|
| |
|
|
Design of methodology for vulnerability assesment
Pecl, David ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The thesis deals with the assessment of security vulnerabilities. The aim of this work is to create a new method of vulnerability assessment, which will better prioritize critical vulnerabilities and reflect parameters that are not used in currently used methods. Firstly, it describes the common methods used to assess vulnerabilities and the parameters used in each method. The first described method is the Common Vulnerability Scoring System for which are described all three types of scores. The second analysed method is OWASP Risk Rating Methodology. The second part is devoted to the design of the own method, which aims to assess vulnerabilities that it is easier to identify those with high priority. The method is based on three groups of parameters. The first group describes the technical assessment of the vulnerability, the second is based on the requirements to ensure the confidentiality, integrity and availability of the asset and the third group of parameters evaluates the implemented security measures. All three groups of parameters are important for prioritization. Parameters describing the vulnerability are divided into permanent and up-to-date, where the most important up-to-date parameter are Threat Intelligence and easy of exploitation. The parameters of the impact on confidentiality, integrity and availability are linked to the priority of the asset, and to the evaluation of security measures, which increase the protection of confidentiality, integrity and availability. The priority of the asset and the quality of the countermeasures are assessed based on questionnaires, which are submitted to the owners of the examined assets as part of the vulnerability assessment. In the third part of the thesis, the method is compared with the currently widely used the Common Vulnerability Scoring System. The strengths of the proposed method are shown in several examples. The effectiveness of prioritization is based primarily on the priority of the asset and the security measures in place. The method was practically tested in a laboratory environment, where vulnerabilities were made on several different assets. These vulnerabilities were assessed using the proposed method, the priority of the asset and the quality of the measures were considered, and everything was included in the priority of vulnerability. This testing confirmed that the method more effectively prioritizes vulnerabilities that are easily exploitable, recently exploited by an attacker, and found on assets with minimal protection and higher priority.
|
|
|
Implementing of security measures according to ISMS for elementary school
Pexa, Marek ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with introduction of security measures for primary and elementary school. The thesis is devided into three main parts. The first part deals with basic theoretical concepts of information security and legislative elements needed for understanding the issue. The second part desrcibes the current state for primary and elementary school. The last practical part includes proposal of security measures and recommendations.
|
|
|
Simulating information security management within a university environment
Hložanka, Filip ; Martina,, Chitu (referee) ; Sedlák, Petr (advisor)
This diploma thesis is concerned with simulating information security management within a university environment. It is divided into three parts. The theoretical part focuses on describing the assets which could be part of a faculty network, attacks that could target it, security processes which could protect it and users that are active within it. The analytical part then applies these segments on a real faculty network. Based on this analysis, a set of specific assets, attacks, security processes and other tasks is created in order to simulate a simplified version of the analyzed network using a sophisticated cybernetic polygon. The security of the network is then assessed after several iterations of the simulations. Its parameters are adjusted in the effort to increase its security and the module is tested on an academic employee in order to assess its effectiveness. The conclusion evaluates the possibilities of increasing the security of the simulated network as well as the usability of the cybernetic polygon in practice.
|
|
|
Implementation of Basic Security Measures in Medical Facility
Soukupová, Marie ; Svoboda Vlastimil, Ing. MBA (referee) ; Sedlák, Petr (advisor)
The diploma thesis presents a proposal for the implementation of basic security measures in a medical facility. In addition to describing the specific managerial and technical measures that the hospital must implement, the thesis also includes an information strategy and a proposal for building security awareness of the hospital staff. The thesis also describes the creation of a set of security guidelines, including a compliance manual with the Cybersecurity Decree.
|
|
|
Zobrazení nejistoty spojené s leasingovými smlouvami ve finančním výkaznictví nájemce
Kokrdová, Romana
This diploma thesis deals with the amendment of the Standard IAS 17 - Leases, which is result of negotiating between the International Accounting Standards Board and the Financial Accounting Standards Board. This thesis is primary focused on the lessee's impact of issues and deals with situation, when the contract contain an element of uncertainty, specifically the possibility of using option for extended or variable payments. First part is devoted to the theoretical information about leasing based on current Standard IAS 17. Second part of this thesis describes the historical background of the Project Leases and explains the new proposal of methodical approach. In the third part there are applied the new knowledges described above and assessed the impact of new methodology to the items appeared in balance sheet and income statement.
|
|
|
Simulating information security management within a university environment
Hložanka, Filip ; Martina,, Chitu (referee) ; Sedlák, Petr (advisor)
This diploma thesis is concerned with simulating information security management within a university environment. It is divided into three parts. The theoretical part focuses on describing the assets which could be part of a faculty network, attacks that could target it, security processes which could protect it and users that are active within it. The analytical part then applies these segments on a real faculty network. Based on this analysis, a set of specific assets, attacks, security processes and other tasks is created in order to simulate a simplified version of the analyzed network using a sophisticated cybernetic polygon. The security of the network is then assessed after several iterations of the simulations. Its parameters are adjusted in the effort to increase its security and the module is tested on an academic employee in order to assess its effectiveness. The conclusion evaluates the possibilities of increasing the security of the simulated network as well as the usability of the cybernetic polygon in practice.
|
|
|
Design of methodology for vulnerability assesment
Pecl, David ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The thesis deals with the assessment of security vulnerabilities. The aim of this work is to create a new method of vulnerability assessment, which will better prioritize critical vulnerabilities and reflect parameters that are not used in currently used methods. Firstly, it describes the common methods used to assess vulnerabilities and the parameters used in each method. The first described method is the Common Vulnerability Scoring System for which are described all three types of scores. The second analysed method is OWASP Risk Rating Methodology. The second part is devoted to the design of the own method, which aims to assess vulnerabilities that it is easier to identify those with high priority. The method is based on three groups of parameters. The first group describes the technical assessment of the vulnerability, the second is based on the requirements to ensure the confidentiality, integrity and availability of the asset and the third group of parameters evaluates the implemented security measures. All three groups of parameters are important for prioritization. Parameters describing the vulnerability are divided into permanent and up-to-date, where the most important up-to-date parameter are Threat Intelligence and easy of exploitation. The parameters of the impact on confidentiality, integrity and availability are linked to the priority of the asset, and to the evaluation of security measures, which increase the protection of confidentiality, integrity and availability. The priority of the asset and the quality of the countermeasures are assessed based on questionnaires, which are submitted to the owners of the examined assets as part of the vulnerability assessment. In the third part of the thesis, the method is compared with the currently widely used the Common Vulnerability Scoring System. The strengths of the proposed method are shown in several examples. The effectiveness of prioritization is based primarily on the priority of the asset and the security measures in place. The method was practically tested in a laboratory environment, where vulnerabilities were made on several different assets. These vulnerabilities were assessed using the proposed method, the priority of the asset and the quality of the measures were considered, and everything was included in the priority of vulnerability. This testing confirmed that the method more effectively prioritizes vulnerabilities that are easily exploitable, recently exploited by an attacker, and found on assets with minimal protection and higher priority.
|
|
|
Implementing of security measures according to ISMS for elementary school
Pexa, Marek ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with introduction of security measures for primary and elementary school. The thesis is devided into three main parts. The first part deals with basic theoretical concepts of information security and legislative elements needed for understanding the issue. The second part desrcibes the current state for primary and elementary school. The last practical part includes proposal of security measures and recommendations.
|
|
|
The proposal of ISMS implementation in the public administration
Štukhejl, Kamil ; Tomáš,, Krejčí (referee) ; Sedlák, Petr (advisor)
This diploma thesis focuses on the implementation of information security management system in the public administration based on ISO/IEC 27000 series of standards. The thesis contains theoretical background, introduction of the organization, risk analysis and a proposal of appropriate measures for minimization of these identified risks. In the end, an implementation plan is proposed including an economic evaluation.
|
guest ::
