Security Strategies in Windows Platforms and ApplicationsL.docx
jeffreye3
74 views
17 slides
Jan 16, 2023
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
Security Strategies in Windows Platforms and Applications
Lesson 1
Microsoft Windows and the
Threat Landscape
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Cover image © Sharpshot/Dreamstime.com
Page ‹#›
Security Strategies in ...
Slide Content
Security Strategies in Windows Platforms and Applications
Lesson 1
Microsoft Windows and the
Threat Landscape
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Cover image © Sharpshot/Dreamstime.com
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
1
Learning Objective(s)
Describe information systems security and the inherent security
features of the Microsoft Windows operating system.
Describe threats to Microsoft Windows and applications.
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
Lesson 1
Microsoft Windows and the
Threat Landscape
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Cover image © Sharpshot/Dreamstime.com
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
1
Learning Objective(s)
Describe information systems security and the inherent security
features of the Microsoft Windows operating system.
Describe threats to Microsoft Windows and applications.
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
2
Key Concepts
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
3
Information Systems Security
Defense in depth
A collection of strategies to make a computer environment safe
Information security
Main goal is to prevent loss
Most decisions require balance between security and usability
Security controls are mechanisms used to protect information
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
2
Key Concepts
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
3
Information Systems Security
Defense in depth
A collection of strategies to make a computer environment safe
Information security
Main goal is to prevent loss
Most decisions require balance between security and usability
Security controls are mechanisms used to protect information
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
4
Security Controls
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
5
Type of Control
Administrative
Type of Function
Preventive
Detective
Corrective
4
Security Controls
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
5
Type of Control
Administrative
Type of Function
Preventive
Detective
Corrective
Technical
Physical
C-I-A Triad
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
The practice of securing information involves ensuring three
tenets of information security: confidentiality, integrity, and
availability
Known as the C-I-A triad
Also known as the availability, integrity, and confidentiality
(A-I-C) triad
Each tenet interacts with the other two and, in some cases, may
conflict
6
Confidentiality
The assurance that the information cannot be accessed or
viewed by unauthorized users
Examples of confidential information:
Financial information
Physical
C-I-A Triad
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
The practice of securing information involves ensuring three
tenets of information security: confidentiality, integrity, and
availability
Known as the C-I-A triad
Also known as the availability, integrity, and confidentiality
(A-I-C) triad
Each tenet interacts with the other two and, in some cases, may
conflict
6
Confidentiality
The assurance that the information cannot be accessed or
viewed by unauthorized users
Examples of confidential information:
Financial information
Medical information
Secret military plans
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
A successful attack against confidential information enables the
attacker to use the information to gain an inappropriate
advantage or to extort compensation through threats to divulge
the information.
7
Integrity
The assurance that the information cannot be changed by
unauthorized users
Ensuring integrity means applying controls that prohibit
unauthorized changes to information
Examples of integrity controls:
Security classification
User clearance
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Secret military plans
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
A successful attack against confidential information enables the
attacker to use the information to gain an inappropriate
advantage or to extort compensation through threats to divulge
the information.
7
Integrity
The assurance that the information cannot be changed by
unauthorized users
Ensuring integrity means applying controls that prohibit
unauthorized changes to information
Examples of integrity controls:
Security classification
User clearance
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
8
Availability
The assurance that the information is available to authorized
users in an acceptable time frame when the information is
requested is availability
Examples of attacks that affect availability:
Denial of service (DoS)
Hacktivist
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
9
Microsoft Windows and Applications in a Typical IT
Infrastructure
IT infrastructure
Collection of computers, devices, and network components that
make up an IT environment
www.jblearning.com
All rights reserved.
8
Availability
The assurance that the information is available to authorized
users in an acceptable time frame when the information is
requested is availability
Examples of attacks that affect availability:
Denial of service (DoS)
Hacktivist
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
9
Microsoft Windows and Applications in a Typical IT
Infrastructure
IT infrastructure
Collection of computers, devices, and network components that
make up an IT environment
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
10
Microsoft Windows and Applications in a Typical IT
Infrastructure
Common infrastructure components:
Client platforms
Network segments
Network devices
Server instances (often listed by function)
Cloud-based offerings, such as Microsoft Office 365 and
Microsoft Azure
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
11
A Sample IT Infrastructure
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
10
Microsoft Windows and Applications in a Typical IT
Infrastructure
Common infrastructure components:
Client platforms
Network segments
Network devices
Server instances (often listed by function)
Cloud-based offerings, such as Microsoft Office 365 and
Microsoft Azure
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
11
A Sample IT Infrastructure
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Windows Clients
Client systems provide functionality to end users; customer-
facing systems
Include desktops, laptops, and mobile devices
Each application can be deployed on client systems as either a
thin or a thick client
Windows 10
Newest and most popular Windows client operating system
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
13
Windows Servers
Server computers provide services to client applications
Common server applications:
Web servers, application servers, and database servers
Windows Server 2019
Essentials, for small businesses
Standard, for most server functions
Datacenter, for large-scale deployments
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Windows Clients
Client systems provide functionality to end users; customer-
facing systems
Include desktops, laptops, and mobile devices
Each application can be deployed on client systems as either a
thin or a thick client
Windows 10
Newest and most popular Windows client operating system
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
13
Windows Servers
Server computers provide services to client applications
Common server applications:
Web servers, application servers, and database servers
Windows Server 2019
Essentials, for small businesses
Standard, for most server functions
Datacenter, for large-scale deployments
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
14
Microsoft’s End-User License Agreement (EULA)
Software license agreement that contains the Microsoft
Software License Terms
Must be accepted prior to installation of any Microsoft
Windows product
Located in the Windows install folder or on the Microsoft
website
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
15
Microsoft EULA Sections
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
14
Microsoft’s End-User License Agreement (EULA)
Software license agreement that contains the Microsoft
Software License Terms
Must be accepted prior to installation of any Microsoft
Windows product
Located in the Windows install folder or on the Microsoft
website
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
15
Microsoft EULA Sections
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Updates
Additional Notices—Networks, Data, and Internet Usage
Limited Warranty
Exclusions from Limited Warranty
Windows Threats and Vulnerabilities
Successful attack: One that realizes, or carries out, a threat
against vulnerabilities
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
17
Risk
Any exposure to a threat
www.jblearning.com
All rights reserved.
Updates
Additional Notices—Networks, Data, and Internet Usage
Limited Warranty
Exclusions from Limited Warranty
Windows Threats and Vulnerabilities
Successful attack: One that realizes, or carries out, a threat
against vulnerabilities
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
17
Risk
Any exposure to a threat
Threat
Any action that could lead to damage, disruption, or loss
Vulnerability
Weakness in an operating system or application software
Windows Threats and Vulnerabilities
A threat is not necessarily dangerous
Fire in fireplace = desirable
Fire in data center = dangerous
For damage to occur, there has to be a threat
Attackers look for vulnerabilities, then devise an attack that
will exploit the weakness
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
18
Anatomy of Microsoft Windows Vulnerabilities
Any action that could lead to damage, disruption, or loss
Vulnerability
Weakness in an operating system or application software
Windows Threats and Vulnerabilities
A threat is not necessarily dangerous
Fire in fireplace = desirable
Fire in data center = dangerous
For damage to occur, there has to be a threat
Attackers look for vulnerabilities, then devise an attack that
will exploit the weakness
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
18
Anatomy of Microsoft Windows Vulnerabilities
Ransomware
Malicious software that renders files or volumes inaccessible
through encryption
Attacker demands payment using cryptocurrency for the
decryption key
Well-known ransomware attacks
CryptoLocker
Locky
WannaCry
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Most ransomware encrypts data and demands a payment using
cryptocurrency in exchange for the decryption key.
19
Discovery-Analysis-Remediation Cycle
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
A recurring three-step process for addressing attacks
Malicious software that renders files or volumes inaccessible
through encryption
Attacker demands payment using cryptocurrency for the
decryption key
Well-known ransomware attacks
CryptoLocker
Locky
WannaCry
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
Most ransomware encrypts data and demands a payment using
cryptocurrency in exchange for the decryption key.
19
Discovery-Analysis-Remediation Cycle
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
A recurring three-step process for addressing attacks
20
Discovery
Once an attack starts, attackers become as inconspicuous as
possible
Need to compare suspect activity baseline (normal activity) to
detect anomalies
Common method of accomplishing this is to use activity and
monitoring logs
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
21
Analysis
Security information and event management (SIEM) tools
Collect and aggregate security-related information from
multiple sources and devices
Help prepare data for correlation and analysis
Current vulnerability and security bulletin databases
Help you determine if others are experiencing same activity
Page ‹#›
Security Strategies in Windows Platforms and Applications
Discovery
Once an attack starts, attackers become as inconspicuous as
possible
Need to compare suspect activity baseline (normal activity) to
detect anomalies
Common method of accomplishing this is to use activity and
monitoring logs
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
21
Analysis
Security information and event management (SIEM) tools
Collect and aggregate security-related information from
multiple sources and devices
Help prepare data for correlation and analysis
Current vulnerability and security bulletin databases
Help you determine if others are experiencing same activity
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
SIEM tools can often cross-reference known vulnerability
databases to help identify suspect behavior.
The analysis phase includes validating suspect activity as
abnormal and then figuring out what is causing it.
22
Remediation
Contain any damage that has occurred, recover from any loss,
and implement controls to prevent a recurrence
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
23
Common Forms of AttackThreatDescriptionPhishingGenerally
start with a message that contains a link or image to click, or a
file to open; taking these actions launches malware
attacksMalwareMalicious software designed to carry out tasks
that the user would not normally allowDenial of service
(DoS)Any action that dramatically slows down or blocks access
Company
www.jblearning.com
All rights reserved.
SIEM tools can often cross-reference known vulnerability
databases to help identify suspect behavior.
The analysis phase includes validating suspect activity as
abnormal and then figuring out what is causing it.
22
Remediation
Contain any damage that has occurred, recover from any loss,
and implement controls to prevent a recurrence
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
23
Common Forms of AttackThreatDescriptionPhishingGenerally
start with a message that contains a link or image to click, or a
file to open; taking these actions launches malware
attacksMalwareMalicious software designed to carry out tasks
that the user would not normally allowDenial of service
(DoS)Any action that dramatically slows down or blocks access
to one or more resourcesInjection attackDepends on ability to
send instructions to an application that causes the application to
carry out unintended actions; SQL injection is common
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
24
Common Forms of Attack (Cont.)ThreatDescriptionUnprotected
Windows Share A situation that allows attackers to install tools,
including malicious softwareSession hijacking and credential
reuseAttempts by attackers to take over valid sessions or
capture credentials to impersonate valid usersCross-site
scriptingSpecially crafted malicious code used to attack web
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
25
Common Forms of Attack (Cont.)ThreatDescriptionPacket
sniffing The process of collecting network messages as they
send instructions to an application that causes the application to
carry out unintended actions; SQL injection is common
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
24
Common Forms of Attack (Cont.)ThreatDescriptionUnprotected
Windows Share A situation that allows attackers to install tools,
including malicious softwareSession hijacking and credential
reuseAttempts by attackers to take over valid sessions or
capture credentials to impersonate valid usersCross-site
scriptingSpecially crafted malicious code used to attack web
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
25
Common Forms of Attack (Cont.)ThreatDescriptionPacket
sniffing The process of collecting network messages as they
travel across a network in hopes of divulging
sensitive information, such as passwords
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
26
Summary
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
27
sensitive information, such as passwords
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
26
Summary
Information systems security and the C-I-A triad
Microsoft Windows and a typical IT infrastructure
Vulnerabilities of Microsoft Windows systems and their
applications
Page ‹#›
Security Strategies in Windows Platforms and Applications
© 2020 Jones and Bartlett Learning, LLC, an Ascend Learning
Company
www.jblearning.com
All rights reserved.
27
Tags
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 74
- Slides 17
- Age 1051 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
26 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
41 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
40 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
25 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
25 views