Define information security Define security as process, not point product.

Similar documents
Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Ethics and Information Security. 10 주차 - 경영정보론 Spring 2014

Firewalls, Tunnels, and Network Intrusion Detection

(2½ hours) Total Marks: 75

Access Controls. CISSP Guide to Security Essentials Chapter 2

COMPUTER NETWORK SECURITY

A Security Model for Space Based Communication. Thom Stone Computer Sciences Corporation

The Need for Biometric Authentication

ANATOMY OF AN ATTACK!

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

5. Execute the attack and obtain unauthorized access to the system.

Systems and Network Security (NETW-1002)

Integrated Access Management Solutions. Access Televentures

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

Wireless LAN Security (RM12/2002)

Network Security and Cryptography. December Sample Exam Marking Scheme

Chapter 11: Networks

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

2. INTRUDER DETECTION SYSTEMS

Information Security Identification and authentication. Advanced User Authentication II

Cyber Criminal Methods & Prevention Techniques. By

System Threat Analysis Case Study for Software Based Communications

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

CompTIA Security+(2008 Edition) Exam

e-commerce Study Guide Test 2. Security Chapter 10

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

Linux Network Administration

Best Practices With IP Security.

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

The Eight Rules of Security

ISO/IEC Common Criteria. Threat Categories

CTS2134 Introduction to Networking. Module 08: Network Security

# ROLE DESCRIPTION / BENEFIT ISSUES / RISKS

CHAPTER 8 SECURING INFORMATION SYSTEMS

Chapter 11: It s a Network. Introduction to Networking

Distributed Systems. Lecture 14: Security. Distributed Systems 1

SECURING YOUR HOME NETWORK

Wireless Attacks and Countermeasures

CompTIA Security+ (2008 Edition) Exam

Distributed Systems. Lecture 14: Security. 5 March,

Computer Security: Principles and Practice

Chapter 10: Security and Ethical Challenges of E-Business

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter

CPET 499/ITC 250 Web Systems Chapter 16 Security. Topics

CS6501: Great Works in Computer Science

Information Security

GE Fanuc Intelligent Platforms

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

E-Commerce/Web Security

Full file at

POLICY 8200 NETWORK SECURITY

EXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

Lecture 9 User Authentication

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Chapter 4. Network Security. Part I

Chapter 16: Advanced Security

Protection and Security

Vulnerability Management Policy

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

Network Security Issues and Cryptography

IS Today: Managing in a Digital World 9/17/12

CS 356 Operating System Security. Fall 2013

Ethical Hacking & Information Security. Justin David G. Pineda Asia Pacific College

Configuring NAT for IP Address Conservation

Securing the Distributed Enterprise

CHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM

NETWORK THREATS DEMAN

A (sample) computerized system for publishing the daily currency exchange rates

10 Hidden IT Risks That Might Threaten Your Business

Introduction to Information Security Dr. Rick Jerz

Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

BOR3307: Intro to Cybersecurity

6 Vulnerabilities of the Retail Payment Ecosystem

PROTECTING INFORMATION ASSETS NETWORK SECURITY

19.1. Security must consider external environment of the system, and protect it from:

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Easy-to-Use PCI Kit to Enable PCI Compliance Audits

TIME SYSTEM SECURITY AWARENESS HANDOUT

NETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

CIS 5373 Systems Security

Vulnerability Assessment. Detection. Aspects of Assessment. 1. Asset Identification. 1. Asset Identification. How Much Danger Am I In?

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

Cyber security tips and self-assessment for business

The Security Problem

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

University of Alabama at Birmingham MINIMUM SECURITY FOR COMPUTING DEVICES RULE July 2017

Juniper Vendor Security Requirements

Overview of Information Security

Web Gate Keeper: Detecting Encroachment in Multi-tier Web Application

MTA Networking Fundamentals Exam.

Information Security in Corporation

Securing Information Systems

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

from ocean to cloud NETWORK MANAGEMENT SYSTEMS HOW TO IMPROVE SYSTEM SECURITY

Module 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.

Transcription:

CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product.

Define information security Information is a knowledge obtained from investigation, study, instruction, news or facts. Security is freedom from danger, safety; freedom from fear. Information security measures adopted to prevent the unauthorized use, misuse, modification, or denial of use of knowledge, facts, data, or capability. Or it is the steps you take to guard your information.

Define information security People are the weakest link in securing the organization information. Information security will not guarantee the safety of the organization, information, or computer systems. Security is a process, not a product A single layer of security cannot ensure good security. Effective security is achieved by a combination of all security disciplines. Do not rely on a single product for all security you must use layered approach.

Define information security Information security is mindset; examine the threats to the organization. with this mindset, the user of information should feel confident and comfortable with the security process used by an organization. There is currently no effective process to certify computer system.

History of security Physical security : All assets and important information are physical. To protect these assets, physical security was used, such as walls, moats, and guards. Communication security : Use of encryption system (cipher) is allowing the user to send messages that could not be read if they are intercepted. Emissions security. Computer security. Network security. Information security.

Define security as process Many different products and types of products are necessary to fully protect an organization some of these technologies and products include : 1. Anti-virus software. 2. Access controls. 3. policy management 4. Firewalls. 5. Biometrics 6. Vulnerability scanning. 7. Encryption.

Anti-virus The goal of anti-virus is to reduce the exposure of the organization to malicious code. Anti-virus software will not protect organization from an intruder who misuses a legitimate program to gain access to the system.

Access control Capability to restrict access to files based on the ID of the user. Access control can restrict legitimate users from accessing files they should not have access to. Authenticating a user s access is accomplished by using any combination of something you know, something you have, or something you are.

Policy management and intrusion detection Policies and procedures are important components of a good security program, and the management of policies across computer systems is equally important. Using of a policy management system, an organization can be made aware of any system that does not confirm to policy. Intrusion detection identify when someone doing something wrong and stop them. Intrusion detection systems are not foolprof and cannot replace security practices

Firewalls Firewalls are access control devices for the network and can assist in protecting an organization s internal network from external attacks. By their nature, firewalls are border security products, meaning that they exist on the border between the internal network and the external networks. Although firewalls provide protection from attackers, they cannot prevent an attack from using an allowed connection.

Biometrics Biometrics uses a biological elements to authenticate the user s access. Biometrics are yet another authentication mechanism and they too can reduce the risk of someone guessing a password. Types of Biometrics scanners include fingerprints, face recognition and voice. Each method usually required some type of device to identify human characteristics.

Encryption Encryption is the primary mechanism for communications security. Encryption might even protect information that is in storage by encrypting files. The encryption system will not differentiate between legitimate and illegitimate users if both present the same keys to the encryption algorithm. Therefore,encryption by itself will not provide security. Encryption need to controls on the Encryption keys and the system at hole.

Vulnerability Scanning and Physical Security Scanning computer system for vulnerabilities is an important part of a good security program. Vulnerability scanning will not detect legitimate users who may have inappropriate access. Physical security is the one product category that could provide complete protection to computer systems and information. Employees must have access to computers and information in order for the organizations to function. Therefore, the physical security must allow some people to gain access in this case physical security will not protect system from attacks that use legitimate access.

Chapter two Types of Attacks Look at : Access attacks. Modification attacks Denial-of-service attacks Repudiation attacks

Types of attacks There are four primary categories of attacks: 1. Access attacks. 2. Modification attacks 3. Denial-of-service attacks 4. Repudiation attacks

2.1 Access attack An access attack is an attempt to gain information that the attacker is not authorized to see. This attack can occur wherever the information resides or may exist during transmission. This type of attack is an attack against the confidentiality of the information. There are three kinds of access attack: 1. Snooping 2. Eavesdropping 3. Interception

2.1.1 Snooping Snooping is looking through information files in the hopes that the attacker will find something interesting. If the files are on a computer system, an attacker may attempt to open one file after another until information is found. information stored on media Information on local hard drive and left in the office or on backups taken off-site desktop computer

2.1.2 Eavesdropping When someone listens in on a conversation that they are not a part of, that is Eavesdropping. To gain unauthorized access to information, an attacker must position himself at a location where information of interest is likely to pass by. Wireless networks have increased the opportunity to perform Eavesdropping. Mainframe attacker s computer Traffic from the desktop to The mainframe travels over The local area network. the attacker can listen on the session from the desktop by attaching to the same local area network

2.1.3 Interception Interception is an active attack against the information. When an attacker Intercepts information he is inserting himself in the path of the information and capturing it before it reaches its destination. Attackers may allow the information to continue to its destination or not. Information access using Interception is the most difficult option for an attacker.

How access attacks are accomplished If access control permission are set properly, the unauthorized individual should be denied access. Correct permissions will prevent most casual snooping. There are many vulnerabilities that will allow attacker to succeed in accessing the unauthorized data. Attackers use a Sniffer to Eavesdropping on the transmission. A sniffer is a computer that is configured to capture all the traffic on the network. A sniffer can be installed after an attacker has increased his privileges on a system or if the attacker is allowed to connect his own system to the network.

2.2 Modification attack A modification attack is an attempt to modify information that an attacker is not authorized to modify. Attacker may do one of the following : 1. Changes: one type of modification attack is to change existing information, such as an attacker changing an existing employee s salary or student grades. 2. Insertion: when an insertion attack is made, information that did not previously exist is added. For example, an attacker might choose to add transaction in a banking system that moves funds from customer s account to his own. 3. Deleting: a delete attack is the removal of existing information.

How modification attacks are accomplished If the attacker has access to files, modification can be made. If the attacker does not have authorized access to files the attacker would first have to increase his access to the system or remove the permission on the file. Attackers use vulnerability on the computer system to access the system or files. Then attacker can modify the file data. The attacker exploits vulnerability on the server and replace homepage with something new.

Define Denial-of-Service Attacks Denial-of-Service (DoS) Attacks are attacks that deny the use of resources to legitimate users of the system, information, or capabilities. (DoS) is nothing more than vandalism. Denial of Access may occurs on: 1. Information: Denial of Access to information causes the information to be unavailable. 2. Application: Denial of Access to applications normally an attack against a computer system running the application. 3. Systems: Denial of Access to systems cause all information that is stored on the system to become unavailable.

How Denial-of-Service Attacks are accomplished DoS attacks against the information can be made by simply turning off the system. Turning off the system will also cause an attack against system. DoS attacks against the application. Attacker send a predefined set of commands to the application telling the application not process properly. The application will likely crash.

Repudiation Repudiation attack is an attempt to give false information or to deny that real event or transaction should have occurred. An attacker may masquerade as another person to collect information or interrupt normal operations.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback