Chapter 5 - 03 - Learn to Design and Develop Security Policies - 05_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Firewall Management Policy m O Firewall management policy defines access, management, and monitoring of firewalls in the organization Y Who has access to the firewall systems? Y Who can receive request...

Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Firewall Management Policy m O Firewall management policy defines access, management, and monitoring of firewalls in the organization Y Who has access to the firewall systems? Y Who can receive requests to make changes to the firewall configuration? Y Who can approve requests to change the firewall configuration? Y Who can see the firewall configuration rules and access lists? A\ Design Considerations How often should the firewall configuration be reviewed? | Firewall l == ‘ Copyright © by EC-L ‘ IL All Rights Reserved. Reproduction is Strictly Prohibited Firewall Management Policy Firewall management policy defines access, management, and monitoring of firewalls in the organization. A security professional’s responsibilities when configuring firewall security policies include: Service or Application Authentication: Administrators should verify the applications or services before they choose the default “Allow” setting. A service that does not seem legitimate should not be added. Setting up a Dashboard: Administrators should set up a dashboard that will include all threats and vulnerabilities an organization's network can encounter. This creates a strong rule base. Enable Anti-Spoofing Protection: To ensure the source Internet protocol (IP) address is the same as the security gateway interface, it is important to enable anti-spoofing protection. Telnet Access: Telnet is insecure by nature. Administrators should not allow Telnet access for the secure functioning of the network. FTP Connection: File transfer protocol (FTP) connections should only be allowed if administrators have to upload error logs for the vendor. In other scenarios, it is advisable to prohibit FTP. Avoid Direct Connection: Administrators should avoid setting up a direct connection between an internal client and external service. If an organization needs a connection to be established, it can be done through proxy servers. Module 05 Page 574 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Design Considerations * Who has access to the firewall systems? = Who can receive requests to make changes to the firewall configuration? = Who can approve requests to change the firewall configuration? = = Who can see the firewall configuration rules and access lists? How often should the firewall configuration be reviewed? Module 05 Page 575 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Network Connection Policy O '@ — Network connection policy defines the standards o for establishing the connection for computers, servers, or other devices to the network S e Who can install new resources on the network? Who approves the installation of new devices? Who must be notified when new devices are being added to the network? Who documents network changes? Are there any security requirements for the new devices being added to the network? Copyright © by EC-C IL All Rights Reserved. Reproduction is Strictly Prohibited Network Connection Policy A network connection policy is drafted to secure an organization’s network. The network connection policy defines regulations to be followed and implemented on the systems, servers, and other electronic devices used in an organization. An effective network connection policy involves securing the devices from potential intrusion an organization can experience. The following points should be included in the network connection policy: 1. Connection of Devices: The policy should include the normal rules for connecting their electronic devices, including their personal mobile phones. Employees should be restricted from making any changes in the network through their devices, as it may cause network fluctuations or loss of connectivity. 2. Authenticating: For a better security service, employees should be asked to authenticate their device every time it is connected to the network. Although it might be a frustrating task for some, the security of the network is the main priority. 3. Employee Responsibility: Every employee using his or her personal devices on an organization’s network is responsible for his or her systems to meet the security standards. An organization will have full authority to deny the device that does not meet their security standards. Module 05 Page 576 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Design Considerations = Who can install new resources on the network? * Who approves the installation of new devices? = Who must be notified when new devices are being added to the network? * Who documents network changes? = Are there any security requirements for the new devices being added to the network? Module 05 Page 577 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Business Partner Policy 050 M h 0 4 :.. Business partner policy defines the agreements, guidelines, and responsibilities for business partners to run business securely Design Considerations Is it mandatory for a company to have a written security policy? Should each company have a firewall or other perimeter security device? 0 How will one communicate (VPN over the Internet or leased line)? How will access to the partner's resources be requested? Should each partner keep accurate accounts, books, and records related to the business? Business Partner Policy Organizations working in partnership follow certain guidelines that are drafted under a business partner policy. It defines the guidelines partners are required to follow in order to run their business securely. There can be geographical and cultural differences between the two business partners, which requires care when drafting sensitive policies. Business partner policies should address the following questions: 1. Need of Policy: The business partner policy defines respective organizations. Certain policies followed by necessarily be followed in company B. Organizations drafting the policy in order to not affect how both the 2. Security: Encouraging employees to follow common security rules is the biggest challenge when drafting a business partner policy. The policy should mention the common security boundaries for both partners and how it will be regulated if employees do not follow it. 3. Resource Sharing: Although both organizations are in a partnership, it does not mean the companies will have access to each other’s data. The policy should state the amount of data that both parties can share and access. Data breaches by either partner will result in legal actions. 4. Record Maintenance: In a partnership, an organization should maintain a log for every transaction. This maintains a healthy partnership between each company. Module 05 Page 578 the rules and regulations of the employees in company A may not should work out a third way for companies function. Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Administrative Controls Exam 212-82 Design Considerations = |sit mandatory for a company to have a written security policy? = Should each company have a firewall or other perimeter security device? = How will one communicate (VPN over the Internet or leased line)? = How will access to the partner's resources be requested? = Should each partner keep accurate accounts, books, and records related to the business? Module 05 Page 579 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Use Quizgecko on...
Browser
Browser