SlideShare uma empresa Scribd logo

Information Systems.pptx

Transferir como PPTX, PDF
K
KnownId

This document provides an overview of information systems and security topics including computer security, authentication mechanisms, firewalls, computer crimes, social impacts of computers, computer viruses, worms, digital signatures and certificates. It discusses information security principles of confidentiality, integrity and availability. It also covers specific authentication mechanisms like passwords, multi-factor authentication, certificates, tokens and biometrics. Additionally, it defines what a firewall is and how it works to inspect and block unauthorized network traffic based on packet rules.

Tecnologia
1 de 41
Information Systems and Security Introduction to Information Systems
1. Computer security 2. Authentication mechanisms 3. Firewall 4. Computer crimes 5. Social impacts 6. Computer virus 7. Worms 8. Digital signature and Certificates Module Outline
Information security • Information security, sometimes abbreviated to infosec, is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored and when it's being transmitted from one machine or physical location to another. • Information security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (SANS Institute)
Information Security vs Cybersecurity Because information technology has become the accepted corporates and that means, basically, "computers and related stuff," you will sometimes see information security and cybersecurity used interchangeably. Strictly speaking, cybersecurity is the broader practice of defending IT assets from attack, and information security is a specific discipline under the cybersecurity umbrella. Network security and application security are sister practices to infosec, focusing on networks and app code, respectively. (Obviously, there's some overlap here. We can't secure data transmitted across an insecure network or manipulated by a leaky application. As well, there is plenty of information that isn't stored electronically that also needs to be protected).
Information security principles The basic components of information security are Confidentiality: Data is confidential when only those people who are authorized to access it can do so; to ensure confidentiality, need to be able to identify who is trying to access data and block attempts by those without authorization. Passwords, encryption, authentication, and defense against penetration attacks are all techniques designed to ensure confidentiality. Integrity means maintaining data in its correct state and preventing it from being improperly modified, either by accident or maliciously. Many of the techniques that ensure confidentiality will also protect data integrity—after all, a hacker can't change data they can't access—but there are other tools that help provide a defense of integrity in depth. Integrity also covers the concept of non-repudiation – ability to prove that data is maintained the integrity, especially in legal contexts. Availability is to make sure that your data can't be accessed by unauthorized users, you also need to ensure that it can be accessed by those who have the proper permissions. Ensuring data availability means matching network and computing resources to the volume of data access you expect and implementing a good backup policy for disaster recovery purposes.
Information security measures Technical measures include the hardware and software that protects data — everything from encryption to firewalls Organizational measures include the creation of an internal unit dedicated to information security, along with making infosec part of the duties of some staff in every department Human measures include providing awareness training for users on proper infosec practices Physical measures include controlling access to the office locations and, especially, data centers
Computer Security Computer security professional should know 1. Specific motive of the computer security attack 2. Malware 3. Root cause exploits 4. Cryptography and data protection 5. Networking and network packet analysis 6. Basic common defences 7. Authentication 8. Mobile threats 9. Cloud security 10.Event logging 11.Incident response 12.Education and communication
1. Specific motive of the computer security attack Computer hackers can be categories with their motive as • Financial • Nation-state sponsored/cyberwarfare • Corporate espionage (spying) • Hacktivists • Resource theft • Cheating 2. Malware There are three major types of malware: computer virus, Trojan horse, and worm. Any malware program is an amalgam of one or more of these classifications. A computer virus is a malware program that hosts itself inside of other programs, files, and in digital storage to replicate. A trojan horse is a malware program claiming to be something legitimate to trick humans into setting it in motion. A trojan horse does not self-replicate; it relies on the curiosity of humans to help it spread. A worm is a self-replicating program that uses code to spread itself. It does not need other host programs or files.
3. Root cause exploits Computer security professionals face thousands of new software vulnerabilities and millions of unique malware programs, yet only few different root cause exploits allow each of those into someone’s environment. Identify and stop the root cause exploits and we are protected from hacking and malware. Here are the ten types of root exploits: • Programming bug • Social engineering • Authentication attack • Human error • Misconfiguration • Eavesdropping / man in the middle (MitM) • Data / Network traffic malformation • Insider attack • Third-party reliance issue • Physical attack
4. Cryptography and data protection Digital cryptography is the art of making information secure against unauthorized access and modification. Every IT security professional should learn the basics of cryptography, including asymmetric encryption, symmetric encryption, hashing, and key distribution and protection. Data protection requires a lot of cryptography. Complete data protection also demands that the data be lawfully collected and used, that you guard its privacy against unauthorized access, and that you back it up securely to prevent malicious modification and to ensure availability. 5. Networking and network packet analysis It is needed to recognize the security professionals to understand networks at the packet level. They are facile with network basics such as protocols, port numbers, network addresses, layers of the OSI model, the difference between a router and a switch, and are able to read and understand what all the various fields of a network packet are used for. To understand network packet analysis is to truly understand networks and the computers that use them.
6. Basic common defences Almost every computer has common basic defences, which to be considered and applied. Understanding and using the basic common IT security defences is a must for every IT security professional. But don’t stop at simply knowing about them. Know, too, what they are good at stopping and what they fail to do. They are the “standards” of computer security which include: • Patch management • End-user training • Firewalls • Antivirus • Secure configurations • Encryption/cryptography • Authentication • Intrusion detection • Logging
7. Authentication The best security professionals understand that authentication is more than the process of putting in a valid password or satisfying a two-factor ID test. It’s much more involved than that. Authentication begins with the process of providing a unique, valid identity label for any namespace – such as the email address, user principal name, or logon name. Authentication is the processes of providing one or more “secrets” that are only known by the valid identity holder and his authentication database/service. When the valid identity holder types in the correct authentication factor(s), this proves that the authenticated user is the valid owner of the identity. Then, after any successful authentication, the subject’s attempted accesses to protected resources are examined by a security manager process known as authorization. All logon and access attempts should be documented to a log file.
8. Mobile threats There are now more mobile devices than people on the planet and most people get most of their information through a mobile device. Because humankind’s mobile prowess is only likely to increase, IT security professionals need to take mobile devices, mobile threats, and mobile security seriously. There isn't usually much difference between mobile threats and computer threats, but there are some differences. The top mobile threats include: • Mobile malware • Privacy invasion/theft • Ransomware • Phishing attacks • Spyware • Data or credential theft • Picture theft • Unsecured wireless
9. Cloud security Traditional corporate administrators no longer control the servers, services, and infrastructure used to store sensitive data and service users. Cloud infrastructures are almost always multitenant architectures, where keeping different customers' data separate can be complicated by virtualization and the recent containerization and development of microservices. Heralded by some as a way to help make security easier to do, each development usually makes the infrastructure more complex. Factors make cloud security more complex than traditional networks are: • Lack of control • Always available on the internet • Multitenancy (shared services/servers) • Virtualization/containerization/microservices
10. Event logging Year after year, the research shows that the most missed security events were right there in the log files all along, just waiting to be discovered. A good event- log system is worth taking care of the basic steps of event logging, which every IT security professional should know: • Policy • Configuration • Event log collection • Normalization • Indexing • Storage • Correlation • Baselining • Alerting • Reporting
11. Incident response Computer security professional should be ready for this with an incident response plan, which should be put into action immediately. A good incident response is essential. It can be the difference between an event that ruins the day and one that ends up in the media and tarnishes the character of the organisation. The basics of incident response include: • Respond effectively and in a timely fashion • Limit damage • Conduct forensic analysis • Identification of the threat • Communication • Limit future damage • Acknowledge lessons learned
12. Education and Communication Most threats are well known and re-occur frequently. Every stakeholder from end users to senior management needs to know the current top threats against company and what to do to stop them. Some of the threats like social engineering, can only be stopped by educating the people in the company. So the ability to communicate is often the thing that separates a secured company from a mediocre one. No matter what technical controls you deploy, every year something will make it past them. So, make sure your stakeholders are prepared. At the very least, the following items should be covered in your education program: • Significant, threats and risks against the organization • Acceptable use • Security policy • How to authenticate and what to avoid • Data protection • Social engineering awareness • How and when to report suspicious security incidents
Authentication Mechanisms What Is Authentication? Authentication is the process of identifying users that request access to a system, network, or device. Access control often determines user identity according to credentials like username and password. Other authentication technologies like biometrics and authentication apps are also used to authenticate user identity. Why Is User Authentication Important? User authentication is a method that keeps unauthorized users from accessing sensitive information. For example, User A only has access to relevant information and cannot see the sensitive information of User B. Cybercriminals can gain access to a system and steal information when user authentication is not secure. Authentication technology is always changing. Businesses have to move beyond passwords and think of authentication as a means of enhancing user experience. Authentication methods like biometrics eliminate the need to remember long and complex passwords. As a result of enhanced authentication methods and technologies, attackers will not be able to exploit passwords, and a data breach will be prevented.
Authentication Types 1. Password-based authentication 2. Multi-factor authentication 3. Certificate-based authentication 4. Token-based authentication 5. Biometric authentication
1. Password-based authentication Passwords are the most common methods of authentication. Passwords can be in the form of a string of letters, numbers, or special characters. To protect us, we need to create strong passwords that include a combination of all possible options. However, passwords are prone to phishing attacks and bad hygiene that weakens effectiveness. Very few users use different passwords across their accounts as there are a lot of passwords to remember. As a result, many people choose convenience over security. Most people use simple passwords instead of creating reliable passwords because they are easier to remember. Passwords have a lot of weaknesses and are not sufficient in protecting online information. Hackers can easily guess user credentials by running through all possible combinations until they find a match.
2. Multi-factor authentication Multi-Factor Authentication (MFA) is an authentication method that requires two or more independent ways to identify a user. Examples include codes generated from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition. MFA authentication methods and technologies increase the confidence of users by adding multiple layers of security. MFA may be a good defence against most account hacks, but it has its own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication code.
3. Certificate-based authentication Certificate-based authentication technologies identify users, machines or devices by using digital certificates. A digital certificate is an electronic document based on the idea of a driver’s license or a passport. The certificate contains the digital identity of a user including a public key, and the digital signature of a certification authority. Digital certificates prove the ownership of a public key and issued only by a certification authority. Users provide their digital certificates when they sign in to a server. The server verifies the credibility of the digital signature and the certificate authority. The server then uses cryptography to confirm that the user has a correct private key associated with the certificate. 4. Token-based authentication Token-based authentication technologies enable users to enter their credentials once and receive a unique encrypted string of random characters in exchange. Then use the token to access protected systems instead of entering credentials all over again. The digital token proves that already have access permission. Use cases of token-based authentication.
5. Biometric authentication Biometrics authentication is a security process that relies on the unique biological characteristics of an individual. Here are key advantages of using biometric authentication technologies: • Biological characteristics can be easily compared to authorized features saved in a database. • Biometric authentication can control physical access when installed on gates and doors. • Add biometrics into multi-factor authentication process. Biometric authentication technologies are used by consumers, governments and private corporations including airports, military bases, and national borders. The technology is increasingly adopted due to the ability to achieve a high level of security without creating friction for the user.
Common biometric authentication methods include: Facial recognition matches the different face characteristics of an individual trying to gain access to an approved face stored in a database. Face recognition can be inconsistent when comparing faces at different angles or comparing people who look similar, like close relatives.. Fingerprint scanners match the unique patterns on an individual’s fingerprints. Some versions of fingerprint scanners can even assess the vascular patterns in people’s fingers. Fingerprint scanners are currently the most popular biometric technology for everyday consumers, despite their frequent inaccuracies. Speaker Recognition also known as voice biometrics, examines a speaker’s speech patterns for the formation of specific shapes and sound qualities. A voice-protected device usually relies on standardized words to identify users, just like a password. Eye scanners include technologies like iris recognition and retina scanners. Iris scanners project a bright light towards the eye and search for unique patterns in the colored ring around the pupil of the eye. The patterns are then compared to approved information stored in a database. Eye-based authentication may suffer inaccuracies if a person wears glasses or contact lenses.
Firewall A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats. Firewalls are used in both personal and enterprise settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered an essential component of network security. Importance of Firewalls Firewalls are important because they have had a huge influence on modern security techniques and are still widely used. They first emerged in the early days of the internet, when networks needed new security methods that could handle increasing complexity. Firewalls have since become the foundation of network security in the client-server model – the central architecture of modern computing. Most devices use firewalls – or closely related tools – to inspect traffic and mitigate threats.
How does a firewall work? A firewall establishes a border between an external network and the network it guards. It is inserted inline across a network connection and inspects all packets entering and leaving the guarded network. As it inspects, it uses a set of pre- configured rules to distinguish between benign and malicious packets. The term 'packets' refers to pieces of data that are formatted for internet transfer. Packets contain the data itself, as well as information about the data, such as where it came from. Firewalls can use this packet information to determine whether a given packet abides by the rule set. If it does not, the packet will be barred from entering the guarded network. Rule sets can be based on several things indicated by packet data, including: • Their source • Their destination • Their content These characteristics may be represented differently at different levels of the network. As a packet travels through the network, it is reformatted several times to tell the protocol where to send it. Different types of firewalls exist to read packets at different network levels.
Types of firewalls Firewalls are either categorized by the way they filter data, or by the system they protect. • A packet-filtering firewall examines packets in isolation and does not know the packet's context. • A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet. • A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model. • A Next Generation Firewall (NGFW) uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.
Computer Virus and Worms Computer Virus A computer virus is a malicious application or authored code used to perform destructive activity on a device or local network. The code’s malicious activity could damage the local file system, steal data, interrupt services, download additional malware, or any other actions coded into the program by the malware author. Many viruses pretend to be legitimate programs to trick users into executing them on their device, delivering the computer virus payload. Causes of Computer Viruses Computer viruses are standard programs; only instead of offering useful resources, these programs can damage your device. For a threat actor to execute a virus on your machine, you must initiate execution. In some cases, an attacker can execute malicious code through your browser or remotely from another network computer. Modern browsers have defenses against local machine code execution, but third- party software installed on the browser could have vulnerabilities that allow viruses to run locally. The delivery of a computer virus can happen in several ways. One common method is via a phishing email. Another technique is hosting malware on a server that promises to provide a legitimate program. It can be delivered using macros or by injecting malicious code into legitimate software files.
Types of Computer Viruses Every virus has a payload that performs an action. The threat actor can code any malicious activity into the virus payload, including simple, innocuous pranks that don’t do any harm. While a few viruses have harmless payloads, most of them cause damage to the system and its data. There are nine main virus types, some of which could be packaged with other malware to increase the chance of infection and damage. The nine major categories for viruses are: Boot Sector Virus Computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Attackers will usually spread this virus type using a malicious USB device. The virus is activated when users plug in the USB device and boot their machine. Web Scripting Virus Most browsers have defences against malicious web scripts, but older, unsupported browsers have vulnerabilities that allow an attacker to run code on the local device.
Browser Hijacker A virus that can change the settings on your browser will hijack browser favorites, the home page URL, your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker. Resident Virus A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus. This malware may stay dormant until a specific date, time, or a user performs an action. Direct Action Virus When a user executes a seemingly harmless file attached with malicious code, direct action viruses deliver a payload immediately. These viruses can also remain dormant until a specific action is taken or a timeframe passes. Polymorphic Virus Malware authors can use polymorphic code to change the program’s footprint to avoid detection. Polymorphic viruses make it more difficult for an antivirus to detect and remove them.
File Infector Virus To persist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programs. When the system boots or the program runs, the virus is activated. Multipartite Virus These malicious programs spread across a network or other systems by copying themselves or injecting code into critical computer resources. Macro Virus Microsoft Office files can run macros, and these macros can be used to download additional malware or run malicious code. Macro viruses deliver a payload when the file is opened, and the macro runs.
Computer Worm A computer worm is malware, just like a virus, but a worm takes a copy of itself and propagates it to other users. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage. Worms can also deliver a payload and exhaust resources. For example, an email worm sends a copy of itself to everyone on an infected user’s email contact list. When it reaches recipient inboxes, anyone who runs the worm sends it to their contact list. Email worms exhaust storage space and spread very quickly across the internet, so they create issues differently than a virus. Symptoms of infected Computer Signs that a computer is infected by virus or worm include: • Popup windows, including ads (adware) or links to malicious websites. • Web browser home page changes, and you did not change it. • Outbound emails to your contact list or people on your contact list alert you to strange messages sent by your account. • The computer crashes often, runs out of memory with few active programs, or a blue screen of death in Windows. • Slow computer performance even when running few programs or the computer was recently booted. • Unknown programs start when the computer boots or when you open specific programs. • Passwords change without your knowledge or your interaction on the account.
Digital Signature and Certificates A digital signature is a mechanism that is used to verify that a particular digital document, message or transaction is authentic. It provides a receiver the guarantee that the message was actually generated by the sender and it was not modified by a third party. A digital signature is an electronic, encrypted stamp of authentication on digital data. The signature confirms that the information originated from the signer and has not been altered. Digital signatures can provide the added assurances of evidence to the origin, identity and status, as well as acknowledging informed consent by the signer. Below are some common reasons for applying a digital signature to communications: • Authentication: Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. The importance of high confidence in sender authenticity is especially obvious in a financial context. • Integrity: In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. So, if a message is digitally signed, any change in the message after signature invalidates the signature. • Non-repudiation: Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.
Digital Certificates function similarly to identification cards such as passports and drivers’ licenses. Digital certificates are issued by recognised (government) authorities. When someone requests a certificate, the authority verifies the identity of the requester, certifies that the requester meets all requirements to receive the certificate, and then issues it. When a digital certificate is presented to others, they can verify the identity of its owner because the certificate provides the following security benefits: • It contains personal information to help identify and trace the owner. • It contains the information that is required to identify and contact the issuing authority. • It is designed to be tamper-resistant and difficult to counterfeit. • It is issued by an authority that can revoke the identification card at any time (for example, if the card is misused or stolen). • It can be checked for revocation by contacting the issuing authority.
Ev
Computer crimes Computer crime also called, Cybercrime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. The four primary categories of computer crimes are • Internal computer crimes • Telecommunications crimes • Computer manipulation crimes • Traditional theft Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.
Types of cybercrime • Email and internet fraud. • Identity fraud (where personal information is stolen and used). • Theft of financial or card payment data. • Theft and sale of corporate data. • Cyberextortion (demanding money to prevent a threatened attack). • Ransomware attacks (a type of cyberextortion). • Cryptojacking (where hackers mine cryptocurrency using resources they do not own). • Cyberespionage (where hackers access government or company data). Most cybercrime falls under two main categories: • Criminal activity that targets • Criminal activity that uses computers to commit other crimes. Cybercrime that targets computers often involves viruses and other types of malware. Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data
How to get protected against cybercrime? • Keep software and operating system updated • Use anti-virus software and keep it updated • Use strong passwords • Never open attachments in spam emails • Do not click on links in spam emails or untrusted websites • Do not give out personal information unless secure • Contact companies directly about suspicious requests • Be mindful of website URLs • Keep an eye on your bank statements
Social impacts Cyber crime is being committed every day. Thieves commit cyber crimes to steal people’s money and their identity. With others identity, the cyber criminal: can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone’s files and a lost database can result in receiving unwanted sales calls. The list below includes some of the most immediate effects: • lost money due to online theft • expenses incurred to fix problems and prevent future cybercrimes • loss of reputation due to personal information that is revealed • corrupted files due to viruses • long-term debt created resulting in poor credit rating due to online identity theft

Recomendados

Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 

Recomendados

Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
security IDS
security IDSsecurity IDS
security IDSGregory Hanis
 
I0516064
I0516064I0516064
I0516064IOSR Journals
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundohdbundo
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Kirti Ahirrao
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Mais conteúdo relacionado

Semelhante a Information Systems.pptx

Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundohdbundo
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Kirti Ahirrao
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemIJERA Editor
 

Semelhante a Information Systems.pptx (20)

Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
security IDS
security IDSsecurity IDS
security IDS
 
I0516064
I0516064I0516064
I0516064
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Network security
Network securityNetwork security
Network security
 
Cyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David BundoCyber Security Matters a book by Hama David Bundo
Cyber Security Matters a book by Hama David Bundo
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
E-Commerce Privacy and Security System
E-Commerce Privacy and Security SystemE-Commerce Privacy and Security System
E-Commerce Privacy and Security System
 

Último

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Information Systems.pptx

  • 1. Information Systems and Security Introduction to Information Systems
  • 2. 1. Computer security 2. Authentication mechanisms 3. Firewall 4. Computer crimes 5. Social impacts 6. Computer virus 7. Worms 8. Digital signature and Certificates Module Outline
  • 3. Information security • Information security, sometimes abbreviated to infosec, is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored and when it's being transmitted from one machine or physical location to another. • Information security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (SANS Institute)
  • 4. Information Security vs Cybersecurity Because information technology has become the accepted corporates and that means, basically, "computers and related stuff," you will sometimes see information security and cybersecurity used interchangeably. Strictly speaking, cybersecurity is the broader practice of defending IT assets from attack, and information security is a specific discipline under the cybersecurity umbrella. Network security and application security are sister practices to infosec, focusing on networks and app code, respectively. (Obviously, there's some overlap here. We can't secure data transmitted across an insecure network or manipulated by a leaky application. As well, there is plenty of information that isn't stored electronically that also needs to be protected).
  • 5. Information security principles The basic components of information security are Confidentiality: Data is confidential when only those people who are authorized to access it can do so; to ensure confidentiality, need to be able to identify who is trying to access data and block attempts by those without authorization. Passwords, encryption, authentication, and defense against penetration attacks are all techniques designed to ensure confidentiality. Integrity means maintaining data in its correct state and preventing it from being improperly modified, either by accident or maliciously. Many of the techniques that ensure confidentiality will also protect data integrity—after all, a hacker can't change data they can't access—but there are other tools that help provide a defense of integrity in depth. Integrity also covers the concept of non-repudiation – ability to prove that data is maintained the integrity, especially in legal contexts. Availability is to make sure that your data can't be accessed by unauthorized users, you also need to ensure that it can be accessed by those who have the proper permissions. Ensuring data availability means matching network and computing resources to the volume of data access you expect and implementing a good backup policy for disaster recovery purposes.
  • 6. Information security measures Technical measures include the hardware and software that protects data — everything from encryption to firewalls Organizational measures include the creation of an internal unit dedicated to information security, along with making infosec part of the duties of some staff in every department Human measures include providing awareness training for users on proper infosec practices Physical measures include controlling access to the office locations and, especially, data centers
  • 7. Computer Security Computer security professional should know 1. Specific motive of the computer security attack 2. Malware 3. Root cause exploits 4. Cryptography and data protection 5. Networking and network packet analysis 6. Basic common defences 7. Authentication 8. Mobile threats 9. Cloud security 10.Event logging 11.Incident response 12.Education and communication
  • 8. 1. Specific motive of the computer security attack Computer hackers can be categories with their motive as • Financial • Nation-state sponsored/cyberwarfare • Corporate espionage (spying) • Hacktivists • Resource theft • Cheating 2. Malware There are three major types of malware: computer virus, Trojan horse, and worm. Any malware program is an amalgam of one or more of these classifications. A computer virus is a malware program that hosts itself inside of other programs, files, and in digital storage to replicate. A trojan horse is a malware program claiming to be something legitimate to trick humans into setting it in motion. A trojan horse does not self-replicate; it relies on the curiosity of humans to help it spread. A worm is a self-replicating program that uses code to spread itself. It does not need other host programs or files.
  • 9. 3. Root cause exploits Computer security professionals face thousands of new software vulnerabilities and millions of unique malware programs, yet only few different root cause exploits allow each of those into someone’s environment. Identify and stop the root cause exploits and we are protected from hacking and malware. Here are the ten types of root exploits: • Programming bug • Social engineering • Authentication attack • Human error • Misconfiguration • Eavesdropping / man in the middle (MitM) • Data / Network traffic malformation • Insider attack • Third-party reliance issue • Physical attack
  • 10. 4. Cryptography and data protection Digital cryptography is the art of making information secure against unauthorized access and modification. Every IT security professional should learn the basics of cryptography, including asymmetric encryption, symmetric encryption, hashing, and key distribution and protection. Data protection requires a lot of cryptography. Complete data protection also demands that the data be lawfully collected and used, that you guard its privacy against unauthorized access, and that you back it up securely to prevent malicious modification and to ensure availability. 5. Networking and network packet analysis It is needed to recognize the security professionals to understand networks at the packet level. They are facile with network basics such as protocols, port numbers, network addresses, layers of the OSI model, the difference between a router and a switch, and are able to read and understand what all the various fields of a network packet are used for. To understand network packet analysis is to truly understand networks and the computers that use them.
  • 11. 6. Basic common defences Almost every computer has common basic defences, which to be considered and applied. Understanding and using the basic common IT security defences is a must for every IT security professional. But don’t stop at simply knowing about them. Know, too, what they are good at stopping and what they fail to do. They are the “standards” of computer security which include: • Patch management • End-user training • Firewalls • Antivirus • Secure configurations • Encryption/cryptography • Authentication • Intrusion detection • Logging
  • 12. 7. Authentication The best security professionals understand that authentication is more than the process of putting in a valid password or satisfying a two-factor ID test. It’s much more involved than that. Authentication begins with the process of providing a unique, valid identity label for any namespace – such as the email address, user principal name, or logon name. Authentication is the processes of providing one or more “secrets” that are only known by the valid identity holder and his authentication database/service. When the valid identity holder types in the correct authentication factor(s), this proves that the authenticated user is the valid owner of the identity. Then, after any successful authentication, the subject’s attempted accesses to protected resources are examined by a security manager process known as authorization. All logon and access attempts should be documented to a log file.
  • 13. 8. Mobile threats There are now more mobile devices than people on the planet and most people get most of their information through a mobile device. Because humankind’s mobile prowess is only likely to increase, IT security professionals need to take mobile devices, mobile threats, and mobile security seriously. There isn't usually much difference between mobile threats and computer threats, but there are some differences. The top mobile threats include: • Mobile malware • Privacy invasion/theft • Ransomware • Phishing attacks • Spyware • Data or credential theft • Picture theft • Unsecured wireless
  • 14. 9. Cloud security Traditional corporate administrators no longer control the servers, services, and infrastructure used to store sensitive data and service users. Cloud infrastructures are almost always multitenant architectures, where keeping different customers' data separate can be complicated by virtualization and the recent containerization and development of microservices. Heralded by some as a way to help make security easier to do, each development usually makes the infrastructure more complex. Factors make cloud security more complex than traditional networks are: • Lack of control • Always available on the internet • Multitenancy (shared services/servers) • Virtualization/containerization/microservices
  • 15. 10. Event logging Year after year, the research shows that the most missed security events were right there in the log files all along, just waiting to be discovered. A good event- log system is worth taking care of the basic steps of event logging, which every IT security professional should know: • Policy • Configuration • Event log collection • Normalization • Indexing • Storage • Correlation • Baselining • Alerting • Reporting
  • 16. 11. Incident response Computer security professional should be ready for this with an incident response plan, which should be put into action immediately. A good incident response is essential. It can be the difference between an event that ruins the day and one that ends up in the media and tarnishes the character of the organisation. The basics of incident response include: • Respond effectively and in a timely fashion • Limit damage • Conduct forensic analysis • Identification of the threat • Communication • Limit future damage • Acknowledge lessons learned
  • 17. 12. Education and Communication Most threats are well known and re-occur frequently. Every stakeholder from end users to senior management needs to know the current top threats against company and what to do to stop them. Some of the threats like social engineering, can only be stopped by educating the people in the company. So the ability to communicate is often the thing that separates a secured company from a mediocre one. No matter what technical controls you deploy, every year something will make it past them. So, make sure your stakeholders are prepared. At the very least, the following items should be covered in your education program: • Significant, threats and risks against the organization • Acceptable use • Security policy • How to authenticate and what to avoid • Data protection • Social engineering awareness • How and when to report suspicious security incidents
  • 18. Authentication Mechanisms What Is Authentication? Authentication is the process of identifying users that request access to a system, network, or device. Access control often determines user identity according to credentials like username and password. Other authentication technologies like biometrics and authentication apps are also used to authenticate user identity. Why Is User Authentication Important? User authentication is a method that keeps unauthorized users from accessing sensitive information. For example, User A only has access to relevant information and cannot see the sensitive information of User B. Cybercriminals can gain access to a system and steal information when user authentication is not secure. Authentication technology is always changing. Businesses have to move beyond passwords and think of authentication as a means of enhancing user experience. Authentication methods like biometrics eliminate the need to remember long and complex passwords. As a result of enhanced authentication methods and technologies, attackers will not be able to exploit passwords, and a data breach will be prevented.
  • 19. Authentication Types 1. Password-based authentication 2. Multi-factor authentication 3. Certificate-based authentication 4. Token-based authentication 5. Biometric authentication
  • 20. 1. Password-based authentication Passwords are the most common methods of authentication. Passwords can be in the form of a string of letters, numbers, or special characters. To protect us, we need to create strong passwords that include a combination of all possible options. However, passwords are prone to phishing attacks and bad hygiene that weakens effectiveness. Very few users use different passwords across their accounts as there are a lot of passwords to remember. As a result, many people choose convenience over security. Most people use simple passwords instead of creating reliable passwords because they are easier to remember. Passwords have a lot of weaknesses and are not sufficient in protecting online information. Hackers can easily guess user credentials by running through all possible combinations until they find a match.
  • 21. 2. Multi-factor authentication Multi-Factor Authentication (MFA) is an authentication method that requires two or more independent ways to identify a user. Examples include codes generated from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition. MFA authentication methods and technologies increase the confidence of users by adding multiple layers of security. MFA may be a good defence against most account hacks, but it has its own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication code.
  • 22. 3. Certificate-based authentication Certificate-based authentication technologies identify users, machines or devices by using digital certificates. A digital certificate is an electronic document based on the idea of a driver’s license or a passport. The certificate contains the digital identity of a user including a public key, and the digital signature of a certification authority. Digital certificates prove the ownership of a public key and issued only by a certification authority. Users provide their digital certificates when they sign in to a server. The server verifies the credibility of the digital signature and the certificate authority. The server then uses cryptography to confirm that the user has a correct private key associated with the certificate. 4. Token-based authentication Token-based authentication technologies enable users to enter their credentials once and receive a unique encrypted string of random characters in exchange. Then use the token to access protected systems instead of entering credentials all over again. The digital token proves that already have access permission. Use cases of token-based authentication.
  • 23. 5. Biometric authentication Biometrics authentication is a security process that relies on the unique biological characteristics of an individual. Here are key advantages of using biometric authentication technologies: • Biological characteristics can be easily compared to authorized features saved in a database. • Biometric authentication can control physical access when installed on gates and doors. • Add biometrics into multi-factor authentication process. Biometric authentication technologies are used by consumers, governments and private corporations including airports, military bases, and national borders. The technology is increasingly adopted due to the ability to achieve a high level of security without creating friction for the user.
  • 24. Common biometric authentication methods include: Facial recognition matches the different face characteristics of an individual trying to gain access to an approved face stored in a database. Face recognition can be inconsistent when comparing faces at different angles or comparing people who look similar, like close relatives.. Fingerprint scanners match the unique patterns on an individual’s fingerprints. Some versions of fingerprint scanners can even assess the vascular patterns in people’s fingers. Fingerprint scanners are currently the most popular biometric technology for everyday consumers, despite their frequent inaccuracies. Speaker Recognition also known as voice biometrics, examines a speaker’s speech patterns for the formation of specific shapes and sound qualities. A voice-protected device usually relies on standardized words to identify users, just like a password. Eye scanners include technologies like iris recognition and retina scanners. Iris scanners project a bright light towards the eye and search for unique patterns in the colored ring around the pupil of the eye. The patterns are then compared to approved information stored in a database. Eye-based authentication may suffer inaccuracies if a person wears glasses or contact lenses.
  • 25. Firewall A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats. Firewalls are used in both personal and enterprise settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered an essential component of network security. Importance of Firewalls Firewalls are important because they have had a huge influence on modern security techniques and are still widely used. They first emerged in the early days of the internet, when networks needed new security methods that could handle increasing complexity. Firewalls have since become the foundation of network security in the client-server model – the central architecture of modern computing. Most devices use firewalls – or closely related tools – to inspect traffic and mitigate threats.
  • 26. How does a firewall work? A firewall establishes a border between an external network and the network it guards. It is inserted inline across a network connection and inspects all packets entering and leaving the guarded network. As it inspects, it uses a set of pre- configured rules to distinguish between benign and malicious packets. The term 'packets' refers to pieces of data that are formatted for internet transfer. Packets contain the data itself, as well as information about the data, such as where it came from. Firewalls can use this packet information to determine whether a given packet abides by the rule set. If it does not, the packet will be barred from entering the guarded network. Rule sets can be based on several things indicated by packet data, including: • Their source • Their destination • Their content These characteristics may be represented differently at different levels of the network. As a packet travels through the network, it is reformatted several times to tell the protocol where to send it. Different types of firewalls exist to read packets at different network levels.
  • 27. Types of firewalls Firewalls are either categorized by the way they filter data, or by the system they protect. • A packet-filtering firewall examines packets in isolation and does not know the packet's context. • A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet. • A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model. • A Next Generation Firewall (NGFW) uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.
  • 28. Computer Virus and Worms Computer Virus A computer virus is a malicious application or authored code used to perform destructive activity on a device or local network. The code’s malicious activity could damage the local file system, steal data, interrupt services, download additional malware, or any other actions coded into the program by the malware author. Many viruses pretend to be legitimate programs to trick users into executing them on their device, delivering the computer virus payload. Causes of Computer Viruses Computer viruses are standard programs; only instead of offering useful resources, these programs can damage your device. For a threat actor to execute a virus on your machine, you must initiate execution. In some cases, an attacker can execute malicious code through your browser or remotely from another network computer. Modern browsers have defenses against local machine code execution, but third- party software installed on the browser could have vulnerabilities that allow viruses to run locally. The delivery of a computer virus can happen in several ways. One common method is via a phishing email. Another technique is hosting malware on a server that promises to provide a legitimate program. It can be delivered using macros or by injecting malicious code into legitimate software files.
  • 29. Types of Computer Viruses Every virus has a payload that performs an action. The threat actor can code any malicious activity into the virus payload, including simple, innocuous pranks that don’t do any harm. While a few viruses have harmless payloads, most of them cause damage to the system and its data. There are nine main virus types, some of which could be packaged with other malware to increase the chance of infection and damage. The nine major categories for viruses are: Boot Sector Virus Computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Attackers will usually spread this virus type using a malicious USB device. The virus is activated when users plug in the USB device and boot their machine. Web Scripting Virus Most browsers have defences against malicious web scripts, but older, unsupported browsers have vulnerabilities that allow an attacker to run code on the local device.
  • 30. Browser Hijacker A virus that can change the settings on your browser will hijack browser favorites, the home page URL, your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker. Resident Virus A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus. This malware may stay dormant until a specific date, time, or a user performs an action. Direct Action Virus When a user executes a seemingly harmless file attached with malicious code, direct action viruses deliver a payload immediately. These viruses can also remain dormant until a specific action is taken or a timeframe passes. Polymorphic Virus Malware authors can use polymorphic code to change the program’s footprint to avoid detection. Polymorphic viruses make it more difficult for an antivirus to detect and remove them.
  • 31. File Infector Virus To persist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programs. When the system boots or the program runs, the virus is activated. Multipartite Virus These malicious programs spread across a network or other systems by copying themselves or injecting code into critical computer resources. Macro Virus Microsoft Office files can run macros, and these macros can be used to download additional malware or run malicious code. Macro viruses deliver a payload when the file is opened, and the macro runs.
  • 32. Computer Worm A computer worm is malware, just like a virus, but a worm takes a copy of itself and propagates it to other users. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage. Worms can also deliver a payload and exhaust resources. For example, an email worm sends a copy of itself to everyone on an infected user’s email contact list. When it reaches recipient inboxes, anyone who runs the worm sends it to their contact list. Email worms exhaust storage space and spread very quickly across the internet, so they create issues differently than a virus. Symptoms of infected Computer Signs that a computer is infected by virus or worm include: • Popup windows, including ads (adware) or links to malicious websites. • Web browser home page changes, and you did not change it. • Outbound emails to your contact list or people on your contact list alert you to strange messages sent by your account. • The computer crashes often, runs out of memory with few active programs, or a blue screen of death in Windows. • Slow computer performance even when running few programs or the computer was recently booted. • Unknown programs start when the computer boots or when you open specific programs. • Passwords change without your knowledge or your interaction on the account.
  • 33. Digital Signature and Certificates A digital signature is a mechanism that is used to verify that a particular digital document, message or transaction is authentic. It provides a receiver the guarantee that the message was actually generated by the sender and it was not modified by a third party. A digital signature is an electronic, encrypted stamp of authentication on digital data. The signature confirms that the information originated from the signer and has not been altered. Digital signatures can provide the added assurances of evidence to the origin, identity and status, as well as acknowledging informed consent by the signer. Below are some common reasons for applying a digital signature to communications: • Authentication: Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. The importance of high confidence in sender authenticity is especially obvious in a financial context. • Integrity: In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. So, if a message is digitally signed, any change in the message after signature invalidates the signature. • Non-repudiation: Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.
  • 34.
  • 35.
  • 36. Digital Certificates function similarly to identification cards such as passports and drivers’ licenses. Digital certificates are issued by recognised (government) authorities. When someone requests a certificate, the authority verifies the identity of the requester, certifies that the requester meets all requirements to receive the certificate, and then issues it. When a digital certificate is presented to others, they can verify the identity of its owner because the certificate provides the following security benefits: • It contains personal information to help identify and trace the owner. • It contains the information that is required to identify and contact the issuing authority. • It is designed to be tamper-resistant and difficult to counterfeit. • It is issued by an authority that can revoke the identification card at any time (for example, if the card is misused or stolen). • It can be checked for revocation by contacting the issuing authority.
  • 37. Ev
  • 38. Computer crimes Computer crime also called, Cybercrime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. The four primary categories of computer crimes are • Internal computer crimes • Telecommunications crimes • Computer manipulation crimes • Traditional theft Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.
  • 39. Types of cybercrime • Email and internet fraud. • Identity fraud (where personal information is stolen and used). • Theft of financial or card payment data. • Theft and sale of corporate data. • Cyberextortion (demanding money to prevent a threatened attack). • Ransomware attacks (a type of cyberextortion). • Cryptojacking (where hackers mine cryptocurrency using resources they do not own). • Cyberespionage (where hackers access government or company data). Most cybercrime falls under two main categories: • Criminal activity that targets • Criminal activity that uses computers to commit other crimes. Cybercrime that targets computers often involves viruses and other types of malware. Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data
  • 40. How to get protected against cybercrime? • Keep software and operating system updated • Use anti-virus software and keep it updated • Use strong passwords • Never open attachments in spam emails • Do not click on links in spam emails or untrusted websites • Do not give out personal information unless secure • Contact companies directly about suspicious requests • Be mindful of website URLs • Keep an eye on your bank statements
  • 41. Social impacts Cyber crime is being committed every day. Thieves commit cyber crimes to steal people’s money and their identity. With others identity, the cyber criminal: can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone’s files and a lost database can result in receiving unwanted sales calls. The list below includes some of the most immediate effects: • lost money due to online theft • expenses incurred to fix problems and prevent future cybercrimes • loss of reputation due to personal information that is revealed • corrupted files due to viruses • long-term debt created resulting in poor credit rating due to online identity theft