Computer Security Handbook, Sixth Edition Chapter 53 - Monitoring and Control Systems.docx

Update or manage mc systems across untrusted paths is

This preview shows page 8 - 10 out of 33 pages.

update or manage M&C systems across-untrusted paths is another common way to expose M&Cs to unauthorized access and compromise. Migrating from FTP, Telnet, and password authentication to Secure Shell (SSHv2) with key pair authentication is one practical way to reduce some of this risk to a more acceptable level. For network IPSs in a properly baselined network environment, wormlike traffic anomalies may be detected, routed to network tarpits, and cross-reported to additional sensors. In this situation, the automated response is significantly faster and potentially less disruptive than using an intrusion detection system (IDS; monitoring only) with alerts routing to an on-duty analyst for additional follow-up. 53.2.3 Snapshots versus Real Time. Snapshots provide a point-in-time view of a target system. Auditors use these for regularly scheduled audits. Scanning the environment on a monthly basis to confirm compliance can also unearth security trends within an environment. Trend reports identify security performance over time. An organization may notice a sharp decline in vulnerabilities after an external audit. Over time, without a stable vulnerability management program, the number of vulnerabilities will return to preaudit levels. Snapshots do not provide immediate or ongoing information on changes or corrective actions made to production systems. Addition-ally, snapshots will not verify that a Computer Security Handbook, Sixth Edition Chapter 53 - Monitoring and Control Systems
Image of page 8

Subscribe to view the full document.

9 control is working all of the time, only during the time that the snapshot was taken. Using monthly snapshots to review a system that frequently changes on a daily basis will not provide the same level of assurance as real-time M&C. Real-time monitoring refers to persistent, ongoing observation of a target. Real-time control refers to a control system's ability actively to influence its target. Industrial environments depend on information gathered through real-time M&C. When liquefied natural gas (LNG) travels through an LNG terminal, [ 9 ] operators should not have to wait until the tanker is empty in order to confirm that any of the product successfully transferred to the storage tanks. An M&C system can continually monitor the volume of product leaving the vessel, compare that data to the volume entering the storage container, trigger alerts if a leak is detected, and initiate a shutoff to avoid product loss. When allocating and distributing resources to meet demand, real-time monitoring provides overseers with an immediate understanding of the areas of need. In a network environment, this may include peak network usage during an accounting cycle or online shopping trends due to holidays. An Internet-facing shopping portal that uses cloud computing for resource allocation can use real-time monitoring to transparently detect and provision or deprovision computing and storage resources based on customer demand- Internet sites facing distributed denial of service
Image of page 9
Image of page 10
  • Fall '16

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern