Có 40+ tài liệu thuộc chủ đề "kỹ thuật bảo mật"
tailieu.vn Xem trực tuyến Tải xuống
Information Security Best Practices. T he concept of “best practices” refers to a set of recommendations that generally pro- vides an appropriate level of security. Best practices are a combination of those practices proved to be most effective at various organizations. The practices described in this chapter are intended to be a starting point for your or- ganization. These practices...
tailieu.vn Xem trực tuyến Tải xuống
Security departments should perform vulnerability assessments (or scans) of the organiza- tion’s systems on a regular basis. If the number of systems is large, the systems should be grouped appropriately and portions of the total scanned each week. Since audits are manpower-intensive, small por- tions of the organization should be targeted for each audit. Awareness training plans should be created...
tailieu.vn Xem trực tuyến Tải xuống
Internet Architecture. With proper security architecture, the Internet can truly become an enabler rather than a security risk.. The first question that must be answered with regard to Internet architecture is: What ser- vices will the organization provide via the Internet? The services that will be offered and who will be accessing them will greatly impact the overall architecture and...
tailieu.vn Xem trực tuyến Tải xuống
If these protocols are required to allow remote users to control internal systems, they should be used over a VPN.. May be used for network management of your organization’s internal network but it should not be used from a remote site to your internal systems.. When developing a communications architecture for an organization’s Internet connec- tion, the primary issues are...
tailieu.vn Xem trực tuyến Tải xuống
NOTE: The choice of a wireless ISP should be governed by the same requirements as that for a tra- ditional ISP. Any ISP should be able to provide a service-level agreement and back up that agreement with sound management practices.. Normally, when working with a single ISP, the ISP assigns an address space to the organization. The ISP configures routing...
tailieu.vn Xem trực tuyến Tải xuống
Dual firewalls do increase the cost of the architecture and require additional manage- ment and configuration.. Firewalls have been mentioned a fair amount in the proceeding sections of this chapter (and have been mentioned in various other chapters as well). Some will argue that a router can be a firewall. I will agree that a router can perform some of...
tailieu.vn Xem trực tuyến Tải xuống
Firewall Rule Set Design. When design- ing a rule set, the “first match” algorithm dictates that the most specific rules be placed at the top of the rule set and the least specific or most general rules be placed at the bottom.. The processor then flags this condition for the firewall administrator before in- stalling the rules on the firewall.....
tailieu.vn Xem trực tuyến Tải xuống
Virtual Private Networks. Private networks are made up of lines leased from the various phone companies and ISPs. There are many benefits to private networks:. Private networks cost a lot of money. Using slower lines can save some money but then the remote users start to notice the lack of speed and some of the advantages begin to evaporate.. With...
tailieu.vn Xem trực tuyến Tải xuống
If your organization chooses to use its VPN in this matter, you should check the capabilities of the VPN software in this regard.. Appropriate user-management procedures should be in place and followed during employee separation.. If the computers are owned by the organization, this becomes part of the standard software load for the computer. If the organization allows employees to...
tailieu.vn Xem trực tuyến Tải xuống
E lectronic commerce, or e-commerce, has become a buzzword of the Internet. Organiza- tions all over the world have appeared on the Internet to offer everything imaginable.. One thing that the successful organizations have in common is the fact that they understand that they are doing e-commerce to make money. The risks to the organization come from several areas:. Because...
tailieu.vn Xem trực tuyến Tải xuống
Confidentiality All of the information provided to the customers is. confidential and must be protected in transmission as well as after the customer gets the information. Payment is normally made through another mechanism (for the subscription service) so no credit card information must be handled by the e-commerce service.. Integrity The customer will want to have integrity of the information...
tailieu.vn Xem trực tuyến Tải xuống
Client-side security deals with the security from the customer’s desktop system to the e-commerce server. This part of the system includes the customer’s computer and browser software and the communications link to the server (see Figure 11-1).. Within this part of the system, we have several issues:. The protection of information in transit between the customer’s system and the server....
tailieu.vn Xem trực tuyến Tải xuống
As with the operating system, the Web server should be scanned for known vulnera- bilities before the system is placed in production. Once the system is in production, the Web scans should be con- ducted on the same schedule as the operating system scans.. The security of the e-commerce application as a whole is perhaps the most important part of...
tailieu.vn Xem trực tuyến Tải xuống
We know that any encryption system can be broken. It is just that the length of time and the resources required to gain access to the information being protected by the encryption are both significant. Thus, the attacker may try some other weakness in the overall system.. This chapter is intended to provide you with a basic understanding of what...
tailieu.vn Xem trực tuyến Tải xuống
The lesson here is that the surrounding system is just as important to the overall secu- rity of encryption as the algorithm and the key.. PRIVATE KEY ENCRYPTION. There are two primary types of encryption: private key and public key. Private key en- cryption requires all parties who are authorized to read the information to have the same key. This...
tailieu.vn Xem trực tuyến Tải xuống
Skipjack Skipjack was developed by the United States government for use with the Clipper Chip. It uses an 80-bit key, which may be marginal in the near future.. It is used in newer versions of PGP.. Keep in mind that it is not only the algorithm, but also the implementation and the use of the system that define its overall...
tailieu.vn Xem trực tuyến Tải xuống
If this is the case, it must also be true that some large number of different pieces of information will map to the same checksum. What makes the functions secure is the way that all the bits in the original information map to all the bits in the checksum. Thus, if a single bit in the information is changed, a...
tailieu.vn Xem trực tuyến Tải xuống
It should be noted that in the past, “hacker” was not a derogatory term but rather a term for an individual who could make computers work.. The motivation of the hacker identifies the purpose of the attempted intrusion. Is the system somehow valuable or enticing? To which type of intruder is the system of inter- est? Answering these questions allows...
tailieu.vn Xem trực tuyến Tải xuống
METHODS OF THE UNTARGETED HACKER. Some perform no recon- naissance whatsoever and just begin the attack without even determining if the systems that are being attacked are actually on the network. When reconnaissance is performed, it is usually done from systems that the hacker already has compromised so that the trail does not lead directly back to the hacker.. The...
tailieu.vn Xem trực tuyến Tải xuống
METHODS OF THE TARGETED HACKER. In some cases, the hacker is choosing to do damage to a particular organization for some perceived wrong. Many of the targeted DoS attacks occur in this way. The target of the attack is chosen for a reason. Perhaps the target has information that is of interest to the hacker. Perhaps the target is of...