SlideShare a Scribd company logo

Funsec3e ppt ch03

Download as PPTX, PDF
S
Skillspire LLC

cybersecurity

Education
1 of 36
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 3 Malicious Attacks, Threats, and Vulnerabilities
Page 2 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
Page 3 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts Malicious software and countermeasures Common attacks and countermeasures Social engineering and how to reduce risks Threats and types of attacks on wireless networks Threats and types of attacks on web applications
Page 4 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Malicious Activity on the Rise  Examples of the malicious attacks are everywhere  Data breaches occur in both public and private sectors  In 2013, China was top country of origin for cyberattacks, at 41 percent  United States was second at 10 percent
Page 5 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are You Trying to Protect? Customer data IT and network infrastructure Intellectual property Finances and financial data Service availability and productivity Reputation
Page 6 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are You Trying to Protect?
Page 7 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Whom Are You Trying to Catch?
Page 8 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Attack Tools Protocol analyzers (sniffers)  Port scanners  OS fingerprint scanners  Vulnerability scanners  Exploit software  Wardialers  Password crackers  Keystroke loggers
Page 9 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Security Breach? Any event that results in a violation of any of the C-I-A security tenets Some security breaches disrupt system services on purpose Some are accidental and may result from hardware or software failures
Page 10 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Activities that Cause Security Breaches Denial of service (DoS) attacks Distributed denial of service (DDoS) attacks Unacceptable web-browsing behavior Wiretapping Use of a backdoor to access resources Accidental data modifications
Page 11 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Denial of Service Attack  A coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks • Logic attacks • Flooding attacks  Protect using • Intrusion prevention system (IPS) • Intrusion detection system (IDS)  Attacks launched using • SYN flood • Smurfing
Page 12 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Distributed Denial of Service Attack Overloads computers and prevents legitimate users from gaining access More difficult to stop than a DoS attack because DDoS originates from different sources
Page 13 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Unacceptable Web Browsing Define acceptable web browsing in an acceptable use policy (AUP) Unacceptable use can include: • Unauthorized users searching files or storage directories • Users visiting prohibited websites
Page 14 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Wiretapping Active • Between-the-lines wiretapping • Piggyback-entry wiretapping Passive • Also called sniffing
Page 15 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Backdoors Hidden access included by developers Attackers can use them to gain access Data Modifications Data that is: Purposely or accidentally modified Incomplete Truncated
Page 16 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Additional Security Challenges
Page 17 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Risks, Threats, Vulnerabilities •Probability that something bad is going to happen to an asset Risk •Any action that can damage or compromise an asset Threat •An inherent weakness that may enable threats to harm system or networks Vulnerability
Page 18 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Most Common Threats Malicious software Hardware or software failure Internal attacker Equipment theft External attacker Natural disaster Industrial espionage Terrorism
Page 19 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Threat Types • Sabotage • Espionage Disclosure threats • Unauthorized changes Alteration threats • DoS attack Denial or destruction threats
Page 20 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Malicious Attack?
Page 21 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Active Threats Birthday attacks Brute-force password attacks Dictionary password attacks IP address spoofing Hijacking Replay attacks Man-in-the-middle attacks Masquerading Social engineering Phishing Phreaking Pharming
Page 22 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is Malicious Software? Software that: Causes damage Escalates security privileges Divulges private data Modifies or deletes data
Page 23 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Virus  Attaches itself to or copies itself into another program on a computer  Tricks the computer into following instructions not intended by the original program developer  Infects a host program and may cause that host program to replicate itself to other computers  User who runs infected program authenticates the virus
Page 24 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Worm A self-contained program that replicates and sends copies of itself to other computers without user input or action Does not need a host program to infect Is a standalone program
Page 25 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Trojan Horse Malware that masquerades as a useful program Trojans can: • Hide programs that collect sensitive information • Open backdoors into computers • Actively upload and download files
Page 26 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Rootkit Modifies or replaces one or more existing programs to hide traces of attacks Many different types of rootkits Conceals its existence once installed Is difficult to detect and remove
Page 27 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Spyware Type of malware that specifically threatens the confidentiality of information • Monitors keystrokes • Scans files on the hard drive • Snoops other applications • Installs other spyware programs • Reads cookies • Changes default homepage on the web browser
Page 28 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are Common Types of Attacks?
Page 29 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Social Engineering Attacks Authority Dumpster diving Hoax Impersonation Shoulder surfing Vishing Whaling
Page 30 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Wireless Network Attacks Bluejacking Evil twin IV attack Packing sniffing Replay attacks War chalking War driving
Page 31 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Web Application Attacks Buffer overflow Client-side attack Header manipulation Lightweight Directory Access Protocol (LDAP) injection Malicious add-ons SQL injection XML injection
Page 32 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Countermeasure? Countermeasures • Detect vulnerabilities • Prevent attacks • Respond to the effects of successful attacks • Get help from • Law enforcement agencies • Forensic experts • Security consultants • Security incident response teams (SIRTs)
Page 33 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Countering Malware  Create a user education program  Post regular bulletins about malware problems  Never transfer files from an unknown or untrusted source (unless anti-malware is installed)  Test new programs or open suspect files on a quarantine computer  Install anti-malware software, make sure it remains current, and schedule regular malware scans  Use a secure logon and authentication process
Page 34 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Countering Malware (cont.) Stay abreast of developments in malware • National Cyber Security Alliance (NCSA) www.staysafeonline.org • United States Computer Emergency Readiness Team (US-CERT) http://us-cert.gov
Page 35 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Protecting Your System with Firewalls Firewall Program or dedicated hardware device Inspects network traffic passing through it Denies or permits traffic based on a set of rules
Page 36 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 36 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Malicious software and countermeasures  Common attacks and countermeasures  Social engineering and how to reduce risks  Threats and types of attacks on wireless networks  Threats and types of attacks on web applications

Recommended

Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10Skillspire LLC
 
Hacking3e ppt ch13
Hacking3e ppt ch13Hacking3e ppt ch13
Hacking3e ppt ch13Skillspire LLC
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15Skillspire LLC
 
Funsec3e ppt ch05
Funsec3e ppt ch05Funsec3e ppt ch05
Funsec3e ppt ch05Skillspire LLC
 
Hacking3e ppt ch01
Hacking3e ppt ch01Hacking3e ppt ch01
Hacking3e ppt ch01Skillspire LLC
 
Hacking3e ppt ch02
Hacking3e ppt ch02Hacking3e ppt ch02
Hacking3e ppt ch02Skillspire LLC
 
Hacking3e ppt ch04
Hacking3e ppt ch04Hacking3e ppt ch04
Hacking3e ppt ch04Skillspire LLC
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11Skillspire LLC
 

Recommended

Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10Skillspire LLC
 
Hacking3e ppt ch13
Hacking3e ppt ch13Hacking3e ppt ch13
Hacking3e ppt ch13Skillspire LLC
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15Skillspire LLC
 
Funsec3e ppt ch05
Funsec3e ppt ch05Funsec3e ppt ch05
Funsec3e ppt ch05Skillspire LLC
 
Hacking3e ppt ch01
Hacking3e ppt ch01Hacking3e ppt ch01
Hacking3e ppt ch01Skillspire LLC
 
Hacking3e ppt ch02
Hacking3e ppt ch02Hacking3e ppt ch02
Hacking3e ppt ch02Skillspire LLC
 
Hacking3e ppt ch04
Hacking3e ppt ch04Hacking3e ppt ch04
Hacking3e ppt ch04Skillspire LLC
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11Skillspire LLC
 
Hacking3e ppt ch09
Hacking3e ppt ch09Hacking3e ppt ch09
Hacking3e ppt ch09Skillspire LLC
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03Skillspire LLC
 
Hacking3e ppt ch11
Hacking3e ppt ch11Hacking3e ppt ch11
Hacking3e ppt ch11Skillspire LLC
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06Skillspire LLC
 
Funsec3e ppt ch14
Funsec3e ppt ch14Funsec3e ppt ch14
Funsec3e ppt ch14Skillspire LLC
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Forensic3e ppt ch07
Forensic3e ppt ch07Forensic3e ppt ch07
Forensic3e ppt ch07Skillspire LLC
 
Funsec3e ppt ch10
Funsec3e ppt ch10Funsec3e ppt ch10
Funsec3e ppt ch10Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Hacking3e ppt ch06
Hacking3e ppt ch06Hacking3e ppt ch06
Hacking3e ppt ch06Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
Funsec3e ppt ch13
Funsec3e ppt ch13Funsec3e ppt ch13
Funsec3e ppt ch13Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxFundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxshericehewat
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 

More Related Content

What's hot

Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 

What's hot (20)

Hacking3e ppt ch09
Hacking3e ppt ch09Hacking3e ppt ch09
Hacking3e ppt ch09
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03
 
Hacking3e ppt ch11
Hacking3e ppt ch11Hacking3e ppt ch11
Hacking3e ppt ch11
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06
 
Funsec3e ppt ch14
Funsec3e ppt ch14Funsec3e ppt ch14
Funsec3e ppt ch14
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
 
Forensic3e ppt ch07
Forensic3e ppt ch07Forensic3e ppt ch07
Forensic3e ppt ch07
 
Funsec3e ppt ch10
Funsec3e ppt ch10Funsec3e ppt ch10
Funsec3e ppt ch10
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
 
Hacking3e ppt ch06
Hacking3e ppt ch06Hacking3e ppt ch06
Hacking3e ppt ch06
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
 
Funsec3e ppt ch13
Funsec3e ppt ch13Funsec3e ppt ch13
Funsec3e ppt ch13
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
 

Similar to Funsec3e ppt ch03

Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxFundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxshericehewat
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxMhndHTaani
 
info-sys-security3.pptx
info-sys-security3.pptxinfo-sys-security3.pptx
info-sys-security3.pptxMhndHTaani
 
cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptxMhndHTaani
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
info-sys-security.pptx
info-sys-security.pptxinfo-sys-security.pptx
info-sys-security.pptxMhndHTaani
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Dr. Ahmed Al Zaidy
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Aula 01 - Fundamentos da segurança dos sistemas de informações
Aula 01 - Fundamentos da segurança dos sistemas de informaçõesAula 01 - Fundamentos da segurança dos sistemas de informações
Aula 01 - Fundamentos da segurança dos sistemas de informaçõesLeinylson Fontinele
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsIBM Security
 
2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy management2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy managementTrustArc
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
 
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Leinylson Fontinele
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]TrustArc
 

Similar to Funsec3e ppt ch03 (20)

Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxFundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
 
info-sys-security3.pptx
info-sys-security3.pptxinfo-sys-security3.pptx
info-sys-security3.pptx
 
cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptx
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
 
info-sys-security.pptx
info-sys-security.pptxinfo-sys-security.pptx
info-sys-security.pptx
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Aula 01 - Fundamentos da segurança dos sistemas de informações
Aula 01 - Fundamentos da segurança dos sistemas de informaçõesAula 01 - Fundamentos da segurança dos sistemas de informações
Aula 01 - Fundamentos da segurança dos sistemas de informações
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy management2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy management
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital Disruption
 
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
 

More from Skillspire LLC

Introduction to analytics
Introduction to analyticsIntroduction to analytics
Introduction to analyticsSkillspire LLC
 

More from Skillspire LLC (20)

Logistics
LogisticsLogistics
Logistics
 
Introduction to analytics
Introduction to analyticsIntroduction to analytics
Introduction to analytics
 
Lecture 31
Lecture 31Lecture 31
Lecture 31
 
Lecture 30
Lecture 30Lecture 30
Lecture 30
 
Lecture 29
Lecture 29Lecture 29
Lecture 29
 
Review
ReviewReview
Review
 
Review version 4
Review version 4Review version 4
Review version 4
 
Review version 3
Review version 3Review version 3
Review version 3
 
Review version 2
Review version 2Review version 2
Review version 2
 
Lecture 25
Lecture 25Lecture 25
Lecture 25
 
Lecture 24
Lecture 24Lecture 24
Lecture 24
 
Lecture 23 p1
Lecture 23 p1Lecture 23 p1
Lecture 23 p1
 
Lecture 21
Lecture 21Lecture 21
Lecture 21
 
Lecture 17
Lecture 17Lecture 17
Lecture 17
 
Lecture 16
Lecture 16Lecture 16
Lecture 16
 
Lecture 15
Lecture 15Lecture 15
Lecture 15
 
Lecture 14
Lecture 14Lecture 14
Lecture 14
 
Lecture 14
Lecture 14Lecture 14
Lecture 14
 
Lecture 13
Lecture 13Lecture 13
Lecture 13
 
Lecture 12
Lecture 12Lecture 12
Lecture 12
 

Recently uploaded

Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 

Recently uploaded (20)

Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 

Funsec3e ppt ch03

  • 1. © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 3 Malicious Attacks, Threats, and Vulnerabilities
  • 2. Page 2 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
  • 3. Page 3 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts Malicious software and countermeasures Common attacks and countermeasures Social engineering and how to reduce risks Threats and types of attacks on wireless networks Threats and types of attacks on web applications
  • 4. Page 4 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Malicious Activity on the Rise  Examples of the malicious attacks are everywhere  Data breaches occur in both public and private sectors  In 2013, China was top country of origin for cyberattacks, at 41 percent  United States was second at 10 percent
  • 5. Page 5 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are You Trying to Protect? Customer data IT and network infrastructure Intellectual property Finances and financial data Service availability and productivity Reputation
  • 6. Page 6 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are You Trying to Protect?
  • 7. Page 7 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Whom Are You Trying to Catch?
  • 8. Page 8 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Attack Tools Protocol analyzers (sniffers)  Port scanners  OS fingerprint scanners  Vulnerability scanners  Exploit software  Wardialers  Password crackers  Keystroke loggers
  • 9. Page 9 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Security Breach? Any event that results in a violation of any of the C-I-A security tenets Some security breaches disrupt system services on purpose Some are accidental and may result from hardware or software failures
  • 10. Page 10 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Activities that Cause Security Breaches Denial of service (DoS) attacks Distributed denial of service (DDoS) attacks Unacceptable web-browsing behavior Wiretapping Use of a backdoor to access resources Accidental data modifications
  • 11. Page 11 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Denial of Service Attack  A coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks • Logic attacks • Flooding attacks  Protect using • Intrusion prevention system (IPS) • Intrusion detection system (IDS)  Attacks launched using • SYN flood • Smurfing
  • 12. Page 12 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Distributed Denial of Service Attack Overloads computers and prevents legitimate users from gaining access More difficult to stop than a DoS attack because DDoS originates from different sources
  • 13. Page 13 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Unacceptable Web Browsing Define acceptable web browsing in an acceptable use policy (AUP) Unacceptable use can include: • Unauthorized users searching files or storage directories • Users visiting prohibited websites
  • 14. Page 14 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Wiretapping Active • Between-the-lines wiretapping • Piggyback-entry wiretapping Passive • Also called sniffing
  • 15. Page 15 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Backdoors Hidden access included by developers Attackers can use them to gain access Data Modifications Data that is: Purposely or accidentally modified Incomplete Truncated
  • 16. Page 16 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Additional Security Challenges
  • 17. Page 17 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Risks, Threats, Vulnerabilities •Probability that something bad is going to happen to an asset Risk •Any action that can damage or compromise an asset Threat •An inherent weakness that may enable threats to harm system or networks Vulnerability
  • 18. Page 18 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Most Common Threats Malicious software Hardware or software failure Internal attacker Equipment theft External attacker Natural disaster Industrial espionage Terrorism
  • 19. Page 19 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Threat Types • Sabotage • Espionage Disclosure threats • Unauthorized changes Alteration threats • DoS attack Denial or destruction threats
  • 20. Page 20 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Malicious Attack?
  • 21. Page 21 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Active Threats Birthday attacks Brute-force password attacks Dictionary password attacks IP address spoofing Hijacking Replay attacks Man-in-the-middle attacks Masquerading Social engineering Phishing Phreaking Pharming
  • 22. Page 22 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is Malicious Software? Software that: Causes damage Escalates security privileges Divulges private data Modifies or deletes data
  • 23. Page 23 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Virus  Attaches itself to or copies itself into another program on a computer  Tricks the computer into following instructions not intended by the original program developer  Infects a host program and may cause that host program to replicate itself to other computers  User who runs infected program authenticates the virus
  • 24. Page 24 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Worm A self-contained program that replicates and sends copies of itself to other computers without user input or action Does not need a host program to infect Is a standalone program
  • 25. Page 25 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Trojan Horse Malware that masquerades as a useful program Trojans can: • Hide programs that collect sensitive information • Open backdoors into computers • Actively upload and download files
  • 26. Page 26 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Rootkit Modifies or replaces one or more existing programs to hide traces of attacks Many different types of rootkits Conceals its existence once installed Is difficult to detect and remove
  • 27. Page 27 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Spyware Type of malware that specifically threatens the confidentiality of information • Monitors keystrokes • Scans files on the hard drive • Snoops other applications • Installs other spyware programs • Reads cookies • Changes default homepage on the web browser
  • 28. Page 28 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Are Common Types of Attacks?
  • 29. Page 29 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Social Engineering Attacks Authority Dumpster diving Hoax Impersonation Shoulder surfing Vishing Whaling
  • 30. Page 30 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Wireless Network Attacks Bluejacking Evil twin IV attack Packing sniffing Replay attacks War chalking War driving
  • 31. Page 31 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Web Application Attacks Buffer overflow Client-side attack Header manipulation Lightweight Directory Access Protocol (LDAP) injection Malicious add-ons SQL injection XML injection
  • 32. Page 32 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is a Countermeasure? Countermeasures • Detect vulnerabilities • Prevent attacks • Respond to the effects of successful attacks • Get help from • Law enforcement agencies • Forensic experts • Security consultants • Security incident response teams (SIRTs)
  • 33. Page 33 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Countering Malware  Create a user education program  Post regular bulletins about malware problems  Never transfer files from an unknown or untrusted source (unless anti-malware is installed)  Test new programs or open suspect files on a quarantine computer  Install anti-malware software, make sure it remains current, and schedule regular malware scans  Use a secure logon and authentication process
  • 34. Page 34 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Countering Malware (cont.) Stay abreast of developments in malware • National Cyber Security Alliance (NCSA) www.staysafeonline.org • United States Computer Emergency Readiness Team (US-CERT) http://us-cert.gov
  • 35. Page 35 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Protecting Your System with Firewalls Firewall Program or dedicated hardware device Inspects network traffic passing through it Denies or permits traffic based on a set of rules
  • 36. Page 36 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 36 Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Malicious software and countermeasures  Common attacks and countermeasures  Social engineering and how to reduce risks  Threats and types of attacks on wireless networks  Threats and types of attacks on web applications