Threat and Risk Assessments in a Network Environment - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

Threat and Risk Assessments in a Network Environment

Description:

Destruction - Blows House Down. Removal - Steals house by moving it off foundation ... But of course the wolf did blow the house in and ate the first little pig. ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 16
Provided by: tedrei
Category:

less

Transcript and Presenter's Notes

Title: Threat and Risk Assessments in a Network Environment


1
Threat and Risk Assessmentsin a Network
Environment
  • Ted Reinhardt
  • Course 94.470
  • reinhardt_at_ncf.ca

2

Threat and Risk Assessment Overview an
Evaluation of the Three Little Pigs Performance
3
Asset Value
Dwelling
Confidentiality, Integrity, Availability and Value
4
Threat
Threat agent
Threat Class
Wolf
f
Destruction
25 km/h
Blows House Down
Threat Event
5
Threat Classes
Destruction - Blows House Down Removal - Steals
house by moving it off foundation Disclosure -
Listens in to conversations in the
house Interruption - Keeps knocking on the door
preventing owner from doing work Modification -
Redecorates house (like Trading Spaces)
DR DIM
6
Little Pig 1 - Straw HouseThreat and Risk
Assessment
7
Pig 1 Straw HousePerformance Evaluation
  • One night the big bad wolf, who dearly loved to
    eat fat little piggies, came along and saw the
    first little pig in his house of straw. He said
    "Let me in, Let me in, little pig or I'll huff
    and I'll puff and I'll blow your house in! "Not
    by the hair of my chinny chin chin", said the
    little pig.
  • But of course the wolf did blow the house in and
    ate the first little pig.

Threat Assessment was wrong. Likelyhood was
incorrectly assessed.
8
Little Pig 3 - Post Straw House AttackThreat
Assessment
9
Safeguard
Administrative, Procedural or Technical
mechanisms used to mitigate a threat. Safeguards
Cost to Implement House made of Sticks (wind
loading 10 mph) 2.00/bundle House made of
Bricks (wind loading 70 mph) 1000/pallet
10
Management Risk Decision
  • accept the risk
  • mitigate the risk

Risk
Cost
Balance is important
11
Re-evaluateSafeguards Periodically
12
Identity Threats Events
  • Destruction
  • Removal
  • Disclosure
  • Interruption
  • Modification

NETSEC Threat Classes
13
Typical Threat Events
  • Eavesdropping
  • Traffic Flow Analysis
  • Masquerading
  • Denial of service attacks
  • Repudiation
  • Replay
  • Covert Channel

14
Select Safeguards
  • Authentication
  • Access Control
  • Confidentiality
  • Integrity
  • Non-repudiation
  • Availability -- redundancy,recovery,disaster

15
Layer Safeguards
Filtering Routers 2 feeds
Web Server TLS/SSL
Hardened Server
Firewall
Firewall
IPSEC VPN Gateway
Server Network Filter Detection
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Threat and Risk Assessments in a Network Environment" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!