Upload File

{ active directory security why bother?. law #1: nobody believes anything bad can happen to them,...

  • Home
  • Documents
  • { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if
12
{ Active Directory Security Why bother?

Upload: godfrey-barker

Post on 30-Dec-2015

219 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

{

Active Directory Security

Why bother?

Page 2: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Law #1: Nobody believes anything bad can happen to them, until it does

Law #2: Security only works if the secure way also happens to be the easy way

Law #3: If you don't keep up with security fixes, your network won't be yours for long

Law #4: It doesn't do much good to install security fixes on a computer that was never secured to begin with

Law #5: Eternal vigilance is the price of security Microsoft’s 10 Immutable

Laws of Security Administration

Page 3: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Law #6: There really is someone out there trying to guess your passwords

Law #7: The most secure network is a well-administered one

Law #8: The difficulty of defending a network is directly proportional to its complexity

Law #9: Security isn't about risk avoidance; it's about risk management

Law #10: Technology is not a panacea

Law’s continued

Page 4: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Next time someone asks why miscreants might want to hack his PC, show him this diagram.https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/

https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
Page 5: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

{

Setting Up a Secure Environment

Overview*Not all encompassing*

Page 6: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Service packs Hotfixes Notifications Network scanners Virus / malware protection software

Updateshttp://www.pcprofessionals.com.au/2013/the-importance-of-windows-updates/

http://www.pcprofessionals.com.au/2013/the-importance-of-windows-updates/
http://www.pcprofessionals.com.au/2013/the-importance-of-windows-updates/
Page 7: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Disable guest account Transport level encryption Remote network access File permissions Security groups Group policy Disable / uninstall unused services Secure user rights Firewall settings Backups Best Practice Analyzer – BPA Microsoft Baseline Security Analyzer

Security Settings

Page 8: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Enabled Adequate storage Central location Review schedule Email & other notification

Audit Logging

Page 9: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Why bother? Limit access Access logs Locked server closet / room Security cameras Network plugs Paper trail Environment monitoring Wireless vs wired Biggest security vulnerability – humans

Physical securityhttp://goinfopipe.com/top-7-physical-security-trends/#!prettyPhoto

http://goinfopipe.com/top-7-physical-security-trends/#!prettyPhoto
http://goinfopipe.com/top-7-physical-security-trends/#!prettyPhoto
Page 10: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Company stand Passwords Employee dismissal User access levels Privacy Mobile data transfer Computer use

Policies

Page 11: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

Sync network time Train your users

Miscellaneous

Page 12: { Active Directory Security Why bother?. Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if

http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf

http://it-audit.sans.org/community/checklists/active-directory-security

http://technet.microsoft.com/en-us/library/cc722488.aspx https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hack

ed-pc-revisited/

Sources

http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf
http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf
http://www.newark.com/images/en_US/marketing/pdf/BLackBoxPhysicalNetworkSecurity.pdf
http://it-audit.sans.org/community/checklists/active-directory-security
http://it-audit.sans.org/community/checklists/active-directory-security
http://it-audit.sans.org/community/checklists/active-directory-security
http://technet.microsoft.com/en-us/library/cc722488.aspx
http://technet.microsoft.com/en-us/library/cc722488.aspx
https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/
https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/

Fast Python? Don't Bother

History - Why Bother

Why bother?

Gen XYZ Why bother?

Why bother rata

Shoo Fly! Shoo, fly, don’t bother me, Shoo, fly, don’t ...printables.atozteacherstuff.com/download/nursery-rhymes/old... · Shoo, fly, don’t bother me, Shoo, fly, don’t bother

QEP, Why Bother?

Benchmark roundup – why bother

Why Bother Making Friends?

Copyright Law Class 1 Why Bother?. Why is Copyright Law Relevant? Impacts on economy huge. Affects artistic, cultural and moral sensibilities. Its interesting

Why bother?* - PwC

Badger Bother

SECURITY LAW

Why bother ?

Social media why bother?

Social Media: Why Bother?

Why Does Elliot Bother

Sixth Annual Judicial Symposium THE LAW OF NUISANCEnfje.net/resources/2010 Symposium Brochure.pdfSixth Annual Judicial Symposium THE LAW OF NUISANCE: Bother, Bore, or Basis for Broad

An intranet? why bother?

“Star Gazing “Star Gazing –– Why Bother?”Why Bother?” Warehousing SIG Fora... · “Star Gazing “Star Gazing –– Why Bother?”Why Bother? ... cubes 22/09/2007 11

Bother the apocalypse. Bother demons. Bother failure ... fileBother the apocalypse. Bother demons. Bother failure. Bother many things. The Gentle Ladies’ Tea & Monstrosity Destroying

NATIONAL SECURITY LAW

Is Immigration Law National Security Law?

Why Bother with Boomers?

FunScript: Why bother?

Mirrors why bother?

Ideal Gas Law Why bother with Gases? Properties of a Gas Animation P, V, T, n Ideal Gas Law Examples of Ideal Gas Law Ideal Gas Law - #molecules version

Why bother with rural?

Working parents: why bother?

Testing - Why Bother?

SMEs and Cyber Security - EEMA · SMEs and Cyber Security Why bother? Dr Daniel G. Dresner MInstISP ... Why should SMEs bother? •Customers do not generally ask for assurance •SMEs

LoNg RIDE, NEIgH BoTHER

Why Bother with Partnership

Why bother about consumers?

Why bother advertising