Threat Landscape collection of threats threat actors observed trends tracking the threat landscape know the threat agents and their capabilities know used weapons and tatics know exising threats know most relevant threats know emerging threats and actors Why? know your enemy - prepare for current and emerging threats
provides motivation for investments in security controls
Definition by ENISA1 The ENISA Threat Landscape provides an overview of threats, together with current and emerging trends.
#Securing Information Systems
ISMS ISO/IEC 27000 family NIST Risk Management Framework BSI 2000 family An ISMS is a systemic approach to managing information so that it remains secure. (It’s not an application) It includes people, processes and IT systems by applying risk mgmt processes. Information security risk is managed and kept at an acceptable leve by designing, implementing and maintaining a coherent set of security controls. our focus: Security controls Security Controls are safeguards or countermeasures to avoid, detect counteract, or minimize security risks to physical property, information, computer systems, or other assets.
openbook moodle on site
ISMS backup is corrective control
detective (antivirus is not just dectective but corrective) better IDS
2)(sample exam) have a look at implemention group have a look at circumstances
#Threat landscap how do you learn about threat landscape? enisa report APT can not be detected by Antivirus APT are not deployed by sript kiddies APT are not discoverd within 5day after deployment APT doesnt usually target Credit cards numbers apt doesnt delete itself after a while
Architecture SOA Principles Standardized protocols Abstraction (from service implementation) Loose coupling reusability composability stateless service discoverable services Microservices architecture is a SOA architectural style to develop applications
as a suite of “small” services, each running in its own process and communicating with lightweight mechanisms (REST APIs or Messaging). They are built around business capabilities following the “do one thing well” principle. Services are highly decoupled (yet composed) and focus on doing a small task
Penetration Testing Goals name six different testing methods and discuss which method is best when given the task of doing a security test be able to explain penetration testing name at least two standards providing guidance on how to do penetration testing explain the role and important parameters (scope, rules of engagement, test method) of the pre-engagement phase Reasons Why do we want to test? What’s our goal?
Find and fix vulnerabilities?
Exploits Definition Is a piece of software, chunk of data, sequence of commands that take advantage of a vulnerability in an system
Classification Often classified by their action
Unauthorized data access arbitrary code execution denial of service privilege escalation Characterization local exploit remote exploit client-side exploit
often requires some user action
drive by attacks trigger fore example by malicious website server side exploit 0-day exploit Stack Layout CPU Registers esp stack pointer
Introduction ISMS information security management system Security Controls safeguards or countermeasures Type of controls preventiv detective corrective ISO 27K -> 93 security controls ISO 27002:2022 implementation guidance
CIS controls (Critical Security Controls) 18 controls dealing with the most relevant threats
Funktional Teil 1 ;;load lisp files (load "more-functional.lisp") 1. Iteration (defun range (a &optional (b nil) (c 1)) (cond ((null b) (funcall 'range 0 a c)) (t (cond ((< (* a c) (* b c)) ;;mit c multiplizieren um Bedingung umzukehren wenn c negativ (cons a (funcall 'range (+ a c) b c))) (t nil))))) (defun repeat (times value) (mapcar (lambda (n) value) (range times))) * (repeat 5 'hello) (HELLO HELLO HELLO HELLO HELLO) (defun repeatedly (times fun) (mapcar fun (range times))) Lösung
Praktikum 2 Aufgabe 1 (defun reduce-list (f init seq) (cond ((null seq) init) (t(funcall f (car seq) (reduce-list f init (cdr seq)))))) (reduce-list #'+ 0 '(1 2 3 4)) 10 ;; Filter a sequence by the function f ;;if f(list-entry) == true then add to list (defun filter (f seq) (cond ((null seq) nil) ((funcall f (car seq)) (cons (car seq) (filter f (cdr seq)))) (t (filter f (cdr seq))))) Aufgabe 2 Erstelle eine Funktion “Range”:
Lisp Cheat Sheet * (car '(A B (C))) A * (cdr '(A (C))) ((C)) #‘fun ist eine Abkürzung von (function fun)
Reihenfolge: (- 5 2) -> 3 (>= 5 2) -> T
(defmacro setfun (symb fun) `(prog1 ',symb (setf (symbol-function ',symb) ,fun))) ;; Makro um einen Lambda-Ausdruck als Funktion an ein Symbol zu binden. (apply #'+ 1 2 3 '(4 5 6)) ;; => 21 (let (a b (c 3) (d (+ 1 2))) (list a b c d)) ;; (NIL NIL 3 3) ;;LET is special form for variable binding.