Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
セキュリティの基礎とインシデントレスポンス / Security Fundamentals a...
Search
Kenji Saito
PRO
June 15, 2024
Technology
0
79
セキュリティの基礎とインシデントレスポンス / Security Fundamentals and Incident Response
早稲田大学大学院経営管理研究科「サイバーセキュリティ」2024 夏の第3-4回で使用したスライドです。
Kenji Saito
PRO
June 15, 2024
Tweet
Share
More Decks by Kenji Saito
See All by Kenji Saito
FinTech 7-8 : Blockchain
ks91
PRO
0
7
スマートコントラクトプログラミング / Smart Contract Programming
ks91
PRO
0
13
パット(PAT) : 論文アシスタント(Paper Authoring Tutor) 研究者’s マニュアル / PAT : Paper Authoring Tutor - Researcher's Manual
ks91
PRO
0
6
FinTech 5-6 : The World of Apps
ks91
PRO
0
40
ブロックチェーン概論とインストール大会 / Blockchain Overview and Installation
ks91
PRO
0
14
FinTech 3-4 : Internet Technology and Governance
ks91
PRO
0
72
身体を持つ生成AI と製品トレーサビリティー / Bodily Generative AI and Product Traceability
ks91
PRO
0
15
ブロックチェーン概論 / Introduction to Blockchain
ks91
PRO
0
19
FinTech Lecture 1-2 : Overview of FinTech
ks91
PRO
0
100
Other Decks in Technology
See All in Technology
最新のWasm事情
askua
5
2.5k
今日から始める技術的負債の解消
leveragestech
3
460
なぜ Rack を理解すべきかプレトーク / Why should you understand Rack - Pre-talk
hogelog
0
230
XSS攻撃から考察するAWS設定不備の恐怖/20241012 Hironobu Otaki
shift_evolve
0
150
Reality is not an End-to-End Prediction Problem: Applied NLP in the Age of Generative AI
inesmontani
PRO
0
190
本番のトラフィック量でHudiを検証して見えてきた課題
joker1007
2
270
VPoE Meetup Vol.1 VPoEとして実践してきたことと反省点
coconala_engineer
2
180
Bluesky 2019〜2022
yamarten
1
120
多数のWebサービスをECS/Fargate構成で効率よく構築・運用するなら copilot-cli
interu
2
170
Deep dive into Nuxt Server Components
wattanx
1
1.3k
いまいまMySQL2024 @ OSC Nagaoka
sakaik
3
300
マルチテナントのサービスインフラに大きなテナントを受け入れるまで
7474
0
790
Featured
See All Featured
Into the Great Unknown - MozCon
thekraken
31
1.4k
Ruby is Unlike a Banana
tanoku
96
11k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
504
140k
Embracing the Ebb and Flow
colly
84
4.4k
The Pragmatic Product Professional
lauravandoore
31
6.2k
Statistics for Hackers
jakevdp
796
220k
Six Lessons from altMBA
skipperchong
26
3.4k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
5
130
Thoughts on Productivity
jonyablonski
67
4.3k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
A better future with KSS
kneath
237
17k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.6k
Transcript
Hardening for cyber security — generated by Stable Diffusion XL
v1.0 2024 3-4 (WBS) 2024 3-4 — 2024-06-17 – p.1/34
https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 3-4 — 2024-06-17 – p.2/34
( ) 1 6 10 (1) • 2 6 10
(2) • 3 6 17 • 4 6 17 • 5 6 24 I ( ) 6 6 24 I ( ) 7 7 1 8 7 1 9 7 8 10 7 8 11 7 15 II ( ) 12 7 15 II ( ) 13 7 22 14 7 22 W-IOI / ( ) 2024 3-4 — 2024-06-17 – p.3/34
( 20 ) 1 • 2 • 3 • 4
(TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • (6/24 ) / (2 ) OK / 2024 3-4 — 2024-06-17 – p.4/34
( ) ( ) 2024 3-4 — 2024-06-17 – p.5/34
+ — ( (1), (2)) + ( (3)) 2024 3-4
— 2024-06-17 – p.6/34
2024 3-4 — 2024-06-17 – p.7/34
1. (1) (2) 2024 6 13 ( ) 23:59 JST
Waseda Moodle (Q & A ) 2024 3-4 — 2024-06-17 – p.8/34
. . . . . . 13 9 (14 (
) ) ( ) 2024 3-4 — 2024-06-17 – p.9/34
A ⇒ ( ) ⇒ ( ) 2024 3-4 —
2024-06-17 – p.10/34
I ( ) ⇒ . . . . . .
( ) ( : ) . . . ( : ) ( ) (anachronism) ^^; 2024 3-4 — 2024-06-17 – p.11/34
L ⇒ IPA NISC NICT 7.5 2024 3-4 — 2024-06-17
– p.12/34
N 5 ⇒ https://www.datacenterdynamics.com/en/analysis/how-to-break-into-a-data-center-pen-testers-reveal-their-secrets/ ( ) 2024 3-4 — 2024-06-17
– p.13/34
M ⇒ . . . 2024 3-4 — 2024-06-17 –
p.14/34
Y = = ⇒ 2024 3-4 — 2024-06-17 – p.15/34
“ ” 3 ( ) ( ) ( ) 2024
3-4 — 2024-06-17 – p.16/34
( ) : Wi-Fi etc. (Confidentiality) (Integrity) (Availability) 2024 3-4
— 2024-06-17 – p.17/34
( +α) : . . . ( ) . .
. ( . . . ) ( ( ^^;)) . . . . . . ( ) × → 2024 3-4 — 2024-06-17 – p.18/34
(Gold Standard of Security) (Authentication) ( ) ID / ,
, , , , , etc. (Authorization) ( ) , , sudoers, etc. (Audit) , , , etc. 2024 3-4 — 2024-06-17 – p.19/34
(1) : ( ) (a) USB (b) URL X 1.
2. ( ) 3. 2024 3-4 — 2024-06-17 – p.20/34
(2) : PPAP PPAP Password ( ) Passowrd ( )
A ( ) Protocol ( ) PPAP PPAP 2024 3-4 — 2024-06-17 – p.21/34
NICT CYDER https://cyder.nict.go.jp (3) : 2024 3-4 — 2024-06-17 –
p.22/34
Πϯγσϯτͷ༧ஹͳͲ ॳಈରԠ ෮چાஔ ఆରԠ ࠶ൃࢭࡦ ߃ٱରԠ ݕ౼ ࣄޙରԠ τϦΞʔδ ใ
ࠂ ɾ ެ ද Π ϯ γ σ ϯ τ ϋ ϯ υ Ϧ ϯ ά Π ϯ γ σ ϯ τ Ϩ ε ϙ ϯ ε ސ ٬ ɾ ެ ڞ ݕɾड ରԠํݕ౼ 1PJOUPG$POUBDU ূڌอશ ෧͡ࠐΊ ࠜઈ , , DoS , , etc. 2024 3-4 — 2024-06-17 – p.23/34
Point of Contact (PoC) 1 2024 3-4 — 2024-06-17 –
p.24/34
2024 3-4 — 2024-06-17 – p.25/34
HDD ( ) 2024 3-4 — 2024-06-17 – p.26/34
2024 3-4 — 2024-06-17 – p.27/34
( ) 2024 3-4 — 2024-06-17 – p.28/34
( ) JPCERT/CC, NISC, ( ) ( ) 2024 3-4
— 2024-06-17 – p.29/34
(1 ) 2024 3-4 — 2024-06-17 – p.30/34
(3) : 70 1,000 X 3 1. 2. 3. 3
2024 3-4 — 2024-06-17 – p.31/34
2024 3-4 — 2024-06-17 – p.32/34
2. OK (1) (2) 2024 6 20 ( ) 23:59
JST Waseda Moodle (Q & A ) 2024 3-4 — 2024-06-17 – p.33/34
I 2024 3-4 — 2024-06-17 – p.34/34