Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 1 Introduction to Security

Similar documents
Chapter 1: Information Security Fundamentals. Security+ Guide to Network Security Fundamentals Second Edition

NETWORK SECURITY ASPECTS & VULNERABILITIES

Vulnerability Assessment & Compliance

How-To Guide: Cyber Security. Content Provided by

Application Security in the Software Development Lifecycle

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers Your Interactive Guide to the Digital World

Executive Overview...4. Importance to Citizens, Businesses and Government...5. Emergency Management and Preparedness...6

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

IQware's Approach to Software and IT security Issues

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

If you could somehow visit rural America from 50 years ago, you would probably INFORMATION SECURITY FUNDAMENTALS

COB 302 Management Information System (Lesson 8)

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

Boston University Security Awareness. What you need to know to keep information safe and secure

Reducing the Cost and Complexity of Web Vulnerability Management

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

FACT SHEET: Ransomware and HIPAA

Hackers: Detection and Prevention

Risk Assessment Guide

5.5. Penetration Tests. Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council

The Business Case for Security Information Management

White Paper: Are there Payment Threats Lurking in Your Hospital?

IBM Global Small and Medium Business. Keep Your IT Infrastructure and Assets Secure

Data Security Incident Response Plan. [Insert Organization Name]

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Introduction to Ethical Hacking and Network Defense. Objectives. Hackers

Fighting Cyber Crime in the Telecommunications Industry. Sachi Chakrabarty

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Cybersecurity for the C-Level

Online Cash Manager Security Guide

10 Smart Ideas for. Keeping Data Safe. From Hackers

Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.

Defensible Strategy To. Cyber Incident Response

Austin Peay State University

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark

DATA BREACHES: WHEN COMPLIANCE IS NOT ENOUGH

Common Cyber Threats. Common cyber threats include:

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

A Network Administrator s Guide to Web App Security

Malware & Botnets. Botnets

Information Security Services

IIABSC Spring Conference

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Evolutionism of Intrusion Detection

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

IDENTITY THEFT FRAUD

PCI Compliance for Healthcare

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Computer Networks & Computer Security

Cybercrime: risks, penalties and prevention

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

PCI-DSS and Application Security Achieving PCI DSS Compliance with Seeker

FERPA: Data & Transport Security Best Practices

The risks borne by one are shared by all: web site compromises

Penetration Testing Service. By Comsec Information Security Consulting

ICTN Enterprise Database Security Issues and Solutions

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Data Management & Protection: Common Definitions

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Dr Web Mobile Security Licensing

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

AUTOMATED PENETRATION TESTING PRODUCTS

Principle of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D.

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Understanding Layered Security and Defense in Depth

Data Management Policies. Sage ERP Online

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

Vulnerability Assessments in Ethical Hacking

Student Tech Security Training. ITS Security Office

Top Five Security Issues for Small and Medium-Sized Businesses

Overview. Figure 1 - Penetration testing screenshot examples showing (i) PACS image and (ii) breached Electronic Health Record system

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

INTRODUCTION TO PENETRATION TESTING

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Nuclear Security Requires Cyber Security

Mobile Threat Intelligence Report

TYPES, PREVALENCE, AND PREVENTION OF CYBERCRIME. Haya Fetais & Mohammed Shabana. Saint Leo University COM- 510

What is Really Needed to Secure the Internet of Things?

Information Security for Managers

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

Endpoint Security Management

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Cyber Security An Exercise in Predicting the Future

Topic 1 Lesson 1: Importance of network security

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

CSC 474 Information Systems Security

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

The New PCI Requirement: Application Firewall vs. Code Review

Barracuda Web Site Firewall Ensures PCI DSS Compliance

Mobile Devices and Malicious Code Attack Prevention

Penetration Testing. Presented by

Is your data secure?

Security and Protection in Real-Time

Transcription:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security

Objectives Describe the challenges of securing information Define information security and explain why it is important Identify the types of attackers Identify the types of attacks and the defenses 2

Challenges of Securing Information There is no simple solution to securing information This can be seen through the different types of attacks that users face today As well as the difficulties in defending against these attacks 3

Difficulties in Defending against Attacks Difficulties include the following: Speed of attacks Greater sophistication of attacks Simplicity of attack tools Attackers can detect vulnerabilities more quickly and more readily exploit these vulnerabilities Delays in patching hardware and software products Most attacks are now distributed attacks, instead of coming from only one source User confusion 4

Difficulties in Defending against Speed of attacks: Attacks (cont.) Slammer worm infected 75,000 computers in the first 11 minutes of its release. Slammer infections doubled every 8.5 seconds Slammer scanned 55 million computers per Second. 5

Difficulties in Defending against Attacks (cont.) Greater sophistication of attacks Attackers today use common Internet tools and protocols to send malicious data and commands. Some attack appears differently each time. 6

Difficulties in Defending against Attacks (cont.) Simplicity of attack tools 7

Difficulties in Defending against Simplicity of attack tools Attacks (cont.) 8

Difficulties in Defending against Attacks (cont.) Attackers can detect vulnerabilities more quickly : Discovered vulnerabilities doubled annually Day zero attacks 9

Difficulties in Defending against Delays in patching Attacks (cont.) Security+ Guide to Network Security 10

Difficulties in Defending against Most attacks are now Distributed attacks: Many against one. Attacks (cont.) Difficult to stop an attack by identifying and blocking the source. User confusion: Make important decisions with little knowledge. 11

Difficulties in Defending against Attacks (cont.) 12

Defining Information Security Security can be considered as a state of freedom from a danger or risk This state or condition of freedom exists because protective measures are established and maintained Information security The tasks of guarding information that is in a digital format Ensures that protective measures are properly implemented Cannot completely prevent attacks or guarantee that a system is totally secure 13

Defining Information Security (cont.) Information security: Tasks of guarding digital information, which is typically processed by a computer (such as a personal computer), stored on a magnetic or optical storage device (such as a hard drive or DVD), and transmitted over a network spacing 14

Defining Information Security (continued) Information security is intended to protect information that has value to people and organizations This value comes from the characteristics of the information: Confidentiality Integrity Availability Information security is achieved through a combination of three entities 15

Defining Information Security (continued) Confidentiality: Prevention of unauthorized disclosure of information and keeping unwanted parties from accessing assets of a computer system also known as secrecy or privacy Integrity: Prevention of unauthorized modification of information. Availability: Prevention of unauthorized withholding of information or resources. Or keeping system available 16

Example Defining Information Security (continued) Consider a payroll database in a corporation, it must be ensured that: Salaries of employees are not disclosed to arbitrary users of the database. Salaries are modified by only those individuals that are properly authorized. Paychecks are printed on time at the end of each pay period. 17

18

Defining Information Security (continued) 19

Defining Information Security (continued) A more comprehensive definition of information security is: That which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures 20

Information Security Terminology Asset Something that has a value Threat An event or object that may defeat the security measures in place and result in a loss Threat agent A person or thing that has the power to carry out a threat 21

Information Security Terminology Vulnerability (continued) Weakness that allows a threat agent to bypass security Risk The likelihood that a threat agent will exploit a vulnerability Realistically, risk cannot ever be entirely eliminated 22

Information Security Terminology (continued) Security+ Guide to Network Security Fundamentals, Third Edition 23

Information Security Terminology (continued) The likelihood that a thief will exploit the hole The likelihood that an attacker will exploit the software bug 24

Understanding the Importance of Preventing data theft Information Security Security is often associated with theft prevention The theft of data is one of the largest causes of financial loss due to an attack Individuals are often victims of data thievery Thwarting identity theft Identity theft involves using someone s personal information to establish bank or credit card accounts Cards are then left unpaid, leaving the victim with the debts and ruining their credit rating 25

Understanding the Importance of Information Security (continued) Avoiding legal consequences A number of federal and state laws have been enacted to protect the privacy of electronic data Ex: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) 26

Understanding the Importance of Information Security (continued) Maintaining Productivity Cleaning up after an attack diverts resources such as time and money away from normal activities 27

Understanding the Importance of Information Security (continued) Foiling cyberterrorism Cyberterrorism Attacks by terrorist groups using computer technology and the Internet Utility, telecommunications, and financial services companies are considered prime targets of cyberterrorists 28

Who Are the Attackers? The types of people behind computer attacks are generally divided into several categories These include hackers, script kiddies, spies, employees, cybercriminals, and cyberterrorists 29

Hackers Hacker Generic sense: anyone who illegally breaks into or attempts to break into a computer system Narrow sense: a person who uses advanced computer skills to attack computers only to expose security flaws Although breaking into another person s computer system is illegal Some hackers believe it is ethical as long as they do not commit theft, vandalism, or breach any confidentiality 30

Script Kiddies Script kiddies Want to break into computers to create damage Unskilled users Download automated hacking software (scripts) from Web sites and use it to break into computers They are sometimes considered more dangerous than hackers Script kiddies tend to be computer users who have almost unlimited amounts of leisure time, which they can use to attack systems 31

Spies Computer spy A person who has been hired to break into a computer and steal information Spies are hired to attack a specific computer or system that contains sensitive information Their goal is to break into that computer or system and take the information without drawing any attention to their actions Spies, like hackers, possess excellent computer skills 32

Employees One of the largest information security threats to a business actually comes from its employees Reasons An employee might want to show the company a weakness in their security dissatisfied employees may want get even with the company For money Blackmailing 33

Cybercriminals Cybercriminals A loose-knit network of attackers, identity thieves, and financial fraudsters More highly motivated, less risk-averse, better funded, and more tenacious (stubborn) than hackers Many security experts believe that cybercriminals belong to organized gangs of young and mostly Eastern European attackers Cybercriminals have a more focused goal that can be summed up in a single word: money 34

Cybercriminals (continued) 35

Cybercriminals (continued) Cybercrime Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information Financial cybercrime is often divided into two categories Use of stolen credit card numbers and financial information Using spam to commit fraud 36

Cyberterrorists Cyberterrorists Their motivation may be defined as ideology, or attacking for the sake of their principles or beliefs Goals of a cyberattack: To deface electronic information and spread misinformation and propaganda To deny service to legitimate computer users To commit unauthorized intrusions into systems and networks that result in critical infrastructure outages and corruption of vital data 37

Attacker Profiles (Summary) Cybercriminals Money 38

Attacks and Defenses Although there are a wide variety of attacks that can be launched against a computer or network The same basic steps are used in most attacks Protecting computers against these steps in an attack calls for five fundamental security principles 39

Steps of an Attack The five steps that make up an attack Probe for information Penetrate any defenses Modify security settings Circulate to other systems Paralyze networks and devices 40

41

Defenses against Attacks Although multiple defenses may be necessary to withstand an attack These defenses should be based on five fundamental security principles: Protecting systems by layering Limiting Diversity Obscurity Simplicity 42

Layering Information security must be created in layers One defense mechanism may be relatively easy for an attacker to circumvent Instead, a security system must have layers, making it unlikely that an attacker has the tools and skills to break through all the layers of defenses A layered approach can also be useful in resisting a variety of attacks Layered security provides the most comprehensive protection 43

Limiting Limiting access to information reduces the threat against it Only those who must use data should have access to it In addition, the amount of access granted to someone should be limited to what that person needs to know Some ways to limit access are technology-based, while others are procedural 44

Diversity Layers must be different (diverse) If attackers penetrate one layer, they cannot use the same techniques to break through all other layers Using diverse layers of defense means that breaching one security layer does not compromise the whole system 45

Obscurity An example of obscurity would be not revealing the type of computer, operating system, software, and network connection a computer uses An attacker who knows that information can more easily determine the weaknesses of the system to attack it Obscuring information can be an important way to protect information 46

Simplicity Information security is by its very nature complex Complex security systems can be hard to understand, troubleshoot, and feel secure about As much as possible, a secure system should be simple for those on the inside to understand and use Complex security schemes are often compromised to make them easier for trusted users to work with Keeping a system simple from the inside but complex on the outside can sometimes be difficult but result in a major benefit 47

Summary Attacks against information security have grown exponentially in recent years There are several reasons why it is difficult to defend against today s attacks Information security may be defined as that which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures 48

Summary (continued) The main goals of information security are to prevent data theft, thwart identity theft, avoid the legal consequences of not securing information, maintain productivity, and foil cyberterrorism The types of people behind computer attacks are generally divided into several categories There are five general steps that make up an attack: probe for information, penetrate any defenses, modify security settings, circulate to other systems, and paralyze networks and devices 49

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information