Professional Documents
Culture Documents
An Ban Mua Dong PDF
An Ban Mua Dong PDF
MEMORY FORENSIC
Chng ta s tm thy g thng qua vic iu tra cc thng tin lu tr trn RAM?
PCI DSS
Lm th no trin khai thnh cng tiu chun PCI DSS?
DEFENSE IN DEPTH
Phng th nhiu lp, tip cn v p dng nh th no?
cissp.attt@gmail.com
http://fb.com/group/cissp.attt
[02]
Mc lc
Ban c vn
[03]
Th ng
[04]
ACCESS CONTROL
[09]
MEMORY FORENSIC
[12]
[14]
Separation of Duties
[17]
[22]
[24]
[26]
n bn ma ng
02
Bn c thn mn,
Qu IV hng nm lun l khong thi gian bn
rn vi mi ngi v c l v th m n bn
ma ng b tr hon n hai ln. Tuy nhin,
vi quyt tm chnh tr cao, mi vic n v
chng ti trn trng gi n Qu Bn c s
pht hnh th hai (n bn ma ng).
s ny, chng ta s c anh S Tm
Nguyn, mt CISSP mi ca Vit Nam chia s
gc nhn khc v CISSP. Th tht, khi c bi
vit ny, ti lin tng ngay n hnh nh anh
Nguyn ang cm ngn uc (Olympic) truyn
qua tay cc vn ng vin cc lp lin ngay
sau anh.
C s trng hp ngu nhin, n bn ma ng
s mang ti cho Bn c ci lnh n nt mi,
n chy mu ca ma ng H Ni bi bi
vit m cht k thut ca anh L Cng Ph v
iu tra s (qua memory). Qua kho st nhanh
th cc chuyn gia u cho rng lnh vc iu
tra ti phm cng ngh cao s pht trin rt
nhanh v th trng s rt si ng trong thi
gian ti y. V vy, anh/ch/em ang theo ui
lnh vc ny yn tm v con ng mnh ang
i nh.
Mt anh trng tn Ph (L Nguyn Vnh Ph,
Si Gn) ln u tin ra mt Bn c vi ti
rt kh nhn Certication and Accreditation.
Thc ra, trong cng vic chng ta ng chm
rt nhiu vn ny nhng n vn c xem
l bi ton kh. Bi vit ca anh Ph s gip ta
gii p, g dn khc mc trn.
Th trng gn y ang rt si ng vi vn
PCI-DSS. y c xem l chun bt
buc phi p ng vi mt s t chc/doanh
nghip. nng ca PCI-DSS s c y
ln cao hn khi anh Phan Cnh Nht chia s
tng quan v cc kinh nghim trin khai thc t
ca mnh. Ti d on, lnh o doanh nghip
(c lin quan) cha trin khai chun ny s c
nhng trao i, lin h vi anh Nht ngay sau
khi c bi vit bi n c tnh thuyt phc rt
cao.
n bn ma ng
03
i tng ch yu ca Access
Control l mi quan h gia ch th
- thng l ngi dng , v i
tng thng l ti nguyn ca t
chc doanh nghip; v kim sot
chnh l thit lp cc hnh ng
tng ng kim sot 'hnh vi'
ca 2 i tng k trn.
Da theo 5W1H th WHAT = object
(i tng), WHO = subject (ch
th), WHY l l do vi mong mun
kim sot, bo v cc ti nguyn v
trnh cc tc ng n t chc,
doanh nghip v HOW l cc hnh
ng tng ng kim sot hnh
vi.
n bn ma ng
04
n bn ma ng
Thc t p dng:
Cc phng thc kim sot truy cp trn thc t
c p dng l dng 'lai' gia cc hnh thc kim
sot truy cp k trn bao gm c RBAC v cc
hnh thc DAC. V d tiu biu nht cho vic ny
chnh l trang Facebook, hy xem qua mt
cht v cc hnh thc kim sot truy cp ca
Facebook (tm thi b qua bc xc thc ngi
dng):
05
n bn ma ng
06
Cc vn thng gp vi RBAC
Mt trong nhng vn thng gp v tng
i kh gii quyt mt cch trit nu
khng c cc nh hng t trc. Cc vn
thng ri vo vn qun tr, thng
l:
* Xy dng r rng bng m t cng vic v
cc tc v thit yu cho cng vic
* Cc quyn hn thit lp gia cc nhm r
rng v hn ch ti a vic chng cho.
* Cc vn lun chuyn cng tc / cng vic
*
Thc s cc cng vic trn l rt kh khn
trong vic thc hin, mt s h thng da
trn RBAC c th nh ngha cc vai tr ca
cc nhm cng vic r rng v khng chng
n bn ma ng
07
Tc gi:
LNG TRUNG THNH
n bn ma ng
08
L CNG PH
Gii thiu
Ngy nay cng vi vic xy dng h thng
gim thiu ti a tc ng ca cc cuc
tn cng nhm vo t chc, th vic x l
phn hi v iu tra s cng ang l mt
th thch khng nh trong vic xc nh
nguyn nhn b tn cng, cc hnh vi
xy ra trn h thng, cng nh cung cp
cc chng c phc v cho vic x l ti
phm sau ny.
Cng vi cc phng php iu tra s
truyn thng, Memory Forensics ang
ng mt vai tr quan trng trong ngnh
khoa hc iu tra ti phm cng ngh cao.
y l k thut iu tra my tnh bng vic
ghi li v phn tch b nh RAM ca
n bn ma ng
Cc tp tin ang m v cc x l
Registry
Cc tp tin ang m cng nh bt k
mt x l Registry no c truy xut
bi mt tin trnh u c lu tr trong
b nh. Chng hn nh mt tin trnh
ca phn mm c hi ang chy trn h thng
th cc tp tin ang m c th gip ngi iu tra
khm ph ni m m c hi ang c lu tr
trn a. i vi h iu hnh Windows, Registry
cha rt nhiu thng tin c gi tr, bng vic s
dng cc k thut v cng c h tr to dng
li d liu Registry gip chng ta c th thu thp
cc chng c hu ch phc v cho vic iu tra.
Cc kt ni mng ang c trong h thng
Thng tin v cc kt ni mng bao gm cc
cng ang lng nghe trn h thng, cc kt ni
ang c thit lp v cc thng tin lin kt gia
09
M c hi v cc tp tin b ly nhim
Trong nhng nm gn y vic tn cng s
n bn ma ng
10
Tc gi:
L CNG PH
Mt trong nhng thnh
vin tr tui nht ca
nhm CISSP v ATTT.
Vi 2 nm kinh nghim
thc tin trong ngnh
bo mt, chu trch nhim chnh v nh gi,
kim nh v phn hi cc s c ATTT trong
doanh nghip. Anh c kin thc kh rng, bao
trm tt cc ngc ngch ca ngnh ATTT.
Hin anh ang lm vic cho mt cng ty
chuyn v bo mt ln Vit Nam.
n bn ma ng
11
S TM NGUYN
Cc bn ang c mt n bn chuyn
v CISSP nn ti khng cn phi gii thiu
theo kiu nh ngha c in v CISSP
na. c qu nhiu bi vit y v chi
tit v ni dung v cc vn xung quanh
chng ch ny (nhng nu bn l ngi
mi v t m v CISSP, hy tm li s th 1
ca n bn, c 2 bi nh th cho bn tham
kho). Cn trong bi vit ngy hm nay,
ti xin tip cn CISSP mt kha cnh
khc, l thi CISSP c kh khng?
C kh nhiu li n truyn ming xung
quanh chng ch v bo mt ny, phn ln
theo kiu n kh lm, n ch dnh cho
ng no lm qun l an ton thng tin trn
10 nm, thi ton hi kinh nghim lm
vic, khng c sch v g c, c chng
ch ny lng s cao lm v nhiu nhiu
li n khc na. Nhng thng tin ny
v tnh lm cho CISSP tr thnh mt
chng ch kh hot v c khao kht,
khao kht theo kiu chp ming thm,
n ng thi to nn ro cn v hnh ko
xa s tip cn v quyt tm ca nhng
ngi mong mun t c chng ch
nhng cha tm hiu y thng tin.
Trc y, ti cng tng b bao vy bi
nhng thng tin nh vy, nhng sau khi
thi xong (v u) th sng lc c mt s
vn . Ti xin c chia s cng cc bn
nh sau:
Luyn c ht nhng g trong phm
vi CISSP yu cu l nhim v bt kh thi
Ni dung ca CISSP c lit k di dng
tiu trong CBK (Common Body of
Knowledge) ca ISC2. Do phm vi ch
c gii hn bng tiu nn khng ai
dm chc l mnh nm tt c nhng g
ISC2 yu cu. 100% th khng, nhng
80%-90% th c th. Phn ln ni dung
thi c th da vo nhng g chun b
theo CBK tr li.
n bn ma ng
12
Tc gi:
S TM NGUYN
CISSP, CCSI, MSc
C nhiu nm kinh
nghim trong lnh vc
Networking,
Network Security,
IT Govermance.
Hin ang l ging vin ca i hc Php PUF.
Anh l thnh vin mi nht ca nhm CISSP &
ATTT va u k thi CISSP va qua.
sutamnguyen@gmail.com
n bn ma ng
13
Separation of Duties
mt s t chc, mt s cng vic quan
trng/nhy cm (ty theo quy nh ca t
chc hoc theo mt yu cu no ca
php lut) bt buc phi cn hn mt ngi
hon thnh. y chnh l mt trong
nhng cch gii thch cho Separation of
Duties.
Trong Thng t 01/2011 ca Ngn hng
Nh nc c lu mt s im nh sau:
- i vi h thng thng tin nghip v:
khng mt c nhn lm ton b cc
khu t khi to n ph duyt mt giao
dch nghip v.
- H thng vn hnh chnh thc: Tch bit
vi mi trng pht trin v mi trng
kim tra, th nghim.
(Ngun: http://congbao.chinhphu.vn/noidung-van-ban-so-01_2011_TT-NHNN%286947%29?cbid=6943)
C mt cch din gii bnh dn, khng
va bng va thi ci.
S ra sao khi mt Giao dch vin Ngn hng
t to mt giao dch chuyn tin (khong
10 t) ri sau t ph duyt giao dch
thnh cng? Rt c th c/anh ta s chuyn
10 t cho chnh mnh ri chy sang mt
nc th ch no ? iu ny tht nguy
him? y, phng trnh ri ro cng
nh kim sot c chuyn ny, ngi ta
phi phn chia cng vic ra lm hai: mt
ngi to giao dch v mt ngi khc kim
tra, ph duyt th giao dch mi hp l,
tin mi c chuyn i. Nghe c v an
ton?
Trong mt s t chc, vic phn chia nh
vy s tn nhiu nhn lc (t nht l gp
i) nn h c th cho php mt ngi c
th va to v va duyt giao dch. Tuy
nhin, ngi s khng c duyt giao
n bn ma ng
14
Job Rotation
Trc tin, y l mt cch thc nhm
gim thiu cc ri ro lin quan n vic
thng ng (collusion hy ghi nh cc
t kiu keyword nh th ny, n s rt hu
ch khi bn lm bi thi).
Thng ng lun l mi e da kh kim
sot nht v thng gy ra hu qu rt
nng n. Thng ng xut pht t
nhng con ngi c chung li ch - R
rng ri.
ng ng Vn Thnh, cu Ch tch
Sacombank c ni: i khi, ri ro trong
kinh doanh vn mang li li nhun nu
khu v ri ro tt. Nhng, nu chng ta c
c m hnh tt, chin lc pht trin tt
m cng tc qun tr nhn s yu km th
kh thnh cng. Bi khi , ri ro nm
trong lng t chc, ri ro ca mi ri ro l
con ngi - (Ngun: Google).
Mun kim sot hy thc hin iu
chuyn.
Gi s sp ca bn l mt ngi c nhiu
vic lm xu gy tn hi cho t chc
nhng cha b l, vic iu chuyn c
th s gip t chc pht hin ra cc vic
xu ny sm hn. Sp mi nhn ra qua h
s, h thng li cc vic lm bt
thng. Hoc, khi n ni/v tr cng tc
mi, cc sp xu s d chng hn (v c
th cha to c -kip lm xu
ngay). Gi s, t chc ca chng ta o
lng (nh lng) c khong thi gian
trung bnh mt sp c iu kin (nu c
) lm iu xu th c phi l iu rt hay
hn ch cc ri ro?
Nn nh, y hon ton l bin php
t chc ngn nga ri ro ch khng
phi sp no nhn quyt nh lun
chuyn l sp c vn nh.
n bn ma ng
15
n bn ma ng
16
n bn ma ng
17
Security policy
Marking of objects
Identication of subjects
Accountability
Assurance
Continuous protection
Nhng, TCSEC khng c chp nhn rng ri bn
ngoi nc M. Do vy, nhm cc nh pht trin
chu u ra tiu ch ITSEC, trong xc nh cc
mc tiu bo mt cho sn phm v cc nh sn xut
s cung cp sn phm theo hng . Khng nh
TCSEC ch nh gi C, ITSEC bao gm c CIA.
(Target of Evaluation), m t ng
cnh nh gi, v cc i tng cn
thit. N cung cp cc khi nim
quan trng, cc yu cu bo mt,
v cc guideline cho mc tiu bo
mt. Bao gm danh mc cc chc
nng bo mt da theo cc nhu cu
bo mt thng dng c phn
thnh cc class, family, component
khc nhau.
- ISO/IEC 15408-2: xc nh cc
yu cu v chc nng bo mt, cc
chc nng s c nh gi.
- ISO/IEC 15408-3: cc phn v
bo m bo mt (Security
assurance). Cc nh sn xut s
theo cc tiu chun ny khi sn xut
sn phm v thc hin nh gi
theo cc tiu chun ny.
TCSEC Rating
Orange
Book
Canadian
Criteria
(CTCPEC)
UK
Condence
Federal
Criteria
German
Criteria
TCSEC
1991
French
Criteria
n bn ma ng
l ni mc endpoint, mc
network, chng ta s quan tm
n vic t chc h thng mng
mt cch an ton nht. l m
hnh rewall 2 lp, hay m hnh bo
v nhiu lp (defense-in-depth)
Trong n bn ma ng ny, c mt
bi ca anh Vi Minh Toi v vn
ny. Do vy, ti xin b qua, v tip
tc vi vn bo mt tm v m
hn, quy hoch kin trc bo mt.
18
Architecture Vision
Architecture Requirements
Bussiness Architecture
Motivation
Technology
Architecture
Aplication
Organization
Function
Architecture Realization
Oppotunities, Solution, and Migration Planning
Implementation Govermance
n bn ma ng
19
n bn ma ng
20
Tc gi:
TRN CH CN
Tt nghip H Bch Khoa
ngnh T - VT, gn 10 nm
ln ln vi cc d n tch hp
h thng t cc cng ty nh,
cc cng ty ln, tp on a
quc gia Tri qua trm
trn ln nh nh vy nn anh l mt kho tng sng
vi nhng kinh nghim trin khai, t vn, giao tip
cho ti cc chnh sch lut.
Hin anh ang lm vic ti mt cng ty cung cp thit
b, dch v bo mt hng u ti Vit Nam.
Tc gi bi Separation of Duties:
n bn ma ng
21
Yu cu 4: M ha d liu ch th trn ng
truyn khi giao dch.
Duy tr mt chng trnh qun l im yu
(Vulnerability Management)
Yu cu 5: Bo v ton b h thng chng li m
c v nh k cp nht cho chng trnh chng
virus.
Yu cu 6: Xy dng v duy tr h thng v ng
dng m bo an ninh mng.
n bn ma ng
22
n bn ma ng
Tc gi:
VI MINH TOI
Defense in depth hay cn gi l
phng th nhiu lp l cch tip
cn p dng cc kim sot bo mt
theo nhiu phn lp khc nhau
m bo an ton bo mt ca h
thng. Cch thc ny th hin mt
quan im: Khi c l hng ca phn
lp ny th vn cn cc phn lp
bo v v cc phn lp khng c
cng mt l hng/im yu nn
cc cuc tn cng s khng d
dng g xm nhp vo phn li ca
h thng. Bn cnh , cch thc
ny cng s gip cho cc nh qun
tr h thng d dng tm kim
thng tin v cc cuc xm nhp v
c thi gian p dng cc bin
php ngn chn.
n bn ma ng
24
Mt v d c th hn v thit k phn lp l
m hnh bo mt tng la thng c 2
lp: tng la bn ngoi (external
rewall) v tng la bn trong (internal
rewall). Tng la bn ngoi c nhim v
bo v phn vng DMZ (vng cha cc
my ch cng cng) v kim sot cc
lung d liu vo/ ra phn vng ny ti
Internet v vo cc phn vng ni b bn
trong. Tng la bn trong c nhim v
bo v cc phn vng my ch ng dng
v core, kim sot cc lung d liu vo ra
cc phn vng my ch ng dng v core.
Cc lung d liu t ngoi Internet ch c
th truy cp vo phn vng DMZ m thi.
M hnh bo mt tng la 2 lp thng
c s dng trong cc t chc tn dng
nh ngn hng, chng khon, bo him,...
Tuy nhin, vic p dng nhiu lp bo mt
nh th no th s li ty thuc vo tng
doanh nghip c th cng nh mong mun
v nhn thc bo mt ca ban lnh o.
Ngi lm cng tc bo mt cng cn c t
duy bo mt v c kinh nghim v thit k
kin trc bo mt c th cn bng gia
chi ph v nng sut cng nh m bo
hot ng hng ngy ca kin trc nhiu
lp.
Phng thc quan trng ca chin lc
phng th nhiu lp l m bo cn bng
gia cc nhn t: Con ngi , cng ngh v
vn hnh hng ngy.
Tc gi:
VI MINH TOI
MCSE, CEH, F5 Advance
Vi hn 9 nm kinh nghim
v lnh vc CNTT, chuyn
v cng tc m bo an ton
bo mt cho cc h thng ln nh banking,
chng khon.
Anh hin l chuyn vin bo mt, cng tc ti
mt trng i hc ln Vit Nam.
n bn ma ng
25
2.
Trong giai on Accreditation: l s
chp nhn chnh thc ca cp qun l c thm
quyn v nng lc ca h thng trong vic p
ng nhu cu ca t chc v chc nng ln mc
m bo.
n bn ma ng
26
Tc gi:
L NGUYN VNH PH
Master of Computer Science
MBA
MCSE
Vi hn 9 nm kinh nghim trong lnh vc CNTT ti ngn
hng, c kinh nghim trong lnh vc System, Networking,
Security, IT Governance. L mt ngi thch nghin cu,
ng dng v chia s cc gii php qun l trong cng
ngh nhm tng cng hiu sut trong cng vic.
Hin nay ang ph trch mng h thng mng ti mt
ngn hng TP.HCM.
Bn quyn thuc nhm CISSP & ATTT. Nu bn mun pht hnh li, vui lng ghi r: Ngun: CISSP & ATTT
Mi chi tit, xin vui lng lin h: cissp.attt@gmail.com
n bn ma ng
27