SlideShare a Scribd company logo

Computer Security.pptx

Download as PPTX, PDF
K
KENNEDYDONATO1

Computer Security

Technology
1 of 18
COMPUTER SECURITY (NETWORK, OPERATING SYSTEM, APPLICATION) INFORMATION ASSURANCE AND SECURITY II
Computer security breaches are common place, and several occur around the world every day. Some are considered minor, with little loss of data or monetary resources, but many of them are considered major, or even catastrophic.
WHAT IS NETWORK SECURITY? • NETWORK SECURITY is the process of taking preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction or improper disclosure. Implementing these measures allows computers, users and programs to perform their permitted critical functions within a secure environment. Securing a network requires a complex combination of hardware devices, such as routers, firewalls and anti-malware software applications. Government agencies and businesses employ highly skilled information security analysts to implement security plans and constantly monitor the efficacy of these plans.
TYPES OF NETWORK SECURITY • ACCESS CONTROL This refers to controlling which users have access to the network or especially sensitive sections of the network. Using security policies, you can restrict network access to only recognized users and devices or grant limited access to noncompliant devices or guest users. • ANTIVIRUS AND ANTI-MALWARE SOFTWARE Malware, or “malicious software,” is a common form of cyberattack that comes in many different shapes and sizes. Some variations work quickly to delete files or corrupt data, while others can lie dormant for long periods of time and quietly allow hackers a back door into your systems.
TYPES OF NETWORK SECURITY • APPLICATION SECURITY Each device and software product used within your networking environment offers a potential way in for hackers. For this reason, it is important that all programs be kept up-to-date and patched to prevent cyberattacks from exploiting vulnerabilities to access sensitive data. Application security refers to the combination of hardware, software, and best practices you use to monitor issues and close gaps in your security coverage. • BEHAVIORAL ANALYTICS In order to identify abnormal behavior, security support personnel need to establish a baseline of what constitutes normal behavior for a given customer’s users, applications, and network.
TYPES OF NETWORK SECURITY • DATA LOSS PREVENTION Data Loss Prevention (DLP) technologies are those that prevent an organization’s employees from sharing valuable company information or sensitive data—whether unwillingly or with ill intent—outside the network. DLP technologies can prevent actions that could potentially expose data to bad actors outside the networking environment, such as uploading and downloading files, forwarding messages, or printing. • DISTRIBUTED DENIAL OF SERVICE PREVENTION Distributed denial of service (DDoS) attacks are becoming increasingly common. They function by overloading a network with one-sided connection requests that eventually cause the network to crash.
TYPES OF NETWORK SECURITY • EMAIL SECURITY Email is an especially important factor to consider when implementing networking security tools. Numerous threat vectors, like scams, phishing, malware, and suspicious links, can be attached to or incorporated into emails. • FIREWALLS Firewalls are another common element of a network security model. They essentially function as a gatekeeper between a network and the wider internet. Firewalls filter incoming and, in some cases, outgoing traffic by comparing data packets against predefined rules and policies, thereby preventing threats from accessing the network.
TYPES OF NETWORK SECURITY • MOBILE DEVICE SECURITY The vast majority of us have mobile devices that carry some form of personal or sensitive data we would like to keep protected. This is a fact that hackers are aware of and can easily take advantage of. Implementing mobile device security measures can limit device access to a network, which is a necessary step to ensuring network traffic stays private and doesn’t leak out through vulnerable mobile connections. • NETWORK SEGMENTATION Dividing and sorting network traffic based on certain classifications streamlines the job for security support personnel when it comes to applying policies. Segmented networks also make it easier to assign or deny authorization credentials for employees, ensuring no one is accessing information they should not be.
TYPES OF NETWORK SECURITY • SECURITY INFORMATION AND EVENT MANAGEMENT These security systems (called SIEMs) combine host-based and network-based intrusion detection systems that combine real- time network traffic monitoring with historical data log file scanning to provide administrators with a comprehensive picture of all activity across the network. • WEB SECURITY Web security software serves a few purposes. First, it limits internet access for employees, with the intention of preventing them from accessing sites that could contain malware. It also blocks other web- based threats and works to protect a customer’s web gateway.
WHAT IS OPERATING SYSTEM SECURITY? • OPERATING SYSTEM SECURITY (OS SECURITY) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised.
OS SECURITY MAY BE APPROACHED IN MANY WAYS, INCLUDING ADHERENCE TO THE FOLLOWING: Performing regular OS patch updates Installing updated antivirus engines and software Examine all incoming and outgoing network traffic through a firewall Creating secure accounts with required privileges only (i.e., user management)
WHAT IS APPLICATION SECURITY? • APPLICATION SECURITY describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked. It encompasses the security considerations that happen during application development and design, but it also involves systems and approaches to protect apps after they get deployed. Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer’s IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited.
TYPES OF APPLICATION SECURITY AUTHENTICATION: When software developers build procedures into an application to ensure that only authorized users gain access to it. Authentication procedures ensure that a user is who they say they are. This can be accomplished by requiring the user to provide a user name and password when logging in to an application. AUTHORIZATION After a user has been authenticated, the user may be authorized to access and use the application. The system can validate that a user has permission to access the application by comparing the user’s identity with a list of authorized users. Authentication must happen before authorization so that the application matches only validated user credentials to the authorized user list.
AUTHENTICATION VS AUTHORIZATION
TYPES OF APPLICATION SECURITY ENCRYPTION After a user has been authenticated and is using the application, other security measures can protect sensitive data from being seen or even used by a cybercriminal. In cloud-based applications, where traffic containing sensitive data travels between the end user and the cloud, that traffic can be encrypted to keep the data safe. LOGGING If there is a security breach in an application, logging can help identify who got access to the data and how. Application log files provide a time-stamped record of which aspects of the application were accessed and by whom. APPLICATION SECURITY TESTING A necessary process to ensure that all of these security controls work properly.
APPLICATION SECURITY IN THE CLOUD APPLICATION SECURITY IN THE CLOUD poses some extra challenges. Because cloud environments provide shared resources, special care must be taken to ensure that users only have access to the data they are authorized to view in their cloud-based applications. Sensitive data is also more vulnerable in cloud-based applications because that data is transmitted across the Internet from the user to the application and back.
MOBILE APPLICATION SECURITY Mobile devices also transmit and receive information across the Internet, as opposed to a private network, making them vulnerable to attack. Enterprises can use virtual private networks (VPNs) to add a layer of mobile application security for employees who log in to applications remotely. IT departments may also decide to vet mobile apps and make sure they conform to company security policies before allowing employees to use them on mobile devices that connect to the corporate network.
WEB APPLICATION SECURITY WEB APPLICATION SECURITY applies to web applications—apps or services that users access through a browser interface over the Internet. Because web applications live on remote servers, not locally on user machines, information must be transmitted to and from the user over the Internet. Web application security is of special concern to businesses that host web applications or provide web services. These businesses often choose to protect their network from intrusion with a web application firewall. A web application firewall works by inspecting and, if necessary, blocking data packets that are considered harmful.

Recommended

Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computingPriyadharshiniVS
 
Network security
Network securityNetwork security
Network securityPooja Dewangan
 
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfHOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfasiyahanif9977
 
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfHOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfasiyahanif9977
 
Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 

Recommended

Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computingPriyadharshiniVS
 
Network security
Network securityNetwork security
Network securityPooja Dewangan
 
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfHOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfasiyahanif9977
 
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfHOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdf
HOW TO SECURE WEB AND APP DEVELOPMENT USER DATA SECURITY.pdfasiyahanif9977
 
Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | SecloreSeclore
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...cyberprosocial
 
cloud security.pptx
cloud security.pptxcloud security.pptx
cloud security.pptxNickjohn33
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxSameerShaik43
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingMervat Bamiah
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudcloudresearcher
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...cyberprosocial
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxkkhhusshi
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaChris Bailey
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information securityAhmed Banafa
 
The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!Caroline Johnson
 
Introduction to Virtualization .ppt
Introduction to Virtualization .pptIntroduction to Virtualization .ppt
Introduction to Virtualization .pptKENNEDYDONATO1
 
System Development Life Cycle Overview.ppt
System Development Life Cycle Overview.pptSystem Development Life Cycle Overview.ppt
System Development Life Cycle Overview.pptKENNEDYDONATO1
 

More Related Content

Similar to Computer Security.pptx

network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | SecloreSeclore
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...cyberprosocial
 
cloud security.pptx
cloud security.pptxcloud security.pptx
cloud security.pptxNickjohn33
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxSameerShaik43
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingMervat Bamiah
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudcloudresearcher
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...cyberprosocial
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxkkhhusshi
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaChris Bailey
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information securityAhmed Banafa
 
The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!Caroline Johnson
 

Similar to Computer Security.pptx (20)

network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | Seclore
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
Fortifying the Digital Sky: Exploring the Application of Cybersecurity for Cl...
 
cloud security.pptx
cloud security.pptxcloud security.pptx
cloud security.pptx
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud Computing
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloud
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
Fortifying the Digital Sky Exploring the Application of Cybersecurity for Clo...
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptx
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for Java
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!
 

More from KENNEDYDONATO1

Introduction to Virtualization .ppt
Introduction to Virtualization .pptIntroduction to Virtualization .ppt
Introduction to Virtualization .pptKENNEDYDONATO1
 
System Development Life Cycle Overview.ppt
System Development Life Cycle Overview.pptSystem Development Life Cycle Overview.ppt
System Development Life Cycle Overview.pptKENNEDYDONATO1
 
What-is-a-cloud-layer and their classification
What-is-a-cloud-layer and their classificationWhat-is-a-cloud-layer and their classification
What-is-a-cloud-layer and their classificationKENNEDYDONATO1
 
2.-IT-266_APDET-Module-2-of-3.pptx
2.-IT-266_APDET-Module-2-of-3.pptx2.-IT-266_APDET-Module-2-of-3.pptx
2.-IT-266_APDET-Module-2-of-3.pptxKENNEDYDONATO1
 
Application Development and Emerging Technologies.pptx
Application Development and Emerging Technologies.pptxApplication Development and Emerging Technologies.pptx
Application Development and Emerging Technologies.pptxKENNEDYDONATO1
 

More from KENNEDYDONATO1 (8)

Introduction to Virtualization .ppt
Introduction to Virtualization .pptIntroduction to Virtualization .ppt
Introduction to Virtualization .ppt
 
System Development Life Cycle Overview.ppt
System Development Life Cycle Overview.pptSystem Development Life Cycle Overview.ppt
System Development Life Cycle Overview.ppt
 
What-is-a-cloud-layer and their classification
What-is-a-cloud-layer and their classificationWhat-is-a-cloud-layer and their classification
What-is-a-cloud-layer and their classification
 
report_2A.pptx
report_2A.pptxreport_2A.pptx
report_2A.pptx
 
REPORT_2B.pptx
REPORT_2B.pptxREPORT_2B.pptx
REPORT_2B.pptx
 
1 – 8 APT quiz.pptx
1 – 8 APT quiz.pptx1 – 8 APT quiz.pptx
1 – 8 APT quiz.pptx
 
2.-IT-266_APDET-Module-2-of-3.pptx
2.-IT-266_APDET-Module-2-of-3.pptx2.-IT-266_APDET-Module-2-of-3.pptx
2.-IT-266_APDET-Module-2-of-3.pptx
 
Application Development and Emerging Technologies.pptx
Application Development and Emerging Technologies.pptxApplication Development and Emerging Technologies.pptx
Application Development and Emerging Technologies.pptx
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

Computer Security.pptx

  • 1. COMPUTER SECURITY (NETWORK, OPERATING SYSTEM, APPLICATION) INFORMATION ASSURANCE AND SECURITY II
  • 2. Computer security breaches are common place, and several occur around the world every day. Some are considered minor, with little loss of data or monetary resources, but many of them are considered major, or even catastrophic.
  • 3. WHAT IS NETWORK SECURITY? • NETWORK SECURITY is the process of taking preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction or improper disclosure. Implementing these measures allows computers, users and programs to perform their permitted critical functions within a secure environment. Securing a network requires a complex combination of hardware devices, such as routers, firewalls and anti-malware software applications. Government agencies and businesses employ highly skilled information security analysts to implement security plans and constantly monitor the efficacy of these plans.
  • 4. TYPES OF NETWORK SECURITY • ACCESS CONTROL This refers to controlling which users have access to the network or especially sensitive sections of the network. Using security policies, you can restrict network access to only recognized users and devices or grant limited access to noncompliant devices or guest users. • ANTIVIRUS AND ANTI-MALWARE SOFTWARE Malware, or “malicious software,” is a common form of cyberattack that comes in many different shapes and sizes. Some variations work quickly to delete files or corrupt data, while others can lie dormant for long periods of time and quietly allow hackers a back door into your systems.
  • 5. TYPES OF NETWORK SECURITY • APPLICATION SECURITY Each device and software product used within your networking environment offers a potential way in for hackers. For this reason, it is important that all programs be kept up-to-date and patched to prevent cyberattacks from exploiting vulnerabilities to access sensitive data. Application security refers to the combination of hardware, software, and best practices you use to monitor issues and close gaps in your security coverage. • BEHAVIORAL ANALYTICS In order to identify abnormal behavior, security support personnel need to establish a baseline of what constitutes normal behavior for a given customer’s users, applications, and network.
  • 6. TYPES OF NETWORK SECURITY • DATA LOSS PREVENTION Data Loss Prevention (DLP) technologies are those that prevent an organization’s employees from sharing valuable company information or sensitive data—whether unwillingly or with ill intent—outside the network. DLP technologies can prevent actions that could potentially expose data to bad actors outside the networking environment, such as uploading and downloading files, forwarding messages, or printing. • DISTRIBUTED DENIAL OF SERVICE PREVENTION Distributed denial of service (DDoS) attacks are becoming increasingly common. They function by overloading a network with one-sided connection requests that eventually cause the network to crash.
  • 7. TYPES OF NETWORK SECURITY • EMAIL SECURITY Email is an especially important factor to consider when implementing networking security tools. Numerous threat vectors, like scams, phishing, malware, and suspicious links, can be attached to or incorporated into emails. • FIREWALLS Firewalls are another common element of a network security model. They essentially function as a gatekeeper between a network and the wider internet. Firewalls filter incoming and, in some cases, outgoing traffic by comparing data packets against predefined rules and policies, thereby preventing threats from accessing the network.
  • 8. TYPES OF NETWORK SECURITY • MOBILE DEVICE SECURITY The vast majority of us have mobile devices that carry some form of personal or sensitive data we would like to keep protected. This is a fact that hackers are aware of and can easily take advantage of. Implementing mobile device security measures can limit device access to a network, which is a necessary step to ensuring network traffic stays private and doesn’t leak out through vulnerable mobile connections. • NETWORK SEGMENTATION Dividing and sorting network traffic based on certain classifications streamlines the job for security support personnel when it comes to applying policies. Segmented networks also make it easier to assign or deny authorization credentials for employees, ensuring no one is accessing information they should not be.
  • 9. TYPES OF NETWORK SECURITY • SECURITY INFORMATION AND EVENT MANAGEMENT These security systems (called SIEMs) combine host-based and network-based intrusion detection systems that combine real- time network traffic monitoring with historical data log file scanning to provide administrators with a comprehensive picture of all activity across the network. • WEB SECURITY Web security software serves a few purposes. First, it limits internet access for employees, with the intention of preventing them from accessing sites that could contain malware. It also blocks other web- based threats and works to protect a customer’s web gateway.
  • 10. WHAT IS OPERATING SYSTEM SECURITY? • OPERATING SYSTEM SECURITY (OS SECURITY) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised.
  • 11. OS SECURITY MAY BE APPROACHED IN MANY WAYS, INCLUDING ADHERENCE TO THE FOLLOWING: Performing regular OS patch updates Installing updated antivirus engines and software Examine all incoming and outgoing network traffic through a firewall Creating secure accounts with required privileges only (i.e., user management)
  • 12. WHAT IS APPLICATION SECURITY? • APPLICATION SECURITY describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked. It encompasses the security considerations that happen during application development and design, but it also involves systems and approaches to protect apps after they get deployed. Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer’s IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited.
  • 13. TYPES OF APPLICATION SECURITY AUTHENTICATION: When software developers build procedures into an application to ensure that only authorized users gain access to it. Authentication procedures ensure that a user is who they say they are. This can be accomplished by requiring the user to provide a user name and password when logging in to an application. AUTHORIZATION After a user has been authenticated, the user may be authorized to access and use the application. The system can validate that a user has permission to access the application by comparing the user’s identity with a list of authorized users. Authentication must happen before authorization so that the application matches only validated user credentials to the authorized user list.
  • 15. TYPES OF APPLICATION SECURITY ENCRYPTION After a user has been authenticated and is using the application, other security measures can protect sensitive data from being seen or even used by a cybercriminal. In cloud-based applications, where traffic containing sensitive data travels between the end user and the cloud, that traffic can be encrypted to keep the data safe. LOGGING If there is a security breach in an application, logging can help identify who got access to the data and how. Application log files provide a time-stamped record of which aspects of the application were accessed and by whom. APPLICATION SECURITY TESTING A necessary process to ensure that all of these security controls work properly.
  • 16. APPLICATION SECURITY IN THE CLOUD APPLICATION SECURITY IN THE CLOUD poses some extra challenges. Because cloud environments provide shared resources, special care must be taken to ensure that users only have access to the data they are authorized to view in their cloud-based applications. Sensitive data is also more vulnerable in cloud-based applications because that data is transmitted across the Internet from the user to the application and back.
  • 17. MOBILE APPLICATION SECURITY Mobile devices also transmit and receive information across the Internet, as opposed to a private network, making them vulnerable to attack. Enterprises can use virtual private networks (VPNs) to add a layer of mobile application security for employees who log in to applications remotely. IT departments may also decide to vet mobile apps and make sure they conform to company security policies before allowing employees to use them on mobile devices that connect to the corporate network.
  • 18. WEB APPLICATION SECURITY WEB APPLICATION SECURITY applies to web applications—apps or services that users access through a browser interface over the Internet. Because web applications live on remote servers, not locally on user machines, information must be transmitted to and from the user over the Internet. Web application security is of special concern to businesses that host web applications or provide web services. These businesses often choose to protect their network from intrusion with a web application firewall. A web application firewall works by inspecting and, if necessary, blocking data packets that are considered harmful.