CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
2. Page 2
Instructor, PACE-IT Program – Edmonds Community College
Areas of expertise Industry Certifications
PC Hardware
Network Administration
IT Project Management
Network Design
User Training
IT Troubleshooting
Qualifications Summary
Education
M.B.A., IT Management, Western Governor’s University
B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.
5. Page 5
As more devices arrive in the
workplace with processors
built into them, security
experts are facing more
challenges in securing them.
These devices are often considered to be a static environment
because the processing power and hardware that the device
comes with cannot be modified or changed. In some cases,
exploits have been specifically created to take advantage of the
difficulty in securing these environments. Through some careful
planning and implementation, some techniques can be utilized to
mitigate the risks represented in static environments.
Mitigating risks in alternative environments.
6. Page 6
Mitigating risks in alternative environments.
– SCADA (supervisory control and data
acquisition).
» A type of industrial control system (ICS) that is designed to
control large scale deployments of equipment. The controlled
equipment is usually at more than one site.
• Often deployed in the energy industry—both on the creation
and distribution side.
» SCADA tends to have a lack of security in the monitors and
controllers that are used to manage the system.
• Physical security controls should be used to limit access to
SCADA components.
– Embedded systems.
» A self contained computing system that can be found within a
larger system (e.g., printers, HVAC systems, or smart TVs).
• Often, these embedded systems lack basic security features
or implement weak security.
» The devices tend to utilize very basic versions of well known
operating systems.
• Security hardening techniques should be used to secure
these devices.
7. Page 7
Mitigating risks in alternative environments.
– Smartphones.
» Mobile phones are increasingly becoming an important tool in
the modern workplace.
• Due to their increasing capabilities, they also are becoming a
greater security risk.
» Because of their portability, smartphones are subject to loss
and theft.
• Security should be focused on restricting access to data on
the phone; whenever possible, encryption should be used.
– Game consoles.
» Most modern game consoles can be connected to networks.
• In many cases, the console must be connected to the network
in order to take advantages of gaming features.
» Security features for gaming consoles has been increasing.
• All updates should be in place for any gaming console that is
placed on a network.
8. Page 8
Mitigating risks in alternative environments.
– Mainframes.
» High cost, powerful computing systems that contain significant
processing power.
• Due to their cost, mainframes are not replaced very frequently
and may be using older versions of operating systems—which
may have well known vulnerabilities.
» Technological controls should be in place to help secure
mainframes.
• Firewalls, access control lists (ACLs), and door locks can all be
implemented to restrict access to the mainframe environment.
– In-vehicle computing systems.
» Car manufacturers have been using processors in vehicles for
many years.
• Initially, the processors had limited capabilities and could prove
difficult to exploit without physical access to the vehicle.
» Modern vehicles are coming with more connected systems that
may represent a challenge to security.
• In July 2015, a security team demonstrated the ability to take
over a vehicle’s systems remotely, including the ability to take
control of the braking system.
10. Page 10
Mitigating risks in alternative environments.
– Segmentation.
» A network design element in which resources are separated—
by function and security requirements—into their own networks.
• Can be used to control communication and security within the
network.
– Security layers.
» Placing security at different places and levels within a network
will increase the security of the network as a whole.
• If one layer of security is breached, attackers will find another
layer waiting to frustrate them—like the layers of an onion.
– Application firewalls.
» Can be used to filter traffic based on what applications are
allowed to operate on the network and which are not allowed to
work on the network.
11. Page 11
Mitigating risks in alternative environments.
– Updates.
» Patches and system updates should be used to help keep
computing environments secure.
• A best practice is to use a manual updating process so that
proper testing of the update can be done.
– Firmware version control.
» Updates to firmware should be done if they will lead to an
increase in security or in vital functionality.
– Wrappers.
» A host based ACL that can be used in conjunction with a
firewall to increase the effectiveness of security.
• Found in Linux and UNIX environments and can be used to
specify how an individual host can access a specific service
(e.g., allowing Bob access to SCP but not to FTP on the file
server).
12. Page 12
When implementing a
layered security mitigation
technique, it is important to
use a variety of products.
If all of the firewalls used in the layered approach are the same
product, then they will more than likely all have the same
vulnerability. Once an attacker breaches one firewall, the rest will
likely fall in short order.
A best practice is to implement a diversity of products for security
considerations (e.g., different firewall devices). If different
products are used, then the hacker has to figure out how to get
past each individual product, and the attacker cannot rely on the
same vulnerability being present in each device.
Mitigating risks in alternative environments.
13. Page 13
Mitigating risks in alternative environments.
Static environment devices can represent a challenge to security personnel;
however, some risk mitigation techniques can be implemented to reduce
the threat level. Some devices that are considered to be in this alternative
environment include: SCADA, embedded systems, smartphones, game
consoles, mainframes, and in-vehicle computing systems.
Topic
Alternative environment.
Summary
Some of the risk mitigation techniques that can be used to reduce the threat
present in a static device environment include: segmentation, security
layers, application firewalls, updates, firmware version control, wrappers,
and implementing a diversity of products (especially when the same basic
security method is being used).
Risk mitigation techniques.
15. This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.