2. INTRODUCTION
• IT security management consists of processes to enable organizational structure
and technology to protect an organization's IT operations and assets against
internal and external threats, intentional or otherwise.
• These processes are developed to ensure confidentiality, integrity, and availability
of IT systems. Various aspects to IT security in an organization need to be
considered. These include security policies and procedures, security organization
structure, IT security processes, and rules and regulations.
5. COMPUTER
SECURITY
• computer security, also called cybersecurity, the
protection of computer systems and information
from harm, theft, and unauthorized use. Computer
hardware is typically protected by the same means
used to protect other valuable or sensitive
equipment—namely, serial numbers, doors and
locks, and alarms.
• The security precautions related to computer
information and access address four major threats:
• (1) theft of data, (2) vandalism, including the
destruction of data by a computer virus;
• (3) fraud,(4) invasion of privacy,
6. INTERNET
SECURITY
• Internet security is a branch of computer
security. It encompasses the Internet, browser
security, web site security and network security as
it applies to other applications or operating
systems as a whole.
• The Internet is an inherently insecure channel for
information exchange, with high risk
of intrusion or fraud, such as phishing
online viruses, trojans, ransomware and worms.
9. PHYSICAL
SECURITY
• Physical security is the protection of personnel,
hardware, software, networks and data from
physical actions and events that could cause
serious loss or damage to an enterprise, agency or
institution.
• The physical security framework is made up of
three main components:
• Access control
• surveillance
• testing.
10. IDENTITY MANAGEMENT (ID MANAGEMENT)
• Identity management (ID management) is the
organizational process for ensuring individuals
have the appropriate access to technology
resources.
• This includes the identification, authentication
and authorization of a person, or persons, to
have access to applications, systems or
networks.
• IdM systems fall under the overarching
umbrellas of IT security and data management.
Identity and access management systems not
only identify, authenticate, and control access
for individuals who will be utilizing IT resources
but also the hardware and applications
employees need to access.
12. ACCESS
CONTROL
SYSTEM
• Access control systems are the electronic systems
that are designed to control through a network and
they should have an access to a network.
• Access Control System recognizes authenticates and
authorizes entry of a person to enter into the
premise thereby giving complete protection
ensuring security with the system.
• The areas or organizations which require high
security use different types of access control systems
like bio metric, RFID, door controllers and card
readers etc
• Each access point may be controlled individually as
per the requirement of company or organizations
where high security is necessary.
15. INTRUSION
DETECTION
• An Intrusion Detection System (IDS) is a system
that monitors network traffic for suspicious
activity and issues alerts when such activity is
discovered.
• It is a software application that scans a network or
a system for the harmful activity or policy
breaching. Any malicious venture or violation is
normally reported either to an administrator or
collected centrally using a security information
and event management (SIEM) system.
• Intrusion prevention systems also monitor
network packets inbound the system to check the
malicious activities involved in it and at once send
the warning notifications.
This Photo by Unknown Author is licensed under CC BY-SA
16. CLASSIFICATION OF
INTRUSION
DETECTION SYSTEM
• Network Intrusion Detection System (NIDS):
• Host Intrusion Detection System (HIDS):
• Protocol-based Intrusion Detection System (PIDS):
• Application Protocol-based Intrusion Detection
System (APIDS):
• Hybrid Intrusion Detection System :
17. CLASSIFICATION OF INTRUSION DETECTION
SYSTEM
Network Intrusion
Detection System
(NIDS):
Host Intrusion
Detection System
(HIDS):
Protocol-based
Intrusion Detection
System (PIDS):
Application
Protocol-based
Intrusion Detection
System (APIDS):
Hybrid Intrusion
Detection System :
18. DETECTION
METHOD OF
IDS
• Signature-based Method:
Signature-based IDS detects the attacks on the
basis of the specific patterns such as number of
bytes or number of 1’s or number of 0’s in the
network traffic
• Anomaly-based Method
Anomaly-based IDS was introduced to detect
unknown malware attacks as new malware are
developed rapidly. In anomaly-based IDS there is
use of machine learning to create a trustful activity
model and anything coming is compared with that
model and it is declared suspicious if it is not found
in model.
19. COMPARISON OF
IDS WITH
FIREWALLS:
• IDS and firewall both are related to network
security but an IDS differs from a firewall as a
firewall looks outwardly for intrusions in order to
stop them from happening. Firewalls restrict access
between networks to prevent intrusion and if an
attack is from inside the network it doesn’t signal.
• An IDS describes a suspected intrusion once it has
happened and then signals an alarm.