dialer - PhoneSweep 59. Finger 60. IPP in IIS http://secunia.com/advisories/32248/ 61. LPR in XP https://www.cs.uwaterloo.ca/twiki/view/CF/LprPrintingForWindows 62. Tapping Fiber Optics http://i.techrepublic.com.com/blogs/Figure%20A.jpg 63. SAN http://www.allsan.com/sanoverview.php3 64. Transmission Technology http://www.privateline.com/PCS/Multiplexing.htm 65. BCP 66. BIA Process OwnerImpactBusiness Activity GeographicTimescaleExtent MTPDRPO 67. 4.1 INCIDENT RESPONSE STRUCTURE 68. RTO < MTPD(MTD) 69. Trailer 70. Scope 71. BCM is a Balancing Act(cont.) High CostHigh Lossrecoverystrategydisruption Cost/Loss Cost/Loss Cost/Loss Cost/Loss Cost/Loss Cost/Loss Cost/Loss Cost/Loss Cost Cost Cost Cost Cost Cost Cost Cost Optimal Lose Business Point Time 73 72. Physical Security 73. OS 74. Heat and cool air http://www.adc.com/us/en/Library/Literature/102264AE.pdf 75. Data loss on transportation 76. sourceIBM xforce report 2008