Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Ch10

advertisement 
Chapter 10
Security
MIS323 – Business Telecommunications
Security Discussion
Introduction to Security
Corporate Security
• Security Breach Case
• How would you handle the situation?
• What did they do wrong and what changes would you
suggest?
Personal Security
• Personal Security Assessment
• Security Tools
Copyright 2010
John Wiley & Sons, Inc
2
10.1 Introduction
Security has always been a major business concern


Computers and Internet have redefined the nature of
information security
Laws and enforcement in cyber crime
Security Incidents & Financial Impact
Computer security increasingly important
Types of Security Threats
Business continuity planning related threats



Intrusion
Network Controls
Mechanisms that reduce or eliminate the threats to
network security
Types of controls:



10.2 Risk Assessment
A key step in developing a secure network
Assigns level of risks to various threats
Use a control spreadsheet
10.3 Ensuring Business Continuity
Make sure that organization’s data and applications will
continue to operate even in the face of disruption,
destruction, or disaster
Continuity Plan includes two major parts:
1.
2.
Specifics of Continuity Plan
Preventing Computer Viruses
Viruses spreads when infected files are accessed
Worms
Incoming e-mail messages are most common source of
viruses
Preventing Denial of Service Attacks
DoS attacks
Distributed DoS (DDoS)
Difficult to prevent DoS and DDoS attacks
10.4 Intrusion Prevention
Types of intruders




Intrusion Prevention
Requires a proactive approach that includes routinely testing
the security systems
Best rule for high security
Security Policy
Security Holes
Made by flaws in network software that permit unintended
access to the network
Once discovered, knowledge about the security hole quickly
circulated on the Internet
Examples:
RSA – a fradulent email that took advantage of a hole in adobe flash
Preventing Social Engineering
Breaking security by simply asking how
Attackers impersonate others on the phone to ask for information
Attackers have good social skills and can manipulate people
Phishing Emails
Managing Users
Screen and classify both users and data
Review the effect of any security software
Provide adequate user training on network security
Security Used at Orgs – CSI Survey
18
Personal Security: Risk Assessments
• Disruption, Disaster and Power Loss
Backup Drives
Cloud computing
Personal Security: Risk Assessments
• Virus and Malware Protection
Malwarebytes
Antivirus Software
Personal Security: Risk Assessments
• Intrusion
Secure Devices
Personal Firewall
Prey Project
Related documents
Lecture 3
Lecture 3
Unit 10: Course Summary and Final Exam
Unit 10: Course Summary and Final Exam
Business Plan Scope Sheet - Cleveland Clinic Academy
Business Plan Scope Sheet - Cleveland Clinic Academy
an internal intrusion detection and protection[new][ieee]
an internal intrusion detection and protection[new][ieee]
How Cities Work - Urban Systems Collaborative
How Cities Work - Urban Systems Collaborative
Computer System Security Syllabus
Computer System Security Syllabus
Co-Relating Alerts for Snort Intrusion Detection System Introduction
Co-Relating Alerts for Snort Intrusion Detection System Introduction
Protection of Different Agent with Improved Ids Detection Abstract
Protection of Different Agent with Improved Ids Detection Abstract
CS219 TUTORIAL SOLUTION 4
CS219 TUTORIAL SOLUTION 4
Attacks classification in Network Intrusion Detection System Using ANN
Attacks classification in Network Intrusion Detection System Using ANN
Collaborative Filtering for Community Threats Robert P. Goldman Mark S. Boddy
Collaborative Filtering for Community Threats Robert P. Goldman Mark S. Boddy
Distributed Denial of Service Attacks (DDoS) were one of the most
Distributed Denial of Service Attacks (DDoS) were one of the most
Big Data Testbed for Network Attack Detection
Big Data Testbed for Network Attack Detection
IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”
IRJET- Review on “Using Big Data to Defend Machines against Network Attacks”
A Review of Open Source Tools to Detect and Prevent DoS
A Review of Open Source Tools to Detect and Prevent DoS
CHAPTER 1 INTRODUCTION
CHAPTER 1 INTRODUCTION
IRJET-Intrusion Detection System using Cloud Computing
IRJET-Intrusion Detection System using Cloud Computing
International Journal of Application or Innovation in Engineering & Management... Web Site: www.ijaiem.org Email: Volume 4, Issue 5, May 2015
International Journal of Application or Innovation in Engineering & Management... Web Site: www.ijaiem.org Email: Volume 4, Issue 5, May 2015
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242
Modeling and Detecting Intrusions in ad hoc Network Routing Protocols Mouhannad Alattar
Modeling and Detecting Intrusions in ad hoc Network Routing Protocols Mouhannad Alattar
Research Journal of Applied Sciences, Engineering and Technology 10(12): 1420-1424,... DOI: 10.19026/rjaset.10.1843
Research Journal of Applied Sciences, Engineering and Technology 10(12): 1420-1424,... DOI: 10.19026/rjaset.10.1843
Download
advertisement