Announcement

Collapse
No announcement yet.

Introduction to Physical Acces Controls at DEF CON China 1.0

Collapse
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Introduction to Physical Acces Controls at DEF CON China 1.0

    INTRODUCTION TO PHYSICAL ACCESS CONTROLS
    物理访问控制WORKSHOP
    Valerie Thomas

    Physical Access can be controlled by a variety of intelligent and simple devices. If you are wanting an overview of what these controls are and how they work, then this workshop is for you. In this class, we will discuss the fundamentals of physical security, current and upcoming technologies, and how to put them all together in order to perform a red team style assessment.

    Basics
    • Facility access overview
    • Credential and identity concepts
    • Physical Access Control System (PACS) fundamentals
    • What is RFID and why does it matter? Attacks
    • RFID hacking
    • Control system attacks
    • Defeating physical controls (fences, gates, cameras)
    • The human element of physical security
    Putting it all together
    • Offsite/onsite reconnaissance
    • Attack planning and execution
    • Post-attack strategies
    • Reporting physical access finding
    • Remediation approaches and reference material

    物理访问可以由多种智能设备和简单设备控制。
    如果您想了解这些控件是什么,它们的工作原理如何,那么这个Workshop非常适合您。在本课程中,我们 将讨论物理安全的基本原理、目前已有的和未来的新技术,还有如何将它们相结合来进行red team评估。基本要素
    • 设备访问概述• 认证和识别概念
    • 物理访问控制系统(PACS)基础知识
    • 什么是RFID ?为什么它很重要? 安全攻击
    • 无线射频识别入侵
    • 控制系统攻击
    • 攻破物理控制(栅栏,门点,摄像头
    • 物理安全的人为要素 综合包含
    线下/线上侦查
    • 攻击的策划和执行
    • 攻击发生后的策略
    • 汇报物理访问的发现
    • 修复措施和参考资料

    Valerie Thomas is a technical director for Securicon that specializes in social engineering and physical penetration testing. After obtaining her bachelor’s degree in electronic engineering, Thomas led information security assessments for the Defense Information Systems Agency (DISA) before joining private industry. Throughout her career, Thomas has conducted penetration tests, vulnerability assessments, compliance audits and technical security training for executives, developers and other security professionals.

    Valerie Thomas是Securicon的技术总监,Securicon是一家专门从事社会工程和物理渗透测试的 公司。取得电子工程学士学位后,Valerie成为了国防信息系统局(DISA)信息安全评估的带头人,之 后入职了私企。在她的职业生涯中,为管理人员、开发人员和其他安全专业人员进行了渗透测试、漏洞评估、遵从 性审计和技术安全培训。
    PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A
Working...
X