Skip to main content

Information Security Controls Information Assurance (IA) in securetecho


1.5 Information Security Controls
Information Assurance (IA) in securetecho
IA refers to the assurance that the integrity, availability, confidentiality, and authenticity of information and information systems is protected during usage, processing, storage, and transmission of information.this type of information provided by securetecho of ethical hacking and information security.in the securetecho we will discouss everything .

Some of the processes that help in achieving information assurance include:
Developing local policy, process, and guidance

  • Designing network and user authentication strategy
  • Identifying network vulnerabilities and threats
  • Identifying problems and resource requirements
  • Creating plan for identified resource requirements
  • Applying appropriate information assurance controls
  • Performing certification and accreditation
  • Providing information assurance training


Information Security Management Program
Programs that are designed to enable a business to operate in a state of reduced risk.

It encompasses all organizational and operational processes, and participants relevant to information security.

Information Security Management Framework: It is a combination of well-defined policies, processes, procedures, standards, and guidelines to establish the required level of information security.

Threat Modeling
Threat modeling is a risk assessment approach for analyzing security of an application by capturing, organizing, and analyzing all the information that affects the security of an application.
Identify Security Objectives: Helps to determine how much effort need to puton subsequent steps.

Application Overview: Identify the components, data flows, and trust boundaries.

Identify VulnerabilitiesIdentify weaknesses related to the threats found using vulnerability categories.

Decompose Application: Helps you to find more relevant and more detailed threats.

Identify Threats: Identify threats relevant to your control scenario and context using the information obtained in steps 2 and 3.

3 major building blocks: understanding the adversary's view, characterizing the security of the system, and determining threats.

Enterprise Information Security Architecture (EISA)
EISA is a set of requirements, processes, principles, and models that determines the structure and behavior of an organization's information systems.

EISA Goals:
Helps in monitoring and detecting network behaviors in real time acting upon internal and externals security risks.

Helps an organization to detect recover from security breaches.

Helps in prioritizing resources of an organization and pays attention to various threats.

Benefits organization in cost prospectivewhen incorporated in security provisions such as incident response, disaster recovery, event correlation, etc.

Helps in analyzing the procedure needed for the IT department to function properly and identify assets.

Helps to perform risk assessment of an organization IT assets with the cooperation of IT staff.

Network Security Zoning
Network security zoning mechanism allows an organization to manage a secure network environment by selecting the appropriate security levels for different zones of Internetand Intranet network.

It helps in effectively monitoring and controlling inbound and outbound traffic.

Examples of Network Security Zones:
Internet Zone: Uncontrolled zone, as it is outside the boundaries of an organization.

Internet DMZ: Controlled zone, as it provides a buffer between internal networks and Internet.

Production Network Zone: Restricted zone, as it strictly controls direct accessfrom uncontrolled networks.

Intranet Zone: Controlled zone with no heavy restrictions.

Management Network Zone: Secured zone with strict policies.

Internet and Intranet

Defense in Depth
Defense in depth is a security strategy in which several protection layers are placed throughout an information system.

It helps to prevent direct attacks against an information system and data because a break in one layer only leads the attacker to the next layer.
Policies, Procedures, and Awareness

  • Physical
  • Perimeter
  • Internal Network
  • Host
  • Application
  • Data                                                                                                                                                                                                         Information SecurityPolicies
Security policies are the foundation of the security infrastructure.

Information security policy defines the basic security requirements and rules to be implemented in order to protect and secure organization's information systems.

Goals of Security Policies:
Maintain an outline for the management and administration of network security.

Protect an organization's computing resources.

Eliminate legal liabilities arising from employees or third parties.

Prevent waste of company's computing resources.

Prevent unauthorized modifications of the data.

Reduce risks caused by illegal use of the system resource.

Differentiate the user's access rights.

Protect confidential, proprietary information from theft, misuse, unauthorized disclosure.

There are two types of security policies: technical security and administrative security policies. Technical security policies describe how to configure the technology for convenient use; administrative security policies address how all persons should behave.

Types of Security Policies :
Promiscuous Policy:
No restrictions on usage of system resources.

Permissive Policy :
Policy begins wide open and only known dangerous services/attacks or behaviorsare blocked.

It should be updated regularly to be effective.

Prudent Policy :
It provides maximum security while allowing known but necessary dangers.

It blocks all services and only safe/necessary services are enabled individually; everything is logged.

Paranoid Policy:

It forbids everything, no Internet connection, or severely limited Internet usage.

Example of Security Policies
Access Control Policy: It defines the resources being protected and the rules that control access to them.

Remote-Access Policy: It defines who can have remote access, and defines access medium and remote access security controls.

Firewall-Management Policy: It defines access, management, and monitoring of firewalls in the organization.

Network-Connection Policy: It defines who can install new resources on the network, approve the installation of new devices, document network changes, etc.

Password Policy: It provides guidelines for using strong password protection on organization's resources.

User-Account Policy: It defines the account creation process, and authority, rights and responsibilities of user accounts.

Information-Protection Policy: It defines the sensitivity levels of information, who may have access, how is it stored and transmitted, and how should it be deleted from storage media.

Special-Access Policy: This policy defines the terms of conditions of granting special access to system resources.

Email Security Policy: It is created to govern the proper usage of corporate email.

Acceptable-Use Policy: It defines the acceptable use of system resources.


Comments

Post a Comment

Popular posts from this blog

how to crack wifi password using fern wifi cracker in securetecho

HOW TO HACK wifi USING fern wifi cracker Step 1 –  Go to Backtrack - Exploitation Tools - Wireless Exploitation Tools - WLAN Exploitation - Fern Wi-Fi Cracker.   Now following application will be seen.                                     Step 2 - Now select the interface as wlan0 and Refresh it.   Now click on “OK” after the box appears.    Step 3 –    Now click on “Scan for Access points”    Step 4 –  After that it will show list of Detected signals    Step 5 –     Now click on WEP box                                    Following screen will show like this.    Step 6 –  Now choose the Attack option as you wish to do like,  A. Arp Reques...
Post a Comment
Read more

Ethical Hacking Concepts and Scope in securetecho

1.4 Ethical Hacking Concepts and Scope in Securetecho What is  Ethical Hacking ? Ethical hacking involves the use of hacking tools, tricks, and techniques to  identify vulnerabilities  so as to ensure system security. It focuses on simulating techniques used by attackers to  verify the existence of exploitable vulnerabilities  in the system security. Ethical hackers performs security assessment of their organization  with the permission of concerned authorities . Why  Ethical Hacking  is Necessary To beat a hacker, you need to think like one! Ethical hacking is necessary as it  allows to counter attacks from malicious hackers  by anticipating methods used by them to break into a system. Reasons why Organizations Recruit Ethical Hackers : To  prevent hackers  from gaining access to organization's information. To  uncover vulnerabilities  in systems and explore their potential as a risk. To an...
Post a Comment
Read more

Ethical hacking with full description in securetecho

                           ETHICAL HACKING Ethical hacking  refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious  hackers .  Ethical hacking  is also known as penetration testing. An  ethical  hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit. TOOLS FOR ETHICAL HACKING:               NMAP. Nmap stands for Network Mapper. ...     Metasploit. Metasploit is one of the most powerful exploit tools. ...     Burp Suit. Burp Suite is a popular platform that is widely used for performing security            testing ...
1 comment
Read more