Explain UI structure and updating and functionality of the UI

1. Physical Safety And Security
Definition:
Physical security describes measures designed to ensure the physical protection
of IT assets like facilities, equipment, personnel, resources and other properties from
damage and unauthorized physical access.
Physical security measures are taken in order to protect these assets from physical
threats including theft, vandalism, fire and natural disasters.
Physical Security principles and measures
Key components of physical security include:
 Access control and monitoring of physical access should cover the entire area,
using sophisticated physical security tools such as biometric and ID card restrictions.
 However, it is important to understand the pros and cons of each
measure and how these access controls can be forged.
 Surveillance, containing burglar alarms, guards, and CCTV that
keeps a complete record of the entire movement.
 High-risk areas may have sophisticated detectors to ensure a more holistic view.

2. The general principles of physical security measures should respond to:
 Physical Security Perimeter
 Physical Input Controls
 Security of Offices, Rooms, and Facilities
 Protection against External and Environmental
 Threats
 Working in Safe Areas
 Public Access, Loading and Unloading Areas
 Protection and Disposal of Equipment
Most Common Physical security threads:
1.Terrorism
2.Natural Disasters
3.Vandalism
4.Theft and Burglary

4. Most Common Physical security threads
▶Terrorism is the most destructive physical security
threat. Government entities have terrorism countermeasures in
place. However, evaluating your security protocols and
products in response to a terroristic scenario is vital.

5. 2.Natural Disasters
This type of threat is almost impossible to prepare for;
however, every attempt should be made to do so. The broad scope of
natural disasters, from earthquakes and floods to wildfires, requires
scenario- specific protocols.
Being prepared and having a plan in place can go a long way
to minimizing the destructive nature of these disasters. Make sure
anyone who is in the building knows what to do when these events
arise.

6. 3.Vandalism
Vandalism is defined as any activity that involves the deliberate
destruction, damage, or defacement of public or private property.
Vandalism is not a harmless act but a crime threatening the
very fabric of your physical security. Vandalism centers around
property damage, but the threat can be significantly reduced by
implementing adequate perimeter physical security. Perimeter
security using natural barriers, fencing, bollards, and gates.

7. 4.Theft and Burglary
Underestimating theft and burglary can significantly diminish
the effectiveness of building operation and security. The significance of
theft and burglary is the ability of security personnel to predict attack
methods in advance. Prediction allows for measures to be enacted and
installed to limit access. As the size of the facility or building
increases, so does the complexity of the issue.

8. Access Control

9. Access Control
Definition
▶ Access control is a process that allows
companies to determine who has access
to sensitive applications and data.
▶ Whether you are protecting a
cardholder data environment or guarding
health records, restricting access to
network resources is critical.
▶ Access control systems check the identity
of users and assign access rights according
to user roles.
▶ They exclude illegitimate users, reducing
the risk of data breaches and other cyber-
attacks.

10. This blog will look at access management basics. We will
explore critical issues like:

11. Why is access control important?
 Effective network access control helps companies to serve
customers, satisfy regulators, and maintain critical
systems.
 In an age of massive data breaches and reputational risk, it
is not
an optional extra.
 Most importantly, access control prevents data breaches and
excludes malicious attackers.
 Without robust authentication, attackers can easily
breach network defenses.

12.  Without properly configured authorization settings, attackers
can move freely within the network.
 This puts confidential data at risk and limits companies'
ability to detect and mitigate attack.
 Access control is also a major compliance issue across all
business sectors.
 HIPAA, GDPR, and PCI-DSS mandate robust access control
policies to protect customer data.
 The same applies to commonly used information security
standards like ISO 27001.

13. Access Control Components
▶ The access control process has five main components.
▶ Each component plays a critical role in controlling
access and protecting network resources.

14. 1. Authentication :
This establishes the user's identity. Every user connecting to the
network must prove they are who they claim to be. This could include
simple user ID and password filters. Extra authentication systems like
multi-factor authentication provide more robust security.
2. Authorization:
This provides access rights to network resources. Privileges
establish which resources a user can access, and the powers they have
when using those resources. For example, they may be authorized to
create but not transfer customer records. Users may also have
restricted access to specific apps for security reasons.

15. 3. Access:
The access control solution permits access to network
resources. Users can carry out their duties according to
security policies.
4. Management:
Network administrators must manage user profiles and
change access policies as needed. Access control solutions allow
admins to create and remove users. Access systems should combine
easily with identity directories for both cloud and on-premises assets.
5. Auditing:
This monitors security levels and remedies weaknesses, such
as users receiving more access than required, which could create
data breach risks.

16. How does access control work?
• ▶ The two core types of access control are physical and
logical.
•▶ Both are important, but they play very different roles
in
• security systems.

17. Physical access control:
Physical access controls manage access to workplaces and data
centers. Controls in this category include:
• Security cards
• Locks
• Biometric scanners
• Cameras to verify individuals.
Logical access control:
Logical access control manages access rights to digital
infrastructure and confidential data. LAC tends to involve
electronic access control methods. This could include passwords and
user IDs, as well as MFA. In practice, organizations usually use both
types of access control in their security systems. But in terms of cyber
security, the critical question is what types of logical controls to put in
place.

18. Some features are common to all access control solutions.
 Access controls use authentication factors to assess user
identities.
 This could involve information the user knows (such
as a password).
 It could be something they are (such as a biometric scan). Or
the factor could be something the user possesses (such as
security tokens or one-time codes).
 Access controls locate the user on the authorization database and
assign privileges that fit their identity or role.
 The access system logs information about the user session.
 This is used to detect anomalies and feeds into regular security
audits.
 Access systems vary beyond those core features.
 It's important to know the main types when putting in place
solid access controls.

19. Main access control types

20. Benefits of access control
Access controls are an essential cyber
security tool for several reasons:
▶Reduced risk of data breaches
▶Compliance with data protection
regulations
▶Enhanced network visibility

21. Biometric Access Control

22. INTRODUCTION
▶ Biometrics are automated methods
of recognizing a person based on a
physiological or behavioral
characteristic.
▶ As the level of security decreases
and transaction fraud increases, the
need for highly secure
identification and personal
verification technologies is more.
▶ Biometric-based solutions are able
to provide for confidential
financial transactions and personal
data privacy.

23. HISTORY
 The term “biometrics” is derived from the Greek words bio(life)
and metric (to measure).
 The first known example of biometrics in practice being used
in China in the 14th century by “Joao de Barros.”
 “Bertillonage” a method of bodily measurement was used
by police authorities.
 The police then used finger printing, which was developed
by
Richard Edward Henry of Scotland Yard.

24. WHY BIOMETRICS…?
 Convenient
 Password are user-friendly
 Perceived as more secured
 Passive identification

25. WORKIN
G
All biometric systems works in a four-stage process that consists of the
following steps:
 Capture: A biometric system collects the sample of biometric features like
fingerprint, voice etc of the person who “LOGGS” in.
 Extraction: The data extraction is done uniquely from the sample and
a template is created for unique features. Templates stores in digital
biometric code format.
 Comparison: The template is then compared with a new sample.
 Match/non-match: The system then decides whether the features
extracted from the new sample are a match or a non-match with the
template. When identity needs checking, the person interacts with the
biometric system, a new biometric sample and compared with the
template.

26. TECHNOLOGY
• Identification And Verification
Systems
Identification : Search a sample against
a database of templates.
Typical application: identifying
fingerprints
Verification: Computer a sample against
a single stored template
Typical application: voice lock

27. METHOD
S
BIOMETRIC METHODS:
1) Behavioral Biometrics
a) Keystroke or Typing Recognition
b) Speaker Identification or Recognition
2) Physical Biometrics
a) Fingerprint Identification or Recognition
b) Speaker or Voice Authentication
c) Hand or Finger Geometry Recognition
d) Facial Recognition

28. BEHAVIORAL
BIOMETRICS
• Used for verification purpose:
• Keystroke or Typing Recognition:
Keystroke recognition measures the
characteristics of an individual’s typing
patterns, including people who create
inappropriate email or conduct.
• Speaker Identification or Recognition:
Speaker identification and recognition is
used to discover an unknown speaker’s
identity based on patterns of voice pitch
and speech style. Behavioral patterns
of a voice differ with every individual.

29. PHYSICAL BIOMETRICS
• Used for Identification purpose:
• Fingerprint Identification or Recognition: This type of biometrics
compares two fingerprints to determinate identification.
• Speaker or Voice Authentication: Speaker or voice authentication is
analysis of vocal behavior by matching it to a voice model template.
• Hand or Finger Geometry Recognition: The method uses 3D analyze of
the finger for tracking and identification purposes.
• Facial Recognition: Facial recognition uses algorithms to analyze
features. These include the position/size/shape of the eyes, nose,
cheekbones and jaw line.

30. ADVANTAGES
 Increase security
 Eliminate problems caused by lots IDs or forgotten passwords
 Reduce password administration costs
 Make it possible, automatically, to know WHO did WHAT,
WHERE and WHEN ?
 Replace hard-to-remember- passwords which may be shared or
observed.

31. DISADVANTAGE
 The finger print of those people working in Chemical
industries are often affected.
 It is found that with age, the voice of a person differs.
 For people affected with diabetes, the voice of a person differs.
 Biometrics is an expensive security solution.

32.  Biometrics is a very interesting and exciting field that has
be
growing exponentially in recent years (especially 2001).
 The wide variety of physically unique traits our bodies
give us will soon allow to live in a very secure password-
less worlds.

33. Network Security

34. Network Security
▶ Network security is defined as the activity
created to protect the integrity of your
network and data. Every company or
organization that handles a large amount of
data, has a degree of solutions against many
cyber threats.
▶ Any action intended to safeguard the integrity
and usefulness of your data and network is
known as network security. This is a broad, all-
encompassing phrase that covers software and
hardware solutions, as well as procedures,
guidelines, and setups for network usage,
accessibility, and general threat protection.

35. Types of network security
▶ There are several types of network security through which we can
make our network more secure, Your network and data are shielded
from breaches, invasions, and other dangers by network security. Here
below are some important types of network security:
1) Email security
2) Firewalls
3) Network segmentation
4) Access control
5) Sand boxing
6) Cloud network security
7) Web security

36. 1. Email Security
Email Security is defined as the process
designed to protect the Email Account and its contents
safe from unauthorized access. For Example, you
generally see, fraud emails are automatically sent to the
Spam folder. because most email service providers
have built-in features to protect the content.
2
.
Fire
walls
A firewall is a network security
device, either hardware or software-based,
which monitors all incoming and outgoing
traffic and based on a defined set of security
rules accepts, rejects, or drops that specific
traffic. Before Firewalls, network security
was performed by Access Control Lists

37. 3.Network segmentation
Network traffic is divided into several categories by software-defined
segmentation, which also facilitates the enforcement of security regulations.
Ideally, endpoint identity—rather than just IP addresses—is the basis for the
classifications. To ensure that the appropriate amount of access is granted to the
appropriate individuals and that suspicious devices are controlled and remediated,
access permissions can be assigned based on role, location, and other factors.

38. 4. Access Control
Your network should not be accessible
to every user. You need to identify every user
and every device in order to keep out any
attackers. You can then put your security
policies into effect. Noncompliant endpoint
devices might either have their access restricted
or blocked. Network access control (NAC) is
this process.
5
.
Sandbo
xing
S
andboxin
g is a
cyber
security

39. 6. Cloud Network Security
Workloads and applications are no
longer solely housed in a nearby data centre
on-site. More adaptability and creativity are
needed to protect the modern data centre as
application workloads move to the cloud.
7. Web security
A online security solution will restrict
access to harmful websites, stop web-based risks,
and manage staff internet usage. Your web gateway
will be safeguarded both locally and in the cloud.
“Web security” also include the precautions you
take to safeguard your personal website.

40. Benefits of network security
▶ Network Security has several benefits, some of which are
mentioned below:
▶ Network Security helps in protecting clients’ information and
data which ensures reliable access and helps in protecting the data
from cyber threats.
▶ Network Security protects the organization from heavy losses
that
may have occurred from data loss or any security incident.
▶ It overall protects the reputation of the organization as it protects
the data and confidential items.