Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
826
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
31
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Disclosure Alteration Destruction http://etiolated.org/ http://eu.montana.edu/security/
  • Montana Code Annotated – Unlawful use of a computer
  • SSNs, GIDs, Credit Card Numbers
  • Virus – attaches itself to a program or file in order to spread, requires human action Worms – propagate themselves from computer to computer, subclass of virus Trojans – appears to be useful, but does damage when run; known to create backdoos MBC – includes spyware, spread by scripting (ActiveX, Java, etc) Spyware/Adware – unwanted software that may report back to the manufacurer information about your system or habits/that generates pop-up advertisements Hybrid is a mixing of the others properties
  • Compromising your… Confidentiality Integrity Availability
  • CD’s, flash cards & drives; auto-play feature Filtering Only go to known sites (SiteAdvisor or CallingID) Firewall & Patching systems
  • Intrusion detection/prevention systems AV Programs, Ad-Aware, Spybot, Defender Greylisting - http://www.greylisting.org/ [email_address] or [email_address] Several black list services No silver bullet

Transcript

  • 1. Information Security What You Should Know
    • Fred Pettis
    • ITC
  • 2. Introduction
    • What is Information Security?
      • C onfidentiality
      • I ntegrity
      • A vailability
    • Recent Compromises
    • Why is This Important?
  • 3. Vulnerabilities
    • Outdated Systems and Applications
    • Configuration Errors
    • Mishandled Data
    • Lack of Awareness
  • 4. Exploits
    • Viruses
    • Spyware/Malware
    • Phishing
    • Brute Force
    • The Insider Problem
  • 5. Government Regulation
    • FERPA (Family Education Rights and Privacy Act)
    • GLB (Gramm-Leach-Bliley)
    • US Privacy Act of 1974
    • MCA 45-6-311
  • 6. Policy
    • Board Of Regents
      • Data Security / Appropriate Use
    • Montana State University
      • Computing Policies Manual
      • Campus Networking Policy
      • Acceptable Use Policy
      • Safeguarding Customer Data
  • 7. Policy
    • MSU Domain Login
  • 8. Protect Our Information
    • What Is Sensitive Information?
    • Data Stewardship
  • 9. Protect Your Accounts
    • Your Banner Account
    • Your Domain Account
    • Your MyMSU Portal Account
    • Your Password
  • 10. Stay Safe Online
    • Email Practices
    • Web Browsing
    • Instant Messaging
    • Phishing
    • Spyware/Malware
    • Downloads
  • 11. Secure Your Desktop
  • 12. Secure Your Desktop
    • Threat of Malware
    • Malware Capabilities
    • Propagation Techniques
    • Malware Defense Techniques
    • Malware Defense Tools
  • 13. Threat of Malware
    • Viruses
    • Worms
    • Trojans
    • Malicious browser content
    • Spyware/Adware
    • Hybrid Threats
  • 14. Malware Capabilities
    • Destruction of data
    • Leaking confidential information
    • Altering system configuration
    • Providing backdoor access
    • Countless other opportunities
  • 15. Propagation Techniques
    • Removable media
    • E-mail attachments
    • Web browsing
    • Network vulnerabilities
    • IM applications
    • Peer-to-Peer networks
  • 16. Malware Defense Techniques
    • Activity monitoring program
    • File and resource integrity checking
    • Malware scanners
    • Email filters & stripping attachments
    • Defense-in-depth
  • 17. Malware Defense Tools (Microsoft)
    • Microsoft/Automatic Updates & Rebooting
    • Windows Firewall
    • Windows Backups
    • System Restore
    • Windows Defender
  • 18. Malware Defense Tools (3 rd Party)
    • Spybot Search & Destroy
    • Ad-Aware SE Plus
    • McAfee
    • SpamBayes
    • SiteAdvisor or CallingID
    • LANDesk
    • http://www2.montana.edu/desktop/security.htm
  • 19. Resources
    • ITC Help Desk
      • X1777
      • [email_address]
      • 75 Renne Hall
    • IT Security Web Page http://www.montana.edu/itsecurity
    • Enterprise Security Manager
    • [email_address] , x5091
    • Desktop Security Specialist
    • [email_address] , x6077
  • 20. Questions ?