Uploaded bydaudevarist18
PPTX, PDF56 views

Information Security introduction and management.pptx

Information Security introduction and management.pptx

Embed presentation

Download to read offline
IT 334: IT SECURITY INTRODUCTION •Definition of security •Characteristics of information •Components of IS •Balancing InfoSec and Access INSTRUCTOR: Kavuta, KD
 To be free from danger  Protection against those who would harm, intentionally or otherwise  Organization should have the following security parts  Physical security – To protect physical items from unauthorized access and misuse  Personal security – To protect individual/group of individuals who are authorized to access the org and its operation  Operation security – To protect the details of particular operation or series of activities  Communication security – To protect communication media, technology and content. What is security?
What is security Cont..  Network security – To protect network components, connection and content.  Information security – To protect information assets Info security Mgt Info security Policy Network security Computer & data security
Characteristics of Information  The value of information comes from the characteristics it possess  The change of info characteristics affects the value of info either +vely or –vely. E.g. timeliness is a critical factor.  The information characteristics comprises  Availability  Accuracy  Authenticity  confidentiality  Integrity  Utility  possession
1. Availability  Enables authorized users – person/computer system to access information without interference or obstruction, and to receive it in a required format (i.e. understandable to the user). 2. Accuracy  Information has accuracy when it is free from mistakes or errors and it has value that the end user expects  If the information has been intentionally or unintentionally modified, it is no longer accurate. 3. Authenticity  Authenticity of info is the state of being genuine or original, rather than a reproduction or fabrication.  It is authentic when it is in the same state in which it was created
3. Authenticity (cont…)  The authenticity can be affected by  Spoofing: – the process of sending message with modified field. The modified field is often the address of the originator. This can fool the recipient into thinking that the message is legitimate traffic.  Phishing: - occurs when an attacker attempts to obtain personal or financial information using fraudulent means most often by posing another individuals or organization. 4. Confidentiality  Information has confidentiality when disclosure or exposure to unauthorized individuals or system is prevented. Only those with the right and privilege can access info.  Measures to protect confidentiality  Info classification  Secure document storage  Application of security policies  Education of information custodian and end user
5. Integrity  Information has integrity when it is whole, complete, and uncorrupted. The integrity is threatened when the info is exposed to corrupt, damage, destruction, or other disruption of its authentic state.  Corruption can occur when data is stored or transmitted. Example, the virus is designed for the purpose of corrupting data. 6. Utility  The utility of information is the quality or state of having value for some purpose or end.  Information has value if it can serve particular purpose. On the other hand, if info is available but not in format meaningful to the end user, it is not useful.
7. Possession  Is the quality or state of ownership or control of some object or item.  A breach of confidentiality always results in a breach of possession, while the breach of possession does not always result in breach of confidentiality. Example, the organization can encrypt their information, therefore if it happen that those info are stolen and given to its competitor, then we can say that there is a breach of possession, however, unless the competitor has the proper decryption algorithm, the data will not be read, hence no breach of confidentiality.
Components of Information Security  Information System (IS) is much more than computer hardware. It is entire set of software, hardware, data, people, procedures, and networks. Each IS component has its own security requirements. 1. Software  The most difficult component to secure  The error exploited during software programming accounts for a substantial portion of attacks on info.
2. Hardware  The physical technology that houses and executes the software, stores, and carries data and provides interface for the entry and removal of information from the system.  Physical security policies deal with hardware as physical assets. Tradition tools such as locks and keys restricts access to and interaction with hardware components 3. Data  DBMS is mostly used to improve the security of data and applications. However, many systems are not made in ways that make use of the DBMS’s security capabilities
4. People  People can be the weakest link in organization’s information security program  “Unless policies, education and training, awareness, and technology are properly employed to prevent people from accidentally or intentionally damaging or losing information, they will remain the weakest links”  Example: Chinese empire, construction of great wall (200BC - 1275) Vs Kublai Khan (bribed the gatekeeper)
4. Procedures  Are written instructions for accomplishing specific task. When an unauthorized user obtains the org’s procedures this poses a threat to the integrity of the information. People should be educated to protect procedures. 5. Network  When information systems are connected to each other to form LAN and or LANs are connected to internet, the new challenge rapidly emerge.  Security for wireline is difficult  Security for mobile even harder.  Level of security depends on worthy of information
Balancing information security and access  Even with the best planning and implementation, it is impossible to obtain perfect information security.  Anderson, J (n.d) state that “information security cannot be absolute, it is a process, not a goal”.  Information security should balance protection and availability. It is possible to make system available to anyone, anywhere, anytime through any means. However, such unrestricted access poses a danger to the integrity of info. On the other hand a completely secure info system would not allow anyone to access
 Therefore, to achieve balance that is to operate an info sys that satisfies the user and security professional – the level of security must allow reasonable access, yet protect against threats
Chapter 1 Objectives  Identify top threats to a computer network  Assess the likelihood of an attack  Define key terms like cracker, sneaker, firewall, and authentication  Compare and contrast perimeter and layered approaches to network security  Use online resources
 Computer systems and networks are all around us.  Online banking  Automated supermarket checkouts  Online classes  Online shopping  Online travel resources Introduction
17 Introduction (cont.)  How is personal information safeguarded?  What are the vulnerabilities?  What secures these systems?
18 How Seriously Should You Take Threats to Network Security?  Which group do you belong to?  “No one is coming after my computer.”  “The sky is falling!”  Middle ground.
19 Identifying Types of Threats  Malware: MALicious softWARE  Security Breaches  DoS: Denial of Service attacks  Web Attacks  Session Hijacking  DNS Poisoning
20 Malware  Software with a malicious purpose Virus Trojan horse Spyware Logic Bomb
21 Malware (cont.) Virus  One of the two most common types  Usually spreads through e-mail  Uses system resources, causing slowdown or stoppage
22 Malware (cont.) Trojan Horse  The other most common kind of malware  Named after the wooden horse of ancient history
23 Malware (cont.) Spyware  The most rapidly growing types of malware  Cookies  Key logger
24 Malware (cont.) Logic Bomb  Lays dormant until some logical condition is met, often a specific date.
25 Compromising System Security Intrusions  Attacks that break through system resources  Hackers  Crackers  Social engineering  War-driving
26 Denial of Service Attacks  The attacker does not intrude into the system but just blocks access by authorized users.
27 Web Attacks  The attacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.
28 Session Hijacking  This is a complex attack that involves actually taking over an authenticated session.
29 DNS Poisoning  This involves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.
30 Assessing the Likelihood of an Attack on Your Network  Viruses  Catch up on new and refurbished viruses  Unauthorized use of systems  DoS attacks  Intrusions  Employee misuse
31 Basic Security Terminology People:  Hackers  White hats  Black hats  Gray hats  Script kiddies  Sneakers  Ethical hackers
32 Basic Security Terminology (cont.) Devices  Firewall  Filters network traffic  Proxy server  Disguises IP address of internal host  Intrusion Detection System  Monitors traffic, looking for attempted attacks
33 Basic Security Terminology (cont.) Activities  Authentication  Auditing
34 Network Security Paradigms  How will you protect your network?  CIA Triangle  Least Privileges  Perimeter security approach  Layered security approach  Proactive versus reactive  Hybrid security method
35 How Do Legal Issues Impact Network Security?  The Computer Security Act of 1987  OMB Circular A-130  See www.alw.nih.gov/Security/FIRST/papers/ legal/stat elaw.txt for state computer laws  Health Insurance Portability and Accountability Act of 1996, HIPAA
36 Online Security Resources  CERT  www.cert.org  Microsoft Security Advisor  www.microsoft.com/security/default.mspx  F-Secure  www.f-secure.com  SANS  www.sans.org
37 Summary  Network security is a constantly changing field.  You need three levels of knowledge.  Take the courses necessary to learn the basic techniques.  Learn your enterprise system intimately, with all its strengths and vulnerabilities.  Keep current in the ever-changing world of threats and exploits.
END QUESTI0NS ???

More Related Content

PPTX
c plus plus ssssssssssssssssssssssssssss
byASKMEDIA
 
PPTX
Chapter 1_Overview hhhhhhhhhhhhhhhhhhhhhhhhhh
byASKMEDIA
 
PPTX
IS Unit II.pptx
byLAVANYAsrietacin
 
PPT
Information security
byrazendar79
 
PPTX
9780840024220 ppt ch01
byKristin Harrison
 
PPT
Lecture 01- What is Information Security.ppt
byshahadd2021
 
PPTX
Introduction to Computer Security
byKamal Acharya
 
PPTX
02 fundamental aspects of security
byGemy Chan
 
c plus plus ssssssssssssssssssssssssssss
byASKMEDIA
 
Chapter 1_Overview hhhhhhhhhhhhhhhhhhhhhhhhhh
byASKMEDIA
 
IS Unit II.pptx
byLAVANYAsrietacin
 
Information security
byrazendar79
 
9780840024220 ppt ch01
byKristin Harrison
 
Lecture 01- What is Information Security.ppt
byshahadd2021
 
Introduction to Computer Security
byKamal Acharya
 
02 fundamental aspects of security
byGemy Chan
 

Similar to Information Security introduction and management.pptx

PPTX
Information Security
byAlok Katiyar
 
PPTX
MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx
bypavanscholar123
 
PDF
Unit 1&2.pdf
byNdheh
 
PPTX
security system by desu star chapter 1.pptx
bydesalewminale
 
PDF
IS-Intro.pdf
bywdwd10
 
PDF
IA 124 Lecture 01 2022 -23-1.pdf hahahah
byflyinimohamed
 
PPTX
Information Security and Privacy-Unit-1.pptx
byNiharikaDubey17
 
PPT
Cyber_Security_With_cripto_need_to_know.ppt
byexobhatiary
 
PPTX
informations_security_presentations.pptx
byFAKHARZAMANPROUD
 
PPTX
MIS 7.pptx
byOmar91305
 
PPT
chapter 1. Introduction to Information Security
byelmuhammadmuhammad
 
PPT
information security management
byGurpreetkaur838
 
PPT
InfoSecConcepts.ppt
byMobileAntitheft
 
PPTX
ISM-CS5750-01.pptx
byRashidSahito1
 
PPT
Introduction Network security
byIGZ Software house
 
PPT
Information System Security(lecture 1)
byAli Habeeb
 
PPT
Iss lecture 1
byAli Habeeb
 
PPT
Information security and other issues
byHaseeb Ahmed Awan
 
PPTX
Management Information Systems ( Security and Control.pptx
byNamugenyiBetty
 
PPT
IT-Security-20210426203847.ppt
byIan Dave Balatbat
 
Information Security
byAlok Katiyar
 
MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx MODULE 1-UNIT_1.pptx
bypavanscholar123
 
Unit 1&2.pdf
byNdheh
 
security system by desu star chapter 1.pptx
bydesalewminale
 
IS-Intro.pdf
bywdwd10
 
IA 124 Lecture 01 2022 -23-1.pdf hahahah
byflyinimohamed
 
Information Security and Privacy-Unit-1.pptx
byNiharikaDubey17
 
Cyber_Security_With_cripto_need_to_know.ppt
byexobhatiary
 
informations_security_presentations.pptx
byFAKHARZAMANPROUD
 
MIS 7.pptx
byOmar91305
 
chapter 1. Introduction to Information Security
byelmuhammadmuhammad
 
information security management
byGurpreetkaur838
 
InfoSecConcepts.ppt
byMobileAntitheft
 
ISM-CS5750-01.pptx
byRashidSahito1
 
Introduction Network security
byIGZ Software house
 
Information System Security(lecture 1)
byAli Habeeb
 
Iss lecture 1
byAli Habeeb
 
Information security and other issues
byHaseeb Ahmed Awan
 
Management Information Systems ( Security and Control.pptx
byNamugenyiBetty
 
IT-Security-20210426203847.ppt
byIan Dave Balatbat
 

Recently uploaded

PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Designing a Blog Using Wordpress
bymarkzubi50
 

Information Security introduction and management.pptx

  • 1.
    IT 334: ITSECURITY INTRODUCTION •Definition of security •Characteristics of information •Components of IS •Balancing InfoSec and Access INSTRUCTOR: Kavuta, KD
  • 2.
     To befree from danger  Protection against those who would harm, intentionally or otherwise  Organization should have the following security parts  Physical security – To protect physical items from unauthorized access and misuse  Personal security – To protect individual/group of individuals who are authorized to access the org and its operation  Operation security – To protect the details of particular operation or series of activities  Communication security – To protect communication media, technology and content. What is security?
  • 3.
    What is securityCont..  Network security – To protect network components, connection and content.  Information security – To protect information assets Info security Mgt Info security Policy Network security Computer & data security
  • 4.
    Characteristics of Information The value of information comes from the characteristics it possess  The change of info characteristics affects the value of info either +vely or –vely. E.g. timeliness is a critical factor.  The information characteristics comprises  Availability  Accuracy  Authenticity  confidentiality  Integrity  Utility  possession
  • 5.
    1. Availability  Enablesauthorized users – person/computer system to access information without interference or obstruction, and to receive it in a required format (i.e. understandable to the user). 2. Accuracy  Information has accuracy when it is free from mistakes or errors and it has value that the end user expects  If the information has been intentionally or unintentionally modified, it is no longer accurate. 3. Authenticity  Authenticity of info is the state of being genuine or original, rather than a reproduction or fabrication.  It is authentic when it is in the same state in which it was created
  • 6.
    3. Authenticity (cont…) The authenticity can be affected by  Spoofing: – the process of sending message with modified field. The modified field is often the address of the originator. This can fool the recipient into thinking that the message is legitimate traffic.  Phishing: - occurs when an attacker attempts to obtain personal or financial information using fraudulent means most often by posing another individuals or organization. 4. Confidentiality  Information has confidentiality when disclosure or exposure to unauthorized individuals or system is prevented. Only those with the right and privilege can access info.  Measures to protect confidentiality  Info classification  Secure document storage  Application of security policies  Education of information custodian and end user
  • 7.
    5. Integrity  Informationhas integrity when it is whole, complete, and uncorrupted. The integrity is threatened when the info is exposed to corrupt, damage, destruction, or other disruption of its authentic state.  Corruption can occur when data is stored or transmitted. Example, the virus is designed for the purpose of corrupting data. 6. Utility  The utility of information is the quality or state of having value for some purpose or end.  Information has value if it can serve particular purpose. On the other hand, if info is available but not in format meaningful to the end user, it is not useful.
  • 8.
    7. Possession  Isthe quality or state of ownership or control of some object or item.  A breach of confidentiality always results in a breach of possession, while the breach of possession does not always result in breach of confidentiality. Example, the organization can encrypt their information, therefore if it happen that those info are stolen and given to its competitor, then we can say that there is a breach of possession, however, unless the competitor has the proper decryption algorithm, the data will not be read, hence no breach of confidentiality.
  • 9.
    Components of InformationSecurity  Information System (IS) is much more than computer hardware. It is entire set of software, hardware, data, people, procedures, and networks. Each IS component has its own security requirements. 1. Software  The most difficult component to secure  The error exploited during software programming accounts for a substantial portion of attacks on info.
  • 10.
    2. Hardware  Thephysical technology that houses and executes the software, stores, and carries data and provides interface for the entry and removal of information from the system.  Physical security policies deal with hardware as physical assets. Tradition tools such as locks and keys restricts access to and interaction with hardware components 3. Data  DBMS is mostly used to improve the security of data and applications. However, many systems are not made in ways that make use of the DBMS’s security capabilities
  • 11.
    4. People  Peoplecan be the weakest link in organization’s information security program  “Unless policies, education and training, awareness, and technology are properly employed to prevent people from accidentally or intentionally damaging or losing information, they will remain the weakest links”  Example: Chinese empire, construction of great wall (200BC - 1275) Vs Kublai Khan (bribed the gatekeeper)
  • 12.
    4. Procedures  Arewritten instructions for accomplishing specific task. When an unauthorized user obtains the org’s procedures this poses a threat to the integrity of the information. People should be educated to protect procedures. 5. Network  When information systems are connected to each other to form LAN and or LANs are connected to internet, the new challenge rapidly emerge.  Security for wireline is difficult  Security for mobile even harder.  Level of security depends on worthy of information
  • 13.
    Balancing information securityand access  Even with the best planning and implementation, it is impossible to obtain perfect information security.  Anderson, J (n.d) state that “information security cannot be absolute, it is a process, not a goal”.  Information security should balance protection and availability. It is possible to make system available to anyone, anywhere, anytime through any means. However, such unrestricted access poses a danger to the integrity of info. On the other hand a completely secure info system would not allow anyone to access
  • 14.
     Therefore, toachieve balance that is to operate an info sys that satisfies the user and security professional – the level of security must allow reasonable access, yet protect against threats
  • 15.
    Chapter 1 Objectives Identify top threats to a computer network  Assess the likelihood of an attack  Define key terms like cracker, sneaker, firewall, and authentication  Compare and contrast perimeter and layered approaches to network security  Use online resources
  • 16.
     Computer systemsand networks are all around us.  Online banking  Automated supermarket checkouts  Online classes  Online shopping  Online travel resources Introduction
  • 17.
    17 Introduction (cont.)  Howis personal information safeguarded?  What are the vulnerabilities?  What secures these systems?
  • 18.
    18 How Seriously ShouldYou Take Threats to Network Security?  Which group do you belong to?  “No one is coming after my computer.”  “The sky is falling!”  Middle ground.
  • 19.
    19 Identifying Types ofThreats  Malware: MALicious softWARE  Security Breaches  DoS: Denial of Service attacks  Web Attacks  Session Hijacking  DNS Poisoning
  • 20.
    20 Malware  Software witha malicious purpose Virus Trojan horse Spyware Logic Bomb
  • 21.
    21 Malware (cont.) Virus  Oneof the two most common types  Usually spreads through e-mail  Uses system resources, causing slowdown or stoppage
  • 22.
    22 Malware (cont.) Trojan Horse The other most common kind of malware  Named after the wooden horse of ancient history
  • 23.
    23 Malware (cont.) Spyware  Themost rapidly growing types of malware  Cookies  Key logger
  • 24.
    24 Malware (cont.) Logic Bomb Lays dormant until some logical condition is met, often a specific date.
  • 25.
    25 Compromising System Security Intrusions Attacks that break through system resources  Hackers  Crackers  Social engineering  War-driving
  • 26.
    26 Denial of ServiceAttacks  The attacker does not intrude into the system but just blocks access by authorized users.
  • 27.
    27 Web Attacks  Theattacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.
  • 28.
    28 Session Hijacking  Thisis a complex attack that involves actually taking over an authenticated session.
  • 29.
    29 DNS Poisoning  Thisinvolves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.
  • 30.
    30 Assessing the Likelihoodof an Attack on Your Network  Viruses  Catch up on new and refurbished viruses  Unauthorized use of systems  DoS attacks  Intrusions  Employee misuse
  • 31.
    31 Basic Security Terminology People: Hackers  White hats  Black hats  Gray hats  Script kiddies  Sneakers  Ethical hackers
  • 32.
    32 Basic Security Terminology(cont.) Devices  Firewall  Filters network traffic  Proxy server  Disguises IP address of internal host  Intrusion Detection System  Monitors traffic, looking for attempted attacks
  • 33.
    33 Basic Security Terminology(cont.) Activities  Authentication  Auditing
  • 34.
    34 Network Security Paradigms How will you protect your network?  CIA Triangle  Least Privileges  Perimeter security approach  Layered security approach  Proactive versus reactive  Hybrid security method
  • 35.
    35 How Do LegalIssues Impact Network Security?  The Computer Security Act of 1987  OMB Circular A-130  See www.alw.nih.gov/Security/FIRST/papers/ legal/stat elaw.txt for state computer laws  Health Insurance Portability and Accountability Act of 1996, HIPAA
  • 36.
    36 Online Security Resources CERT  www.cert.org  Microsoft Security Advisor  www.microsoft.com/security/default.mspx  F-Secure  www.f-secure.com  SANS  www.sans.org
  • 37.
    37 Summary  Network securityis a constantly changing field.  You need three levels of knowledge.  Take the courses necessary to learn the basic techniques.  Learn your enterprise system intimately, with all its strengths and vulnerabilities.  Keep current in the ever-changing world of threats and exploits.
  • 38.

Editor's Notes

  • #15 Identify the top threats to a computer network: malware, intrusion, Denial of service attacks Assess the likelihood of an attack on your personal computer and network Define key terms such as cracker, sneaker, firewall and authentication Compare and contrast perimeter and layered approaches to network security Use online resources to secure your network
  • #16 Computer systems are everywhere. Online banking, ATMs, debit cards E-Bay, Amazon, Half.com for textbooks Expedia, Travelocity, airplane e-tickets
  • #17 How is my online personal information safeguarded? Passwords, account numbers, etc. What are the vulnerabilities to these systems? Web site security What steps are taken to ensure that these systems and data are safe? SSL, Encryption, etc.
  • #18 Which group do you belong to?: “No one is coming after me/my computer.” Prove to me that I am at risk Ostrich Theory “The sky is falling!!” Prove to me that I am not at risk Paranoia Middle Ground An educated awareness of true risk
  • #19 Malware – MALicious softWARE, the most common threat to your system Intrusions – an attempt to gain unauthorized access to your system DoS – Denial of Service attacks, attempts to deny authorized users access to the system
  • #20 Virus – “a small program that replicates itself and hides itself inside other programs, usually without your knowledge” (Symantec, 2003) Trojan horse - a malicious program disguised as something desirable or harmless Spyware – the fastest-growing category of malware
  • #21 One of the two most common types of malware Usually spreads itself through unsuspecting user’s e-mail Even without malicious payload, rapid replication uses system resources, causing slow down or stoppage
  • #22 The other most common kind of malware Named after the famous wooden horse of ancient history It disguises itself as something benign, something you need or want, i.e. a game, screen saver, account logon, etc It captures your information and returns it to the intruder
  • #23 Spyware is the most rapidly growing type of malware. Cookies: initially a good idea to help users surf the Web, now misused to spy on users Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.
  • #24 Spyware is the most rapidly growing type of malware. Cookies: initially a good idea to help users surf the Web, now misused to spy on users Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.
  • #25 Intrusions are attacks that break through your system’s resources without authorization Hackers – early internet joy riders, by intent not malevolent Crackers – system intruders, with malevolent intent Social Engineering – intruding into a system using human nature, not technology War driving – driving around looking for unprotected wireless networks
  • #26 The attacker does not actually intrude into the system, just blocks access from authorized users Keeps your customers from purchasing on your Web site, denying you sales Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn
  • #27 The attacker does not actually intrude into the system, just blocks access from authorized users Keeps your customers from purchasing on your Web site, denying you sales Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn
  • #28 The attacker does not actually intrude into the system, just blocks access from authorized users Keeps your customers from purchasing on your Web site, denying you sales Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn
  • #29 The attacker does not actually intrude into the system, just blocks access from authorized users Keeps your customers from purchasing on your Web site, denying you sales Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn
  • #30 Viruses are most common network attacks Check any AV vendor Web site to catch up on new and refurbished viruses Unauthorized use of systems is the next most common attack DoS attacks Intrusions Employee misuse, either deliberate or accidental
  • #31 People Hackers – anyone who studies a system through analyzing its flaws White hats – Consider themselves the “good guys” Black hats – Or “crackers” are definitely the “bad guys” Gray hats – Not a common term; refers to individuals who operate out side of the law on occasion Script kiddies – Inexperienced; consider themselves hackers, but only copy the work of others Ethical hackers – Consultants who are hired to do vulnerability assessments on company systems
  • #32 Firewalls – Found in a router or a server or as a stand-alone device, it filters ingress and egress network traffic. Proxy server – This sits between a client and an application, acting as the host on your network, disguising the IP address of your internal host. Intrusion Detection System – IDS monitors traffic, looking for attempted attacks.
  • #33 Phreaking – A subspecialty of hacking, breaking into telephone systems, it gave Kevin Mitnick his start down the road to prison. Authentication – Process to determine if the credentials given by a user are authorized to access system resources. Auditing – Process of reviewing logs, records, and procedures to ensure established standards are being met; tedious but critical.
  • #34 How will you protect our network? Perimeter security approach Perimeter Defense is the most popular because it used to be clearly defined, but as companies hire mobile workers, home workers, and contract workers, the perimeter is becoming less and less clearly defined. Layered security approach Not only the perimeter but separate sections of the network are protected to the security level assigned to them. Proactive Versus Reactive Are your security measures active or passive? Do you have a security plan, or are you part of someone else’s plan to intrude on you? Hybrid Security Method Only a thorough and ongoing risk assessment and vulnerability can keep you informed about what combination of postures will benefit your network the most.
  • #35 The Computer Security Act of 1987, the first piece of U.S. legislation to affect computer systems OMB Circular A-130, a more specific federal law that addresses the idea of security standards
  • #36 CERT Computer Emergency Response Team, sponsored by Carnegie-Mellon University, the first computer incident response team Microsoft Security Advisor Microsoft security information, tools, and updates F-Secure Information on virus outbreaks SANS Documentation on computer security issues