This document discusses information security as an academic field focused on developing professionals who can analyze organizational risks, plan security strategies, create security policies, and respond to threats to support organizational missions. It notes that those studying this field gain expertise in both security technologies and security management. The document then lists relevant courses and outlines the key components of the security management process: plan, protect, and respond.

1. Information Security
Assistant Professor Pramote Kuacharoen, Ph.D.

2. Network Attacks

3. Information Security Curriculum
• เป็ นสาขาเกี่ยวกับการรักษาความมั่นคงปลอดภัยของ
สารสนเทศขององค์กร ซึ่งมุ่งเน้นพัฒนาบุคลากรที่สามารถ
วิเคราะห์ความเสี่ยงและวางแผนความมั่นคงปลอดภัยของ
องค์กร สร ้างนโยบายความมั่นคงปลอดภัย รักษาความมั่นคง
ปลอดภัย และสามารถตอบสนองต่อภัยคุกคามต่าง ๆ เพื่อ
ส่งเสริมพันธกิจขององค์กร
• ผู้ที่ศึกษาในสาขานี้จะได้ความรู้ความเชี่ยวชาญทั้งทางด้าน
เทคโนโลยีเกี่ยวกับความมั่นคงสารสนเทศและการบริหาร
จัดการความมั่นคงสารสนเทศ

4. • Technology Is Concrete
• Can visualize devices and transmission lines
• Can understand device and software operation
• Management Is Abstract
• Management Is More Important
• Security is a process, not a product (Bruce Schneier)
4
Management is the Hard Part

5. Courses
• Information Security Management
• Computer and Network Security
• Information Security Risk Analysis
• Software Development Security
• Information Security Policy
• Internet Security
• Database Security
• Software Development Security
• Cloud Computing Security
• Penetration Testing and Vulnerability Analysis
• Digital Forensics and Investigations

6. Security Management Process
Plan
ProtectRespond

7. • Identify Current IT Security Gaps
• Identify Driving Forces
• The threat environment
• Compliance laws and regulations
• Corporate structure changes, such as mergers
• Identify Corporate Resources Needing
Protection
• Enumerate all resources
• Rate each by sensitivity
7
Strategic IT Security Planning

8. • Develop Remediation Plans
• Develop a remediation plan for all security gaps
• Develop a remediation plan for every resource unless
it is well protected
• Develop an Investment Portfolio
• You cannot close all gaps immediately
• Choose projects that will provide the largest returns
• Implement these
8
Strategic IT Security Planning

9. In The News
Stealing Money using fake ID
IDENTITY THEFTIDENTITY THEFT
SOCIAL
ENGINEERING
SOCIAL
ENGINEERING
OTPOTP
TWO-FACTOR
AUTHENTICATION
TWO-FACTOR
AUTHENTICATION

10. Campus Area Networks
AAA Server
DHCP Server
ESA/WSA
Web ServerEmail Server
VPN
Hosts
Layer 3 Switches
Layer 2 Switches
IPSFirewall
Internet

11. Small Office and Home Office Networks
Wireless Router
Layer 2 Switch
Internet

12. Wide Area Networks
POP
VPN
Corporate
Branch Site
Regional Site
SOHO Site
Mobile Worker

13. The Evolving Network Border
• Critical MDM functions for BYOD network
– Data encryption
– PIN enforcement
– Data wipe
– Data loss prevention
– Jailbreak/root detection

14. The Hacker & The Evolution of Hackers
Modern hacking titles:
• Script Kiddies
• Vulnerability Brokers
• Hacktivists
• Cyber Criminals
• State-Sponsored Hackers
Traditional Hackers
• Motivated by thrill, validation of skills,
sense of power
• Motivated to increase reputation among
other hackers
• Often do damage as a byproduct
• Often engage in petty crime

15. Script Kiddie

16. Cyber Criminals

17. Hacktivists

18. State-Sponsored Hackers

19. Attack Tools vs. Knowledge

20. Penetration Testing Tools
Password CrackersPassword Crackers
Wireless HackingWireless Hacking
Network Scanning
and Hacking
Network Scanning
and Hacking
Packet CraftingPacket Crafting
Packet SniffersPacket Sniffers
Rootkit DetectorsRootkit Detectors
Fuzzers to Search
Vulnerability
Fuzzers to Search
Vulnerability
ForensicForensic
DebuggersDebuggers
Hacking OSHacking OS
Encryption ToolsEncryption Tools
Vulnerability
Exploitation
Vulnerability
Exploitation
Vulnerability
Scanners
Vulnerability
Scanners

21. Network Hacking Attacks
• Eavesdropping
• Data modification
• IP address spoofing
• Password-based
• Denial-of-service
• Man-in-the-middle
• Compromised-key
• Sniffer
Reconnaissance AttacksReconnaissance Attacks
Access AttacksAccess Attacks
DoS AttacksDoS Attacks

22. Network Security Organizations

23. Domains of Security

24. The Security Artichoke

25. Security
Goals
Confidentiality
IntegrityAvailability

26. Evolution of Network Security Tools
IDS IPS
Software
Firewall
Security
Appliance

27. Next Generation Firewall (NGFW)
• An integrated network platform that combines a
traditional firewall with other network device
filtering functionalities such as an application
firewall using in-line deep packet inspection (DPI),
an intrusion prevention system (IPS)

28. Cloud-Based Protections
www.example.com
Corporate
Network
Cloud Security Service

29. Borderless Network
Any
Device
Any
Location
Any
Resource

30. Protecting Modern Endpoints
Modern
Security
Solutions
AMP
ESA
WSA
NAC

31. Encryption of Local Data
Hardware
Software

32. Switch Attack Categories
Layer 2
Attacks
CAM
Table
VLAN
DHCP
ARP
Address
Spoofing
STP

33. Network Security Professionals

34. Top 10 Highest Paying Jobs in
Information Security
1. Chief Information Security Officer (CISO) $81,000-
$240,000
2. Security Architect $84,000-$160,000
3. Security Director $66,000-$180,000
4. Security Manager $71,433-$143,374
5. Security Engineer $57,000-$128,000
6. Incident Responder $50,000-$150,000
7. Security Consultant $46,000-$147,000
8. Computer Forensics Expert $56,000-$119,000
9. Malware Analyst $48,000-$100,000
10. Security Specialist $43,000-$113,000

35. Cybersecurity Jobs
• One Million Cybersecurity Job Openings In 2016
• Top Cyber Security Salaries In U.S. Metros Hit
$380,000

36. Common Career Path