William Slater's CYBR 515 Blog

William Slater's CYBR 515 Blog
CYBR 515 - Security Architecture and Design

Friday, December 9, 2011

Post 055 - CYBR 515




The M.S. in Cybersecurity at Bellevue University
(Click for more information)

I started this program on Monday, August 29, 2011. The links below will take you to the course blog that has been set up for each course in this program:

=========================================================

CIS 608 - Information Security Management
CYBR 515 - Security Architecture and Design
CYBR 510 - Physical, Operations, and Personnel Security
CIS 537 - Introduction to Cyber Ethics
CIS 607 - Computer Forensics
CYBR 520 - Human Aspects of Cybersecurity
CYBR 610 - Risk Management Studies
CYBR 615 - Cybersecurity Governance and Compliance
CYBR 625 - Business Continuity Planning and Recovery
DET 630 - Cyber Warfare & Deterrence
CYBR 525 - Ethical Hacking and Response
CYBR 650 - Current Trends in Cybersecurity


=========================================================

If you are interested in me and my career, here are some additional links:

Resume
Career
Certifications
Credentials
ISO 27001
M.S.
MBA
Bio
Writing
Thoughts
Secrets
Chicago
Love Story

====================================

William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
slater@billslater.com
Chicago, IL

Sunday, November 20, 2011

Post 054 - CYBR 515






The Fat Lady Has Sung, So This Blog Has Completed - Thanks for Reading!

It's over. The Fat Lady Has Sung, So This Blog has now completed. Thanks for reading, Folks!

Do you want to hear the Fat Lady sing? Click here! (Turn it up!)



=================================
William Favre Slater, III, PMP
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 515 Blog: http://cybr515.blogspot.com
http://billslater.com/career
Chicago, IL

Post 053 - CYBR 515


EDF used Trojans to spy on Greenpeace


EDF is a giant French Energy company. The head of nuclear energy at EDF was fined 1.5 million euros for commissioning Kargus Consultants to use Trojans to attack Greenpeace's Yannick Jadot’s computer in 2006, stealing 1,400 documents relating to the organisation’s campaign against nuclear power. Jadot was then head of campaigns in France.

This judicial ruling was extremely important because it was the largest of its kind that was ever awarded.

From the article:

"The court in Nanterre handed EDF’s former security head, Pascal Durieux, a three-year jail sentence with one suspended, while his deputy Pierre-Paul François was given three years with 30 months suspended.

"The head of Kargus, Thierry Lorho, was given three years in jail with two suspended and a 4,000 euro fine while his technical expert and former secret service man, Alain Quiros, was given two years suspended."

"The evidence presented at the trial showed that the espionage undertaken by EDF in its efforts to discredit Greenpeace was both extensive and totally illegal. The company should now give a full account of the spying operation it mounted against its critics," said Greenpeace UK executive director, John Sauven.

What was especially astounding was that Pascal Durieux was a retired rear admiral from the French Navy and Pierre-Paul François had worked as a policeman.


=================================
William Favre Slater, III, PMP
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 515 Blog: http://cybr515.blogspot.com
http://billslater.com/career
Chicago, IL

Post 052 - CYBR 515




"Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says"


This is an alarming news story and points out the vulnerability of infrastructure points in the U.S. It hits very close to home also because I think these hackers probably attacked the Jardine Water Treatment Plant (information here)that is operated by the City of Chicago. This plant pumps over one billion gallons of water out of Lake Michigan every day, and I am one of nearly 8 million people who use this water from the Jardine Water Treatment Plant daily to cook, shower, etc.

Sadly, people have been aware of such vulnerabilities for some time and such attacks have been predicted as far back as 10 to 15 years ago.

Let's hope home our city and national authorities are paying attention to this news and that they will act before it is too late.

===========================


Bill
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
CYBR 515 Blog: http://cybr515.blogspot.com
http://billslater.com/career
Chicago, IL
United States of America

Thursday, November 17, 2011

Post 051- CYBR 515


Week Twelve Assignments

Theme for the Week - Validating a Secure Design

Learning Objectives:

• Describe how PCI Data Security Standards are used to enhance payment card data security.

• Design a certification and evaluation plan for a secure network.

• Propose solutions to network security vulnerabilities that are exposed during an audit.

Readings:

https://www.pcisecuritystandards.org/security_standards/index.php

https://www.pcisecuritystandards.org/security_standards/documents.php

https://www.pcisecuritystandards.org/documents/pci_dss_saq_instr_guide_v2.0.pdf

http://www.sans.org/score/


This week:

Now that you've created a design for a secure network, how do you know that it meets acceptable standards and practices for security? After all, both threats and the technology to meet them are constantly evolving. You need a way of ensuring that your network provides an acceptable level of risk. Fortunately, there are several organizations and methodologies that are in place to help you. Our reading assignments for this week expose you to some of the more important ones, and they, in turn, will point you to others by way of reference. If you take the time to examine these documents, you will be provided with a considerable amount of insight into how networks are certified, managed, and audited.

Some things to remember. Our networks are not static, and many of the technologies we implement can undo or circumvent security that we painstakingly put in place. Wireless is a good example. We need to consider the impact of all changes that we make and stay up to date on the latest tools and methodologies for identifying and eliminating vulnerabilities.

As part of our reading, we reference the Payment Card Industry’s Data Security Standards (PCI DSS) and their Documents Library. We also examine their Self-Assessment Questionnaire. These two documents explain the requirements for security to support payment processing. In addition, we'll review documents from the SANS. They have a Security Consensus Operational Readiness Evaluation (SCORE) that has benchmarks, scoring tools, checklists. and step-by-step guides. You can use these tools to evaluate an IT architecture. Please begin your lessons.

Week 12 Discussion

This week's reading involved both Security Consensus Operational Readiness Evaluation (SCORE) and Payment Card Industry (PCI) Data Security Standard 2.0. In your post this week, mention one important concept you have learned regarding these two assessment methodologies.

General Posting Guidelines (for participation): Postings are counted as participation for the week. Make sure all postings for this week's assignments are posted to this week's discussion forum. You must post at least two substantive messages to get minimum credit for participation (a 'C' grade). Two messages on different days gets a 'B' for participation - more postings (including answering other questions) get more credit. To qualify for an 'A' grade, you must post at least three critical thinking messages on three different days. Postings on the last day of the lesson will not count for credit since other students will not have sufficient time to respond or participate in your discussion. Post early and often. Don't wait until the last minute!

Assignment 12_2 (Attach to this assignment)

This assignment involves an evaluation of a secure design. Using the materials from your reading assignment, perform a security evaluation on the fictitious organization in the case study attached to this assignment. Use SCORE or PCI assessment methodology from your reading for your evaluation. Please use this week's discussion forum to post any questions or comments you have about this assignment. Save your findings in a word document named CYBR515 Assignment 12_2 , and attach it to this assignment.

Assignment 12-3 MIlestone 5 (Attach to this assignment)

Your project deliverable for this milestone is a brief PowerPoint presentation that could be presented to senior management explaining your recommendations. In your presentation, provide an overview of the present system, including any security vulnerabilities that you found. Outline the main points/diagrams/recommendations. Use the Notes section of the PowerPoint slides to explain any details about the slide. Review your semester project document for additional information on this assignment.

Please include CYBR515 Assignment 12-3 and your name in the file name for your PowerPoint presentation and attach it to the appropriate assignment for grading.

Thursday, November 10, 2011

Post 050 - CYBR 515



U.S. Charges 7 in Alleged Internet Ad Fraud Scam

November 9, 2011

For the first time, I believe, U.S. authorities Wednesday charged seven people living in Estonia and Russia with using malicious software to hijack millions of computers worldwide to redirect Internet searches toward online ads.
Starting in 2007, the suspects created fake companies that contracted with legitimate advertiser websites to drive Internet traffic toward their Internet pages, according to a Manhattan federal court indictment.

About 4 million computers in 100 countries including the United States were infected with malicious software designed by the defendants that would redirect an Internet user's browser toward the online advertisements, the indictment said. The defendants were paid about $14 million by advertisers based on the amount of "clicks" the ad pages would receive, it said.


Note - these people could have installed spyware on your computer. Maybe you should ensure that your security software protects against such malware.


====================================
William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585
Project Manager / Program Manager
Chicago, IL
slater@billslater.com
http://billslater.com/career

Wednesday, November 9, 2011

Post 049 - CYBR 515


Week Eleven Assignments

Theme for the Week - Network Management Security
Learning Objectives:

Describe the contributions made by an automated network management system to the security of a network infrastructure.
Design a distributed network management infrastructure using commercially available components.
Explain why SNMPv3 was developed.

Readings:
Chapter 12 - Network Management Security. Please note that this chapter is not available from your textbook. Instead, you must access it on the author's companion web site at the following URL:Chapter 12

This week:
It would make our lives as network administrators much easier if the secure networks we built never needed monitoring or fine tuning. In that perfect world, we would set them up and they would work forever with no issues. Networks are only as secure as their next exploit, and they must be constantly monitored and upgraded to recognize and mitigate evolving threats. However, the act of monitoring a network is made more difficult by the security constraints that we implement. Therefore, we need to know the strong points and limitations of network management architectures.

Our lesson examines one such architecture based on Simple Network Management Protocol (SNMP). We will discuss the standards that define it, the elements it is composed of, and the data it collects. Now, let's get started.

Assignment 11_1 (On-line Quiz)

Take this ten question true/false and multiple choice chapter quiz over the reading assignment. Quizzes are a "participation grade," which means that you can retake them as many times as necessary. However, please be aware that low scores are a sign that you need to go back to the reading assignment, slow down, and read more carefully.

You need to take the quiz by the end of the week to earn credit.

Assignment 11_2 (Post to this week's discussion forum)
Post a substantive answer to one of the following questions. Please select a question that has not been previously answered by one of your classmates, until all questions have been answered at least once. Once that has been done, you may select any question that has only been answered once. Once you have submitted your initial post, read each initial post and respond to at least three. Remember to cite your sources.

1. What is view-based access control and what is it used for. In your answer provide an example of where you might use it.

2. As a lead-in to this week's reading assignment, the author provides a quote from The Art of War by Sun Tzu. How does that quote relate to Network Management Security?

3. What is a Management Information Base (MIB) and what is is used for in SNMP? Provide examples.

4. Why was SNMPv3 developed? How does it improve security over versions 1 and 2?

5. What is the meaning of the term principal, as used when describing SNMP? How does this term relate to a principal as used in Kerberos standards?

6. Put your hacking hat on for this question. If you wanted to attack SNMP, how might you do it? What would be the objective of your attack? In your answer, you get to pick the version for your attack.

7. Why would you want SNMP installed on your network and how would it improve security. Please note that, "It won't improve security and I don't want it," is not an acceptable answer.

8. What are the main modules in a traditional SNMP Engine, and what does each do?

9. What is an SNMP community? Should each community be secured the same. Explain your answer and provide an example.

10. Why is authentication and authorization required in SNMP. Explain what might happen if SNMP didn't provide for either one.

Our trivia question for the week: What is Code Red (not the drink), when did it originate, and what did it do to Cisco 675 and 678 routers?
General Posting Guidelines (for participation): Postings are counted as participation for the week. Make sure all postings for this week's assignments are posted to this week's discussion forum. You must post at least two substantive messages to get minimum credit for participation (a 'C' grade). Two messages on different days gets a 'B' for participation - more postings (including answering other questions) get more credit. To qualify for an 'A' grade, you must post at least three critical thinking messages on three different days. Postings on the last day of the lesson will not count for credit since other students will not have sufficient time to respond or participate in your discussion. Post early and often. Don't wait until the last minute!

Assignment 11_3 (Attach to this assignment)
Review the diagram of an example distributed network management configuration on P 12-9 of our reading assignment. For each different element shown, describe its roles and function.
Save your description to a Microsoft Word document as CYBR515 Assignment 11_3 and attach it to this assignment.


Assignment 11.4 Milestone 5 (Due next week)
You should devote some time to the Milestone 5 submission for your semester project this week. The next set of deliverables are due on the last day of Week 12. Get started as soon as you can to avoid the last minute rush.

Monday, November 7, 2011

Post 048 - CYBR 515


Prisoners from California Prisons

A Real Automation Integration Nightmare: Can Hackers Release Prisoners from California Prisons?

The articles below explain the probability of Hackers being able to break into the computer systems and networks that control the release mechanisms that lock the doors in California Prisons. This further highlights the need for strong leadership, policies, and efforts in sound Information Security Management.


===========================================
William Favre Slater, III, MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
http://billslater.com/career
Chicago, IL
United States of America

Sunday, November 6, 2011

Post 047 - CYBR 515


USA PATRIOT ACT and Its Effect on the American People

Many of you may be unaware of the USA PATRIOT ACT that was passed in October 2001 as a quick response to the terrorist attacks of September 11, 2001. This post explains some facts that you need to know about the USA PATRIOT ACT and how it changed the freedoms that the Founding Fathers tried to provide for the citizens of this country when the first wrote and ratified the Constitution of the United States and the first 10 Ammedments, commonly known as the Bill of Rights.

USA PATRIOT ACT essentially nullified 5 of the first 10 Amendments to the U.S. Constitution.

Many citizens feel strongly that the powers now granted to the Executive branch of government and its agents are in direct conflict with the 1st, 4th, 5th, 6th and 8th Amendments in the Bill of Rights to the U.S. Constitution (see Bill of Rights, below.). In other words, we now live in such times that many of the rights to privacy that we thought we were guaranteed under the U.S. Constitution, are now preempted, at least temporarily by the PATRIOT Act. In fact, the only way that the PATRIOT Act could be successfully passed in both chambers of Congress was to include a “Sunset Clause,” which caused many of the more far-reaching provisions of the Act to expire automatically, unless they were again reviewed and approved by both chambers of Congress. Though there was a “Sunset Clause" the PATRIOT Act has now been renewed TWICE, once under President Bush and once under President Obama.

= = = = = = = = = = = = = = = = = = = = = = = = = = = =

Bill of Rights – First 10 Amendments to the U.S. Constitution

ARTICLES IN ADDITION TO, AND AMENDMENTS OF, THE Amendments to the Constitution

CONSTITUTION OF THE UNITED STATES OF AMERICA, PROPOSED BY CONGRESS, AND RATIFIED BY THE LEGISLATURES OF THE SEVERAL STATES, PURSUANT TO THE FIFTH ARTICLE OF THE ORIGINAL CONSTITUTION

Article [I.]

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

Article [II.]

A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.

Article [III.]

No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.

Article [IV.]

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Article [V.]

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

Article [VI.]

In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the Assistance of Counsel for his defence.

Article [VII.]

In Suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury, shall be otherwise re-examined in any Court of the United States, than according to the rules of the common law.

Article [VIII.]

Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.

Article [IX.]

The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Article [X.]

The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

References:

The Constitution of the U.S. (1788). U.S. Constitution. Retrieved from the web athttp://www.billslater.com/wfs_us_constitution.htm on November 6, 2011.

Wikipedia. (2011). USA PATRIOT Act. A Wikipedia article retrieved from the web athttp://en.wikipedia.org/wiki/Usa_patriot_act on November 6, 2011.


===========================

William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585
Project Manager / Program Manager
Chicago, IL
slater@billslater.com
http://billslater.com/career

Thursday, November 3, 2011

Post 046 - CYBR 515

Foreign Spies Stealing US Economic Secrets in Cyberspace

Many of you may want to read this report and perhaps share it with your families, friends, and colleagues.

Foreign Spies Stealing US Economic Secrets in Cyberspace
http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf

It details the threats of China and Russia and how active they are in their respective efforts to steal secrets from U.S. Companies.

More about this report in this article from the web:

In a world of cybertheft, U.S. names China, Russia as main culprits

http://www.washingtonpost.com/world/national-security/us-cyber-espionage-report-names-china-and-russia-as-main-culprits/2011/11/02/gIQAF5fRiM_story.html?wprss=

The threats described in these reports are some of the main reasons that I signed up for this 18 month program for an M.S. in Cybersecurity at Bellevue University in Bellevue, NE.


==========================================================

William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585
Project Manager / Program Manager
Chicago, IL
slater@billslater.com
http://billslater.com/career

Post 045 - CYBR 515



Time to Get Naked... Naked Security - An Award-winning IT Security Blog Worth Checking Out

Today, the good folks at Naked Security helped save me and my wife from a Facebook scam related to giving away two "free" Southwest Airlines tickets. This is the linkk that saved us from that scam: http://nakedsecurity.sophos.com/2011/10/03/freesouthwest-airlines-tickets/
I found it using Google, then checked it out and this an award-winning IT Security Blog and it is definitely worth checking out.

Get Naked(Security) and Enjoy!


William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585
Project Manager / Program Manager

Wednesday, November 2, 2011

Post 044 - CYBR 515


Week Ten Assignments

Theme for the Week - Firewalls

Learning Objectives:
Choose an appropriate firewall for a given secure network.
Differentiate between hardware and software firewalls.
Describe the types of firewalls and what features they provide.
Explain the strengths and weaknesses of firewalls.

Readings:

• Chapter 11 in your textbook.

http://www.cisco.com/en/US/products/hw/vpndevc/index.html (this page leads to several Cisco product lines for secure networking)

http://www.sonicwall.com/us/


This week:
Firewalls are an indispensable means to regulate traffic between hosts or between networks. Firewalls are implemented in many forms, and they may be hardware devices or programs that run on individual computers. However, regardless of where they are located, they ultimately serve only one purpose: allow good packets to pass and block bad ones.
A firewall is the first line of defense between your network and an external attacker. Therefore, it would be poor network security design to omit a firewall from your network architecture. In addition, it would not be wise to install hosts on your network that were not protected by software firewalls. All major operating systems have built-in firewalls, and there are additional layers of protection that are available from third party vendors.
Our reading assignment for this week provides a good overview of firewalls. In addition, the supplemental readings give insight into some firewall products that are available today. Please take the time to go through these readings, as they will provide valuable information to you when attempting to design the correct firewall solution for a secure network.
Assignment 10_1 (On-line Quiz)
Take this ten question true/false and multiple choice chapter quiz over the reading assignment. Quizzes are a "participation grade," which means that you can retake them as many times as necessary. However, please be aware that low scores are a sign that you need to go back to the reading assignment, slow down, and read more carefully.

You need to take the quiz by the end of the week to earn credit.
Assignment 10_2 (Post to this week's discussion forum)
Post a substantive answer to one of the following questions. Please select a question that has not been previously answered by one of your classmates, until all questions have been answered at least once. Once that has been done, you may select any question that has only been answered once. Once you have submitted your initial post, read each initial post and respond to at least three. Remember to cite your sources.

1. What techniques could an intruder use to break into or circumvent a firewall? Provide examples to illustrate your answer.

2. How does a firewall work? Provide examples. Also, avoid answers like, "It works very well," as they will not get you any credit for your post.

3. Which are better, hardware or software firewalls? Support your answer.

4. If your network could have only one hardware firewall, where should it be placed and why? You may use a picture or diagram.

5. If all traffic entering or leaving a local network passes through a firewall, couldn't that firewall negatively impact performance? What would you do if that was the case?

6. If a virtual private network is allowed to pass through a firewall (for example, between a Windows server in the local network and a laptop on the Internet,) what problems might occur? Provide an example.

7. What secure network design considerations are important when selecting and configuring a firewall?

8. What is a local security policy and how would you implement one?

9. If a hacker broke into your firewall and configured it to allow all traffic from any originator to go to any destination, what would be the impact to your network in terms of security? Elaborate.

10. Do you believe any of the design goals for firewalls, as discussed in your reading, are achievable? Elaborate.

Our trivia question for the week: What is a Blue Box and what was it used for?

General Posting Guidelines (for participation): Postings are counted as participation for the week. Make sure all postings for this week's assignments are posted to this week's discussion forum. You must post at least two substantive messages to get minimum credit for participation (a 'C' grade). Two messages on different days gets a 'B' for participation - more postings (including answering other questions) get more credit. To qualify for an 'A' grade, you must post at least three critical thinking messages on three different days. Postings on the last day of the lesson will not count for credit since other students will not have sufficient time to respond or participate in your discussion. Post early and often. Don't wait until the last minute!
Assignment 10_3 (Attach to this assignment)
Using the Internet and other appropriate references, locate a hardware or software firewall product or service that has not previously been discussed in this assignment. It may be a program, a security appliance, or a router that has the ability to do stateful and deep packet inspection. Describe your firewall and its capabilities and explain how it could be used in a secure network to provide protection. List any sites or references used in your research in APA format. Save your description to a Microsoft Word document as CYBR515 Assignment 10_3_ and attach it to this assignment.


Assignment 10-4 Milestone 4

Our fourth set of project deliverables is due this week. For this milestone you will be making your final design changes to the network infrastructure. Review all of your work to this point, and use everything that you have learned from this course to provide the appropriate level of security at each level of the network. Again, use the information from your studies and feedback from previous assignments, to help you with this process.

Produce a final revision of your Visio diagram and a final set of recommendations for change in a Microsoft Word document. You should include any past Visio diagrams as tabs, so we can track changes and progress. Your written discussion should explain your recommendations in enough detail to be easily understood by the "customer." Remember to cite any sources that you choose to use in APA format.

Attach your completed documents to this assignment. Please include CYBR515 Assignment 10-4 and your name in the file name for your diagram and summary. Remember, you only have one opportunity to attach documents, so please attach both documents at the same time.

Monday, October 31, 2011

Post 043 - CYBR 515





Important News Item: DHS: U.S. infrastructure faces a barrage of cyber-attacks

Summary from CompTIA News Digest on October 30, 2011:

DHS: U.S. infrastructure faces a barrage of cyber-attacks
Hackers have launched thousands of cyber-attacks against critical U.S. infrastructure such as financial and transportation assets and have nearly succeeded in crippling key systems, according to the Department of Homeland Security. DHS Secretary Janet Napolitano said officials responded to more than 100,000 cybersecurity incidents in fiscal 2011, and she urged Congress to draft stronger laws to protect the nation's most vital networks.


========================================================
My Comments:

Looks like yet another reason to be in the Bellevue University M.S. in Cybersecurity Program:

I am resolved, more than ever, to do all the work and complete this important program.

I am also keeping my (public) course blogs up to date and they are getting TONS of hits.

http://cis608.blogspot.com - CIS 608 - Information Security Management

http://cybr515.blogspot.com - Security Architecture and Design

========================================================

William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
http://billslater.com/career
Chicago, IL
United States of America


Sunday, October 30, 2011

Post 042 - CYBR 515




Newly Discovered Information: Chinese Hackers Attacked U.S. Satellites in 2007 and 2008

This is amazing. Why would our friends do something like this to American satellites?

Source: http://unionresourcecenter.com/wp/?p=9168

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

More Information is in this BBC article:
http://www.bbc.co.uk/news/business-15490687

More Information is also in this Bloomburg article:
http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html

==============================
William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585

Project Manager / Program Manager
Chicago, IL
slater@billslater.com
http://billslater.com/career



Post 041 - CYBR 515



Designing and Implementing Enterprise Network Malware Prevention Solutions


==============================================

Conclusion (from the presentation)

This Enterprise Malware Protection Solution Implementation Project will:

1. Help provide protection from a wide range of threats
2. Enable excellence in protecting our client’s information
3. Help optimize return on investments
4. Help provide future business opportunities
5. Help protect the Slater Technologies, Inc. brand and reputation
6. Help ensure business continuity
7. Help reduce the risk of financial loss
8. Help reduce risk of litigation
9. Help Slater Technologies to become famous for what we do and how we do it

==============================================


The diagrams above were part of the design and presentation I created as part of the assignment shown below.

Companies like Symantec, McAffee, Trend Micro, Kaspersky, etc. provide enterprise-level malware protection. Choose a major anti-virus company and familiarize yourself with their product line. Using what you learned from your research and this week's reading assignment, create an executive presentation of 8-12 PowerPoint slides on the product and on how you would install an enterprise malware solution on a hypothetical network with 50 Windows servers and 2000 Windows 7 computers. Provide sufficient detail about hardware devices and software and where they would be installed. Create a high-level Visio diagram to accompany your proposal that shows the layout of your software. It is not necessary to diagram your complete network, just a high level representation of it. For example, you could represent the 2000 Windows 7 computers with one Icon labeled Windows 7 Workstations (2000). However, if you include a security appliance that provides malware protection, it should be included as a separate icon. Also, indicate location of software components (clients, servers, databases, management tools, etc) on your diagram, as well.


================

William F. Slater, III, M.S., MBA, PMP, CISSP, SSCP, CISA, MCITP, MCSE, ISO 20000, ISO 27002, MCP #3585
Project Manager / Program Manager
Chicago, IL
slater@billslater.com
http://billslater.com/career


Friday, October 28, 2011

Post 040 - CYBR 515




Navajo Codetalkers - Some True World War II American Heroes of the U.S. Marine Corps

Week 9, Assignment 9_2 Trivia Question:

What is code talking and how was it used in World War 2?

During the early part of World War II, the U.S. Government allowed the United States Marine Corps to recruit Native Americans from the Navajo tribe to be able to quickly transmit messages via combat radio equipment using their native Navajo language in combat situations in the Pacific Theater while fighting the Japanese troops (Churchhouse, 2004).

Initially, this project with the Navajo codetalkers, as they were called, started with 29 Navajo Marines. The significance of the ability to use these these Navajo codetalkers was that it afforded the U.S. Marines the ability to transmit vitally important battlefield communications using their native Navajo language in a way that the Japanese could not possibly hope to crack. Reason: the Japanese had no familiarity with the Navajo language (Churchhouse, 2004).

What is remarkable is the patriotism and the heroism of these men. Depite the fact that, many native Americans still felt as if the Americans had stolen their land during the 1700s and the 1800s. These Navajo Codetalkers rose to the call to serve the U.S. cause in World War II, and placed themselves in harm’s way in battlefield situations to help further the cause of the U.S.’s tactical and strategic objectives in the Pacific Theatre.

I did some additional research and found 12 very interesting pictures of the surviving Navajo codetalkers and these pictures are attached (Facebook Navajo Codetalkers Forum, 2011).

Please check out these pictures. They will help you understand a lot about these magnificent Americans and their selfless service to the U.S.

Enjoy!

References:

Churchhouse, R. (2004). Code and Ciphers: Julius Caesar, the Enigma, and the Internet. Cambridge, U.K.: Cambridge University Press.

Facebook Navajo Codetalkers Forum. (2011). Facebook Navajo Codetalkers Forum Photo Album. Retrieved from the web at http://www.facebook.com/pages/Our-Navajo-Code-Talkers/119244804756?ref=ts&sk=wall on October 28, 2011.

Best regards,

Bill
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 515 Blog: http://cybr515.blogspot.com
Chicago, IL
United States of America



Thursday, October 27, 2011

Post 039 - CYBR 515



Internet History and Growth Presentation

Tonight, I updated my Internet History and Growth presentation.


I originally created this in 2002 and it was well received. Tonight I added slides about the impact of mobile technologies and Steve Jobs.

Enjoy!


William Favre Slater, III, MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
http://billslater.com/career
Chicago, IL
United States of America


Post 038 - CYBR 515

Discussion Question about Using USB 2.0 Drives


No. 18 What measures would you take to enable the use of USB 2.0 drives in your network while providing protection from the malware they might carry?

Assume that I am a manager in a large enterprise organization that uses Windows Server 2008 in its infrastructure.

1) I would write the following Information Security Policies:

a. A policy that required the use of Kanguru USB 2.0 with built-in malware detection (Kanguru, 2011).

b. A policy that included a restriction use of USB drives to a limited number of workstations, PCs and laptops in each work area.

c. A policy that covered the proper use, the misuse, and dangers of USB drives.

d. A policy that required the creation and implementation of a Windows Server 2008 Group Policy Object that would prevent the use of USB drives on every machine on the network except the designated machines.

2) I would work with the Lead System Administrator to create and implement the Windows Server 2008 Group Policy Object that would prevent the use of USB drives on every machine on the network except the designated machines (Pertri, D, 2011).

3) I would work with a trainer to develop Information Security Awareness training that covered the use, misuse and dangers of USB drives, as well as the requirement to use Kanguru USB drives on designated workstations, PCs, and laptops in designated areas.

4) I would develop and administer a 10-question quiz about the proper use of USB drives that tested the effectiveness of the Information Security Awareness training.

5) I would purchase and distribute the Kanguru secure USB drives to those who scored at least 90% correct on the quiz (Kanguru, 2011).

6) I would set up safeguard security software on those designated workstations, PCs, and laptops that would automatically scan any USB drive for malware prior to enabling it.

Each of these These would help ensure that most malware was kept off the enterprise network.

Kanguru. (2011). Securing Flash Drives within the Enterprise. A blog with Information Security Management Tips. Retrieved from the web at http://blog.kanguru.com/index.php/securing-flash-drives-within-the-enterprise/#more-1072 on October 24, 2011.

Petri, D. (2009). How can I prevent users from using USB removable disks (USB) flash drives) by using a Group Policy (GPO)? An article published at the petri IT Knowledgebase website. Retrieved from the web at http://www.petri.co.il/disable_usb_disks_with_gpo.htm on October 24, 2011.


Bill
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 515 Blog: http://cybr515.blogspot.com
Chicago, IL
United States of America