Đang chuẩn bị liên kết để tải về tài liệu:
Course 2830: Designing security for Microsoft networks - Module 9

Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ

Module 9 - Creating a security design for data. In this module, you will learn how to determine threats and analyze risks to data in an organization. You will learn how to design an access control model for files and folders in order to protect data that is stored on network servers. You will also learn about considerations for encrypting and managing data. | Module 9: Creating a Security Design for Data Overview Determining Threats and Analyzing Risks to Data Designing Security for Data Lesson: Determining Threats and Analyzing Risks to Data Overview of Access Control Why Securing Data Is Important Common Vulnerabilities to Data Practice: Analyzing Risks to Data Overview of Access Control Domain\User 1 S-1-5-21-14654234 Domain\Managers: S-1-5-21-14625585 EVERYONE: S-1-1-0 User Rights: SeChangeNotifyPrivilege - (attributes) 3 SeSecurityPrivilege - (attributes) 0 User1 attempts to access data on a server The server compares the DACL with the access token to determine User1’s rights User1 1 DACL SID User SID Group ACE Access Allowed User 1 Read 2 2 1 Access Token Read access granted Why Securing Data Is Important Attacker Threat Example External Theft of laptop An attacker steals a laptop from an employee’s car, boots the laptop by using a floppy disk, and changes the Administrator password. The attacker uses the account to access files on the laptop. Internal Default permissions used and auditing not enabled A network folder configured with default permissions contains a confidential file. An attacker copies the data and sells it to a competitor without being detected. Corporate Headquarters Internal Attacker Extracts data External Attacker Changes password Common Vulnerabilities to Data Vulnerability Example Configuration of permissions Computers running Windows 2000 and Windows XP use default NTFS and share permissions Permissions are assigned incorrectly Administrators and users have improper rights Physical security of data Computers are stolen Hardware fails A disaster destroys data Corruption of data A virus corrupts or deletes data Hardware fails and corrupts data A user irreversibly encrypts a file A user tampers with data Practice: Analyzing Risks to Data Read the scenario Answer the questions Discuss answers as a class 1 2 3 Analysis Lesson: Designing Security for Data Steps for Designing an Access . | Module 9: Creating a Security Design for Data Overview Determining Threats and Analyzing Risks to Data Designing Security for Data Lesson: Determining Threats and Analyzing Risks to Data Overview of Access Control Why Securing Data Is Important Common Vulnerabilities to Data Practice: Analyzing Risks to Data Overview of Access Control Domain\User 1 S-1-5-21-14654234 Domain\Managers: S-1-5-21-14625585 EVERYONE: S-1-1-0 User Rights: SeChangeNotifyPrivilege - (attributes) 3 SeSecurityPrivilege - (attributes) 0 User1 attempts to access data on a server The server compares the DACL with the access token to determine User1’s rights User1 1 DACL SID User SID Group ACE Access Allowed User 1 Read 2 2 1 Access Token Read access granted Why Securing Data Is Important Attacker Threat Example External Theft of laptop An attacker steals a laptop from an employee’s car, boots the laptop by using a floppy disk, and changes the Administrator password. The attacker uses the account to access files

TAILIEUCHUNG - Chia sẻ tài liệu không giới hạn
Địa chỉ : 444 Hoang Hoa Tham, Hanoi, Viet Nam
Website : tailieuchung.com
Email : tailieuchung20@gmail.com
Tailieuchung.com là thư viện tài liệu trực tuyến, nơi chia sẽ trao đổi hàng triệu tài liệu như luận văn đồ án, sách, giáo trình, đề thi.
Chúng tôi không chịu trách nhiệm liên quan đến các vấn đề bản quyền nội dung tài liệu được thành viên tự nguyện đăng tải lên, nếu phát hiện thấy tài liệu xấu hoặc tài liệu có bản quyền xin hãy email cho chúng tôi.
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.