SlideShare a Scribd company logo

20190708223246easttom_ppt_01_final.ppt

Download as PPT, PDF
M
mohammedSALEH189

information security

Science
1 of 24
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 2 Chapter 1 Objectives  Identify top threats to a computer network  Assess the likelihood of an attack  Define key terms like cracker, sneaker, firewall, and authentication  Compare and contrast perimeter and layered approaches to network security  Use online resources
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 3 Introduction  Computer systems and networks are all around us.  Online banking  Automated supermarket checkouts  Online classes  Online shopping  Online travel resources
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 4 Introduction (cont.)  How is personal information safeguarded?  What are the vulnerabilities?  What secures these systems?
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 5 How Seriously Should You Take Threats to Network Security?  Which group do you belong to?  “No one is coming after my computer.”  “The sky is falling!”  Middle ground.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 6 Identifying Types of Threats  Malware: MALicious softWARE  Security Breaches  DoS: Denial of Service attacks  Web Attacks  Session Hijacking  DNS Poisoning  Insider Threats
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 7 Malware  Software with a malicious purpose  Virus  Trojan horse  Spyware  Logic Bomb
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 8 Malware (cont.) Virus  One of the two most common types  Usually spreads through e-mail  Uses system resources, causing slowdown or stoppage
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 9 Malware (cont.) Trojan Horse  The other most common kind of malware  Named after the wooden horse of ancient history
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 10 Malware (cont.) Spyware  The most rapidly growing types of malware  Cookies  Key logger
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 11 Malware (cont.) Logic Bomb  Lays dormant until some logical condition is met, often a specific date.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 12 Compromising System Security Intrusions  Attacks that break through system resources  Hackers  Crackers  Social engineering  War-driving
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 13 Denial of Service Attacks  The attacker does not intrude into the system but just blocks access by authorized users.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 14 Web Attacks  The attacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 15 Session Hijacking  This is a complex attack that involves actually taking over an authenticated session.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 16 DNS Poisoning  This involves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 17 Assessing the Likelihood of an Attack on Your Network  Viruses  Catch up on new and refurbished viruses  Unauthorized use of systems  DoS attacks  Intrusions  Employee misuse
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 18 Basic Security Terminology People:  Hackers  White hats  Black hats  Gray hats  Script kiddies  Sneakers  Ethical hackers
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 19 Basic Security Terminology (cont.) Devices  Firewall  Filters network traffic  Proxy server  Disguises IP address of internal host  Intrusion Detection System  Monitors traffic, looking for attempted attacks
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 20 Basic Security Terminology (cont.) Activities  Authentication  Auditing
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 21 Network Security Paradigms  How will youprotect your network?  CIA Triangle  Least Privileges  Perimeter security approach  Layered security approach  Proactive versus reactive  Hybrid security method
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 22 How Do Legal Issues Impact Network Security?  The Computer Security Act of 1987  OMB Circular A-130  See www.alw.nih.gov/Security/FIRST/papers/ legal/statelaw.txt for state computer laws  Health Insurance Portability and Accountability Act of 1996, HIPAA
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 23 Online Security Resources  CERT  www.cert.org  Microsoft Security Advisor  www.microsoft.com/security/default.mspx  F-Secure  www.f-secure.com  SANS  www.sans.org
© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 24 Summary  Network security is a constantly changing field.  You need three levels of knowledge.  Take the courses necessary to learn the basic techniques.  Learn your enterprise system intimately, with all its strengths and vulnerabilities.  Keep current in the ever-changing world of threats and exploits.

Recommended

Computer Security FundamentalsChuck EasttomChapte.docx
Computer Security FundamentalsChuck EasttomChapte.docxComputer Security FundamentalsChuck EasttomChapte.docx
Computer Security FundamentalsChuck EasttomChapte.docx
mccormicknadine86
 
Computer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docxComputer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docx
mccormicknadine86
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Proofpoint
 
Computer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docxComputer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docx
patricke8
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
xsy
 
Principles of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docxPrinciples of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docx
harrisonhoward80223
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
Jennifer Letterman
 

Recommended

Computer Security FundamentalsChuck EasttomChapte.docx
Computer Security FundamentalsChuck EasttomChapte.docxComputer Security FundamentalsChuck EasttomChapte.docx
Computer Security FundamentalsChuck EasttomChapte.docx
mccormicknadine86
 
Computer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docxComputer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docx
mccormicknadine86
 
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Adapted from an ESG report - Seeing Is Securing - Protecting Against Advanced...
Proofpoint
 
Computer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docxComputer Security Fundamentalsby Chuck EasttomC.docx
Computer Security Fundamentalsby Chuck EasttomC.docx
patricke8
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
xsy
 
Principles of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docxPrinciples of Computer Security, Fourth Edition Copyright .docx
Principles of Computer Security, Fourth Edition Copyright .docx
harrisonhoward80223
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
Jennifer Letterman
 
The battle for safety
The battle for safetyThe battle for safety
The battle for safety
Joel May
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
MahalakshmiShetty3
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Mohammad Shakirul islam
 
The battle for safety
The battle for safetyThe battle for safety
The battle for safety
schroedinger
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
SsendiSamuel
 
Chapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docxChapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docx
mccormicknadine86
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
anbersattar
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
alinainglis
 
Ch01 Introduction to Security
Ch01 Introduction to SecurityCh01 Introduction to Security
Ch01 Introduction to Security
Information Technology
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
CSNP
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 
R20BM564.pptx
R20BM564.pptxR20BM564.pptx
R20BM564.pptx
MADARAUCHIHA278827
 
R20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptxR20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptx
MADARAUCHIHA278827
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
Jorge Orchilles
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
BWUBTS19022
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
Boris Loukanov
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
20ArnavKumar8F
 
ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 
ONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for vote
RaunakRastogi4
 
Understanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution MethodsUnderstanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution Methods
imroshankoirala
 

More Related Content

Similar to 20190708223246easttom_ppt_01_final.ppt

The battle for safety
The battle for safetyThe battle for safety
The battle for safety
Joel May
 
The battle for safety
The battle for safetyThe battle for safety
The battle for safety
schroedinger
 
Chapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docxChapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docx
mccormicknadine86
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
anbersattar
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
alinainglis
 
Ch01 Introduction to Security
Ch01 Introduction to SecurityCh01 Introduction to Security
Ch01 Introduction to Security
Information Technology
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 
ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 

Similar to 20190708223246easttom_ppt_01_final.ppt (20)

The battle for safety
The battle for safetyThe battle for safety
The battle for safety
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
The battle for safety
The battle for safetyThe battle for safety
The battle for safety
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
 
Chapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docxChapter TwelveNetwork SecurityData Communications an.docx
Chapter TwelveNetwork SecurityData Communications an.docx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
 
Ch01 Introduction to Security
Ch01 Introduction to SecurityCh01 Introduction to Security
Ch01 Introduction to Security
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
R20BM564.pptx
R20BM564.pptxR20BM564.pptx
R20BM564.pptx
 
R20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptxR20BM564_NAWARAJSUNARPPT.pptx
R20BM564_NAWARAJSUNARPPT.pptx
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
 
ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
 

Recently uploaded

ONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for vote
RaunakRastogi4
 
Understanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution MethodsUnderstanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution Methods
imroshankoirala
 
Human genetics..........................pptx
Human genetics..........................pptxHuman genetics..........................pptx
Human genetics..........................pptx
Cherry
 
Pteris : features, anatomy, morphology and lifecycle
Pteris : features, anatomy, morphology and lifecyclePteris : features, anatomy, morphology and lifecycle
Pteris : features, anatomy, morphology and lifecycle
Cherry
 
POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.
Cherry
 
development of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virusdevelopment of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virus
NazaninKarimi6
 
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRingsTransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
Sérgio Sacani
 
Digital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptxDigital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptx
MohamedFarag457087
 

Recently uploaded (20)

ONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for vote
 
Understanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution MethodsUnderstanding Partial Differential Equations: Types and Solution Methods
Understanding Partial Differential Equations: Types and Solution Methods
 
Role of AI in seed science Predictive modelling and Beyond.pptx
Role of AI in seed science Predictive modelling and Beyond.pptxRole of AI in seed science Predictive modelling and Beyond.pptx
Role of AI in seed science Predictive modelling and Beyond.pptx
 
Human genetics..........................pptx
Human genetics..........................pptxHuman genetics..........................pptx
Human genetics..........................pptx
 
Plasmid: types, structure and functions.
Plasmid: types, structure and functions.Plasmid: types, structure and functions.
Plasmid: types, structure and functions.
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
 
Site specific recombination and transposition.........pdf
Site specific recombination and transposition.........pdfSite specific recombination and transposition.........pdf
Site specific recombination and transposition.........pdf
 
Pteris : features, anatomy, morphology and lifecycle
Pteris : features, anatomy, morphology and lifecyclePteris : features, anatomy, morphology and lifecycle
Pteris : features, anatomy, morphology and lifecycle
 
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
 
Cot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNACot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNA
 
FS P2 COMBO MSTA LAST PUSH past exam papers.
FS P2 COMBO MSTA LAST PUSH past exam papers.FS P2 COMBO MSTA LAST PUSH past exam papers.
FS P2 COMBO MSTA LAST PUSH past exam papers.
 
POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.
 
development of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virusdevelopment of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virus
 
Terpineol and it's characterization pptx
Terpineol and it's characterization pptxTerpineol and it's characterization pptx
Terpineol and it's characterization pptx
 
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRingsTransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
 
FAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceFAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical Science
 
Digital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptxDigital Dentistry.Digital Dentistryvv.pptx
Digital Dentistry.Digital Dentistryvv.pptx
 
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
Human & Veterinary Respiratory Physilogy_DR.E.Muralinath_Associate Professor....
 
Genome sequencing,shotgun sequencing.pptx
Genome sequencing,shotgun sequencing.pptxGenome sequencing,shotgun sequencing.pptx
Genome sequencing,shotgun sequencing.pptx
 
GBSN - Microbiology (Unit 4) Concept of Asepsis
GBSN - Microbiology (Unit 4) Concept of AsepsisGBSN - Microbiology (Unit 4) Concept of Asepsis
GBSN - Microbiology (Unit 4) Concept of Asepsis
 

20190708223246easttom_ppt_01_final.ppt

  • 1. Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security
  • 2. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 2 Chapter 1 Objectives  Identify top threats to a computer network  Assess the likelihood of an attack  Define key terms like cracker, sneaker, firewall, and authentication  Compare and contrast perimeter and layered approaches to network security  Use online resources
  • 3. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 3 Introduction  Computer systems and networks are all around us.  Online banking  Automated supermarket checkouts  Online classes  Online shopping  Online travel resources
  • 4. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 4 Introduction (cont.)  How is personal information safeguarded?  What are the vulnerabilities?  What secures these systems?
  • 5. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 5 How Seriously Should You Take Threats to Network Security?  Which group do you belong to?  “No one is coming after my computer.”  “The sky is falling!”  Middle ground.
  • 6. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 6 Identifying Types of Threats  Malware: MALicious softWARE  Security Breaches  DoS: Denial of Service attacks  Web Attacks  Session Hijacking  DNS Poisoning  Insider Threats
  • 7. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 7 Malware  Software with a malicious purpose  Virus  Trojan horse  Spyware  Logic Bomb
  • 8. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 8 Malware (cont.) Virus  One of the two most common types  Usually spreads through e-mail  Uses system resources, causing slowdown or stoppage
  • 9. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 9 Malware (cont.) Trojan Horse  The other most common kind of malware  Named after the wooden horse of ancient history
  • 10. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 10 Malware (cont.) Spyware  The most rapidly growing types of malware  Cookies  Key logger
  • 11. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 11 Malware (cont.) Logic Bomb  Lays dormant until some logical condition is met, often a specific date.
  • 12. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 12 Compromising System Security Intrusions  Attacks that break through system resources  Hackers  Crackers  Social engineering  War-driving
  • 13. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 13 Denial of Service Attacks  The attacker does not intrude into the system but just blocks access by authorized users.
  • 14. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 14 Web Attacks  The attacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.
  • 15. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 15 Session Hijacking  This is a complex attack that involves actually taking over an authenticated session.
  • 16. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 16 DNS Poisoning  This involves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.
  • 17. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 17 Assessing the Likelihood of an Attack on Your Network  Viruses  Catch up on new and refurbished viruses  Unauthorized use of systems  DoS attacks  Intrusions  Employee misuse
  • 18. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 18 Basic Security Terminology People:  Hackers  White hats  Black hats  Gray hats  Script kiddies  Sneakers  Ethical hackers
  • 19. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 19 Basic Security Terminology (cont.) Devices  Firewall  Filters network traffic  Proxy server  Disguises IP address of internal host  Intrusion Detection System  Monitors traffic, looking for attempted attacks
  • 20. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 20 Basic Security Terminology (cont.) Activities  Authentication  Auditing
  • 21. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 21 Network Security Paradigms  How will youprotect your network?  CIA Triangle  Least Privileges  Perimeter security approach  Layered security approach  Proactive versus reactive  Hybrid security method
  • 22. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 22 How Do Legal Issues Impact Network Security?  The Computer Security Act of 1987  OMB Circular A-130  See www.alw.nih.gov/Security/FIRST/papers/ legal/statelaw.txt for state computer laws  Health Insurance Portability and Accountability Act of 1996, HIPAA
  • 23. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 23 Online Security Resources  CERT  www.cert.org  Microsoft Security Advisor  www.microsoft.com/security/default.mspx  F-Secure  www.f-secure.com  SANS  www.sans.org
  • 24. © 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 24 Summary  Network security is a constantly changing field.  You need three levels of knowledge.  Take the courses necessary to learn the basic techniques.  Learn your enterprise system intimately, with all its strengths and vulnerabilities.  Keep current in the ever-changing world of threats and exploits.