CERT and NSD 42 - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

CERT and NSD 42

Description:

CERT stands for Computer Emergency Response Team. CERT was created in ... CERT is part of the Software Engineering Institute, located at Carnegie Mellon ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 16
Provided by: Sri672
Category:
Tags: cert | nsd | forsee

less

Transcript and Presenter's Notes

Title: CERT and NSD 42


1
CERT and NSD 42
2
CERT and NSD 42
  • CERTs mission
  • CERT coordination
  • CERT resources
  • NSD 42 features

3
CERT
  • CERT stands for Computer Emergency Response Team
  • CERT was created in response to the Morris worm
    attack of November 1988
  • CERT was created on November 17, 1988
  • CERT is part of the Software Engineering
    Institute, located at Carnegie Mellon University,
    Pittsburgh, PA
  • Software Engineering Institute (SEI) is part of
    the Department of Defense

4
CERT
  • CERT/CC stands for CERT Coordination Center
  • Main goal of CC is to improve internet security
  • CERTs goals are
  • provide technical advice
  • coordinate responses to security incidents and
    major events
  • work with other security experts to identify
    solutions to security problems
  • analyze product vulnerabilities and malicious
    code
  • publish technical documents
  • present training courses

5
CERT coordination
  • Principal coordination activities for the
    internet are
  • Receive vulnerability reports from all sources
    on
  • attack attempts, probes, scans
  • successful attacks
  • system compromises
  • denial of service
  • Proactively look at Internet information sources
    for vulnerability-related issues such as mailing
    lists
  • Evaluate the effect of vulnerability?

6
CERT coordination
  • Publicize information about vulnerabilities and
    countermeasures
  • focus on code written by intruders for viruses
    and Trojan horses
  • analyze code to see
  • what does it do?
  • what vulnerabilities are exploited?
  • how to defend against it?
  • who might be victims or targets?

7
CERT Resources
  • Provide 24-hour emergency response for possible
    life threatening activity or attack on the
    internet infrastructure
  • Provide trusted and unbiased information
  • Collaborate with academic institutions (over 50),
    industry (over 600), and government agencies
    (over 100)
  • Goal is coordination and cooperation and not
    control

8
CERT Resources
9
CERT Resources
  • CERT Advisories are given periodically to alert
    users of known attacks, viruses, or worms
  • Advisory CA-2004-02 Email-borne Viruses dated
    January 27, 2004
  • Systems affected are any system running Microsoft
    Windows (all versions from Windows 95 and up)
  • mass-mailing viruses, W32/Bagle and W32/Novarg,
    impact a significant number of home users and
    sites
  • The email may contain a return address, a
    provocative envelope, or something else that
    encourages its receiver to open it. This
    technique is known as social engineering

10
CERT Resources
11
NSD 42
  • National Security Directive 42 is a Presidential
    Directive dated July 5, 1990
  • NSD 42 specifies the National Policy for the
    Security of National Security Telecommunications
    and Information Systems
  • NSD 42 was only partially declassified in 1992
  • The policy aims to provide a reliable and
    continuing assessment of threats and
    vulnerabilities, and implementation of
    appropriate effective countermeasures

12
NSD 42
  • Form a National Security Telecommunications and
    Information Systems Security Committee (NSTISSC)
    to implement NSD 42
  • Provide systems security guidance for national
    security systems
  • Act as the U.S. Government focal point for
    cryptography, telecommunications systems
    security, and information systems security for
    national security systems
  • Conduct foreign computer security and
    communications security liaison

13
NSD 42
  • NSTISSC is responsible for accrediting curricula
    for academic institutions in Information
    Assurance
  • U of L is now accredited by NSTISSC for their
    4011 and 4012 standards

14
References
  • CERT http//www.cert.org/
  • IETF http//www.ietf.org
  • InfraGard http//www.infragard.net
  • NSD 42 http//www.fas.org/irp/offdocs/nsd/nsd_42.h
    tm
  • NSD 42 http//www.nstissc.gov/Assets/pdf/nstissd_9
    00.pdf

15
Security Scenario to Solve
  • CERT releases advisories regularly on various
    types of attacks. Check the three recent Denial
    of Service and Intrusion Detection Systems
    advisories that CERT has issued. Write a report
    characterizing the contents of the advisories and
    how it could be adopted by U of L to protect its
    computer networks and information systems.
Write a Comment
User Comments (0)
About PowerShow.com