Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
セキュリティの基礎とインシデントレスポンス / Security Fundamentals a...
Search
Kenji Saito
PRO
June 15, 2024
Technology
0
130
セキュリティの基礎とインシデントレスポンス / Security Fundamentals and Incident Response
早稲田大学大学院経営管理研究科「サイバーセキュリティ」2024 夏の第3-4回で使用したスライドです。
Kenji Saito
PRO
June 15, 2024
Tweet
Share
More Decks by Kenji Saito
See All by Kenji Saito
FinTech 3-4 : Internet Technology and Governance
ks91
PRO
0
19
民主主義と博愛(Humanitarianism) / Democracy and Humanitarianism
ks91
PRO
0
1
ブロックチェーン概論 / Introduction to Blockchain
ks91
PRO
0
6
ブロックチェーンと分散ファイナンス概論 / Introduction to Blockchain and Decentralized Finance
ks91
PRO
0
47
Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain
ks91
PRO
0
5
FinTech 1-2 : Overview of FinTech
ks91
PRO
0
14
デジタルトランスフォーメーションと民主主義 / Digital Transformation and Democracy
ks91
PRO
0
19
We Never Took the Kobayashi Maru Test Until Now. What Do You Think of Our Solutions? — Journeys of the Mind Through a No-Win Game
ks91
PRO
0
24
思いつきが武器になる:研究というゲームを始めよう / Ideas Are Your Equipments : Let the Game of Research Begin!
ks91
PRO
0
79
Other Decks in Technology
See All in Technology
データエンジニアがこの先生きのこるには...?
10xinc
0
450
多野優介
tanoyusuke
1
450
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
3
20k
後進育成のしくじり〜任せるスキルとリーダーシップの両立〜
matsu0228
7
2.5k
SREとソフトウェア開発者の合同チームはどのようにS3のコストを削減したか?
muziyoshiz
1
100
神回のメカニズムと再現方法/Mechanisms and Playbook for Kamikai scrumat2025
moriyuya
4
570
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
po3rin
2
260
BirdCLEF+2025 Noir 5位解法紹介
myso
0
200
リーダーになったら未来を語れるようになろう/Speak the Future
sanogemaru
0
280
PLaMo2シリーズのvLLM実装 / PFN LLM セミナー
pfn
PRO
2
990
KMP の Swift export
kokihirokawa
0
330
動画データのポテンシャルを引き出す! Databricks と AI活用への奮闘記(現在進行形)
databricksjapan
0
150
Featured
See All Featured
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
The Power of CSS Pseudo Elements
geoffreycrofte
79
6k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
RailsConf 2023
tenderlove
30
1.2k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
54
3k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
960
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.7k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
Fireside Chat
paigeccino
40
3.7k
Practical Orchestrator
shlominoach
190
11k
How to Think Like a Performance Engineer
csswizardry
27
2k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.5k
Transcript
Hardening for cyber security — generated by Stable Diffusion XL
v1.0 2024 3-4 (WBS) 2024 3-4 — 2024-06-17 – p.1/34
https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 3-4 — 2024-06-17 – p.2/34
( ) 1 6 10 (1) • 2 6 10
(2) • 3 6 17 • 4 6 17 • 5 6 24 I ( ) 6 6 24 I ( ) 7 7 1 8 7 1 9 7 8 10 7 8 11 7 15 II ( ) 12 7 15 II ( ) 13 7 22 14 7 22 W-IOI / ( ) 2024 3-4 — 2024-06-17 – p.3/34
( 20 ) 1 • 2 • 3 • 4
(TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • (6/24 ) / (2 ) OK / 2024 3-4 — 2024-06-17 – p.4/34
( ) ( ) 2024 3-4 — 2024-06-17 – p.5/34
+ — ( (1), (2)) + ( (3)) 2024 3-4
— 2024-06-17 – p.6/34
2024 3-4 — 2024-06-17 – p.7/34
1. (1) (2) 2024 6 13 ( ) 23:59 JST
Waseda Moodle (Q & A ) 2024 3-4 — 2024-06-17 – p.8/34
. . . . . . 13 9 (14 (
) ) ( ) 2024 3-4 — 2024-06-17 – p.9/34
A ⇒ ( ) ⇒ ( ) 2024 3-4 —
2024-06-17 – p.10/34
I ( ) ⇒ . . . . . .
( ) ( : ) . . . ( : ) ( ) (anachronism) ^^; 2024 3-4 — 2024-06-17 – p.11/34
L ⇒ IPA NISC NICT 7.5 2024 3-4 — 2024-06-17
– p.12/34
N 5 ⇒ https://www.datacenterdynamics.com/en/analysis/how-to-break-into-a-data-center-pen-testers-reveal-their-secrets/ ( ) 2024 3-4 — 2024-06-17
– p.13/34
M ⇒ . . . 2024 3-4 — 2024-06-17 –
p.14/34
Y = = ⇒ 2024 3-4 — 2024-06-17 – p.15/34
“ ” 3 ( ) ( ) ( ) 2024
3-4 — 2024-06-17 – p.16/34
( ) : Wi-Fi etc. (Confidentiality) (Integrity) (Availability) 2024 3-4
— 2024-06-17 – p.17/34
( +α) : . . . ( ) . .
. ( . . . ) ( ( ^^;)) . . . . . . ( ) × → 2024 3-4 — 2024-06-17 – p.18/34
(Gold Standard of Security) (Authentication) ( ) ID / ,
, , , , , etc. (Authorization) ( ) , , sudoers, etc. (Audit) , , , etc. 2024 3-4 — 2024-06-17 – p.19/34
(1) : ( ) (a) USB (b) URL X 1.
2. ( ) 3. 2024 3-4 — 2024-06-17 – p.20/34
(2) : PPAP PPAP Password ( ) Passowrd ( )
A ( ) Protocol ( ) PPAP PPAP 2024 3-4 — 2024-06-17 – p.21/34
NICT CYDER https://cyder.nict.go.jp (3) : 2024 3-4 — 2024-06-17 –
p.22/34
Πϯγσϯτͷ༧ஹͳͲ ॳಈରԠ ෮چાஔ ఆରԠ ࠶ൃࢭࡦ ߃ٱରԠ ݕ౼ ࣄޙରԠ τϦΞʔδ ใ
ࠂ ɾ ެ ද Π ϯ γ σ ϯ τ ϋ ϯ υ Ϧ ϯ ά Π ϯ γ σ ϯ τ Ϩ ε ϙ ϯ ε ސ ٬ ɾ ެ ڞ ݕɾड ରԠํݕ౼ 1PJOUPG$POUBDU ূڌอશ ෧͡ࠐΊ ࠜઈ , , DoS , , etc. 2024 3-4 — 2024-06-17 – p.23/34
Point of Contact (PoC) 1 2024 3-4 — 2024-06-17 –
p.24/34
2024 3-4 — 2024-06-17 – p.25/34
HDD ( ) 2024 3-4 — 2024-06-17 – p.26/34
2024 3-4 — 2024-06-17 – p.27/34
( ) 2024 3-4 — 2024-06-17 – p.28/34
( ) JPCERT/CC, NISC, ( ) ( ) 2024 3-4
— 2024-06-17 – p.29/34
(1 ) 2024 3-4 — 2024-06-17 – p.30/34
(3) : 70 1,000 X 3 1. 2. 3. 3
2024 3-4 — 2024-06-17 – p.31/34
2024 3-4 — 2024-06-17 – p.32/34
2. OK (1) (2) 2024 6 20 ( ) 23:59
JST Waseda Moodle (Q & A ) 2024 3-4 — 2024-06-17 – p.33/34
I 2024 3-4 — 2024-06-17 – p.34/34