SecurityControlsandAuditing 1 控制與保護(ControlsandSecurityControlsandAuditing1 控制與保護(Controlsand1.11.1保護的資終端用戶資源(員工使用的windows98／2000/XP主機網絡資源(路由器、交換機 系統服務器資源(包括操作系統，數據庫Web，FTP和e-mail服務器信息資源(包括人力資源和電子商務數據庫ProcessingequipmentProcessingequipmentSensitive/CriticaldataSystemSystemlogs/audittrailsViolationreportsBackupfilesSensitiveforms1.2識whatcanbedonetoprotectithowistheitemused?Describepermissionsets(whocanread,write,orexecutethefiles,forexample)forthedifferenttypesofobjectswithinyourinfrastructure1.3目對 、減少脆弱性、限制安全事故產生的影功形1.3目對 、減少脆弱性、限制安全事故產生的影功形控制（實踐、規(guī)程、制度PreventativeAredesignedtolowertheamountandimpactofunintentionalerrorsthatareenteringthesystemandtopreventunauthorizedintruderfrominternallyorexternallyaccessingthesystem.保護脆弱點，減 的影響，或者避免的成CategoriesCategoriesof檢測控制DetectiveAreusedtodetectanerroronceithasoccurred.檢測擊/錯誤的發(fā)糾正/恢復CorrectiveControlsRecoveryControls:Areimplementedtomitigatetheimpactofalosseventthroughdatarecoveryprocedures.減 的影Categoriesof威懾控制DeterrentDontrol/DirectiveAreusedtoencouragecompliancewithexternal減 發(fā)生的可能應用控制ApplicationArethecontrolsthataredesignedintoasoftwareapplicationtominimizeanddetectthesoftware'soperationalirregularitiesCategoriesCategoriesof事務控制TransactionTypesofcontrolsare:Input,processing,output,changeandtestcontrols.輸入控制：事務進入更改控制：系統置變化時的據完整性測試控制：系統測試時的 性和1.3.2OrangeBook操作保障OperationalfocusesonbasicfeaturesandarchitectureofaSystemintegrityCovertchannel TrustedfacilitymanagementTrustedrecoveryLifecyclecontrolsandstandardsrequiredforbuildingandmaintainingasystem-Lifecyclecontrolsandstandardsrequiredforbuildingandmaintainingasystem-SecurityDesignspecificationandtestingConfigurationmanagementTrusteddistrbutionCovert -Thesystemmustprotectagainstcovertstorage-B3andThesystemmustprotectagainstbothcovertstorageandcoverttimingchannels(隱蔽定時通道）.Itmustperformacovertchannelysisforbothtypes.TrustedFacilityTrustedFacilitySystemsmustsupportseparateoperatorandsystemadministratorroles.支持操作員與系統管理員角色分離B3andA1:Systemmustclearlyidentifyfunctionsofthesecurityadministratortoperformthesecurity-relatedfunctions.TrustedRecovery可信恢復TrustedEnsuresSecurityisnotbreachedwhenacrashesorSystemmustberestartedwithoutcompromisingTrustedTrustedRecoveryIsonlyrequiredforB3andA1levelsystems.Twoprimaryactivities:FailureBackingupallcriticalfilesonaregularbasis.Systemrecovery:reboot,recoverallfilesystems變更控制(RequiredB2,B3andConfiguration/ChangeManagementControl: 系統變化網影響安全的其他變變更控制的目標：避免系統變化對于安全性的無確保將要發(fā)生的變更已經通知到每個相關用戶分析實現系統變更后的效果 -Applyingtointroducea-Catalogingtheintended-確保將要發(fā)生的變更已經通知到每個相關用戶分析實現系統變更后的效果-Applyingtointroducea-Catalogingtheintended-文檔變 ingthe-Testingthe-Reportingthe行行政控制人員安全alSecurity責任分離SeparationofDuties LeastPrivilege需要知道Needto變更控制Change/Configuration記錄保留RecordRetentionandEmploymentScreeningorBackgroundChecks雇傭選或背MandatoryVacationMandatoryTakingofVacationinOneWeekIncrement強制休假JobActionWarningsor警告或解RotationofLimitingthelengthoftimeaperformsdutiesbeforebeingmovedSeparationSeparationofduties責任分離分權制–三權分系統管理員、安全管理員系統管理員增刪用安全管理員安全審計員評審審計數據,日志Two-manTwooperatorsreviewandapprovetheworkofeachDualTwo-manTwooperatorsreviewandapprovetheworkofeachDualBothoperatorsareneededtocompleteasensitiveLeastPrivilegeReadOnly只讀：只可以數Read/write讀/寫：可以修 的數AccessChange修改：可以修改源數據和的執(zhí)行執(zhí)行一個工作所需要的特定計算機操作員備安裝和卸載作業(yè)控制分析總體質生產調度員度建立處理周期和日生產控制分析打印和分發(fā)計算機報表和縮微磁帶管理員和 交換磁)Data–ReferstothedataleftonthemediaafterthemediahasbeenerasedDueCareandDueStepsthataretakentoshowthatacompanyhastakenresponsibilityfortheactivitiesthattakeplacewithinthecorporationandhavetakenthenecessarystepstohelpprotectthecompany,itsresourcesand–是否采取了適當的防范保護措施應該的努力DueDiligence:Continualactivitiesthatmakesurethemechanismsarecontinuallymaintainedand是否在日常管理中盡到責ResourceProtectionSoftwareMediaResourceProtectionPhysicalAccessControls ResourceIstheconceptofprotectinganorganization'scomputingresourcesandassetsfromlossorcompromise.Covershardware,softwareanddataresources.anythingthatisacomputerResourceProtectionSoftwareMediaResourceProtectionPhysicalAccessControlsResourceIstheconceptofprotectinganorganization'scomputingresourcesandassetsfromlossorcompromise.Covershardware,softwareanddataresources.anythingthatisacomputerresource(software,data,HardwareControls:HardwareMaintenanceMaintenanceAccountsDiagnosticsPortControlHardwareHardwareControls:HardwareMaintenanceMaintenanceAccountsDiagnosticsPortControlHardwarePhysicalControlSoftware 軟件測試Software軟件工具Software軟 SafeSoftware備份控制Backup面面系統安裝防產品定義及時更防系統安全策注意的蠕培訓所有的電子文檔安全管理制度的制定 防護管理制度的定期或不定期檢查重要的軟件進行異地交叉?zhèn)浞?，相互定期檢驗備份軟件的有效性也非常重PrivilegedEntityControls/PrivilegedoperationsSpecialaccesstosystemcommandsAccesstospecialparametersAccessPrivilegedEntityControls/PrivilegedoperationsSpecialaccesstosystemcommandsAccesstospecialparametersAccesstothesystemcontrolprogram MediaResourceAreimplementedtoprotectanysecuritythreatbyintentionalorunintentionalexposureofsensitivedata保護敏感信息和介質的創(chuàng)建，處理 ，清理和破壞介質介質安全控使用記錄控制Access恰當丟棄：重寫、消磁、銷毀ProperMediaViabilityMarking：物理標記不同于邏輯標卷名和版處理Handling：使用、清潔和中防止物理損Storage：溫度、濕度、灰、液體、電磁、PhysicalPhysicalAccessPiggybacking:Iswhenanunauthorized throughadoorbehindanauthorized .Theconceptofa“mantrap”isdesignedtopreventit. 用戶尾隨用戶進2Auditing Containsthemechanisms,toolsand2AuditingContainsthemechanisms,toolsandtechniqueswhichpermittheidentificationofsecurityeventsthatcouldimpacttheoperationsofacomputerfacility.MonitoringMonitoring檢測Intrusiondetection滲透測試Penetrationtesting異常分析ViolationSnifferPromiscuousmode混雜模式Switchednetwork交換網絡Network-basedIDSHost-basedIDSSignaturebased ClipClipThresholdsforcertaintypesoferrorsormistakesallowedandtheamountofthesemistakesthatcantakeplacebeforeitisconsideredsuspicious.Oncethe levelhasbeenexceeded,furtherviolationsrecordedfor某種錯誤允許發(fā)生的滲透測試Penetrating–模仿者（聰明的、有創(chuàng)意的、擁有豐富資源的）的擊行自我測試或者第測探測輪廓(footprintor社會工程(social枚舉掃描探測(scanand滲((pen-行為探測輪廓(footprintor社會工程(social枚舉掃描探測(scanand滲((pen-行為數據，后門，痕跡擦除–Traceroute, 網絡級：掃描應用級：服務安全存活掃sweep端口掃掃Nessus,緩沖緩沖溢出buffer猜測password越 non-authorization權限提升elevated2.2IsthefoundationofoperationalsecuritycontrolsAuditTrails審計記錄Enablesasecuritypractitionertotracea創(chuàng)建和受保護客體的 審計記錄，并能非對 問題和解決問題的過程進行控制，包括對于給定的可控級別，減少故障減輕問題的影響. 對 問題和解決問題的過程進行控制，包括對于給定的可控級別，減少故障減輕問題的影響.3與3與aneventthatcouldcauseharmbyviolatingthe意外損失Accidental有意或非有意的行為造成的-Operatorabuseofprivilegesinputerrorandomissions-TransactionprocessingInappropriate不恰當的內容Inappropriate浪費公司WasteofCorporateResources或種族SexualorRacialHarassment權利AbuseofPrivilegesorRightsExternalweaknessinasystemthatenablessecuritytobeWeaksegregationofTraffic/Trend MaintenanceAccountsDataScavengingAttacksNetworkAddressHjackingHackandAttack-PortScanningandHackandAttack-PortScanningandNetworkingmap:Networkingmap toolssendoutseeminglybenignpacketstomanydifferentsystemsonanetwork.Portscanningidentifiesopenportonacomputer.IsautilityusedinIBMmainframecentersandhasthecap