SlideShare a Scribd company logo

28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippine National Police.pdf

M
marbimon

Fumdamentos de Seguridad informática

Engineering
1 of 17
Download to read offline
www.itms.pnp.gov.ph Fundamentals of Computer Security Prepared by: Computer Security Section, WSCSD ITMS
www.itms.pnp.gov.ph COMPUTER SECURITY ESSENTIAL TERMINOLOGIES THREAT An action or event that has the potential to compromise and/or violate security EXPLOIT A defined way to breach the security of an IT system through vulnerability VULNERABILITY Existence of a weakness, design or implementation error that can lead to an unexpected, undesirable event compromising the security of a system CRACKER, ATTACKER, or INTRUDER An individual who breaks into computer systems in order to steal, change, or destroy information ATTACK Any action derived from intelligent threats to violate the security of the system DATA THEFT Any action of stealing the information from the users’ systems
www.itms.pnp.gov.ph ABOUT COMPUTER SECURITY Security is a state of well- being of information and infrastructure Computer security refers to the protection of computer systems and the information a user stores or processes Users should focus on various security threats and countermeasures in order to protect their information assets
www.itms.pnp.gov.ph Why Computer Security? Computer Security is important for protecting the confidentiality, integrity, and availability of computer systems and their resources. Computer administration and management have become more complex which produces more attack avenues. Evolution of technology has focused on the ease of use while the skill level needed for exploits has decreased. Network environments and network-based applications provide more attack paths.
www.itms.pnp.gov.ph Potential Losses Due to Computer Security Attacks Misuse of computer resources Data loss/theft Loss of trust Financial loss Unavailability of resources Identity theft
www.itms.pnp.gov.ph Confidentiality Authenticity Integrity Availability Non- repudiation Confidentiality is “ensuring that information is accessible only to those authorized to have access” (ISO-17799) Authenticity is “the identification and assurance of the origin of information” Integrity is “ensuring that the information is accurate, complete, reliable, and is in its original form” Availability is “ensuring that the information is accessible to authorized persons when required without delay” Non-repudiation is “ensuring that a party to a contract or a communication cannot deny the authenticity of their signature on a document” ELEMENTS OF SECURITY
www.itms.pnp.gov.ph • Applications/software products by default are preconfigured for ease of use, which makes the user vulnerable to various security flaws • Similarly, increased functionality (features) in an application make it difficult to use in addition to being less secure THE SECURITY, FUNCTIONALITY, AND EASE OF USE TRIANGLE Security (Restrictions) Functionality (Features) Ease of Use Moving the ball toward security means moving away from the functionality and ease of use
www.itms.pnp.gov.ph MAINTENANCE Managing all the changes in the computer applications and keeping them up to date Fundamental Concepts of Computer Security PRECAUTION Adhering to the preventive measures while using computer system and applications REACTION Acting timely when security incidents occur
www.itms.pnp.gov.ph LAYER 4: Application Security Covers the use of software, hardware and procedural methods to protect applications from external threats LAYERS OF COMPUTER SECURITY LAYER 5: User Security Ensures that a valid user is logged in and that the logged-in user is allowed to use an application/program LAYER 3: System Security Protects the system and its information from theft, corruption, unauthorized access, or misuse LAYER 2: Network Security Protects the networks and their services from unauthorized modification, destruction, or disclosure LAYER 1: Physical Security Safeguards the personnel, hardware, programs, networks, and data from physical threats
www.itms.pnp.gov.ph Computer Security Risks to Home Users • Home computers are prone to various cyber attacks as they provide attackers easy targets due to a low level of security awareness • Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems Computer Attacks • Malware attacks • Email attacks • Mobile code (Java/JavaScript/ActiveX) attacks • Denial of service and cross-site scripting attacks • Identity theft and computer frauds • Packet sniffing • Being an intermediary for another attack (zombies) Computer Accidents • Hard disk or other component failures • Power failure and surges • Theft of a computing device
www.itms.pnp.gov.ph WHAT TO SECURE IN RELATION TO COMPUTER SECURITY? HARDWARE Laptops, Desktop PCs, CPU, hard disk, storage devices, cables, etc SOFTWARE Operating system and software applications INFORMATION Personal identification such as Social Security Number (SSN), passwords, credit card numbers, etc COMMUNICATIONS Emails, instant messengers, and browsing activities
www.itms.pnp.gov.ph LOW LEVEL OF SECURITY AWARENESS DEFAULT COMPUTER AND APPLICATION SETTINGS NONE OR VERY LITTLE INVESTMENT IN SECURITY SYSTEMS NOT FOLLOWING ANY STANDARD SECURITY POLICIES OR GUIDELINES INCREASING ONLINE ACTIVITIES WHAT MAKES A HOME COMPUTER VULNERABLE??
www.itms.pnp.gov.ph WHAT MAKES A COMPUTER SYSTEM SECURE? DATA ACCESS CONTROLS • Monitor system activities such as who is accessing the data and for what purpose • Define access rules based on the system security levels SYSTEM ACCESS CONTROLS • Ensure that unauthorized users do not get into the system • Force legal users to be conscious about security SYSTEM AND SECURITY ADMINISTRATION • Perform regular system and security administration tasks such as configuring system settings, implementing security policies, monitoring system state, etc. SYSTEM DESIGN • Deploy various security characteristics in system hardware and software design such as memory segmentation, privilege isolation, etc.
www.itms.pnp.gov.ph BENEFITS OF COMPUTER SECURITY AWARENESS Computer Security Awareness helps minimize the chance of computer attacks. It helps prevent the loss of information stored on the systems It helps users to protect sensitive information and computing resources from unauthorized access It helps users to prevent cybercriminals from using their systems in order to launch attacks on the other computer systems It helps users minimize losses in case of an accident that causes physical damage to computer systems
www.itms.pnp.gov.ph COMPUTER SECURITY THINGS TO REMEMBER • Security is a state of well-being of information and infrastructures • Computer security is the protection of computing systems and the data that they store or access • Confidentiality, integrity, non-repudiation, authenticity, and availability are the elements of security • Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems • Computer security awareness helps minimize the chances of computer attacks and prevent the loss of information stored on the systems
www.itms.pnp.gov.ph BASIC COMPUTER SECURITY CHECKLIST  Use of strong passwords  Use of anti-virus systems  Regular update of operating system and other installed applications  Regular backup of important files  Use of encryption techniques and digital signatures  Use of firewall and intrusion detection systems  Following standard guidelines for internet activities  Physical security of computing infrastructure  Awareness of current security scenario and attack techniques
www.itms.pnp.gov.ph ITMS WSCSD 7230404 loc 4225 wscsditms@pnp.gov.ph

Recommended

Mis presentation by suraj vaidya
Mis presentation by suraj vaidyaMis presentation by suraj vaidya
Mis presentation by suraj vaidyaSuraj Vaidya
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 
Unit v
Unit vUnit v
Unit vbharatnaruka90
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatanceKudzi Chikwatu
 
Cybersecurity.docx
Cybersecurity.docxCybersecurity.docx
Cybersecurity.docxRoshniChauhan24
 
Cybersecurity.docx
Cybersecurity.docxCybersecurity.docx
Cybersecurity.docxRoshniChauhan24
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence SystemJoseph Yosi Margalit
 

Recommended

Mis presentation by suraj vaidya
Mis presentation by suraj vaidyaMis presentation by suraj vaidya
Mis presentation by suraj vaidyaSuraj Vaidya
 
Computer Security
Computer SecurityComputer Security
Computer SecurityAkNirojan
 
Securing information system
Securing information systemSecuring information system
Securing information systemTanjim Rasul
 
Unit v
Unit vUnit v
Unit vbharatnaruka90
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatanceKudzi Chikwatu
 
Cybersecurity.docx
Cybersecurity.docxCybersecurity.docx
Cybersecurity.docxRoshniChauhan24
 
Cybersecurity.docx
Cybersecurity.docxCybersecurity.docx
Cybersecurity.docxRoshniChauhan24
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence SystemJoseph Yosi Margalit
 
Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdfNdheh
 
Security and Control Issues in information Systems
Security and Control Issues in information SystemsSecurity and Control Issues in information Systems
Security and Control Issues in information SystemsDr. Rosemarie Sibbaluca-Guirre
 
It security
It securityIt security
It securityavi2607
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
Security
SecuritySecurity
SecurityDr. Vardhan choubey
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
I0516064
I0516064I0516064
I0516064IOSR Journals
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MISAaDi Malik
 
Seguridad de la información
Seguridad de la información Seguridad de la información
Seguridad de la información Isabeloa Cadena
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
Health information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityHealth information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityDr. Lasantha Ranwala
 
security of information systems
security of information systems security of information systems
security of information systems♥♛❁Sukla♥❀njoyng Breath♥
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
Insecurity vssut
Insecurity vssutInsecurity vssut
Insecurity vssutRAVIKUMAR Digital Signal Processing
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Bis Chapter15
Bis Chapter15Bis Chapter15
Bis Chapter15Chun Hoi Lam
 
CS-1,2.pdf
CS-1,2.pdfCS-1,2.pdf
CS-1,2.pdftechuniverso01
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 

More Related Content

Similar to 28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippine National Police.pdf

Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdfNdheh
 
It security
It securityIt security
It securityavi2607
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MISAaDi Malik
 
Seguridad de la información
Seguridad de la información Seguridad de la información
Seguridad de la información Isabeloa Cadena
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
Health information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityHealth information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityDr. Lasantha Ranwala
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 

Similar to 28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippine National Police.pdf (20)

Unit 1&2.pdf
Unit 1&2.pdfUnit 1&2.pdf
Unit 1&2.pdf
 
Security and Control Issues in information Systems
Security and Control Issues in information SystemsSecurity and Control Issues in information Systems
Security and Control Issues in information Systems
 
It security
It securityIt security
It security
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 
Security
SecuritySecurity
Security
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
I0516064
I0516064I0516064
I0516064
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
 
Seguridad de la información
Seguridad de la información Seguridad de la información
Seguridad de la información
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System)
 
Health information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information securityHealth information secuirty session 5 best practise in information security
Health information secuirty session 5 best practise in information security
 
security of information systems
security of information systems security of information systems
security of information systems
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
Insecurity vssut
Insecurity vssutInsecurity vssut
Insecurity vssut
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
Bis Chapter15
Bis Chapter15Bis Chapter15
Bis Chapter15
 
CS-1,2.pdf
CS-1,2.pdfCS-1,2.pdf
CS-1,2.pdf
 

Recently uploaded

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 

Recently uploaded (20)

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 

28. Fundamentals of Computer Security (Inglés) (Presentación) autor Philippine National Police.pdf

  • 1. www.itms.pnp.gov.ph Fundamentals of Computer Security Prepared by: Computer Security Section, WSCSD ITMS
  • 2. www.itms.pnp.gov.ph COMPUTER SECURITY ESSENTIAL TERMINOLOGIES THREAT An action or event that has the potential to compromise and/or violate security EXPLOIT A defined way to breach the security of an IT system through vulnerability VULNERABILITY Existence of a weakness, design or implementation error that can lead to an unexpected, undesirable event compromising the security of a system CRACKER, ATTACKER, or INTRUDER An individual who breaks into computer systems in order to steal, change, or destroy information ATTACK Any action derived from intelligent threats to violate the security of the system DATA THEFT Any action of stealing the information from the users’ systems
  • 3. www.itms.pnp.gov.ph ABOUT COMPUTER SECURITY Security is a state of well- being of information and infrastructure Computer security refers to the protection of computer systems and the information a user stores or processes Users should focus on various security threats and countermeasures in order to protect their information assets
  • 4. www.itms.pnp.gov.ph Why Computer Security? Computer Security is important for protecting the confidentiality, integrity, and availability of computer systems and their resources. Computer administration and management have become more complex which produces more attack avenues. Evolution of technology has focused on the ease of use while the skill level needed for exploits has decreased. Network environments and network-based applications provide more attack paths.
  • 5. www.itms.pnp.gov.ph Potential Losses Due to Computer Security Attacks Misuse of computer resources Data loss/theft Loss of trust Financial loss Unavailability of resources Identity theft
  • 6. www.itms.pnp.gov.ph Confidentiality Authenticity Integrity Availability Non- repudiation Confidentiality is “ensuring that information is accessible only to those authorized to have access” (ISO-17799) Authenticity is “the identification and assurance of the origin of information” Integrity is “ensuring that the information is accurate, complete, reliable, and is in its original form” Availability is “ensuring that the information is accessible to authorized persons when required without delay” Non-repudiation is “ensuring that a party to a contract or a communication cannot deny the authenticity of their signature on a document” ELEMENTS OF SECURITY
  • 7. www.itms.pnp.gov.ph • Applications/software products by default are preconfigured for ease of use, which makes the user vulnerable to various security flaws • Similarly, increased functionality (features) in an application make it difficult to use in addition to being less secure THE SECURITY, FUNCTIONALITY, AND EASE OF USE TRIANGLE Security (Restrictions) Functionality (Features) Ease of Use Moving the ball toward security means moving away from the functionality and ease of use
  • 8. www.itms.pnp.gov.ph MAINTENANCE Managing all the changes in the computer applications and keeping them up to date Fundamental Concepts of Computer Security PRECAUTION Adhering to the preventive measures while using computer system and applications REACTION Acting timely when security incidents occur
  • 9. www.itms.pnp.gov.ph LAYER 4: Application Security Covers the use of software, hardware and procedural methods to protect applications from external threats LAYERS OF COMPUTER SECURITY LAYER 5: User Security Ensures that a valid user is logged in and that the logged-in user is allowed to use an application/program LAYER 3: System Security Protects the system and its information from theft, corruption, unauthorized access, or misuse LAYER 2: Network Security Protects the networks and their services from unauthorized modification, destruction, or disclosure LAYER 1: Physical Security Safeguards the personnel, hardware, programs, networks, and data from physical threats
  • 10. www.itms.pnp.gov.ph Computer Security Risks to Home Users • Home computers are prone to various cyber attacks as they provide attackers easy targets due to a low level of security awareness • Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems Computer Attacks • Malware attacks • Email attacks • Mobile code (Java/JavaScript/ActiveX) attacks • Denial of service and cross-site scripting attacks • Identity theft and computer frauds • Packet sniffing • Being an intermediary for another attack (zombies) Computer Accidents • Hard disk or other component failures • Power failure and surges • Theft of a computing device
  • 11. www.itms.pnp.gov.ph WHAT TO SECURE IN RELATION TO COMPUTER SECURITY? HARDWARE Laptops, Desktop PCs, CPU, hard disk, storage devices, cables, etc SOFTWARE Operating system and software applications INFORMATION Personal identification such as Social Security Number (SSN), passwords, credit card numbers, etc COMMUNICATIONS Emails, instant messengers, and browsing activities
  • 12. www.itms.pnp.gov.ph LOW LEVEL OF SECURITY AWARENESS DEFAULT COMPUTER AND APPLICATION SETTINGS NONE OR VERY LITTLE INVESTMENT IN SECURITY SYSTEMS NOT FOLLOWING ANY STANDARD SECURITY POLICIES OR GUIDELINES INCREASING ONLINE ACTIVITIES WHAT MAKES A HOME COMPUTER VULNERABLE??
  • 13. www.itms.pnp.gov.ph WHAT MAKES A COMPUTER SYSTEM SECURE? DATA ACCESS CONTROLS • Monitor system activities such as who is accessing the data and for what purpose • Define access rules based on the system security levels SYSTEM ACCESS CONTROLS • Ensure that unauthorized users do not get into the system • Force legal users to be conscious about security SYSTEM AND SECURITY ADMINISTRATION • Perform regular system and security administration tasks such as configuring system settings, implementing security policies, monitoring system state, etc. SYSTEM DESIGN • Deploy various security characteristics in system hardware and software design such as memory segmentation, privilege isolation, etc.
  • 14. www.itms.pnp.gov.ph BENEFITS OF COMPUTER SECURITY AWARENESS Computer Security Awareness helps minimize the chance of computer attacks. It helps prevent the loss of information stored on the systems It helps users to protect sensitive information and computing resources from unauthorized access It helps users to prevent cybercriminals from using their systems in order to launch attacks on the other computer systems It helps users minimize losses in case of an accident that causes physical damage to computer systems
  • 15. www.itms.pnp.gov.ph COMPUTER SECURITY THINGS TO REMEMBER • Security is a state of well-being of information and infrastructures • Computer security is the protection of computing systems and the data that they store or access • Confidentiality, integrity, non-repudiation, authenticity, and availability are the elements of security • Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems • Computer security awareness helps minimize the chances of computer attacks and prevent the loss of information stored on the systems
  • 16. www.itms.pnp.gov.ph BASIC COMPUTER SECURITY CHECKLIST  Use of strong passwords  Use of anti-virus systems  Regular update of operating system and other installed applications  Regular backup of important files  Use of encryption techniques and digital signatures  Use of firewall and intrusion detection systems  Following standard guidelines for internet activities  Physical security of computing infrastructure  Awareness of current security scenario and attack techniques
  • 17. www.itms.pnp.gov.ph ITMS WSCSD 7230404 loc 4225 wscsditms@pnp.gov.ph