Time
8 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Description

This lesson covers wireless local area networks (LANS). Some types of LANS are: - Station (STA) - Access Point (AP) - Cell This lesson discusses different methods of allowing access to a wireless LAN (such as authentication and shared keys). Participants also learn about firewalls and how they are used to protect wireless networks as well as methods for tricking hackers using production decoys such as a honey pot or a honey net. Encryption methods such as private key encryption are also in this lesson as well as public key infrastructures, digital rights management and network security protocols and technical security testing. [toggle_content title="Transcript"] Now let's talk a little bit about wireless LANs. We have our stations. These could be the device themselves, the mobile phone, a laptop, a tablet or a PDA. Connects the network with or through the access point, or the AP. Usually these work up to a range of 300 feet, or 100 meters. And then you've got some area where this communication is possible that is sometimes referred to as a cell. Similar to the way that mobile devices work with cell towers. When you're within that cell and the cell's map across a geographical area, then that communication is possible. As you go from one cell to the next, the signal gets handed off to the different communicating towers. For your wireless LAN, we have different ways to protect the transmission of our data. First thing we need to think about is authentication. If you've got an open system, there is no authentication, right? Anybody can connect. This is what you typically see in coffee shops or airports. A shared key. This is considered a poor method but certainly better than no authentication whatsoever. The problem with a shared key is that you need to get that key to the people that need to connect. So you have to have a secure mechanism for sharing the key with somebody else. Then we've got other things like AO211i which is considered a strong authentication mechanism. This means that we're using port-based access control and much more stringent requirements on detecting legitimate connections. Alright, so our next topic is talking about firewalls for our wireless networks. We want to make sure, first of all, that we have a separate firewall that does not bridge the wireless network to the wired network directly. If you do that, you need to be extremely careful, but generally you want to have a separate firewall that controls access from the wireless network to the Internet, or to some other resources within the organization. It would be difficult to have a firewall that manages the wireless side of the network and the wired side and provides all the necessary protection. It's certainly possible to do that, but you'd have to be very careful in case that firewall gets compromised, we wouldn't want to be able to have someone bridge those two networks together if that's not part of the network design. Intrusion detection systems are a vital component of any organization. We have several different types to choose from. Sometimes we mix and match these together. We start off with HIDS: the host-based IDS. A host-based IDS is important in conjunction with a network-based IDS, which is a NIDS. So they each serve different functions. We can think of the network-based IDS as more of a sensor. So it goes at your perimeter. Maybe it goes in the DMZ. You might have them in your database zone, or your web server zone. This looks for traffic on the network that is interesting to the IDS. We also would think about using a HIDS, or host-based because there could be situations where a host has some suspicious activity; maybe it's been infected with malware or a virus, and we can detect it with the host-based IDS first and then monitor its spread throughout the network with the network-based IDS. So they really do work very well together as providing some overlapping coverage, if you will. Some IDS systems work on a statistical basis. These are looking at the parameters of the actual traffic on your network. Trying to see where you've got a spike in traffic on a certain port, or a spike in traffic going to a certain IP address, maybe a known hostile IP address. Some IDSs, probably the majority of them, in fact, use signatures. The signature operates much like an anti-virus signature. There is traffic that comes across the wire. The IDS looks at it. If it matches the signature then an alert gets sent out. Or maybe you configure your IDS to do something else, but generally we want to get an alert when interesting traffic or suspicious traffic gets detected. Other IDS systems are known as neural IDS. This is not another variation of NIDS really, but you might see it abbreviated that way. The neural IDS is trying to learn what constitutes normal traffic and then compares that with what it thinks might be abnormal traffic, or suspicious traffic. So you might have a neural IDS that works in conjunction with your NIDS and your HIDS and then you can compare those baselines together because the management of an IDS system takes a long time. There's a lot of fine-tuning and other work that takes place over the period of weeks, months, maybe even years, to eliminate all of the false positives and to make sure that the IDS systems are catching those things that you're truly interested in. Alright, what about a production decoy, or a method to deflect attention away from your production systems? What we can do is install honey pots. Honey pot systems appear to be a legitimate computer system to the hacker. There's two kinds of honey pots. We have a low interaction honey pot where the attacker maybe finds this system on the network and they try to connect but the three-way handshake that normally would take place when we connect to a service doesn't actually work. That's the way the honey pot is designed. So it can fool an attacker for a little bit, and maybe deflect some attention away from the real production systems. We also have a high interaction honey pot which operates more like a traditional system where you can actually connect to it, possibly that honey pot could be even compromised. In general, honey pots are studied by the people that manage them to see what kinds of techniques and methods are being used by the hackers. If we put several honey pots together, maybe you've got a web server honey pot an email server honey pot, maybe a SharePoint honey pot. There could be lots of different combinations. All those things together creates what's known as a honey net. So it's a network of honey pots. This further goes into the direction of simulating a real network of systems or maybe you're simulating the kinds of systems that you might see in your DMZ. So a pretty interesting concept and definitely worth looking into as a way to provide a way to deflect attention from your production systems. Now we'll talk a little bit more about encryption. We've covered some encryption topics earlier in this course. One of the things that encryption does that's right off the top of the list is provide confidentiality. It also gives us protection for integrity and some authentication mechanisms as well. But if someone sees the data on the wire, they don't know what they're looking at, therefore the confidentiality is preserved. We can preserve integrity in some cases with encryption because even if the data gets modified; it might be detectable once it's decrypted, because then that data might be corrupted, or there might be other clues to let someone know that the data was modified perhaps in transit or while it was at-rest. Digital signatures use encryption. We get a lot of different features from digital signatures. We can verify who the sender was of a message. A sender could construct a signature in such a way that only the recipient can open it. So we get these different kinds of features and this provides a lot of value for the organization. We don't go into a ton of detail here about how the digital signatures work, but there's some level of understanding expected when you're taking the exam to know that the signatures can use symmetric cryptography as well as asymmetric cryptography and varying different combinations to provide the desired result. Public key encryption, or PKI; if we employ this as part of our digital signature scheme, then we know that perhaps only the intended recipient can now decrypt that message. So what about private key encryption? This is where we have a secret key that's shared between the sender and the recipient, or sometimes this is called a pre-shared key, if you're talking about it in a wireless context. This is generally associated with symmetric encryption where the same key is used to encrypt and decrypt. This is different than public key encryption. When we're using public key encryption we have a public key and a private key. The public key can be shared with anybody, basically because it's public. Then the private key is protected by the owner of that key. There's a mathematical relationship between these two keys. We know that the public key that we have only relates to one private key, and vice versa. Also, one of the other features that's interesting about this is that we cannot derive one key from the other. So if I had the private key I cannot do some operation on it to derive the public key. If I have the public key, I cannot figure out what the corresponding private key is. That's by design and that's what makes this mechanism and this technology so useful. We can provide confidentiality. For instance as a sender I can encrypt a message with a recipient's public key. When the recipient receives this message, only they can decrypt it because they have the corresponding private key. Or the sender encrypts the message with their private key. When the recipient receives it they can validate that it came from that sender because it is related to the sender's public key. As long as those private keys do not get compromised then the concept of confidentiality and authentication remains in-tact. We can also even bring non-repudiation into the mix because if I encrypt something with my private key and you can verify that by trying to analyze the message with my public key, then that proves that I sent it. Unless someone else has my private key, of course. But basically when we encrypt something we're trying to prevent availability for those people who do not have a right to know what that message contains. So let's talk a little bit about the infrastructure for PKI. The first thing we need to think about is the certificate authority, or the CA. This is what a user will interact with in order to get a certificate issued, where you get that private public key pair. They also use a registration authority to get the process started. So you go to the registration authority, enter in a bunch of information, basically, into a web form and then the certificate authority would then issue that key. If the key or the certificate gets compromised at some point in the future, you can revoke that certificate and then that certificate then gets listed on the certificate Revocation List, or the CRL. If you own the certificate, you might have to do that step manually, of course, because in most cases there is no automatic mechanism to know that a certificate is no longer valid. You have to make that entry and know that certificate authority will be referenced in the future when someone wants to use their certificate, it will say that 'this has been revoked' and the user will know that they should no longer try to use that resource. We also have the certification practice statement, or CPS. This basically describes how the certificate authority will issue certs and how they should be used. So there are some basic components here that you need to understand but it's pretty simple. Not too much detail is required, actually. Let's move along now to digital rights management, or DRM. This is a widely used technology that prevents making illegal copies of software, or music CDs, or game CDs, or other digitally protected media. Even PDF files could be protected with DRM. So this is using a certificate that might have been generated for a specific user. So you might have a PDF that's protected with DRM and it's coded in such a way so that only the owner of the credentials that are used to unlock that PDF can actually use it. Even if someone has the same PDF with their own credentials, you can't switch each other's files, and I can't open your file with my credentials and you can't open my file with your credentials. So it can produce a one-to-one relationship between the subject and the object that they're interacting with. So how do we deal with controlling our crypto systems? One of the things we can think about is using digital signatures in order to validate ownership and completeness confidentiality of integrity of various different types of documents. These could be contracts. It could be internal policies and procedures that you want to keep safeguarded. One thing that needs to be understood as well is that it's possible that you might want to use some sort of key escrow system. This is where management has a copy of all the crypto graphic keys in case one of their employees or one of the users of the crypto system encrypt something and that person; maybe they encrypt something and they leave the company. Now, nobody might have the decryption key in order to get that information back. That's why we want to have it escrowed. Maybe it's on soft copy and hard copy in a safe, just like we would do with our passwords, so that management can go retrieve that information and then decrypt the information that was formally encrypted. Each of the keys that gets issued to a user, or gets used for a particular purpose, should be managed separately. We want to make sure that we also think about how often that key is used. The more often a key is used, the shorter its lifetime should be. And this makes good common sense because if we reuse an encryption key again and again and again, that means there's more potential opportunities for an adversary to get that encrypted information and be able to figure out what the encryption key was. So the more often it's used, the shorter its life span should be. Whenever we give someone a key, if it's on a thumb drive or a CD-ROM, it should be on read-only media, which also makes good sense. You wouldn't want somebody to give you a key that's on read-write media because possibly the key could have been tampered with and therefore will cause problems when it's used. Now we'll talk a little bit about some of the protocols that provide security on our networks. You might be familiar with PGP: pretty good privacy. This is used for email-related encryption. For our websites and for other purposes maybe even VPNs; we have SSL: Secure Sockets Layer. A replacement that's supposed to be more robust and harder to crack for SSL is TLS, which is transport layer security. So knowing the acronyms, knowing what their basic functions are, is important for the exam. HTTPS uses SSL. So you're familiar with that again for going to websites like banks or credit card companies where you want to make sure that your entire session is encrypted so it can't easily be sniffed and decoded by a hacker, for instance. Then we have our IPSec VPNs. When I'm looking at a VPN; traffic on a network, all I should be able to see is the ESP traffic, which is the Encapsulating Security Payload. Authentication headers, or AH, are also used to validate the identity of the sender of that information. So it's another security mechanism that works with IPSec VPNs. So now if we think about certificates, we've been talking about them a little bit. If we think about the overall process that you would use to generate and use a certificate. We can go through these steps here. So the first step is to use the private and public key pair that was issued to create a certificate signing request, or a CSR. This CSR is then encrypted and emailed to the certificate authority. Then the certificate authority, or the CA, uses the CSR to encrypt a unique certificate for this specific computer. So there's a one-to-one mapping there. Then the fourth step would be to install that certificate that was issued to you by the CA. Now it becomes part of your certificate store. The last two steps involve updating your software to use this certificate, so maybe you're using it for authentication purposes, or it's being used in a single sign-on environment as a way to authenticate to other resources so you can prove your identity. Then you'll start your testing in step six. Maybe you're even modifying production software in order to use this certificate. So it's a pretty basic process. A lot of this happens automatically in most cases. Users are not really required to do all of the manual steps in most cases. Now let's think about some of the ways we can eliminate single points of failure in our environments. We cover a lot of different types of technology, a lot of different aspects to managing that technology in thinking about the ways that we want audit for compliance audit for completeness or making sure we're well within the law and regulations that we're subject to, but having single points of failure is still a problem that must be addressed. So we want to think about possibly having multiple power sources for the organization. I talked about that in an earlier section. You might even have multiple Internet service providers, or ISPs. That way, if one of them goes down, the other one can pick up the slack. We can think about multiple copies of servers. I have a mirrored server, or maybe I have a cluster of servers, so I've got multiple points of failure. If one server goes down there's still two more that are in the cluster perhaps. Maybe even a second server can go down and we can continue operating on just one of the original three servers. So some clustering technology allows for that kind of flexibility. We also have to think about our storage. RAID arrays give us the ability to survive the loss of one or more disks. This is critical because storage is such a vital component for our applications and the livelihood of the business itself. Now let's think about some of the testing that you might need to do in your environment. One of the obvious things that happens on a regular basis is some sort of a network scan. The network scan could be performed for lots of different reasons. One reason is for doing what's called a 'discovery scan'. We want to scan everything on the network to see if something new that we didn't previously know about shows up in the scan. This could be a good thing and a bad thing. If you do a discovery scan and you find that you've got a new computer on the network, you might want to investigate to find out exactly what that computer is. It could be a rogue system that someone put on the network but didn't go through the normal approval process, therefore that system might be vulnerable or might have some security risks associated with it. In general, when we do a network scan, we're just verifying that all the hosts we expect to see are visible on the network and that we know that this is a known quantity. Then, going one step further, you would do a vulnerability scan on each individual host. This would show you what kinds of weaknesses are present on those systems, based on their configuration, based on the operating system they're running, their patch levels, what they're used for, what they connect to, who the users are. There are lots of different factors which control or have some impact on the vulnerabilities that might be discovered. One technique that's used when you're going a little further than vulnerability scanning is to do a penetration test. Now you're taking those vulnerabilities that were discovered and trying to actually exploit them to gain access to a system. You might try things like password cracking. There's lots of different tools for this, and various reasons for doing it. You want to be able to verify that your passwords are not weak, for instance. A good strong password should not be easily cracked. We also need to think about log review. So that means that any time an interesting event, or a suspicious event happens, there should be a mechanism to generate an alert, so that somebody can look into it and decide if it's worth further investigation or not. [/toggle_content]

Video Transcription

00:04
Now let's talk a little bit about wireless lands. We have our stations.
00:08
These could be the device themselves. The mobile phone, a laptop
00:13
tablet or a P D A.
00:16
Connects to the network with
00:17
or through the access point or the AP.
00:21
Usually, these work up to a range of 300 feet or 100 meters.
00:25
And then you've got some area where this communication is possible that is sometimes referred to as a cell,
00:33
similar to the way that
00:35
that mobile devices work with cell towers. When you're within that cell and the cells map across the geographic area, then the communication is possible. As you go from one cell to the next, signal gets handed off to the different communicating towers
00:49
for your wireless land. We have different ways to protect
00:53
the transmission of our data.
00:55
First thing we need to think about is authentication.
00:58
If you got a open system, there is no authentication, right?
01:03
Anybody can connect. This is what you typically see in coffee shops or airports.
01:07
A share key.
01:08
This is a considered a poor method, but certainly better than no authentication whatsoever.
01:15
The problem with the share key is that you need to get that key to the people that need to connect.
01:19
So you have to have a secure mechanism for sharing the key with somebody else.
01:26
And then we've got other things, like a go to 11 I, which considered, is considered a strong
01:33
authentication mechanism.
01:34
This means that we're using pork based access control and much more stringent requirements on detecting legitimate connections.
01:44
All right, so our next topic is talking about
01:46
firewalls for our wireless networks.
01:49
Wanna make sure, first of all, that we have a separate firewall that that does not bridge the wireless network to the wired network directly?
01:57
If you do that, you need to be extremely careful.
02:00
But generally you want have a separate firewall
02:02
that controls access from the wireless network to the Internet or to some other.
02:07
All right
02:08
resource is within the organization.
02:13
It will be difficult to have a firewall that manages the wireless side of the network and wired side and provides all the necessary protection.
02:23
It's certainly possible to do that, but you have to be very careful in case that firewall gets compromised.
02:29
We wouldn't want to be able to have someone bridge those two networks together If that's not part of the network design
02:36
intrusion detection systems are a vital component of any organization. We have several different types to choose from. Sometimes we mix and match these together
02:45
start off with heads. The host based Idee EST
02:49
and a host based on yes, is important
02:52
in conjunction with the network based ideas, which isn't NIDs
02:57
so they each serve different functions. We can think of the network based I d s
03:00
as more of a sensor. So it goes at your perimeter. Maybe it goes in the d m Z. You might have them in your database zone or your Web server zone.
03:10
This looks for traffic on the network. That is interesting to the ideas.
03:15
We also would think about using a heads or host based
03:20
because there could be situations where ah host has some suspicious activity. Maybe it's been infected with malware
03:27
or a virus,
03:29
and we can detect it with the host based
03:31
ideas first and then monitor it spread throughout the network with the network based ideas.
03:38
So they really do work very well together as providing some overlapping coverage, if you will.
03:45
Some ideas systems work on a statistical basis
03:49
these air looking at
03:51
the parameters of the actual traffic on your network trying to see where you've got a spike in traffic on a certain port or spike in traffic going to a certain I P address, maybe a known hostile I p address
04:04
some I. D. S is probably the majority of them. In fact, you signatures
04:10
and the signature operates much like an anti virus signature.
04:14
There was traffic that comes across the wire. The ideas looks at it. If it matches the signature than alert gets sent out.
04:20
Or maybe you configure your i. D. S to do something else. But generally we want to get an alert when interesting traffic
04:27
or suspicious traffic gets detected.
04:30
Other idea systems are known as neural
04:33
ideas.
04:35
This is not another variation of mids, really, but it's you might see it abbreviated That way.
04:42
The neural ideas is tryingto learn what constitutes normal traffic
04:46
and then compares that with what it thinks might be abnormal traffic or suspicious traffic.
04:53
So you might have a neural i. D. S that works in conjunction with your needs and your heads.
05:00
And then you can compare those bass lines together because the management and I. D s system takes a long time. There's a lot of fine tuning and other work that takes place over the period of weeks, months, maybe even years
05:14
to eliminate all of the false positives and to make sure that the idea systems are catching those things that you're truly interested in.
05:21
All right, what about a production decoy or ah, method to deflect attention away from your production systems?
05:30
What we can do is install honey pots.
05:33
Honeypot systems appear to be a legitimate computer system to the hacker.
05:40
There's two kinds of honey pots. We have a low interaction honey pot, where the attacker maybe gets, finds this system on the network and they try to connect.
05:48
But that three way handshake that normally would take place when we connect to a service doesn't actually work.
05:54
That's the way that honey pot is designed, so it could fool attacker for a little bit
05:59
and maybe deflect
06:00
some attention away from the real production systems.
06:03
We also have a high interaction honey pot, which operates Maur like a traditional system where you can actually connect to it. Possibly that honey pot could be even compromised
06:15
and general honey pots are studied by the people that manage them to see what kinds of techniques and methods are being used by the hackers.
06:24
If we put several honey pots together,
06:26
maybe you've got a Web server, honey pot of email server honeypot.
06:30
Um,
06:30
maybe a SharePoint honeypot. There could be lots of different combinations. All those things together create what's known as a honey net. So it's a network of honey pots,
06:40
and this
06:41
further goes into the direction of simulating a real network of systems. Or maybe you're simulating
06:47
the kinds of systems that you might see in your D. M Z
06:51
so pretty interesting concept and definitely worth looking into as a way to provide a way to deflect attention from your production systems.
07:00
Now we talk a little bit Maura, about encryption. We've covered some encryption content or some encryption topics rather earlier in this course.
07:10
One of the things that encryption does
07:12
that's that's right off the top of the list is provide confidentiality.
07:16
It also gives us protection for integrity and some of the authentication mechanisms as well.
07:23
But if someone sees the data on the wire, they don't know what they're looking at. Therefore, the confidentiality is preserved.
07:30
We can preserve integrity in some cases with encryption, because even if the data it's modified, it might be detectable once that once it's decrypted,
07:39
because then that data might be corrupted or there might be other clues. Toe. Let someone know that the data was modified, perhaps in transit or while it was at rest.
07:49
Digital signatures use encryption,
07:51
and we get a lot of different features from digital signatures.
07:56
We can verify that who the sender was of a message sender could could construct a signature in such a way so that only the recipient can open it.
08:05
So we get these different kinds of features, and this provides a lot of value for the organization. We don't go into a ton of detail here about how the digital signatures work,
08:15
but there's some level of understanding expected when you're taking the exam to know that
08:20
the signature's could use symmetric cryptography as well as asymmetric cryptography in varying different combinations
08:30
to provide the desired result
08:33
public. He, uh, encryption or P K I.
08:37
If we employ this as part of our digits, a digital signature scheme than we know that perhaps only the intended recipient can now decrypt that message.
08:48
So what about private key encryption?
08:52
This is where we have a secret key
08:54
that's share between the center and the recipient.
08:58
Or sometimes this is called appreciator Key. If you you're talking about any wireless context,
09:03
this is generally associated with symmetric encryption,
09:09
where the same cheese used to encrypt and decrypt.
09:13
This is different than
09:15
public key encryption.
09:16
When we're using public key encryption, we have a public and a private key.
09:20
The public. He could be shared with anybody, basically, because it's public
09:24
and the private key is protected by the owner of that key.
09:28
There's a mathematical relationship between these two keys.
09:31
We know that
09:33
that the public he that we have on Lee relates to one private key and vice versa.
09:39
Also, one of the other features that's interesting about this is that we cannot derive one key from the other.
09:48
So if I have the private key, I cannot
09:50
Some do some operation on it to derive the public e. And if I have the public E, I cannot figure out what the corresponding private key is.
09:58
That's by design, and that's what makes this
10:01
a mechanism in this technology so useful
10:03
we can provide confidentiality.
10:07
For instance, I can as a sender,
10:09
I could encrypt
10:11
a message with a,
10:13
um, with the recipients public heat.
10:16
When the recipient real receives this message on Lee, they can decrypt it because they have the corresponding private key.
10:24
Or the sender encrypts a message with their private key.
10:30
When the recipient receives that they can validate that it came from that center because it is related to the sender's public heat.
10:37
As long as those private kings do not get compromised
10:41
than this concept of confidentiality and authentication remains intact.
10:48
We could also even bring non repudiation into the mix.
10:50
Because if I encrypt something with my private key and you can verify that by by trying to analyze the message with my public, he
11:01
then that proves that I sent it. Unless someone else has my private key, of course,
11:05
but basically we encrypt something. We're trying to prevent availability for those people who do not have
11:11
a right to know what that message contains.
11:16
Let's talk a little bit about the infrastructure for P K. I.
11:20
First thing we need to think about is the Certificate authority or the C. A.
11:24
This is what a user
11:26
will interact with in order to get a certificate issued
11:31
where you get that private public, he pair.
11:33
They also use a registration authority to get the process started.
11:37
So you go to the registration authority
11:39
entering a bunch of information basically into a Web form,
11:43
and then the certificate authority would then issue that key.
11:46
If the key or the certificate gets compromised at some point the future, you can revoke
11:52
that certificate
11:54
and then that that certificate then gets listed on the certificate revocation list or the C R L.
12:01
If you own the certificate, you might have to do that step manually. Of course, because
12:05
their most cases there is no automatic mechanism to know that a certificate is no longer valid.
12:11
You have to make that entry, and now that certificate authority
12:16
will be referenced in the future. When someone wants uses their certificate, animals say that this has been revoked and the user will know that they should no longer try to use that resource.
12:28
We also have a certification practice statement or CPS.
12:33
This basically describes how the certificate authority will issue Sir Certs and how they should be used.
12:39
So there's some basic components here that you need to understand, but
12:41
pretty simple.
12:43
Not too much details required. Actually,
12:46
let's move along now to digital rights management or D R M.
12:50
This is a widely used technology that prevents making illegal copies of software for music, CDs or game CDs or other digitally protected media. Even PdF files could be protective of D. R M.
13:05
So this is
13:07
using a certificate that might have been generated for a specific user
13:11
so you might have a pdf that's protective of D R M.
13:16
And it's it's coded in such a way. So that on Lee, the owner of the credentials that air used, unlock that pdf can actually use it,
13:24
even if someone has the same pdf with their own credentials. You can't switch
13:28
each other's files, and I can't open my
13:31
I can't open your file with my credentials, and you can't open my file with your credentials.
13:37
So it's It can produce a 1 to 1 relationship between the subject and the object
13:43
that they're interacting with.
13:45
So how do we deal with controlling our crypto systems?
13:50
One of the things we can think about is using
13:52
digital signatures
13:54
in order to validate ownership and completeness, confidentiality and integrity of
14:01
various different types of documents.
14:03
These could be contracts
14:05
could be internal policies and procedures that you want to keep
14:09
safeguarded.
14:13
One thing that needs to be understood as well is that
14:16
it's possible that you might want to use some sort of key escrow system.
14:20
This is where management has a copy of all the cryptographic keys
14:26
in case one of their employees or one of the users of the crypto system encrypt something. And that person may be they encrypt something and they leave the company
14:35
now. Nobody might have the decryption key in order to get that information back.
14:39
That's why we want to have it s crowed.
14:43
Maybe it's on soft copy and hard copy in a safe, just like we would do with our passwords,
14:48
so that management can go retrieve that information and then decrypt the information that was formerly encrypted.
14:56
Each of the keys that gets issue to a user or gets used for a particular purpose should be managed separately.
15:03
I want to make sure that we also think about how often that key is used,
15:07
the more often a key is used,
15:09
a shorter its life lifetime should be.
15:13
This is makes good common sense because if we re use an encryption key again and again and again,
15:20
that means there's more potential opportunities for
15:22
an adversary to get that encrypted information and be able to figure out what the encryption key waas.
15:30
So the more often it's used, the shorter its life span should be.
15:35
And whenever we give somebody a key, if it's on a thumb drive
15:39
CD rum should be it on read only media, which also makes good sense.
15:45
You wouldn't want somebody to give you a key that's on rewrite media, because possibly the key could have been tampered with
15:50
and therefore will cause problems when it's used.
15:54
I will talk a little bit about some of the protocols that provide security on our networks.
16:00
You might be familiar with PGP pretty good privacy. This is used for email related encryption
16:07
for our websites and for other purposes, maybe even VP ends. We have SSL
16:11
secure sockets layer
16:15
a replacement
16:15
that's supposed to be more robust and harder to crack for SSL is T. L s which is transport layer security.
16:25
So knowing the acronyms, knowing what their basic functions are is important for the exam.
16:30
Https uses ss out. So we're familiar with that again for going to websites like banks or credit card companies, where you want
16:38
to make sure that your entire session is encrypted so it can easily be
16:45
sniffed and decoded by hacker, for instance.
16:49
And then we have our i p sec
16:52
bps
16:55
that when I'm looking at a VP young
16:57
traffic on a network, all I should be able to see is the E S P traffic, which is the encapsulating security payload
17:07
authentication, headers or a H are also used to validate
17:11
the identity of of the
17:15
center of that information.
17:17
So it's another security maximum mechanism that works with I p sac VPN.
17:22
So now if you think about certificates, we've been talking about them a little bit. If you think about the overall process that you would use to generate and use a certificate, we can go through these steps here.
17:32
The first step
17:33
is to use the private and public he pair that was that was issued to create a certificate signing request. Our CSR
17:45
this. CSR is then
17:47
encrypted and e mailed to the certificate authority
17:51
and the Certificate Authority or the Sea. A uses the CSR to encrypt a unique certificate for this specific computer.
18:00
So there's a 1 to 1 mapping there.
18:03
Then the fourth stop would be to install that certificate that was issued to you by the sea. Eh?
18:08
Now becomes part of your certificate store
18:11
in the last two steps involved updating your software
18:15
to use this certificate. So maybe you're using it for authentication purposes,
18:19
or it's being used in a single sign on environment as a way to authenticate two. Other resource is so you can prove your identity
18:29
and then you'll start your testing and step six.
18:32
Maybe you're even modifying production software or to use this certificate,
18:37
so it's pretty basic process. A lot of this happens
18:41
automatically. In most cases, people are rather, users are not really required to do all the manual steps in most cases.
18:48
Now let's think about
18:51
some of the ways we can eliminate single point of failure and our environments.
18:55
We cover a lot of different types of technology, a lot of different
18:57
aspects to managing that technology and thinking about the ways that we want to audit
19:03
for compliance, audit for completeness or making sure we're We're well within the law and regulations that were subject to.
19:12
But having single point of failure is still a problem that must be addressed.
19:17
So we want to think about possibly having multiple power sources
19:21
for the organization. I talked about that in earlier section.
19:25
You might even have multiple
19:26
Internet service providers, or I S P s. That way, if one of them goes down, the other one can pick up the slack.
19:33
We can think about multiple copies of servers have a mirrored server. Maybe I have a cluster of servers,
19:41
so I've got multiple points of failure.
19:44
At one server goes down. There's still two more that are in the cluster. Perhaps,
19:48
maybe even a second server can go down, and we can continue operating on just one of the original three servers.
19:53
So some clustering technology allows for that kind of flexibility.
19:57
We also have to think about our storage a raid Arrays give us the ability to survive the loss of one or more disks,
20:07
and this is critical because storage is such a vital component
20:11
for our applications and the the livelihood of the business itself.
20:15
Now let's think about some of the testing that you might need to do in your environment.
20:21
No.
20:22
One of the obvious things that happens on a regular basis is some sort of a network scan.
20:29
The network skin could be performed for lots of different reasons.
20:32
One reason is for doing what's called a Discovery scan.
20:37
We want to scan everything on the network to see if something new
20:40
that we don't we didn't previously know about shows up on the scan.
20:45
This could be a good thing in a bad thing. If you do a Discovery scan, you find that you've got a new
20:51
computer on the network.
20:52
You might want to investigate to find out exactly what that computer is. It could be a rogue system that someone
20:57
put on the network but didn't go through the normal approval process. Therefore, that system might be vulnerable or might have
21:07
some security risks associated with it.
21:08
But in general we do. A network scan were just verifying that all the hosts we expect to see
21:15
are visible on the network and that we know that this is a known quantity
21:19
and going one step further, you would do a vulnerability scan on each individual host.
21:25
This will show you
21:26
what kinds of weaknesses are present on those systems based on their configuration
21:32
based on the operating system. They're running their patch levels
21:34
what they're used for, what they connect to, who the users are.
21:40
There are lots of different factors which control or have some impact
21:44
on the vulnerabilities that might be just discovered.
21:48
One technique that's used when you're going a little further than vulnerability scanning is to do a penetration test.
21:56
Now you're taking those vulnerabilities that were discovered in trying to actually exploit them.
22:00
To gain access to a system,
22:03
you might try things like password cracking
22:06
lots of different tools for this
22:07
and various reasons for doing it. You want to be able to verify the your passwords are not weak. For instance, a good strong password should not be easily cracked.
22:18
Also, it need to think about log review,
22:22
so that means that any any time an interesting event or suspicious event happens,
22:27
there should be a mechanism to generate an alert so that somebody can look into it and decide if it's worth
22:33
further investigation or not.

Up Next

Certified Information System Auditor (CISA)

In order to face the dynamic requirements of meeting enterprise vulnerability management challenges, CISA course covers the auditing process to ensure that you have the ability to analyze the state of your organization and make changes where needed.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor