SlideShare a Scribd company logo

Phi 235 social media security users guide presentation

Download as PPTX, PDF
Alan Holyoke
Alan Holyoke

The document provides an overview of various cyber security solutions and concepts. It discusses 13 sections related to cyber security including access control solutions, vulnerability analysis, gap analysis, penetration testing, web application security, log analysis, network traffic analysis, information security policy design, and security products identification. Each section provides 1-3 paragraphs explaining the topic and key considerations.

1 of 40
SOCIAL MEDIA SECURITY USERS GUIDE CYBER SECURITY SOLUTIONS ALAN HOLYOKE PHI 235
WEBSITES SECURITY As you can see by the diagram to the left, there are numerous browsers and websites that you and I utilize on a daily basis, an ever growing reality that keeps us “connected” to everyone and everything that we may want to be connected to. In regards to Cyber Security Solutions, this guide will explain the thirteen different sections covering everything from Access Control to Gap Analysis to Information Security Policy and everything in between. Well, let’s take a journey, shall we….
Access control solutions Access control solutions allow companies to determine who can go where and when. An audit trail shows the details of who passed through your access control entry and exit devices. Events recorded to a head end computer may be linked to video, paging, or alarm functions. By combining software and hardware, your system can be controlled, queried, or programmed from anywhere on your network or via a secure web browser.
They give you a complete picture of each employees activity by days, weeks, and the times they passed though any access controlled door in your facility. Your records will show whether they passed through during your regular working hours or off hours. Our access systems are based on time tested, user friendly software and allow for monitoring and control in remote sites throughout your existing network. Access control solutions (continued)
Vulnerability analysis Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.
Vulnerability analysis (continued) Vulnerability analysis consists of several steps:  Defining and classifying network or system resources  Assigning relative levels of importance to the resources  Identifying potential threats to each resource  Developing a strategy to deal with the most serious potential problems first  Defining and implementing ways to minimize the consequences if an attack occurs.
Vulnerability analysis (continued) If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.
Vulnerability analysis (continued) The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.
gap analysis A technique that businesses use to determine what steps need to be taken in order to move from its current state to its desired, future state. Also called need-gap analysis, needs analysis, and needs assessment.
gap analysis (continued)  Listing of characteristic factors (such as attributes, competencies, performance levels) of the present situation ("what is")  Listing factors needed to achieve future objectives ("what should be"), and then  Highlighting the gaps that exist and need to be filled. Gap analysis forces a company to reflect on who it is and ask who they want to be in the future.
Penetration testing A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure. This is done by safely attempting to exploit system vulnerabilities such as: • The Operating System (OS) • Service and Application flaws • Improper Configurations • Validating the Efficiency of Defensive Mechanisms Such assessments are also useful in validating the efficiency of end-users’ adherence to company security policies.
Penetration testing (continued) A penetration test is a test whose results validate the risk posed by specific security vulnerabilities or flawed processes. This enables IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information.
Web application security Web Application Security is an internet security audit, performed by experienced security professionals. A key feature of the service, and one which cannot be covered by relying solely on automated testing, is application testing. The service is designed to rigorously push the defenses of internet networks and applications.
Web application security (continued) It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements. A final written report provides an analysis of any security or service problems discovered together with proposed solutions, links to detailed advisories and recommendations for improving the security of the service under test. The Web Application Testing service can be used to ensure compliance with PCI DSS v2.0 requirement 11.3, (penetration testing) as it includes both network and application layer testing.
Web application security (continued) Areas Covered by Web Application Testing  Configuration errors  Application loopholes in server code or scripts  Advice on data that could have been exposed due to past errors  Testing for known vulnerabilities  Reducing the risk and enticement to attack  Advice on fixes and future security plans
Web application security (continued) Typical Issues Discovered in an Application Test o Cross-site scripting o SQL injection o Server misconfigurations o Form/hidden field manipulation o Command injection o Cookie poisoning o Well-known platform vulnerabilities o Insecure use of cryptography
Web application security (continued) Typical Issues Discovered in an Application Test (continued) o Back doors and debug options o Errors triggering sensitive information leak o Broken ACLs/Weak passwords o Weak session management o Buffer overflows o Forceful browsing o CGI-BIN manipulation o Risk reduction to zero day exploits
Log analysis Log Analysis lets you analyze unstructured data to help identify, isolate and resolve problems. The software integrates data from multiple sources including logs, events, metrics, support documents and trouble tickets.
Network traffic analysis Network analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network. This is accomplished by two different monitoring techniques:  Router Based – Monitoring functionalities that are built into the routers themselves & do not require and additional installation of hardware or software.  Non-Router Based - Monitoring techniques require additional hardware and software to be installed and provide greater flexibility.
Information security Policy design The first step to creating an effective information security policy is evaluating information assets and identifying threats to those assets. Some assets within an organization will be more valuable than others, but monetary value should not be the only factor. Determining both the monetary value and the intrinsic value of an asset is essential in accurately gauging its worth.
Information security Policy design (continued) To calculate an asset’s monetary value: An organization should consider the impact if that asset’s data, networks or systems are compromised in any way. To calculate an asset’s intrinsic value: An organization must consider a security incident’s impact on credibility, reputation and relationships with key stakeholders.
Information security Policy design (continued) When assessing potential threats, external and internal threats must be considered. External threats include viruses, worms, Trojan horses, hacking attempts and anything that tries to break an organization’s security infrastructure from the OUTSIDE. Internal threats include abuse of critical systems and data, surfing objectionable Internet content, and inappropriate Internet use. The real costly danger with internal threats comes from perpetrators having extensive access to the network from the INSIDE.
Information security Policy design (continued) Since an information security policy will have an effect on people throughout the organization, a team should take the responsibility for drafting the policy together. This team should include executives, IT administrators, information security experts, human resource managers, public relations managers, legal counsel and IT auditors. Approval for the policy should come from the highest possible level in the corporate environment.
Security products identification There are several security products on the market. Here is a list of a few of those security products: Passport Laminates Passport laminates range from a clear film overlay to Covid holographic and Fasver printed security laminates, featuring overt, covert, and forensic security devices. All laminates are custom designed to suit the document and the application equipment.
Security products identification (continued) ID Card Laminates Covid holographic and Fasver printed security laminates protect ID cards against forgery and counterfeit attempts. Most companies will work with each client to create custom originations that integrate with the background artwork and personalized data to deliver cohesive designs that are attractive, original, easy to authenticate, and highly secure.
Security products identification (continued) Polycarbonate Solutions Polycarbonate solutions provide security both in and on identity documents and enable color personalization on ID cards. Fasver printed security layers can be embedded within polycarbonate cards and passport data pages to help authenticate genuine ID documents and prevent counterfeiting. Covid holographic patches add security to the card’s surface while protecting the Unichroma-enabled color personalized data.
Security products identification (continued) Seals, Labels, and Hot Stamp Foils Our seals, labels, and hot stamp foils are used by governments worldwide to protect signatures on official documents, and to secure and authenticate document pouches and vehicle stickers. Card Personalization Imagedata D2T2 ribbons generate vibrant colors and high-definition print for photos, background imagery, text, and bar codes, making them ideal for the personalization of secure and non-secure ID cards.
Cyber security surveys Forty-seven percent of surveyed organizations have suffered a cyber-attack in the past year – and a frightening 13 percent say they do not even know if they have been attacked. These are among the results of the 2013 Cyber Security Study conducted by Information Security Media Group and commissioned by Bit9.
Data leak prevention solutions Data leak prevention solution is a system that is designed to detect potential data breach or data ex-filtration transmissions and prevent them. It does this by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or by an inadvertent mistake. Such sensitive data can come in the form of private or company information, intellectual property (IP), financial or patient information, credit-card data, and other information depending on the business and the industry.
Cyber hygiene Cyber hygiene refers to steps that computer users can take to improve their cybersecurity and better protect themselves online.
Cyber hygiene (continued) The best practices are not new technologies, but fairly common sense ideas that need to become part of an enterprise culture. The common practices are listed below: • Eliminate unnecessary data and keep tabs on what is left; • Ensure essential controls are met and regularly audit to in order consistent implementation; • Change default credentials; • Avoid shared credentials; • Implement a firewall or access control list (ACL) on remote access/administration services; • Utilize IP blacklisting;
Cyber hygiene (continued) The common practices are continued below: • Update anti-virus and other software consistently; • Audit user accounts; • Restrict and monitor privileged users; • Monitor and filter outbound network traffic; • Test applications and review codes; • Change the approach to event monitoring and log analysis; • Define ‘suspicious’ and ‘anomalous’ (then look for whatever ‘it’ is); • Increase awareness of social engineering; • Train employees and customers to look for signs tampering and fraud;
Cyber investigation A cyber investigation investigates those offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS).
Information security policy Information security policy is a set of policies issued by an organization to ensure that all information technology users within the domain of the organization or its networks comply with rules and guidelines related to the security of the information stored digitally at any point in the network or within the organization's boundaries of authority.
Comprehensive cyber security solution Government agencies need to proactively protect their critical applications, data and processes from external and internal threats throughout their entire life cycle. By taking a comprehensive and integrated approach to application vulnerability management, agencies can measurably improve operational security, mitigate risks, and reduce costs.
Cite list http://www.advancetechnology.com/electronic-security-access-control-solutions http://searchmidmarketsecurity.techtarget.com/definition/vulnerability-analysis http://www.businessdictionary.com/definition/gap-analysis.html#ixzz35hkTYaoA http://www.coresecurity.com/penetration-testing-overview http://www.netcraft.com/security-testing/web-application/ http://www-03.ibm.com/software/products/en/ibm-smartcloud-analytics---log- analysis http://www.cse.wustl.edu/~jain/cse567-06/ftp/net_monitoring.pdf
Cite list (continued) http://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-Creating- and-Enforcing-an-Effective-Information-Security-Policy1.aspx http://www.itwsbi.com/Products/SecurityProducts.aspx https://www.bit9.com/resources/research-reports/2013-cyber-security-study/ http://vimeo.com/41847642 http://www.aig.com/Chartis/internet/US/en/CyberHygieneDocument_031214_tcm317 1-586930.pdf http://pursuitmag.com/cyber-crime-terms-and-definitions/ http://www.techopedia.com/definition/24838/information-security-policy http://www-304.ibm.com/industries/publicsector/us/en/contentemplate1/!!/xmlid=148819/
Computing with the “Cloud” Most people when they here the word “cloud” they think of the clouds in the sky, that would be only logical. But from a computing standpoint, the “Cloud” is simply a technology that uses the Internet and remote servers to:  Maintain data and applications  Allows users to access applications without installation .  Allows users access to their personal files from any computer that has access to the Internet.  Centralizes storage, memory, processing, and bandwidth.In regards to your Yahoo email account, that software is managed by Yahoo. Your Gmail account software is managed by Google.
HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) • Install HTTPS Everywhere on your Web browser. • HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts any communication that you may have with major websites. • More specifically, this extension encrypts your Web browsing sessions, protecting you from hackers and spy agencies that scoop up unencrypted traffic across the Internet. http://www.youtube.com/watch?v=8nRlsaWfo30

Recommended

Enterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security ServicesEnterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security Services
Akshay Kurhade
 
NASA OIG Report
NASA OIG ReportNASA OIG Report
NASA OIG Report
Priyanka Aash
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
CAS
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspects
CAS
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
Dedi Dwianto
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data Breach
Anchises Moraes
 

Recommended

Enterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security ServicesEnterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security Services
Akshay Kurhade
 
NASA OIG Report
NASA OIG ReportNASA OIG Report
NASA OIG Report
Priyanka Aash
 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
CAS
 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspects
CAS
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
Dedi Dwianto
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data Breach
Anchises Moraes
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
Piyush Jain
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
AHM Pervej Kabir
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
Edgar Alejandro Villegas
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
Daniel Suchy, CPP, MSyI
 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
 
Chapter006
Chapter006Chapter006
Chapter006
Jeanie Delos Arcos
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
MITDaveMillaar
 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
Lisa Dowdell, MSISTM
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
Zara Nawaz
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
Computer engineering company
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
Chris Hammond-Thrasher
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
Happy Sad
 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
Resilient Systems
 
Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
Helen Dixon
 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
Ahsan (Ash) Khokhar
 

More Related Content

What's hot

Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
Piyush Jain
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
AHM Pervej Kabir
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
Edgar Alejandro Villegas
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
Daniel Suchy, CPP, MSyI
 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
 
Chapter006
Chapter006Chapter006
Chapter006
Jeanie Delos Arcos
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
MITDaveMillaar
 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
Lisa Dowdell, MSISTM
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
Zara Nawaz
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
Computer engineering company
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
Chris Hammond-Thrasher
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
Happy Sad
 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
Resilient Systems
 

What's hot (20)

Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
Chapter006
Chapter006Chapter006
Chapter006
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
 

Viewers also liked

Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
Helen Dixon
 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
Ahsan (Ash) Khokhar
 
Social media ethical issues jotham wasike
Social media ethical issues jotham wasikeSocial media ethical issues jotham wasike
Social media ethical issues jotham wasike
Francis Mwangi
 
Hydration and the role of Sports Drinks
Hydration and the role of Sports DrinksHydration and the role of Sports Drinks
Hydration and the role of Sports Drinks
Iain82
 
foreign workers in Malaysia
foreign workers in Malaysiaforeign workers in Malaysia
foreign workers in Malaysia
Zakinan Nawaz
 
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
Mahesh Kodituwakku
 
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...Kasthuripriya Nanda Kumar
 
Social Media and its effects on youth
Social Media and its effects on youthSocial Media and its effects on youth
Social Media and its effects on youthAbhishek Jain
 

Viewers also liked (10)

Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
 
Social media ethical issues jotham wasike
Social media ethical issues jotham wasikeSocial media ethical issues jotham wasike
Social media ethical issues jotham wasike
 
Hydration and the role of Sports Drinks
Hydration and the role of Sports DrinksHydration and the role of Sports Drinks
Hydration and the role of Sports Drinks
 
Social Media Risks
Social Media RisksSocial Media Risks
Social Media Risks
 
foreign workers in Malaysia
foreign workers in Malaysiaforeign workers in Malaysia
foreign workers in Malaysia
 
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
 
Social Data Mining
Social Data MiningSocial Data Mining
Social Data Mining
 
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
 
Social Media and its effects on youth
Social Media and its effects on youthSocial Media and its effects on youth
Social Media and its effects on youth
 

Similar to Phi 235 social media security users guide presentation

Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
Afour tech
 
Exploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity TestingExploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity Testing
jatniwalafizza786
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing
Bluechip Gulf IT Services
 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
Nutan Kumar Panda
 
What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...
Alisha Henderson
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
Infosectrain3
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security EnhancementDemystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
cyberprosocial
 
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51
martinvoelk
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
EnterpriseGRC Solutions, Inc.
 
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONSCYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
Sprintzeal
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
 
What is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdfWhat is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdf
ElanusTechnologies
 
Importance of Vulnerability Scanning for Businesses | SOCVault.io
Importance of Vulnerability Scanning for Businesses | SOCVault.ioImportance of Vulnerability Scanning for Businesses | SOCVault.io
Importance of Vulnerability Scanning for Businesses | SOCVault.io
SOCVault
 
Security testing
Security testingSecurity testing
Security testingbaskar p
 
Penetration Testing Services - Redfox Cyber Security
Penetration Testing Services - Redfox Cyber SecurityPenetration Testing Services - Redfox Cyber Security
Penetration Testing Services - Redfox Cyber Security
Karan Patel
 
I0516064
I0516064I0516064
I0516064
IOSR Journals
 

Similar to Phi 235 social media security users guide presentation (20)

Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
 
Exploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity TestingExploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity Testing
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
 
(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing
 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
 
What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...
 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security EnhancementDemystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
 
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONSCYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND AND TOP CERTIFICATIONS
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
What is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdfWhat is the process of Vulnerability Assessment and Penetration Testing.pdf
What is the process of Vulnerability Assessment and Penetration Testing.pdf
 
Importance of Vulnerability Scanning for Businesses | SOCVault.io
Importance of Vulnerability Scanning for Businesses | SOCVault.ioImportance of Vulnerability Scanning for Businesses | SOCVault.io
Importance of Vulnerability Scanning for Businesses | SOCVault.io
 
Security testing
Security testingSecurity testing
Security testing
 
Penetration Testing Services - Redfox Cyber Security
Penetration Testing Services - Redfox Cyber SecurityPenetration Testing Services - Redfox Cyber Security
Penetration Testing Services - Redfox Cyber Security
 
I0516064
I0516064I0516064
I0516064
 

Recently uploaded

Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
Anna Sz.
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 

Recently uploaded (20)

Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 

Phi 235 social media security users guide presentation

  • 1. SOCIAL MEDIA SECURITY USERS GUIDE CYBER SECURITY SOLUTIONS ALAN HOLYOKE PHI 235
  • 2.
  • 3. WEBSITES SECURITY As you can see by the diagram to the left, there are numerous browsers and websites that you and I utilize on a daily basis, an ever growing reality that keeps us “connected” to everyone and everything that we may want to be connected to. In regards to Cyber Security Solutions, this guide will explain the thirteen different sections covering everything from Access Control to Gap Analysis to Information Security Policy and everything in between. Well, let’s take a journey, shall we….
  • 4. Access control solutions Access control solutions allow companies to determine who can go where and when. An audit trail shows the details of who passed through your access control entry and exit devices. Events recorded to a head end computer may be linked to video, paging, or alarm functions. By combining software and hardware, your system can be controlled, queried, or programmed from anywhere on your network or via a secure web browser.
  • 5. They give you a complete picture of each employees activity by days, weeks, and the times they passed though any access controlled door in your facility. Your records will show whether they passed through during your regular working hours or off hours. Our access systems are based on time tested, user friendly software and allow for monitoring and control in remote sites throughout your existing network. Access control solutions (continued)
  • 6. Vulnerability analysis Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.
  • 7. Vulnerability analysis (continued) Vulnerability analysis consists of several steps:  Defining and classifying network or system resources  Assigning relative levels of importance to the resources  Identifying potential threats to each resource  Developing a strategy to deal with the most serious potential problems first  Defining and implementing ways to minimize the consequences if an attack occurs.
  • 8. Vulnerability analysis (continued) If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.
  • 9. Vulnerability analysis (continued) The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.
  • 10. gap analysis A technique that businesses use to determine what steps need to be taken in order to move from its current state to its desired, future state. Also called need-gap analysis, needs analysis, and needs assessment.
  • 11. gap analysis (continued)  Listing of characteristic factors (such as attributes, competencies, performance levels) of the present situation ("what is")  Listing factors needed to achieve future objectives ("what should be"), and then  Highlighting the gaps that exist and need to be filled. Gap analysis forces a company to reflect on who it is and ask who they want to be in the future.
  • 12. Penetration testing A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure. This is done by safely attempting to exploit system vulnerabilities such as: • The Operating System (OS) • Service and Application flaws • Improper Configurations • Validating the Efficiency of Defensive Mechanisms Such assessments are also useful in validating the efficiency of end-users’ adherence to company security policies.
  • 13. Penetration testing (continued) A penetration test is a test whose results validate the risk posed by specific security vulnerabilities or flawed processes. This enables IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information.
  • 14. Web application security Web Application Security is an internet security audit, performed by experienced security professionals. A key feature of the service, and one which cannot be covered by relying solely on automated testing, is application testing. The service is designed to rigorously push the defenses of internet networks and applications.
  • 15. Web application security (continued) It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements. A final written report provides an analysis of any security or service problems discovered together with proposed solutions, links to detailed advisories and recommendations for improving the security of the service under test. The Web Application Testing service can be used to ensure compliance with PCI DSS v2.0 requirement 11.3, (penetration testing) as it includes both network and application layer testing.
  • 16. Web application security (continued) Areas Covered by Web Application Testing  Configuration errors  Application loopholes in server code or scripts  Advice on data that could have been exposed due to past errors  Testing for known vulnerabilities  Reducing the risk and enticement to attack  Advice on fixes and future security plans
  • 17. Web application security (continued) Typical Issues Discovered in an Application Test o Cross-site scripting o SQL injection o Server misconfigurations o Form/hidden field manipulation o Command injection o Cookie poisoning o Well-known platform vulnerabilities o Insecure use of cryptography
  • 18. Web application security (continued) Typical Issues Discovered in an Application Test (continued) o Back doors and debug options o Errors triggering sensitive information leak o Broken ACLs/Weak passwords o Weak session management o Buffer overflows o Forceful browsing o CGI-BIN manipulation o Risk reduction to zero day exploits
  • 19. Log analysis Log Analysis lets you analyze unstructured data to help identify, isolate and resolve problems. The software integrates data from multiple sources including logs, events, metrics, support documents and trouble tickets.
  • 20. Network traffic analysis Network analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network. This is accomplished by two different monitoring techniques:  Router Based – Monitoring functionalities that are built into the routers themselves & do not require and additional installation of hardware or software.  Non-Router Based - Monitoring techniques require additional hardware and software to be installed and provide greater flexibility.
  • 21. Information security Policy design The first step to creating an effective information security policy is evaluating information assets and identifying threats to those assets. Some assets within an organization will be more valuable than others, but monetary value should not be the only factor. Determining both the monetary value and the intrinsic value of an asset is essential in accurately gauging its worth.
  • 22. Information security Policy design (continued) To calculate an asset’s monetary value: An organization should consider the impact if that asset’s data, networks or systems are compromised in any way. To calculate an asset’s intrinsic value: An organization must consider a security incident’s impact on credibility, reputation and relationships with key stakeholders.
  • 23. Information security Policy design (continued) When assessing potential threats, external and internal threats must be considered. External threats include viruses, worms, Trojan horses, hacking attempts and anything that tries to break an organization’s security infrastructure from the OUTSIDE. Internal threats include abuse of critical systems and data, surfing objectionable Internet content, and inappropriate Internet use. The real costly danger with internal threats comes from perpetrators having extensive access to the network from the INSIDE.
  • 24. Information security Policy design (continued) Since an information security policy will have an effect on people throughout the organization, a team should take the responsibility for drafting the policy together. This team should include executives, IT administrators, information security experts, human resource managers, public relations managers, legal counsel and IT auditors. Approval for the policy should come from the highest possible level in the corporate environment.
  • 25. Security products identification There are several security products on the market. Here is a list of a few of those security products: Passport Laminates Passport laminates range from a clear film overlay to Covid holographic and Fasver printed security laminates, featuring overt, covert, and forensic security devices. All laminates are custom designed to suit the document and the application equipment.
  • 26. Security products identification (continued) ID Card Laminates Covid holographic and Fasver printed security laminates protect ID cards against forgery and counterfeit attempts. Most companies will work with each client to create custom originations that integrate with the background artwork and personalized data to deliver cohesive designs that are attractive, original, easy to authenticate, and highly secure.
  • 27. Security products identification (continued) Polycarbonate Solutions Polycarbonate solutions provide security both in and on identity documents and enable color personalization on ID cards. Fasver printed security layers can be embedded within polycarbonate cards and passport data pages to help authenticate genuine ID documents and prevent counterfeiting. Covid holographic patches add security to the card’s surface while protecting the Unichroma-enabled color personalized data.
  • 28. Security products identification (continued) Seals, Labels, and Hot Stamp Foils Our seals, labels, and hot stamp foils are used by governments worldwide to protect signatures on official documents, and to secure and authenticate document pouches and vehicle stickers. Card Personalization Imagedata D2T2 ribbons generate vibrant colors and high-definition print for photos, background imagery, text, and bar codes, making them ideal for the personalization of secure and non-secure ID cards.
  • 29. Cyber security surveys Forty-seven percent of surveyed organizations have suffered a cyber-attack in the past year – and a frightening 13 percent say they do not even know if they have been attacked. These are among the results of the 2013 Cyber Security Study conducted by Information Security Media Group and commissioned by Bit9.
  • 30. Data leak prevention solutions Data leak prevention solution is a system that is designed to detect potential data breach or data ex-filtration transmissions and prevent them. It does this by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or by an inadvertent mistake. Such sensitive data can come in the form of private or company information, intellectual property (IP), financial or patient information, credit-card data, and other information depending on the business and the industry.
  • 31. Cyber hygiene Cyber hygiene refers to steps that computer users can take to improve their cybersecurity and better protect themselves online.
  • 32. Cyber hygiene (continued) The best practices are not new technologies, but fairly common sense ideas that need to become part of an enterprise culture. The common practices are listed below: • Eliminate unnecessary data and keep tabs on what is left; • Ensure essential controls are met and regularly audit to in order consistent implementation; • Change default credentials; • Avoid shared credentials; • Implement a firewall or access control list (ACL) on remote access/administration services; • Utilize IP blacklisting;
  • 33. Cyber hygiene (continued) The common practices are continued below: • Update anti-virus and other software consistently; • Audit user accounts; • Restrict and monitor privileged users; • Monitor and filter outbound network traffic; • Test applications and review codes; • Change the approach to event monitoring and log analysis; • Define ‘suspicious’ and ‘anomalous’ (then look for whatever ‘it’ is); • Increase awareness of social engineering; • Train employees and customers to look for signs tampering and fraud;
  • 34. Cyber investigation A cyber investigation investigates those offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS).
  • 35. Information security policy Information security policy is a set of policies issued by an organization to ensure that all information technology users within the domain of the organization or its networks comply with rules and guidelines related to the security of the information stored digitally at any point in the network or within the organization's boundaries of authority.
  • 36. Comprehensive cyber security solution Government agencies need to proactively protect their critical applications, data and processes from external and internal threats throughout their entire life cycle. By taking a comprehensive and integrated approach to application vulnerability management, agencies can measurably improve operational security, mitigate risks, and reduce costs.
  • 39. Computing with the “Cloud” Most people when they here the word “cloud” they think of the clouds in the sky, that would be only logical. But from a computing standpoint, the “Cloud” is simply a technology that uses the Internet and remote servers to:  Maintain data and applications  Allows users to access applications without installation .  Allows users access to their personal files from any computer that has access to the Internet.  Centralizes storage, memory, processing, and bandwidth.In regards to your Yahoo email account, that software is managed by Yahoo. Your Gmail account software is managed by Google.
  • 40. HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) • Install HTTPS Everywhere on your Web browser. • HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts any communication that you may have with major websites. • More specifically, this extension encrypts your Web browsing sessions, protecting you from hackers and spy agencies that scoop up unencrypted traffic across the Internet. http://www.youtube.com/watch?v=8nRlsaWfo30