Python networking expert needed
IT 369: Session 2
Class Session #2
Virtualization & Ubuntu Linux
Housekeeping
Priya (GTA) is holding lab support office hours virtually and can make individual appointments as needed.
Please use Discussion Board for any questions of a general nature, class clarifications, lab issues. Use email for confidential topics.
To accommodate impact of COVID and varying schedule conflicts, I will sometimes release Labs earlier (Caution to early adopters!).
Are You Experienced?
Volunteer?
Provide a Vulnerability Assessment that you can be building throughout semester
Connect on LinkedIn and grow your network. You are welcome to connect with me and reach out to any of the several hiring managers and recruiters in my network. slewis27@gmu.edu
Today’s Agenda
Vulnerability Assessments
Virtualization
VBox
Linux
Risk & Mitigations
Critical Analysis Journal review
Reading and Critical Thinking
What was your impression of the article on Log4j?
What would you do to find out if ”our organization” is affected?
What steps would you take to mitigate any risks?
What steps might we take for ongoing protection and additional risks?
If there was one thing that you could implement for an organization immediately, what might that be?
What is a Vulnerability Assessment and how could performing one add to your resume and ability to be hired (or get a promotion) in the near future?
Can we start assembling the first pieces of a Vulnerability Assessment from Chapter 1 concepts?
Critical Analysis Journal (100 points)
Here’s my Critical Analysis entry!
3-7 articles/topics will be posted on Blackboard by the middle of each month (Feb, Mar, Apr).
Students are required to submit one entry per month, within the 200-300 word format described on the assignment.
Each submission will receive up to 40 points. (Possible extra credit!)
Students receiving less than 100 total points on three assignments will be allowed to submit a fourth assignment. The highest three grades will be used.
Class Participation Grading
Class participation includes communications via in-class and discussion boards and is worth 50 points (5% of course grade).
Students will be allowed to attend this session from both Distance Learning sections.
I review the Collaborate Ultra report as well as the chat.
Attendance is not the same as engagement & participation.
Discussion board solutions to fellow students having technical difficulties with labs also count. Don’t simply finish labs for others. Instead, providing team member support is great.
LAB Discussion
Challenges with VirtualBox? Ubuntu? (this is part of the journey...)
(From now on, I may say “VirtualBox”, but that really just means your virtualized hosting environment, be that VBox, VMWare, Containers, etc.)
Latest versions are Vbox 6.1.x and Ubuntu 20.x (LTS = Long Term Support) Later we’ll install a Kali Linux instance and our virtual environment will allow us to SAFELY connect Kali to Ubuntu.
Don’t worry about coding complexity. Walkthroughs will be provided.
Some hands-on parts will be supported with videos, others will not.
Virtualization and Cloud
Useful to understand what VirtualBox and VMWare are doing, as it translates to our labs, challenge of securing systems, as well as advanced topics such as cloud infrastructures like AWS
Any data or application job will embrace virtualization
Hypervisor
VM
Containers
Virtualization (Laptop or Phone shown on left; Type1 Virtualization shown on right)
Virtualization (benefits? trade-offs?)
Containers (How do they impact Application & Data Security?)
What does this mean for securing the operating systems?
Type 1 & Type 2 Hypervisors
Which one are you running?
Advanced Virtualization
Orchestration – The ability to use automation and intelligent provisioning across distributed platforms in order to reliably reproduce desired outcomes. (As opposed to custom building installation of software and networks)
Hyperconvergence – The ability to seamlessly apply computing, storage, memory, and other resources to an existing deployment to meet rising and falling demands and capacity.
Introspection – Viewing internal conditions, memory, files, and related objects within a hosted virtual environment.
Virtualization & Resiliency
Cloning - Make a backup of your VM for safety as you build more
You don’t need a backup now, or even next week, as you can rebuild easily
When we build more (another lab builds a Linux-Apache-MySQL-Python “LAMP stack” and you will want to back this up)
OVA vs. OVF
Great short video if you need extra help: https://www.youtube.com/watch?v=xqNIvyZlHts
Are you able to restore your setup if it were corrupted? Or would you have to start back at the top? (Not a big cost to start over today, but by the end of the semester…)
Networking in VBox
If you select NAT (Network Address Translation), then your box is able to get out, but you will have trouble connecting one VM to another (required later). NAT is common in home and corporate networks especially.
When the time comes to connect VMs, NAT Network is ideal, and is simple to set up - let’s do it together right now.
Note for Windows Users: File/Preferences
Note for Mac Users: Virtualbox/Preferences
Read more here: https://www.virtualbox.org/manual/ch06.html
NAT Network
NAT Network
Linux Hands On Skills
Homework contains a helpful video of hands-on Linux command line interface. 18 minute video. Required viewing. (Use care since the video includes a destructive command “rm”.)
You can open up your Ubuntu instance, go into “terminal”, and try the non-destructive commands listed on the next slide.
Question: Why do we need to learn CLI (Command Line Interface)? (I can think of two huge reasons)
Useful Linux Commands (demo video released next week)
hostname
whoami
date
pwd Now you know WHO, WHERE, & WHEN you are!
man
ls
ls –l
echo hello > notes.txt
cat notes.txt
echo goodbye >> notes.txt
nano notes.txt
top
Useful Linux Commands (homework)
ping
Ifconfig (some installations will require you to follow some additional commands to install networking tools that include ifconfig). This command has been deprecated, and is replaced with:
ip
arp
netstat (good practical example provided on page 59 of the textbook as “Five Minute Practical” exercise)
exit
shutdown
Vital First Steps to Establishing Scope
Who are our stakeholders & adversaries?
Physical Security as an outer ring of Defense in Depth
What defines physical security?
Insider Threat - Malicious and Accidental
Critical Thinking: How would you know an attack has occurred or is occurring presently?
Exit Criteria / Entrance Criteria - why do we need these? How do we quantify?
Securing Systems: Define the Scope
How to handle securing multiple applications?
“Which are your most important applications?”
Perspectives of the various stakeholders
System of Systems concept makes this complex.
System Priority lists (Numerical ranking, name, group)
Incident Escalation Lists (Numbered list of names, numbers, authority, etc.)
Visually Representing Systems
Physical overview provides opportunity to identify vulnerabilities
Trade-offs and the most valuable resource
Inputs & outputs - modeling systems
Process Flow Diagrams
Schematics
Quick review of CMMI & CMMC (5-level models)
Capability Maturity Model Integration
Cybersecurity Maturity Model Certification
CMMI
CMMC
CMMC
Visualizations
Viewpoints
Processes
Data flows
Physical
Logical
Incident-oriented
Physical Viewpoint
Logical Viewpoint
How does Virtualization Alter These?
(Good example of an essay question for a test, so challenge yourself right now to think what you might put.)
What would be the impact to these drawings if you were considering moving to more elastic virtual environment (VMs, Containers, Cloud/AWS)?
What capabilities can virtualization bring to security systems? To resiliency?
Credit Card Processing Data Flow Diagram
Walk the process. Everyone should know this process flow easily. Where does the security responsibility lie at each point? App? Data? Policy?
Where are the security concerns?
Where to place IDS/IPS?
Where can you demand change?
Risk Concepts
Risk Avoidance
Risk Acceptance
Risk Reduction (Mitigation)
Risk Transference
Can you list examples of each?
Risk Mitigation & Resiliency (1 of 2)
Audits
Backups
Communication
Contingency Plans
Continuity of Operations (COOP)
Proper Due Diligence (“patch!”)
Failover
Error Handling
Self-healing Systems
Risk Mitigation & Resiliency (2 of 2)
Graceful Degradation
Responsive Infrastructure
Measure & Refactor
Redundancy
Scalability & Capacity (Hyperconvergence)
Adherence to Standards
Testing
Training
Validation
Verification
Recovery of Apps & Data
Backup & Restore (how frequent?)
Redundancy & Failover (impacts?)
Replacement & Spares (cost in money and time?)
Outsourcing
What risks, costs, and impacts exist for each?
Lab Status
You should have Virtual Box installed and working.
You should have Ubuntu installed and working, including a browser and GUI.
Lab #1 due Tuesday by midnight. Significant late penalties!
Lab #2 due next week. It is foundational and includes clear instructions. Recommend that you watch the homework video (next slide) if you are a beginner or novice at using Linux.
Lab Release Schedule
Subsequent labs this semester will be released in the next couple weeks. This should allow students with conflicts to work ahead as they feel confident in doing so.
Risk of turning in a lab without having read the chapters and attended the classes, but we will allow one resubmission (with a late penalty) if you attempt and fail. Grading will usually not begin until due date.
Goal is not to trip you up, but to build skills, awareness, and confidence.
You don’t need to memorize syntax, but definitely be able to navigate, and then look up additional help as needed to accomplish your future lab exercises.
Readings & Homework
Textbook reading: Chapter 1 last week, Chapter 4 this week, Chapter 3 next week (Identity & Access Management)
Linux Beginners Video: https://www.youtube.com/watch?v=IVquJh3DXUA