《微软经典1(区块篇)课件》由会员分享,可在线阅读,更多相关《微软经典1(区块篇)课件(51页珍藏版)》请在金锄头文库上搜索。
1、,第一篇 区块篇,At Risk,The Soft Underbelly,Security Issues Today,1 Source: Forrester Research 2 Source: Information Week, 26 November 2001 3 Source: Netcraft summary 4 Source: CERT, 2003 5 Source: CSI/FBI Computer Crime and Security Survey 6 Source: Computer Security Institute (CSI) Computer Crime and Sec
2、urity Survey 2002 7 Source: CERT, 2002 8 Source: Gartner Group,14B devices on the Internet by 20101 35M remote users by 20052 65% increase in dynamic Web sites3 From 2000 to 2002 reported incidents rose from 21, 756 to 82,0944 Nearly 80 percent of 445 respondents surveyed said the Internet has becom
3、e a frequent point of attack, up from 57 percent just four years ago5,90% detected security breaches6 85% detected computer viruses6 95% of all breaches avoidable with an alternative configuration7 Approximately 70 percent of all Web attacks occur at the application layer8,Application Layer Attacks,
4、Identity Theft Web Site Defacement Unauthorized Access Modification of Data, Logs and Records Theft of Proprietary Information Service Disruption,Implications,Compliance: Sarbanes Oxley Gramm Leach Blilely US Patriot Act HIPAA The Privacy Act (CA) Basel 2 (EU) Data Protection Act (EU) Litigation Fil
5、e Sharing Piracy HR Issues Shareholder Suits,Customer Impact,Types Of SRP Rules,Path Rule Compares path of file being run to an allowed path list Use when you have a folder with many files for the same application Essential in when SRPs are strict,Hash Rule Compares the MD5 or SHA1 hash of a file to
6、 the one attempted to be run Use when you want to allow/prohibit a certain version of a file from being run,Certificate Rule Checks for digital signature on application (i.e. Authenticode) Use when you want to restrict both win32 applications and ActiveX content,Internet Zone Rule Controls how Inter
7、net Zones can be accessed Use when in high security environments to control access to web applications,SQL Server 2005 Themes,Supportability updating must be initiated manually,Office Update Web site:,How To Use Office Update,Go to ,1,Click Check for Updates,2,Install the Office Update Installation
8、Engine (if not already installed),3,Select the updates you want to install,4,Click Start Installation,5,How To Use SUS,On the SUS server,Configure the SUS server at http:/SUSAdmin,On each SUS client,Configure Automatic Updates on the client to use the SUS server Use Group Policy, manually configure
9、each client, oruse scripts,Set the SUS server synchronization schedule,Review, test, and approve updates,1,2,3,How To Use MBSA,Download and install MBSA (once only),1,Launch MBSA,2,Select the computer(s) to scan,3,Select relevant options,4,Click Start scan,5,View the Security Report,6,Software Updat
10、e Service Deployment Best Practices (1),Software Update Service Deployment Best Practices (2),How To Use SMS To Deploy Patches,SMS MBSA Integration,MBSA integration included with SMS 2003 and the SUS Feature Pack for SMS 2.0 Scans SMS clients for missing security updates using mbsacli.exe /hf,MBSA B
11、enefits,Scans systems for Missing security patches Potential configuration issues Works with a broad range ofMicrosoft software Allows an administrator to centrally scan multiple computers simultaneously MBSA is a free tool, and can bedownloaded from,MBSA Considerations,MBSA reports important vulner
12、abilities,Password weaknesses Guest account not disabled Auditing not configured Unnecessary services installed IIS vulnerabilities IE zone settings Automatic Updates configuration Internet Connection Firewall configuration,MBSA Scan Options,MBSA has three scan options MBSA graphical user interface
13、(GUI) MBSA standard command-lineinterface (mbsacli.exe) HFNetChk scan (mbsacli.exe /hf),Business Case ForPatch Management,When determining the potential financial impact of poor patch management, consider,Downtime Remediation time Questionable data integrity Lost credibility Negative public relation
14、s Legal defenses Stolen intellectual property,“We commend Microsoft for providing enhanced security guidance to its customers as well as for soliciting user input as part of the process of producing that guidance“ Clint Kreitner President/CEO,“NIST reviewed and provided technical comments device independent. Integration into a broad range of different applications and devices.,
