SlideShare a Scribd company logo
Information Security
What is Information Security?
Information Security
Information SecurityInformation Security is the name given to
the preventative stepspreventative steps we take to guard
our informationinformation and our capabilitiescapabilities.
Measures adopted to prevent the
unauthorized use, misuse, modification,
or denial of use of knowledge, facts
,data or capabilities.
Critical Characteristics of
Information
Availability
Accuracy
Authenticity
Confidentiality
Integrity
Availability
Enables users who need to accessaccess
information to do so without interferenceinterference
and receive it in requiredrequired format.format.
The information is availableavailable only to the
authorizedauthorized users.
Accuracy
Information is accurate when it is freefree
from mistakesfrom mistakes or errors and it has the
value that the end user expects.
Authenticity
Authenticity of information is the quality
or state of being genuine or original,genuine or original,
rather than a reproduction or fabrication.
e.g. Email SpoofingEmail Spoofing
 The unauthorized use of a third-partyThe unauthorized use of a third-party
domain name as the sender's name in an e-domain name as the sender's name in an e-
mail messagemail message
http://blockstatus.com/anonymous-
mailer
Confidentiality
Information is available only to people
with rightful access.rightful access.
Ensuring that only those with the rightsrights
and privilegesprivileges to accessaccess a particular set
of information are able to do so.
It is closely related with the privacyprivacy of
information.
Integrity
 Information can only be changedchanged by
authorizedauthorized personnel.
 The quality or state of being whole, completewhole, complete
and uncorrupteduncorrupted is the integrity of information.
 Three goals of Integrity
 Prevention of Modification by unauthorized users.
 Prevention of unauthorized modification by authorized users.
 Preservation of Internal and External Consistency.
 Integrity check can be done through:
 File size
 File hashing
 Hashing is the transformation of a string of character s into a
usually shorter fixed-length value or key that represents the
original string
Components of an Information
System
Software
Hardware
Data
People
Procedures
Software
 Comprises of OSOS,,ApplicationsApplications and commandcommand
utilitiesutilities.
 BugsBugs, WeaknessesWeaknesses and HolesHoles.
 An error or defect in software or hardware that causes a program to
malfunction
 Security Hole( something you need to fix now)
 Security Warning( something you need to fix soon)
 Security Note (something you need to fix when you get around to it, or just
some information that you should consider)
 Service PacksService Packs, PatchesPatches and Hot fixesHot fixes.
 Security is least Priorityleast Priority in Software
development
Hardware
HousesHouses and ExecutesExecutes a software.
Stores and carries the data.
Provides InterfacesInterfaces for the entry and
removal of information from the system.
Physical security policiesPhysical security policies deal with thedeal with the
H/WH/W.
Data
MainMain object of intentionalintentional attacks
People
Main threatMain threat to information security.
Often OverlookedOverlooked
Procedures
Procedures are written instructionswritten instructions for
accomplishingaccomplishing a specific tasktask.
Another frequently overlookedoverlooked
component
What is Network Security?
 Effort to create a secure computingsecure computing platformplatform,
so users or programs cannot perform actionscannot perform actions
that they are not allowed to do.
 Network Security is the protectionprotection of
networking componentsnetworking components, connectionsconnections and
contentscontents.
Network Security as a Continuous
Process
Network security is a continuous processcontinuous process built
around a security policy.
Step 1: Secure
Step 2: Monitor
Step 3: Test
Step 4: Improve
Step 1: Secure the Network
Implement security solutions to preventprevent
unauthorized accessunauthorized access and to protectprotect
information.information.
Authentication
Encryption
Firewalls
Vulnerability Patching
Step 2: Monitor Security
 Detects violationsDetects violations to the security policy
Involves system auditingsystem auditing and real-time intrusionintrusion
detectiondetection
 ValidatesValidates the securitysecurity implementation in
Step 1
Step 3: Test Security
 Validates effectivenessValidates effectiveness of the security policy
through system auditing and network scanningnetwork scanning
Step 4: Improve Security
Use information from the monitor and test
phases to make improvementsimprovements to the security
implementation.
Adjust the security policy as security holessecurity holes and
risksrisks are identified.
Terms related to Security
 Assets
 Threats
 Attack
 Vulnerability
 Risk Analysis
 Countermeasures
 Hacking
Asset
An asset is the organizational resourceorganizational resource
that is being protected.
It can be logicallogical like website,
information, data.
It can be physicalphysical like computer system
or other tangible object.
Threats, Vulnerability and Controls
 Threat
 a person, thing, event or idea which poses some danger to an asset
(in terms of confidentiality, integrity, availability).
 a possible means by which a security policy may be breached.
 An attack
 is a realization of a threat.
 Vulnerability
 A weakness in the system that can be exploited to cause loss or
harm
 Control, Countermeasure, safeguard
 An action, device, procedure or technique that removes or reduces a
vulnerability.
Risk = Threat + Vulnerability
Threats without vulnerabilities pose no risk.
Likewise, vulnerabilities without threats
pose no risk.
Risk is the probability that something can
happen.
Risk analysis can be quantitative or
qualitative.
Cont…
Risk can be qualitatively defined in three
levels:
 LowLow- Action to remove the vulnerability
should be taken if possible
 MediumMedium- Action to remove the vulnerability
is advisable
 HighHigh-- Action should be taken immediately to
remove this vulnerability
Hacking
Can be defined positively and
negatively:
To write computer programs for enjoyment.
To gain access to a computer illegally.
Summary
What is Information Security?
What is Network Security?
Assets, Threats and Countermeasures

More Related Content

What's hot

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
Fathima Rahaman
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 
Network security
Network securityNetwork security
Network security
Simranpreet Singh
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
Nikunj Thakkar
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
Bharath Rao
 
Cyber security ppt
Cyber security pptCyber security ppt
Cyber security ppt
CH Asim Zubair
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Wireless and mobile security
Wireless and mobile securityWireless and mobile security
Wireless and mobile security
Pushkar Pashupat
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
TayabaZahid
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
ShafeeqaFarsana
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
John Ely Masculino
 
Cyber security laws
Cyber security lawsCyber security laws
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 

What's hot (20)

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
 
Network security
Network securityNetwork security
Network security
 
Network security
Network securityNetwork security
Network security
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Cyber security ppt
Cyber security pptCyber security ppt
Cyber security ppt
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Wireless and mobile security
Wireless and mobile securityWireless and mobile security
Wireless and mobile security
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
cyber security
cyber securitycyber security
cyber security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Cyber security laws
Cyber security lawsCyber security laws
Cyber security laws
 
Network Security
Network SecurityNetwork Security
Network Security
 
Iot Security
Iot SecurityIot Security
Iot Security
 

Viewers also liked

Network security
Network securityNetwork security
Network security
Nandini Raj
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
Computing Cage
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
File Compression
File CompressionFile Compression
File Compression
The Univ of Findlay
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
Black Duck by Synopsys
 
Penalty enforcement & 10 second runoff
Penalty enforcement  & 10 second runoff Penalty enforcement  & 10 second runoff
Penalty enforcement & 10 second runoff
drs8418
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
webhostingguy
 
ISDD Media Types - File Compression
ISDD Media Types - File CompressionISDD Media Types - File Compression
ISDD Media Types - File Compression
Forrester High School
 
PACE-IT: Basic Network Concepts (part 1)
PACE-IT: Basic Network Concepts (part 1)PACE-IT: Basic Network Concepts (part 1)
PACE-IT: Basic Network Concepts (part 1)
Pace IT at Edmonds Community College
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
Nawanan Theera-Ampornpunt
 
Transport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP PortTransport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP Port
Netwax Lab
 
Network Security
Network  SecurityNetwork  Security
Network Security
VIKAS SINGH BHADOURIA
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planing
Hanaysha
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
Ankur Kumar
 
Data compression
Data compression Data compression
Data compression
Muhammad Irtiza
 
Ports & sockets
Ports  & sockets Ports  & sockets
Ports & sockets
myrajendra
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
swapneel07
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic Management
Marcelo Martins
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
Capgemini
 

Viewers also liked (20)

Network security
Network securityNetwork security
Network security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
File Compression
File CompressionFile Compression
File Compression
 
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
 
Penalty enforcement & 10 second runoff
Penalty enforcement  & 10 second runoff Penalty enforcement  & 10 second runoff
Penalty enforcement & 10 second runoff
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
 
ISDD Media Types - File Compression
ISDD Media Types - File CompressionISDD Media Types - File Compression
ISDD Media Types - File Compression
 
PACE-IT: Basic Network Concepts (part 1)
PACE-IT: Basic Network Concepts (part 1)PACE-IT: Basic Network Concepts (part 1)
PACE-IT: Basic Network Concepts (part 1)
 
Overview of Information Security & Privacy
Overview of Information Security & PrivacyOverview of Information Security & Privacy
Overview of Information Security & Privacy
 
Transport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP PortTransport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP Port
 
Network Security
Network  SecurityNetwork  Security
Network Security
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Business continuity & Disaster recovery planing
Business continuity & Disaster recovery planingBusiness continuity & Disaster recovery planing
Business continuity & Disaster recovery planing
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
Data compression
Data compression Data compression
Data compression
 
Ports & sockets
Ports  & sockets Ports  & sockets
Ports & sockets
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Information Security Strategic Management
Information Security Strategic ManagementInformation Security Strategic Management
Information Security Strategic Management
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 

Similar to Introduction Network security

Cyber security
Cyber securityCyber security
Cyber security
Prem Raval
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
Manoj VNV
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
Rodrigo Piovesana
 
Overview
OverviewOverview
Overview
phanleson
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
Ganbayar Sukhbaatar
 
PPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptxPPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptx
PiBits
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptx
KeenboonAsaffaa
 
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docxSecurity ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
bagotjesusa
 
An Introduction to Cyber security
An Introduction to Cyber securityAn Introduction to Cyber security
An Introduction to Cyber security
Samanvay Jain
 
Security testing
Security testingSecurity testing
Security testing
baskar p
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
Marneil Sanchez
 
Information security background
Information security backgroundInformation security background
Information security background
Nicholas Davis
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Legal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsLegal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing Informatics
Kimarie Brown
 
Module -5 Security.pdf
Module -5 Security.pdfModule -5 Security.pdf
Module -5 Security.pdf
Sitamarhi Institute of Technology
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
dr_edw777
 
Website security
Website securityWebsite security
Website security
RIPPER95
 
IS Unit II.pptx
IS Unit II.pptxIS Unit II.pptx
IS Unit II.pptx
LAVANYAsrietacin
 
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1
Temesgen Berhanu
 
CH01-CompSec4e.pptx
CH01-CompSec4e.pptxCH01-CompSec4e.pptx
CH01-CompSec4e.pptx
ams1ams11
 

Similar to Introduction Network security (20)

Cyber security
Cyber securityCyber security
Cyber security
 
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
Overview
OverviewOverview
Overview
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
PPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptxPPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptx
 
Security Ch-1.pptx
Security Ch-1.pptxSecurity Ch-1.pptx
Security Ch-1.pptx
 
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docxSecurity ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
Security ConceptsDr. Y. ChuCIS3360 Security in Computing.docx
 
An Introduction to Cyber security
An Introduction to Cyber securityAn Introduction to Cyber security
An Introduction to Cyber security
 
Security testing
Security testingSecurity testing
Security testing
 
It and-cyber-module-2
It and-cyber-module-2It and-cyber-module-2
It and-cyber-module-2
 
Information security background
Information security backgroundInformation security background
Information security background
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Legal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsLegal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing Informatics
 
Module -5 Security.pdf
Module -5 Security.pdfModule -5 Security.pdf
Module -5 Security.pdf
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
 
Website security
Website securityWebsite security
Website security
 
IS Unit II.pptx
IS Unit II.pptxIS Unit II.pptx
IS Unit II.pptx
 
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1
 
CH01-CompSec4e.pptx
CH01-CompSec4e.pptxCH01-CompSec4e.pptx
CH01-CompSec4e.pptx
 

More from IGZ Software house

Window server 2008
Window server 2008Window server 2008
Window server 2008
IGZ Software house
 
Types of server
Types of serverTypes of server
Types of server
IGZ Software house
 
Types of network
Types of networkTypes of network
Types of network
IGZ Software house
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
IGZ Software house
 
Group policy management window server 2008r2
Group policy management window server 2008r2Group policy management window server 2008r2
Group policy management window server 2008r2
IGZ Software house
 
FSMO
FSMO FSMO
Active directory domain services
Active directory domain servicesActive directory domain services
Active directory domain services
IGZ Software house
 
17 roles of window server 2008 r2
17 roles of window server 2008 r217 roles of window server 2008 r2
17 roles of window server 2008 r2
IGZ Software house
 
Raid and its levels
Raid and its levelsRaid and its levels
Raid and its levels
IGZ Software house
 
Firewalls
FirewallsFirewalls
Encryption
EncryptionEncryption
Encryption
IGZ Software house
 
Cryptography
CryptographyCryptography
Cryptography
IGZ Software house
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
IGZ Software house
 
X86 Architecture
X86 Architecture X86 Architecture
X86 Architecture
IGZ Software house
 
Window architecture
Window architecture Window architecture
Window architecture
IGZ Software house
 
What is-32-bit-and-64-bit
What is-32-bit-and-64-bitWhat is-32-bit-and-64-bit
What is-32-bit-and-64-bit
IGZ Software house
 
Virtual machine
Virtual machineVirtual machine
Virtual machine
IGZ Software house
 
Compiler
Compiler Compiler
Interpreter
InterpreterInterpreter
Interpreter
IGZ Software house
 
Competitor analaysis
Competitor analaysisCompetitor analaysis
Competitor analaysis
IGZ Software house
 

More from IGZ Software house (20)

Window server 2008
Window server 2008Window server 2008
Window server 2008
 
Types of server
Types of serverTypes of server
Types of server
 
Types of network
Types of networkTypes of network
Types of network
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Group policy management window server 2008r2
Group policy management window server 2008r2Group policy management window server 2008r2
Group policy management window server 2008r2
 
FSMO
FSMO FSMO
FSMO
 
Active directory domain services
Active directory domain servicesActive directory domain services
Active directory domain services
 
17 roles of window server 2008 r2
17 roles of window server 2008 r217 roles of window server 2008 r2
17 roles of window server 2008 r2
 
Raid and its levels
Raid and its levelsRaid and its levels
Raid and its levels
 
Firewalls
FirewallsFirewalls
Firewalls
 
Encryption
EncryptionEncryption
Encryption
 
Cryptography
CryptographyCryptography
Cryptography
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
X86 Architecture
X86 Architecture X86 Architecture
X86 Architecture
 
Window architecture
Window architecture Window architecture
Window architecture
 
What is-32-bit-and-64-bit
What is-32-bit-and-64-bitWhat is-32-bit-and-64-bit
What is-32-bit-and-64-bit
 
Virtual machine
Virtual machineVirtual machine
Virtual machine
 
Compiler
Compiler Compiler
Compiler
 
Interpreter
InterpreterInterpreter
Interpreter
 
Competitor analaysis
Competitor analaysisCompetitor analaysis
Competitor analaysis
 

Recently uploaded

3. Maturity_indices_of_fruits_and_vegetable.pptx
3. Maturity_indices_of_fruits_and_vegetable.pptx3. Maturity_indices_of_fruits_and_vegetable.pptx
3. Maturity_indices_of_fruits_and_vegetable.pptx
UmeshTimilsina1
 
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
ALBERTHISOLER1
 
C# Interview Questions PDF By ScholarHat.pdf
C# Interview Questions PDF By ScholarHat.pdfC# Interview Questions PDF By ScholarHat.pdf
C# Interview Questions PDF By ScholarHat.pdf
Scholarhat
 
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
Dr. Nasir Mustafa
 
Node JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHatNode JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHat
Scholarhat
 
V2-NLC-Certificate-of-Completion_Learner.docx
V2-NLC-Certificate-of-Completion_Learner.docxV2-NLC-Certificate-of-Completion_Learner.docx
V2-NLC-Certificate-of-Completion_Learner.docx
302491
 
SQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHatSQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHat
Scholarhat
 
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour International
 
MATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docxMATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docx
yardenmendoza
 
E-learning Odoo 17 New features - Odoo 17 Slides
E-learning Odoo 17  New features - Odoo 17 SlidesE-learning Odoo 17  New features - Odoo 17 Slides
E-learning Odoo 17 New features - Odoo 17 Slides
Celine George
 
1. Importance_of_reducing_postharvest_loss.pptx
1. Importance_of_reducing_postharvest_loss.pptx1. Importance_of_reducing_postharvest_loss.pptx
1. Importance_of_reducing_postharvest_loss.pptx
UmeshTimilsina1
 
Java MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHatJava MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHat
Scholarhat
 
View Inheritance in Odoo 17 - Odoo 17 Slides
View Inheritance in Odoo 17 - Odoo 17  SlidesView Inheritance in Odoo 17 - Odoo 17  Slides
View Inheritance in Odoo 17 - Odoo 17 Slides
Celine George
 
MVC Interview Questions PDF By ScholarHat
MVC Interview Questions PDF By ScholarHatMVC Interview Questions PDF By ScholarHat
MVC Interview Questions PDF By ScholarHat
Scholarhat
 
DepEd School Calendar 2024-2025 DO_s2024_008
DepEd School Calendar 2024-2025 DO_s2024_008DepEd School Calendar 2024-2025 DO_s2024_008
DepEd School Calendar 2024-2025 DO_s2024_008
Glenn Rivera
 
Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17
Celine George
 
INSIDE OUT - PowerPoint Presentation.pptx
INSIDE OUT - PowerPoint Presentation.pptxINSIDE OUT - PowerPoint Presentation.pptx
INSIDE OUT - PowerPoint Presentation.pptx
RODELAZARES3
 
Dot NET Interview Questions PDF By ScholarHat
Dot NET Interview Questions PDF By ScholarHatDot NET Interview Questions PDF By ScholarHat
Dot NET Interview Questions PDF By ScholarHat
Scholarhat
 
Open Source and AI - ByWater Closing Keynote Presentation.pdf
Open Source and AI - ByWater Closing Keynote Presentation.pdfOpen Source and AI - ByWater Closing Keynote Presentation.pdf
Open Source and AI - ByWater Closing Keynote Presentation.pdf
Jessica Zairo
 
MathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptxMathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptx
nolicaliso1
 

Recently uploaded (20)

3. Maturity_indices_of_fruits_and_vegetable.pptx
3. Maturity_indices_of_fruits_and_vegetable.pptx3. Maturity_indices_of_fruits_and_vegetable.pptx
3. Maturity_indices_of_fruits_and_vegetable.pptx
 
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
Brigada Eskwela 2024 PowerPoint Update for SY 2024-2025
 
C# Interview Questions PDF By ScholarHat.pdf
C# Interview Questions PDF By ScholarHat.pdfC# Interview Questions PDF By ScholarHat.pdf
C# Interview Questions PDF By ScholarHat.pdf
 
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
Dr. Nasir Mustafa CERTIFICATE OF APPRECIATION "NEUROANATOMY"
 
Node JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHatNode JS Interview Question PDF By ScholarHat
Node JS Interview Question PDF By ScholarHat
 
V2-NLC-Certificate-of-Completion_Learner.docx
V2-NLC-Certificate-of-Completion_Learner.docxV2-NLC-Certificate-of-Completion_Learner.docx
V2-NLC-Certificate-of-Completion_Learner.docx
 
SQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHatSQL Server Interview Questions PDF By ScholarHat
SQL Server Interview Questions PDF By ScholarHat
 
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
Codeavour 5.0 International Impact Report - The Biggest International AI, Cod...
 
MATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docxMATATAG CURRICULUM sample lesson exemplar.docx
MATATAG CURRICULUM sample lesson exemplar.docx
 
E-learning Odoo 17 New features - Odoo 17 Slides
E-learning Odoo 17  New features - Odoo 17 SlidesE-learning Odoo 17  New features - Odoo 17 Slides
E-learning Odoo 17 New features - Odoo 17 Slides
 
1. Importance_of_reducing_postharvest_loss.pptx
1. Importance_of_reducing_postharvest_loss.pptx1. Importance_of_reducing_postharvest_loss.pptx
1. Importance_of_reducing_postharvest_loss.pptx
 
Java MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHatJava MCQ Questions and Answers PDF By ScholarHat
Java MCQ Questions and Answers PDF By ScholarHat
 
View Inheritance in Odoo 17 - Odoo 17 Slides
View Inheritance in Odoo 17 - Odoo 17  SlidesView Inheritance in Odoo 17 - Odoo 17  Slides
View Inheritance in Odoo 17 - Odoo 17 Slides
 
MVC Interview Questions PDF By ScholarHat
MVC Interview Questions PDF By ScholarHatMVC Interview Questions PDF By ScholarHat
MVC Interview Questions PDF By ScholarHat
 
DepEd School Calendar 2024-2025 DO_s2024_008
DepEd School Calendar 2024-2025 DO_s2024_008DepEd School Calendar 2024-2025 DO_s2024_008
DepEd School Calendar 2024-2025 DO_s2024_008
 
Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17Mail Server Configuration Using App passwords in Odoo 17
Mail Server Configuration Using App passwords in Odoo 17
 
INSIDE OUT - PowerPoint Presentation.pptx
INSIDE OUT - PowerPoint Presentation.pptxINSIDE OUT - PowerPoint Presentation.pptx
INSIDE OUT - PowerPoint Presentation.pptx
 
Dot NET Interview Questions PDF By ScholarHat
Dot NET Interview Questions PDF By ScholarHatDot NET Interview Questions PDF By ScholarHat
Dot NET Interview Questions PDF By ScholarHat
 
Open Source and AI - ByWater Closing Keynote Presentation.pdf
Open Source and AI - ByWater Closing Keynote Presentation.pdfOpen Source and AI - ByWater Closing Keynote Presentation.pdf
Open Source and AI - ByWater Closing Keynote Presentation.pdf
 
MathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptxMathematicsGrade7-Presentation-July-12024.pptx
MathematicsGrade7-Presentation-July-12024.pptx
 

Introduction Network security

  • 1. Information Security What is Information Security?
  • 2. Information Security Information SecurityInformation Security is the name given to the preventative stepspreventative steps we take to guard our informationinformation and our capabilitiescapabilities. Measures adopted to prevent the unauthorized use, misuse, modification, or denial of use of knowledge, facts ,data or capabilities.
  • 4. Availability Enables users who need to accessaccess information to do so without interferenceinterference and receive it in requiredrequired format.format. The information is availableavailable only to the authorizedauthorized users.
  • 5. Accuracy Information is accurate when it is freefree from mistakesfrom mistakes or errors and it has the value that the end user expects.
  • 6. Authenticity Authenticity of information is the quality or state of being genuine or original,genuine or original, rather than a reproduction or fabrication. e.g. Email SpoofingEmail Spoofing  The unauthorized use of a third-partyThe unauthorized use of a third-party domain name as the sender's name in an e-domain name as the sender's name in an e- mail messagemail message http://blockstatus.com/anonymous- mailer
  • 7. Confidentiality Information is available only to people with rightful access.rightful access. Ensuring that only those with the rightsrights and privilegesprivileges to accessaccess a particular set of information are able to do so. It is closely related with the privacyprivacy of information.
  • 8. Integrity  Information can only be changedchanged by authorizedauthorized personnel.  The quality or state of being whole, completewhole, complete and uncorrupteduncorrupted is the integrity of information.  Three goals of Integrity  Prevention of Modification by unauthorized users.  Prevention of unauthorized modification by authorized users.  Preservation of Internal and External Consistency.  Integrity check can be done through:  File size  File hashing  Hashing is the transformation of a string of character s into a usually shorter fixed-length value or key that represents the original string
  • 9. Components of an Information System Software Hardware Data People Procedures
  • 10. Software  Comprises of OSOS,,ApplicationsApplications and commandcommand utilitiesutilities.  BugsBugs, WeaknessesWeaknesses and HolesHoles.  An error or defect in software or hardware that causes a program to malfunction  Security Hole( something you need to fix now)  Security Warning( something you need to fix soon)  Security Note (something you need to fix when you get around to it, or just some information that you should consider)  Service PacksService Packs, PatchesPatches and Hot fixesHot fixes.  Security is least Priorityleast Priority in Software development
  • 11. Hardware HousesHouses and ExecutesExecutes a software. Stores and carries the data. Provides InterfacesInterfaces for the entry and removal of information from the system. Physical security policiesPhysical security policies deal with thedeal with the H/WH/W.
  • 12. Data MainMain object of intentionalintentional attacks
  • 13. People Main threatMain threat to information security. Often OverlookedOverlooked
  • 14. Procedures Procedures are written instructionswritten instructions for accomplishingaccomplishing a specific tasktask. Another frequently overlookedoverlooked component
  • 15. What is Network Security?  Effort to create a secure computingsecure computing platformplatform, so users or programs cannot perform actionscannot perform actions that they are not allowed to do.  Network Security is the protectionprotection of networking componentsnetworking components, connectionsconnections and contentscontents.
  • 16. Network Security as a Continuous Process Network security is a continuous processcontinuous process built around a security policy. Step 1: Secure Step 2: Monitor Step 3: Test Step 4: Improve
  • 17. Step 1: Secure the Network Implement security solutions to preventprevent unauthorized accessunauthorized access and to protectprotect information.information. Authentication Encryption Firewalls Vulnerability Patching
  • 18. Step 2: Monitor Security  Detects violationsDetects violations to the security policy Involves system auditingsystem auditing and real-time intrusionintrusion detectiondetection  ValidatesValidates the securitysecurity implementation in Step 1
  • 19. Step 3: Test Security  Validates effectivenessValidates effectiveness of the security policy through system auditing and network scanningnetwork scanning
  • 20. Step 4: Improve Security Use information from the monitor and test phases to make improvementsimprovements to the security implementation. Adjust the security policy as security holessecurity holes and risksrisks are identified.
  • 21. Terms related to Security  Assets  Threats  Attack  Vulnerability  Risk Analysis  Countermeasures  Hacking
  • 22. Asset An asset is the organizational resourceorganizational resource that is being protected. It can be logicallogical like website, information, data. It can be physicalphysical like computer system or other tangible object.
  • 23. Threats, Vulnerability and Controls  Threat  a person, thing, event or idea which poses some danger to an asset (in terms of confidentiality, integrity, availability).  a possible means by which a security policy may be breached.  An attack  is a realization of a threat.  Vulnerability  A weakness in the system that can be exploited to cause loss or harm  Control, Countermeasure, safeguard  An action, device, procedure or technique that removes or reduces a vulnerability.
  • 24. Risk = Threat + Vulnerability Threats without vulnerabilities pose no risk. Likewise, vulnerabilities without threats pose no risk. Risk is the probability that something can happen. Risk analysis can be quantitative or qualitative.
  • 25. Cont… Risk can be qualitatively defined in three levels:  LowLow- Action to remove the vulnerability should be taken if possible  MediumMedium- Action to remove the vulnerability is advisable  HighHigh-- Action should be taken immediately to remove this vulnerability
  • 26. Hacking Can be defined positively and negatively: To write computer programs for enjoyment. To gain access to a computer illegally.
  • 27. Summary What is Information Security? What is Network Security? Assets, Threats and Countermeasures