2. What is security
Why do we need security
Basic Terminology
Security Management
Attacks
Others Securities
Wireless Security
Firewall
Virtual Private Network
3. Freedom from risk or danger; safety.
Freedom from doubt, anxiety, or fear; confidence.
Information Security -
Information security = confidentiality + integrity +
availability + authentication
Authorization of access to data in a network, which is
controlled by the network administrator.
4. To prevent and monitor unauthorized
access, misuse, modification, or denial of a computer
network and network-accessible resources.
Protect vital information while still allowing access to those
who need it.
Provide authentication and access control for resource.
Guarantee availability of resources.
To prevent malicious attacks from hacking and spamming
6. Homes & Small Businesses
Basic Firewall , Basic Antivirus software, Passwords for all accounts.
Medium businesses
Strong Firewall, Internet Security Software, Virtual Private Network.
Large businesses
Strong Firewall and Proxy, Strong Antivirus software, Physical Security
Management
Large government
Strong Firewall and Proxy, Strong Encryption, Whitelist authorized
wireless connection
7. Passive Attacks
Wiretapping
Port scanner
Idle scan
Active Attacks
Denial-of-service attack
Spoofing
Man in the middle
ARP poisoning
Smurf attack
Buffer overflow
Heap overflow
Format string attack
SQL injection
8.
9. Cloud computing security
A set of policies, technologies, and controls to protect data,
applications.
Crime ware
A class of malware designed specifically to automate cybercrime.
Cyber security standards
ISO/IEC 27002
IT Baseline Protection Catalogs
Data loss prevention
Information Leak Detection and Prevention (ILDP)
Information Leak Prevention (ILP)
Content Monitoring and Filtering (CMF)
Information Protection and Control (IPC)
10. Wireless security is the prevention of unauthorized access or
damage to computers using wireless networks.
WLAN uses spread-spectrum or OFDM modulation technology
wireless security are Wired Equivalent Privacy (WEP) and Wi-Fi
Protected Access (WPA)
Wireless Intrusion Prevention Systems (WIPS) or Wireless
Intrusion Detection Systems (WIDS) common used technique.
Ad-hoc networks
Non-traditional networks
Man-in-the-middle attacks
Denial of service
13. Effective means of protection a local system or network of
systems from network-based security threats while
affording access to the outside world via WAN`s or the
Internet.
Aims:
Establish a controlled link
Protect the premises network from Internet-based attacks
Provide a single choke point
14. Design goals:
All traffic from inside to outside must pass through the
firewall (physically blocking all access to the local
network except via the firewall)
Only authorized traffic (defined by the local security
police) will be allowed to pass
15.
16.
17. Three common types of Firewalls:
Packet-filtering routers
Applies a set of rules to each incoming IP packet and then forwards
or discards the packet
Filter packets going in both directions, policies (discard or forward)
Application-level gateways
Also called proxy server
Acts as a relay of application-level traffic
Circuit-level gateways
Specialized function performed by an Application-level Gateway
Sets up two TCP connections
(Bastion host)
The bastion host serves as a platform for an application-level or
circuit-level gateway
18. A VPN is a means of transporting traffic in a secure manner
over an unsecured network.
A VPN usually achieves this by employing some
combination of encryption, authentication, and tunneling.
"Tunneling" (encapsulation) refers to the process of
encapsulating or embedding one network protocol to be
carried within the packets of a second network.
Point-to-Point Tunneling Protocol (PPTP);
Layer 2 Tunneling Protocol (L2TP);
Internet Protocol Security (IPSec);
SOCKS.