Introduction to Information Security Dr. Rick Jerz

Similar documents
4 Information Security

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Web Cash Fraud Prevention Best Practices

CHAPTER 3. Information Systems: Ethics, Privacy, and Security

Personal Cybersecurity

Wireless Network Security

CHAPTER 8 SECURING INFORMATION SYSTEMS

Chapter 4 Network and Internet Security

Chapter 6 Network and Internet Security and Privacy

How Cyber-Criminals Steal and Profit from your Data

Wireless Network Security Fundamentals and Technologies

Best Practices Guide to Electronic Banking

Cyber Security Practice Questions. Varying Difficulty

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

Employee Security Awareness Training

IS Today: Managing in a Digital World 9/17/12

Securing Information Systems

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Main area: Security Additional areas: Digital Access, Information Literacy, Privacy and Reputation

Securing Information Systems

CTS2134 Introduction to Networking. Module 08: Network Security

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Information Security in Corporation

Securing Information Systems

Online Threats. This include human using them!

BEST PRACTICES FOR PERSONAL Security

5 Tips to Fortify your Wireless Network

BraindumpsVCE. Best vce braindumps-exam vce pdf free download

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

ANATOMY OF AN ATTACK!

Office 365 Buyers Guide: Best Practices for Securing Office 365

Course Outline (version 2)

PCI Compliance. What is it? Who uses it? Why is it important?

Chapter 11: Networks

5. Execute the attack and obtain unauthorized access to the system.

Home Computer and Internet User Security

CompTIA E2C Security+ (2008 Edition) Exam Exam.

Chapter 9 Security and Privacy

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Securing the SMB Cloud Generation

A Review Paper on Network Security Attacks and Defences

Security+ SY0-501 Study Guide Table of Contents

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Wireless Attacks and Countermeasures

Chapter 11: It s a Network. Introduction to Networking

Module 11. Security Methods

ECDL / ICDL IT Security. Syllabus Version 2.0

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Train employees to avoid inadvertent cyber security breaches

Security Awareness. Presented by OSU Institute of Technology

More about Windows OS Security

SECURE USE OF IT Syllabus Version 2.0

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

How Breaches Really Happen

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

Service Provider View of Cyber Security. July 2017

How to Build a Culture of Security

How To Remove Personal Antivirus Security Pro Virus

Upgrading Your Home Network Security

IT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)

Technology in Action

Wireless Ethernet: Technologies and Security for the Water Industries

Ethical Hacking and Prevention

CS System Security 2nd-Half Semester Review

Unique Phishing Attacks (2008 vs in thousands)

Chapter 10: Security and Ethical Challenges of E-Business

CYBER SECURITY: ALTITUDE DOES NOT MAKE YOU SAFE

ACM Retreat - Today s Topics:

A practical guide to IT security

Children s Health System. Remote User Policy

Vendor: Microsoft. Exam Code: Exam Name: MTA Security Fundamentals Practice Test. Version: Demo

Comptia.Certkey.SY0-401.v by.SANFORD.362q. Exam Code: SY Exam Name: CompTIA Security+ Certification Exam

1. Which network design consideration would be more important to a large corporation than to a small business?

Securing Information Systems

Start the Security Walkthrough

What is Eavedropping?

Getting over Ransomware - Plan your Strategy for more Advanced Threats

PROTECTING YOUR BUSINESS ASSETS

SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY

Wireless Security Algorithms

Chapter 16: Advanced Security

Cyber Security for PSNTs John Burger, Colonel, U.S. Army (Retired) VP Strategy and Threat Management, Reliaquest

Chapter 24 Wireless Network Security

Chapter 4. Network Security. Part I

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak

User Guide AE6000. Wireless Mini USB Adapter AC580 Dual Band

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Personal Physical Security

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

Introduction to Computing

PCI PA - DSS. Point Vx Implementation Guide. Version For VeriFone Vx520, Vx680, Vx820 terminals using the Point Vx Payment Core (Point VxPC)

The following chart provides the breakdown of exam as to the weight of each section of the exam.

SECURING YOUR HOME NETWORK

Emerging Technologies

716 West Ave Austin, TX USA

Define information security Define security as process, not point product.

Safety and Security. April 2015

Transcription:

Introduction to Information Security Dr. Rick Jerz 1

Goals Explain the various types of threats to the security of information Discuss the different categorizations of security technologies and solutions Explain passwords, firewalls, biometrics, encryption, virus protection, and wireless security Discuss the main purposes and content of security policies Identify risk management options 2

Introduction to Information Security Five Factors Contributing to Vulnerability Today s interconnected, interdependent, wirelessly networked business environment Smaller, faster, cheaper computers & storage devices Decreasing skills necessary to be a computer hacker International organized crime taking over cybercrime Lack of management support 3

Why Worry About Security Threats can render a system inoperative Threats can make data unavailable Threats can steal your money Threats can change data Threats can make you less productive Threats can cost money! Balance the cost of a threat versus the cost of protection 4

Information Security Threats Unauthorized access Viruses and malware Email threats Accidental loss of data Security threats can involve both people and equipment 5

Unauthorized Access Locked areas or equipment User IDs and passwords Encryption Security cards Biometrics 6

Biometrics Fingerprint recognition Facial recognition Iris/retina recognition DNA recognition Odor recognition Ear recognition Signature recognition 7

Firewalls Computer or a router that controls, or restricts access in and out of the organization s networks Cannot protect an organization from a virus Cannot prevent hackers from exploiting an unsecured computer Should be implemented at different locations in the organization A firewall architecture for Defense in Depth 8

Viruses and Other Malware Viruses are sent out to find any victim they can Lines of code that make up a virus can be embedded into other files The signature of the virus is the particular bit patterns that can be recognized, which is how virus detection software knows your computer has contracted a virus Can be active or passive 9

Rick s Computers Older Dell PC Norton Antivirus Malwarebytes Spybot Search & Destroy Virtual Windows7 PC Microsoft s Antivirus Macintosh Nothing! 10

Email Attacks Email bombing: Sending a large amount of emails designed to disrupt normal functioning Smurfing: When hackers sometimes use an innocent 3 rd party to send a flood of messages to an intended target Spoofing: Forged sender address Phishing: Masquerading as a trustworthy entity 11

Carefully Watch Your Email! The email is addressed to you using your email account info The email does not have a personalized salutation When you hover the mouse over the hyperlink, the site does not seem to be from the proper company When you hover the mouse over the hyperlink, the site seems to be located in another country The email makes you feel your response is urgent or something bad is going to happen. 12

Accidental Loss of Data Have a good filing system Think about theft and fraud Password protect or encrypt important information Backup your system and files Be careful about putting data on: Cell phone USB drives CDs and DVDs 13

Wireless Security Best protection for wireless networks is encryption WEP, the Wired Equivalent Privacy is an older encryption algorithm, which can be easily cracked within minutes today WPA, the Wi-Fi Protected Access, is a more recent and powerful encryption algorithm widely available in most routers Further protection for home wireless networks is to disable the broadcasting of the network s ID (SSID) 14

Your Web Server Firewalls Antivirus Whitelists and Blacklists Encryption VPN SSL - Secure Socket Layer Employee Monitoring Systems Email Spam: 15

Risk Management Process of identifying, assessing and prioritizing the security risks an organization may face Analyze and balance risks with the resources available to mitigate them Management determines where the company would be most vulnerable and how likely it is that a risk would affect it 16

Security Measures Educate people about security threats and solutions Create strong passwords Keep passwords in a secure location Run appropriate antivirus and malware software Develop a good data backup system 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback