Information Security Management - Syllabus

Module 1- Information Security Devices

Identify And Access Management (IdAM), Networks (Wired And
Wireless) Devices, Endpoints/Edge Devices, Storage Devices,
Servers, Infrastructure Devices (e.g. Routers, Firewall Services) ,
Computer Assets, Servers And Storage Networks, Content
management, IDS/IPS.

Module 2 - Security Device Management

Different types of information security devices and their functions,
Technical and configuration specifications, architecture concepts and
design patterns and how these contribute to the security of design and
devices.

Module 3 - Device Configuration

Common issues in installing or configuring information security
devices, Methods to resolve these issues, Methods of testing
installed/configured information security devices.
 Syllabus
Module 4 - Information Security Audit Preparation
Establish the nature and scope of information security audits, Roles
and responsibilities, Identify the procedures/guidelines/checklists,
Identify the requirements of information security, audits and prepare
for audits in advance, Liaise with appropriate people to gather
data/information required for information security audits. Security
Audit Review - Organize data/information required for information
security audits using standard templates and tools, Audit tasks,
Reviews, Comply guidelines and checklists, Disaster Recovery Plan

Module 5 - Team Work and Communication

Communicate with colleagues clearly, concisely and accurately ,
Work with colleagues to integrate their work effectively, Pass on
essential information to colleagues in line with organizational
requirements, Identify any problems they have working with
colleagues and take the initiative to solve these problems, Follow the
organizational policy and procedures for working with colleagues.
 Syllabus
Module 6- Managing Health and Safety
Comply with organization’s current health, safety, and Security
policies and procedures, Identify, report any identified breaches in
health, safety, and Security policies and procedures, Identify, report
and correct any hazards, organization’s emergency procedures,
Identify and recommend opportunities for improving health, safety,
and security.

Module 7 - Data and Information Management

Fetching the data/information from reliable sources, Checking that
the data/information is accurate, complete and up-to-date, Rule-based
analysis of the data/information, Insert the data/information into the
agreed formats, Reporting unresolved anomalies in the
data/information.
 Syllabus
Module 8 - Learning and Self Development
Identify accurately the knowledge and skills needed, Current level of
knowledge, skills and competence and any learning and development
needs, Plan of learning and development activities to address learning
needs, Feedback from appropriate people, Review of knowledge,
skills and competence regularly and appropriate action taken
 Module-1

Information Security Devices

 Module-1: Information Security
Devices
• Identity and Access Management (IdAM)
• Networks (Wired & Wireless) Devices
• Endpoints/Edge Devices
• Storage Devices
• Infrastructure Devices (e.g. Routers, Firewall
Services)
• Computer Assets, Servers and Storage
Networks
• Content management
• IDS/IPS
 Identity and Access Management
(IdAM)
• Identity and access management (IAM or
IdAM) is a way to tell who a user is and what
they are allowed to do.
• IAM is like the bouncer at the door of a
apartment with a list of who is allowed in,
who isn't allowed in, and who is able to access
the VIP area.
• IAM is also called identity management (IdM).
Identity and Access Management
(IdAM)
Identity and Access Management
(IdAM)
 Identity in Digital world
• Identity in the digital space, is a collection of
data points about an entity, individual,
organization or electronic device that helps in
its unique recognition.
• Identification or recognition of individual or
their devices is possible by associating unique
& reliable identifiers or patterns
• Used by websites, advertisers, banks,
computers etc
 Digital Identity Artifacts
• User- ID, username & passphrase, password
• DoB
• Phone number
• Purchasing or medical history
• Aadhaar or SSN
• Electronic transaction records
 Identity and Access Management
(IdAM)
• In more technical terms, IAM is a means of
managing a given set of users' digital
identities, and the privileges associated with
each identity.
• Within an organization, IAM may be a single
product, or it may be a combination of
processes, software products, cloud services,
and hardware that give administrators
visibility and control over the organizational
data that individual users can access.
 Identity and Access Management
(IdAM)
• Identity in the context of computing
– A person's entire identity cannot be uploaded
and stored in a computer, so "identity" in a
computing context means a certain set of
properties that can be conveniently measured and
recorded digitally.
– Think of an ID card or a passport: not every fact
about a person is recorded in an ID card, but it
contains enough personal characteristics that a
person's identity can quickly be matched to the ID
card.
 Identity and Access Management
(IdAM)
• Identity in the context of computing
– To verify identity, a computer system will assess a
user for characteristics that are specific to them.
– If they match, the user's identity is confirmed.
These characteristics are also known as
"authentication factors,“.
– The three most widely used authentication
factors are:
• Something the user knows
• Something the user has
• Something the user is
 Identity and Access Management
(IdAM)
• Identity in the context of computing
– Something the user has:
• This factor refers to possession of a physical token that
is issued to authorized users.
• The most basic example of this authentication factor is
the use of a physical house key to enter one's home.
The assumption is that only someone who owns, rents,
or otherwise is allowed into the house will have a key.
 Identity and Access Management
(IdAM)
• Identity in the context of computing
– Something the user is:
• This refers to a physical property of one's body.
• A common example of this authentication factor in
action is Face ID, the feature offered by many modern
smartphones. Fingerprint scanning is another example.
• Less common methods used by some high-security
organizations include retina scans and blood tests.
 Authentication
• Authentication is a process where a user
proves his identity to gain access to a
resources such as application, system, device
and so on.
• During authentication the user needs to
provide some pre-registered credentials in
order to establish their identity.
Authentication process
Single factor Authentication
Multi factor Authentication
Identity management
Authenticator Management
 Identity and Access Management
(IdAM)
• Access management
– "Access" refers to what data a user can see and what
actions they can perform once they log in.
– Once John logs into his email, he can see all the emails he
has sent and received.
– However, he should not be able to see the emails sent and
received by Tracy, his coworker.
 Authorization
• Authorization refers to the process responsible to
determine user permission to access a particular
resources.
• Authorization is usually performed by checking the
resource access request, against a set of authorization
policies typically stored in the backend.
• Usually process of authentication verifies a user’s
identity and then it enables authorization. An
authorization policy then decides what the given
identity is allowed to do in the context of a particular
system in concern.
Identity and Access Management
(IdAM)
Access
Identity and Access Management
(IdAM)
 Mandatory Access Control (MAC)
• User works in a company and the company
decides how data should be shared.
• Hospitals owns patients records and limits
their sharing.
• Regulatory requirements may limit sharing.
• HIPAA for health information
Discretionary Access Control (DAC)
• In DAC owner of the resource decides how it
can be shared and access.
• Owner can choose to read or write access
other users

e.g sharing Google documents

Role-based Access Control (RBAC)

• In enterprise getting access may be based on

function or role or a user
• Payroll manager, project member etc
• Access rights are associated with roles
• Users authenticate themselves to the system.
• Users can activate one or more roles for
themselves
Role-based Access Control (RBAC)
• Policy need not be updated when a certain
person with a role leaves the organization
• New employee should be able to activate
desired role
• Revisiting least priviladge
• User in one roles has access to a subset of the
files
 Attribute-based Access Control
(ABAC)
• Policy need not be updated when a certain
person with a role leaves the organization.
• New employee should be able to activate
desired role.
• Revisiting least privilege.
• User in one roles has access to a subset of the
files.
Attribute-based Access Control
(ABAC)
Attribute-based Access Control
(ABAC)
Attribute-based Access Control
(ABAC)
 What is a network device?
Components used to connect computers as well
as other electrical devices together in order to
share resources such as printers and fax
machines.
 Devices used in Networking
• Hubs
• Switches
• Routers
• Network bridges
• Gateways
• Firewalls
• Wireless AP (Access Points)
 What is a Hub?
• A small rectangular box that joins computers
together through ports on the back of the hub.

Ethernet hub – Wikipedia. [online image]. Available en.wikipedia.org/wiki/Ethernet hub

 How does a Hub work?
• A hub receives data packets and passes on all
the Information it receives to all the other
computers connected to the hub.
• Information is also sent to the computer that
sent the information
• Example:
– if computer 1 wants to communicate with
computer 3, the data will be sent to all the
computers on the network since hubs do not
know the destination of the information it
receives.
Hubs
Hubs
Hubs
Hub
Additional Information about Hubs
• Most hubs contain 4 ports some have 5 or
more ports.
• Hubs can be used for a smaller network such
as a home network or a small office network.
• Hubs are not that expensive most range for
less than $30.
• Hubs may not be the best option for
sophisticated or complex networks.
 What is a Switch?
• Switches look similar to hubs in that they are
rectangular in shape.
• Manageable switches are usually a little bigger
than unmanageable switches.
• A switch also has ports on the back.

Network switch – net gear.[online image]. Available http://www.senasum.blogspot.com, July 9, 2013

 How does a Switch work?
• Switches work about the same way as hubs.
Unlike hubs, switches can identify the
destination of a packet. (MAC address)
• Switches send information only to the computer
that is suppose to receive the information.
• Switches can also send and retrieve information
at the same time which makes sending
information faster to retrieve than hubs.
Switch – work based on MAC address
Switch
Switch
Switch
Switch
Switch
Additional Information about Switches
• Switches are a better option than hubs for
larger networks or home networks with 4 or
more connected computers.
• Switches can range in price from $30 up to
$100 or more depending on if the switch is
manageable or unmanageable, usually
unmanageable switches are less in price
versus managed switches.
 What is a Router?
• A specialized computer programmed to interface
between different networks.

• Netgear-wndr4000-ddwrt-450 – Most Popular VPN Service Providers & DD-WRT Routers. [online image]. www.flashrouters.com, July 12, 2013.
Diagram of a Router
Router
Router
Router
Router
Router
 Additional Information about Routers
• Routers make sure data sent over the Internet
goes where it needs to go and not where it is not
needed.
• Acts like a traffic controller, working to cut down
congestion throughout the network and keeps
everything flowing smoothly along the best path.
• Routers are the only type of equipment that looks
at every single packet passing by on the network.
• Home network router including wireless routers
can cost anywhere from $40 to $150 or higher.
 What is a Bridge?
• A hardware device used to create a connection
between two separate computer networks or to
divide one network into two.
• Filters data traffic at a network boundary and
reduces the amount of traffic on a LAN dividing
it into two segments.

• I -4E to Ethernet (10/100M) Network Bridge. [online image]. Network Bridge. Available at www.freewtc.com. July 12, 2013.
Bridge
 How does a Bridge work?
• Each bridge consist of a MAC address and
operates at layer 2 of the OSI model
• When a packet is received on the bridge ports the
forwarding table including the MAC address is
automatically updated to map the source MAC
address to the network port from which the
packet originated.
• The gateway then process the received packet
according to the packet’s type.
Diagram of a Bridge
 Additional Information about Bridges
• A bridge examines each message on a LAN
and passes the ones known to be within the
same LAN.
• Computer addresses have no relationship to
location in a bridging network.
• A bridge is sometimes referred to as a brouter.
• Wireless network bridges can costs anywhere
from $100 to $1000 or more depending on
the type of bridge purchased.
 What is a Gateway?
A communication device that provides a remote
network with connectivity to the host network.

• Gateway Network Communications [online image]. Available www.hiwtc.com

 How a Gateway Works?
• The gateway node acts like a proxy server and
firewall
• The gateway uses forwarding tables to
determine where packet are to be sent
Gateway Diagram
 Additional Information about
Gateways
• On the Internet a node or stopping point can
be a gateway.
• The computers controlling traffic within a
network are gateway nodes.
• A gateway is also associated with a router.
 What is a Firewall?
• Hardware or software device that protects a
computer network from unauthorized access.

• Firewall Sling Secure Smartphone. [online image]. Available www.slingsecure.com

 How a Firewall works
• Firewalls filters the information coming
through the Internet connection into a user
private network.
• To control traffic in and out of the network
firewalls one or more of the three methods
are used including:
– Packet filtering
– Proxy service
– Stateful inspection
Diagram of Firewall
Firewall
Firewall
Firewall
Firewall
Firewall
Additional Information about Firewalls
• Most home network routers have built in firewall.
• The term “firewall” originated from firefighting, where
a firewall is a barrier established to prevent the spread
of a fire.
• A firewall works with the proxy server making request
on behalf of workstation users.
• There are a number of features firewalls can include
from logging and reporting to setting alarms of an
attack.
• Costs for host based firewalls usually costs around
$100 or less. Some may costs more depending on
different things such as features included or if its an
enterprise based system.
 What is a Wireless Access Point?
• A small hardware device featuring built-in network
adapter, antenna, and radio signals.
• Configured nodes on a Wireless LAN.

• Wireless Access Points, Page 2. [online image]. Available compnetworking.about.com

 How a Wireless Access Point works?

• Operates using radio frequency technology

• Broadcast wireless signals computers can
detect and use
• A wireless network adapter is implemented
while using a wireless access point, most
computers today already have network
adapters built into the computer.
Diagram of Wireless Access Point

RxNT – The eprescribing System. [online image]. Available www.rxnt.com

 Additional Information about Access
Points
• The access point usually connects to the
router
• A hotspot is a application wireless users can
connect to the Internet.
• Aps are used throughout a home network,
usually through only one AP.
• Wireless access points can cost anywhere
from $30 and up depending on the type
purchased.
 Endpoint/Edge Devices
• Endpoint point devices (PCs, laptops, mobile
devices and servers)
• An edge device is any piece of hardware that
controls data flow at the boundary between
two networks.
• Examples include routers, routing switches,
integrated access devices, multiplexers, and a
variety of metropolitan area network and
wide area network access devices