Add to collection(s) Add to saved
  1. No category
Uploaded by Ruel David

Week 1&2 Security Fundamentals

advertisement 
Identifying Security
Fundamentals
Week 1 and 2 – Security +
Learning Objectives
• At the end of this lesson, student should be able to:
• Define Information Security in an IT spectrum.
• Explain the goals of Information Security
• Discuss the relationship between threats, vulnerabilities and risk in IS.
• Enumerate and explain the different types of attacks.
• Recommend security controls to counter attacks.
• Discuss the importance of Security Management Process in the
prevention / mitigation of damage to a network system.
Information Security
Information Security
• Refers to the protection of available information or
information resources from unauthorized access, attack,
theft, or data damage.
• Responsible individuals and organizations must secure their
confidential information.
• Advancement of business systems exposes crucial data from
different form of threats.***
Goals of Information Security
Goal of Information Security
• PREVENTION
• Personal information, company information, and information
about intellectual property must be protected.
• If there is a breach in security in any of these areas, then the
organization may have to put a lot of effort into recovering losses.
• Preventing entities from gaining unauthorized access to
confidential information should be the number one priority of
information security professionals.
Goal of Information Security
• DETECTION
• Detection occurs when a user is discovered trying to access
unauthorized data or after information has been lost.
• It can be accomplished by investigating individuals or by scanning
the data and networks for any traces left by the intruder in any
attack against the system.
Goal of Information Security
• RECOVERY
• When there is a disaster or an intrusion by unauthorized users,
system data can become compromised or damaged.
• It is in these cases that you need to employ a process to recover
vital data from a crashed system or data storage devices.
• Recovery can also pertain to physical resources.
RISK
• As applied to information systems, risk is a concept that indicates
exposure to the chance of damage or loss.
• It signifies the likelihood of a hazard or dangerous threat
occurring.
• Risk is the determining factor when looking at information
systems security.
• If an organization chooses to ignore risks to operations, it could
suffer a catastrophic outage that would limit its ability to survive.
RISK
• In Information Technology, risk is often associated with the
loss of a system, power, or network, and other physical
losses.
• Risk also affects people, practices, and processes.
Vulnerabilities
Vulnerability is any
condition that leaves
an information system
open to harm.
Vulnerabilities can
come in a wide variety
of forms, including:
• Improperly configured or installed
hardware or software.
• Delays in applying and testing software
and firmware patches.
• Untested software and firmware patches.
• Bugs in software or operating systems
• The misuse of software or
communication protocols.
• Poorly designed networks.
• Poor physical security.
• Insecure passwords.
• Design flaws in software or operating
systems.
• Unchecked user input.
Vulnerabilities
Threats
• A threat is any event or action that could potentially cause damage to an
asset.
• Threats are often in violation of a security requirement, policy, or procedure.
• Regardless of whether a violation is intentional or unintentional, malicious or not, it
is considered a threat.
• Potential threats to computer and network security include:
•
•
•
•
•
Unintentional or unauthorized access or changes to data.
The interruption of services.
The interruption of access to assets.
Damage to hardware.
Unauthorized access or damage to facilities.
Relationship of Threat to Risk
Hacker
Weak Firewall
Potential data
loss / stolen data
Information Security Threats
Attacks
• An attack is a technique used to exploit a vulnerability in any
application or physical computer system without the
authorization to do so.
• Attacks on a computer system and network security include:
• Physical security attacks.
• Software-based attacks.
• Social engineering attacks.
• Web application-based attacks.
• Network-based attacks, including wireless networks.
Physical Security Attacks
• Unauthorized access into areas
and theft of mobile devices,
storage devices or attempting
to login to a secured device to
access crucial data.
Software-Based Attacks
• Creating backdoors into your
device through use of cleverlydisguised third-party software,
or spyware / malware.
• Once successfully installed,
third parties can gain full
control of your device.
Social Engineering Attacks
• Social engineering is the term
used for a broad range of
malicious activities accomplished
through human interactions.
• It uses psychological
manipulation to trick users into
making security mistakes or
giving away sensitive
information.
Web-Application-Based / Cyber Attacks
• Serious weaknesses or
vulnerabilities that allows
criminals to gain direct and
public access to databases in
order to churn sensitive data.
Network-Based Attacks
• Network-based attacks are
attacks designed to compromise
network security by either
eavesdropping on or
intercepting and manipulating
network traffic.
• One of the most sophisticated
type of attacks.
HOW DO WE…
!!!
CONTROLS
Controls
• Controls are the countermeasures that you need to put in place to avoid,
mitigate, or counteract security risks due to threats or attacks.
• In other words, controls are solutions and activities that enable an
organization to meet the objectives of an information security strategy.
• Controls can be safeguards and countermeasures that are logical or
physical.
• Controls are broadly classified as PREVENTION, DETECTION, and
CORRECTION.
Types of Control
• Prevention Controls
• These help to prevent a threat or
attack from exposing a vulnerability
in the computer system.
• For example, a security lock on a
building's access door is a prevention
control.
Types of Control
• Detection Controls
• These help to discover if a threat or
vulnerability has entered into the
computer system.
• For example, surveillance cameras that
record everything that happens in and
around a building are detection
controls.
Types of Control
• Correction controls
• These help to mitigate the
consequences of a threat or attack
from adversely affecting the
computer system.
• For example, a security officer who
responds to a silent alarm detecting an
intrusion and who then stops the
intruder is a correction control.
SECURITY MANAGEMENT
PROCESS
Are the different phases of handling security measures of security
issues.
Phase 1: Identify security controls
• This involves detecting problems and determining how best to
protect a
• system:
• Find out when and where security breaches occur.
• Log details of the breaches, showing information regarding the failed
attempts, such as typing a wrong user name or password.
• Select the appropriate identification technique, such as a network
intrusion detection system (NIDS).
Phase 2: Implement security controls
• This involves installing control mechanisms to prevent problems
in a system:
• Authenticate users appropriately or control access to data and
resources.
• Match implementation security controls with the management
requirements in any organization.
• Install a security mechanism such as an intrusion detection system (IDS)
or an intrusion prevention system (IPS) to prevent any attacks on the
system.
Phase 3: Monitor security controls
• This involves detecting and solving any security issues that
arise after security controls are implemented:
• Run tests on the various controls installed to see if they are
working correctly and will remain effective against further attacks
on the system.
• Analyze important steps that improve the performance of controls.
• Document each control failure and determine if a control needs to
be upgraded or removed.
THAT’S ALL FOLKS.
Related documents
– Security JDiBrief Scenario based risk assessment for critical infrastructures:
– Security JDiBrief Scenario based risk assessment for critical infrastructures:
Lecture 3
Lecture 3
Operating Systems Security: Chapter 1 What the book will cover:
Operating Systems Security: Chapter 1 What the book will cover:
Marking Time Discussion Questions When did the planning for the September 11
Marking Time Discussion Questions When did the planning for the September 11
Download
advertisement