Professional Documents
Culture Documents
คุณรู้หรือไม่... กฎหมายและพรบ. Security ในขณะนี้มีอะไรบ้าง
คุณรู้หรือไม่... กฎหมายและพรบ. Security ในขณะนี้มีอะไรบ้าง
.... Security
(RHCE,CCAI)
http://network.cm.edu
ITSC CMU
Information Security : CIA
http://network.cm.edu
ITSC CMU
Information Security
-
http://network.cm.edu
ITSC CMU
Information Security : CIA
- Confidentiality
- Prevent disclosure
- Privacy
- AAA
http://network.cm.edu
ITSC CMU
Information Security : CIA
- Integrity
- Intentional / accidental change
- Protect system unauthorized modification
- Depend on access control
- Availability
http://network.cm.edu
ITSC CMU
Information Security & Security
Management
Policies
Standards
Procedure
guidelines
http://network.cm.edu
ITSC CMU
-
Risk Management
Access control
Operation Security
Physical security
Application Security
Network Security
Cryptography
Disaster and recovery
Law and Ethic
http://network.cm.edu
ITSC CMU
Network Security
unauthorized access
misuse
modification
DOS
Tools
Firewall
IPS/IDS
Anti-virus
Anti-virus
IPS/IDS
Firewall
http://network.cm.edu
ITSC CMU
Small Network
basic firewall / UTM(Unified threat management)
Antivirus
Mac Filtering
Device logs
Authentication & Accounting
http://network.cm.edu
ITSC CMU
Medium Network
strong firewall / UTM(Unified threat management)
Antivirus / Internet Security Software
Mac Filtering
Device logs
Authentication(Password Policy) & Accounting
Physical security
Network monitoring
Administrator
VPN(Branch)
Employee awareness program
Disaster and recovery
Computer Network Division
http://network.cm.edu
10
ITSC CMU
Large Network
strong firewall(Server in DMZ) / Not UTM(Unified threat management)+IPS
Antivirus / Internet Security Software
Mac Filtering
Device logs
Authentication(Password Policy) & Accounting
Physical security+CCTV+Fire Alarm+Security Gaurds
Network monitoring
Administrator
VPN(Branch)
Employee awareness program
Disaster and recovery
Computer Network Division
http://network.cm.edu
11
ITSC CMU
Information Security : CIA
http://network.cm.edu
12
ITSC CMU
Security Trend 2012-2013
Smart Phone Hacking
Social Engineering Attacks
Wireless Hacking
Cloud Security
http://network.cm.edu
13
ITSC CMU
ICT Thailand
http://network.cm.edu
14
ITSC CMU
IT2010 (2544-2553)-
-
-
- knowledge economy
http://network.cm.edu
15
ITSC CMU
ICT 2020(2553-2563)
ICT ...
http://network.cm.edu
16
ITSC CMU
1.
2.
3.
4.
5.
6.
http://network.cm.edu
17
ITSC CMU
http://network.cm.edu
18
ITSC CMU
1. ICT
Broadband
2.
ICT
3. ICT
Computer Network Division
http://network.cm.edu
19
ITSC CMU
( )
4. ICT
5. ICT
6. ICT
Computer Network Division
http://network.cm.edu
20
ITSC CMU
( )
7. ICT
http://network.cm.edu
21
ITSC CMU
->
1. ICT
Broadband
5.
http://network.cm.edu
22
ITSC CMU
http://network.cm.edu
23
ITSC CMU
( )
- National Cyber Security Agency
(Cyber
security)
(Compliance and monitoring) (ICT Risk
assessment)
-
(Network security)
(National Information
Computer
Network
Division
Security
Roadmap)
http://network.cm.edu
24
ITSC CMU
( )
- (Data Center)
(Emergency protocols)
-
- 2
-
http://network.cm.edu
25
ITSC CMU
( )
-
-
-
-
- (Digital content)
http://network.cm.edu
26
ITSC CMU
Law and Ethic()
:
1.
2.
3.
4.
http://network.cm.edu
27
ITSC CMU
(...)
(...)
http://network.cm.edu
28
ITSC CMU
IT
. 2544
.
2549
. 2550
. 2544 2551
. 2551
.
. 255?
.
Computer Network Division
http://network.cm.edu
29
ITSC CMU
http://network.cm.edu
30
ITSC CMU
.26 Log 90
..2550
8
1. ->Integrity->Identification
2. Classification->No admin access
3. IT Auditor & Coordinate
4. Traffic Log Identification(NAT Log)
9
1. NTP(Network Time Protocol)
Computer Network Division
http://network.cm.edu
31
ITSC CMU
1.
. Telecom.
. Access Service Provider
. Host Service Provider : File Server,Mail Server,IDC
. Internet Caf
2. Appication Content Service Provider
http://network.cm.edu
32
ITSC CMU
Log
.
.
.
.
.
.
http://network.cm.edu
33
Log
GW/NAT
Private IP
http://network.cm.edu
34
FTP
Web
Log Server
Computer Network Division
http://network.cm.edu
35
Computer
Network Division
http://network.cm.edu
http://network.cm.edu
36
ITSC CMU
. 2550 vs . 255?
1
4
http://network.cm.edu
37
ITSC CMU
. 2550 vs . 255?
2 3
16
http://network.cm.edu
38
ITSC CMU
. 2550 vs . 255?
3
25
http://network.cm.edu
39
ITSC CMU
. 2550 vs . 255?
4
24 (1)
http://network.cm.edu
40
ITSC CMU
. 2550 vs . 255?
5 ...
26
http://network.cm.edu
41
ITSC CMU
. 2550 vs . 255?
6
21
http://network.cm.edu
42
ITSC CMU
. 2550 vs . 255?
7
23
15 16 17 18 19
20
http://network.cm.edu
43
ITSC CMU
. 2550 vs . 255?
8
( 4 )
http://network.cm.edu
44
ITSC CMU
. 2550 vs . 255?
9 (
) Electronic Transactions Development Agency (Public Organization)
ETDA
(
)
http://network.cm.edu
45
ITSC CMU
. 2550 vs . 255?
10 8 3 0 : --
http://network.cm.edu
46
ITSC CMU
Virtualization
Hardware Platform
Operating System
Application Virtualization
Desktop Virtualization(VDI)
Storage Device
Network Resource
http://network.cm.edu
47
ITSC CMU
Virtualization
http://network.cm.edu
48
ITSC CMU
Virtualization
http://network.cm.edu
49
ITSC CMU
Virtualization Security
Hypervisor Security
Host Security
Securing Communications Between Host and Management Node
http://network.cm.edu
50
Thank you
Computer Network Division
http://network.cm.edu
51