SlideShare uma empresa Scribd logo
1 de 17
Baixar para ler offline
Information Security
Technology
By:
Garima Sagar
00311504911
4th year
EEE
Information security, sometimes shortened to InfoSec , is
the practice of defending information from unauthorized
access, use, disclosure, disruption, modification, perusal,
inspection, recording or destruction.
Process by which digital information assets are protected.
Julius Caesar is credited with the invention of the Caesar
cipher c. 50 B.C., which was created in order to prevent his
secret messages from being read should a message fall into
the wrong hands
information security technology
Key features
Confidentiality
Integrity
Availability
Importance
Prevents data theft
Avoids legal consequences of not securing information
Maintains productivity
Foils cyberterrorism
Thwarts identity theft
Technologies
Cloud Access Security Brokers
Cloud access security brokers are on-premises or cloud-based security
policy enforcement points placed between cloud services consumers
and cloud services providers to interject enterprise security policies as
the cloud-based resources are accessed.
In many cases, initial adoption of cloud-based services has occurred
outside the control of IT, and cloud access security brokers offer
enterprises to gain visibility and control as its users access cloud
resources.
Adaptive Access Control
Adaptive access control is a form of context-aware access control that acts
to balance the level of trust against risk at the moment of access using
some combination of trust elevation and other dynamic risk mitigation
techniques.
Context awareness means that access decisions reflect current condition,
and dynamic risk mitigation means that access can be safely allowed
where otherwise it would have been blocked
Use of an adaptive access management architecture enables an
enterprise to allow access from any device, anywhere, and allows for
social ID access to a range of corporate assets with mixed risk profiles
Virtual private networks
A Virtual Private Network (VPN) is a private communications network that
makes use of public networks, oftentimes for communication between
different organizations.
A VPN is not inherently secure, though in its most common incarnation it does
utilize encryption to ensure the confidentiality of data transmitted.
There are three types of VPNs available today: dedicated, SSL and
opportunistic.
appear to currently be the most prominent deployment
The basic goal of a Virtual Private Network is to ensure the integrity of the
connection and communications.
When encryption is added, the goal of preserving confidentiality
may also be achieved.
Endpoint Detection and Response Solutions
The endpoint detection and response (EDR) market is an emerging
market created to satisfy the need for continuous protection from
advanced threats at endpoints (desktops, servers, tablets and laptops)
— most notably significantly improved security monitoring, threat
detection and incident response capabilities.
These tools record numerous endpoint and network events and store
this information in a centralized database.
Analytics tools are then used to continually search the database to
identify tasks that can improve the security state to deflect common
attacks, to provide early identification of ongoing attacks (including
insider threats), and to rapidly respond to those attacks.
These tools also help with rapid investigation into the scope of attacks,
and provide remediation capability
Intrusion detection and analysis system
The concept of intrusion detection has been around since 1980. In its most
essential form, intrusion detection is designed to detect misuse or abuse of
network or system resources and report that occurrence.
This detection occurs as a result of identifying behaviour based on anomalies
or signatures.
The most common form of intrusion detection system (IDS) today relies on
signature-based detection.
Other forms are:
Intrusion Prevention System (IPS)
Event Correlation System (ECS)
Anomaly Detection System (ADS)
Interactive Application Security Testing
Interactive application security testing (IAST) combines static application
security testing (SAST) and dynamic application security testing (DAST)
techniques.
This aims to provide increased accuracy of application security testing
through the interaction of the SAST and DAST techniques.
IAST brings the best of SAST and DAST into a single solution.
This approach makes it possible to confirm or disprove the exploitability of
the detected vulnerability and determine its point of origin in the
application code
Antivirus
Antivirus software was developed to detect the presence, and
eventually the attempted infection, of a system by malware. There are
generally two types of antivirus scanning software: signature-based and
heuristic.
Signature-based scanning relies on a database of known malware
signatures. It must be updated on a regular basis in order to ensure a
current database of known malware.
According to eBCVG, an IT Security company, a heuristic scanner "looks
at characteristics of a file, such as size or architecture, as well as
behaviors of its code to determine the likelihood of an infection."
The downside to heuristic scanners is that they often generate results
that misidentify software as being malware (a.k.a. "false positives").
information security technology
information security technology
Firewalls
A firewall is defined as a "component or set of components that restricts
access between a protected network and the Internet, or between other
sets of networks.“
Firewalls are network security resources that are defined to control the
flow of data between two or more networks. From a high-level
perspective, they can serve as a choke-point.
"Firewalls are powerful tools, but they should never be used instead of
other security measures.
They should only be used in addition to such measures." The primary role
of a firewall, in the traditional sense, is to protect against unauthorized
access of resources via the network as part of a “defense in depth”
solution.
Few more technologies
Audit data reduction
Network mapping
Password cracking
Public key infrastructure
Vulnerability scanning systems
Software-defined Security
Conclusion
Information security is the ongoing process of exercising
due care and due diligence to protect information, and
information systems, from unauthorized access, use,
disclosure, destruction, modification, or disruption or
distribution. The never ending process of information
security involves ongoing training, assessment, protection,
monitoring & detection, incident response & repair,
documentation, and review. This makes information
security an indispensable part of all the business
operations across different domains.
information security technology

Mais conteúdo relacionado

Mais procurados

Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management Ersoy AKSOY
 
Information Security Principles - Access Control
Information Security  Principles -  Access ControlInformation Security  Principles -  Access Control
Information Security Principles - Access Controlidingolay
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsLearningwithRayYT
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amosAmos Oyoo
 

Mais procurados (20)

Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Network security
Network securityNetwork security
Network security
 
Cia security model
Cia security modelCia security model
Cia security model
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
 
Information Security Principles - Access Control
Information Security  Principles -  Access ControlInformation Security  Principles -  Access Control
Information Security Principles - Access Control
 
Types of Threat Actors and Attack Vectors
Types of Threat Actors and Attack VectorsTypes of Threat Actors and Attack Vectors
Types of Threat Actors and Attack Vectors
 
Security threats
Security threatsSecurity threats
Security threats
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Network security
Network securityNetwork security
Network security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
IT security
IT securityIT security
IT security
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
Cyber security
Cyber securityCyber security
Cyber security
 

Destaque

Barline Layout - Shotlist
Barline Layout - ShotlistBarline Layout - Shotlist
Barline Layout - Shotlistjworgan
 
ανακυκλωση α14
ανακυκλωση α14ανακυκλωση α14
ανακυκλωση α14Evi Kamariotaki
 
Project Credit: Daniel S. Katz - Transitive Credit
Project Credit: Daniel S. Katz -  Transitive CreditProject Credit: Daniel S. Katz -  Transitive Credit
Project Credit: Daniel S. Katz - Transitive CreditCASRAI
 
Спортивні досягнення
Спортивні досягненняСпортивні досягнення
Спортивні досягненняIgor Sirenky
 
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...CASRAI
 
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...CASRAI
 
curr-stem-cell-res-Therapy Editorial Board 2016
curr-stem-cell-res-Therapy Editorial Board 2016curr-stem-cell-res-Therapy Editorial Board 2016
curr-stem-cell-res-Therapy Editorial Board 2016Shengwen Calvin Li, PhD
 
Knteu (startups)
Knteu (startups)Knteu (startups)
Knteu (startups)Paul Okhrem
 
3 Dimensional Drawing
3 Dimensional Drawing3 Dimensional Drawing
3 Dimensional DrawingMOHAN PATWA
 

Destaque (13)

Pitch
PitchPitch
Pitch
 
Barline Layout - Shotlist
Barline Layout - ShotlistBarline Layout - Shotlist
Barline Layout - Shotlist
 
ανακυκλωση α14
ανακυκλωση α14ανακυκλωση α14
ανακυκλωση α14
 
Project Credit: Daniel S. Katz - Transitive Credit
Project Credit: Daniel S. Katz -  Transitive CreditProject Credit: Daniel S. Katz -  Transitive Credit
Project Credit: Daniel S. Katz - Transitive Credit
 
Tarea 2
Tarea 2Tarea 2
Tarea 2
 
Спортивні досягнення
Спортивні досягненняСпортивні досягнення
Спортивні досягнення
 
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...
ABC Project 2 - Launching an ORCID Consortia in Canada - Clare Appavoo & Geof...
 
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...
Tutorial: the new Portage Research Data Management Planning Tool - Chuck Hump...
 
qims_amegroups_com_about_editorialteam
qims_amegroups_com_about_editorialteamqims_amegroups_com_about_editorialteam
qims_amegroups_com_about_editorialteam
 
curr-stem-cell-res-Therapy Editorial Board 2016
curr-stem-cell-res-Therapy Editorial Board 2016curr-stem-cell-res-Therapy Editorial Board 2016
curr-stem-cell-res-Therapy Editorial Board 2016
 
Knteu (startups)
Knteu (startups)Knteu (startups)
Knteu (startups)
 
ABHIJEET_CV (1)
ABHIJEET_CV (1)ABHIJEET_CV (1)
ABHIJEET_CV (1)
 
3 Dimensional Drawing
3 Dimensional Drawing3 Dimensional Drawing
3 Dimensional Drawing
 

Semelhante a information security technology

Global Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityGlobal Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityDotha Keller
 
Global Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityGlobal Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityRenee Wardowski
 
Enhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetEnhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
 
Cyber Security And Technology Detection System
Cyber Security And Technology Detection SystemCyber Security And Technology Detection System
Cyber Security And Technology Detection SystemTisha Noel
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Cloud Computing Using Intrusion Detection And Prevention...
Cloud Computing Using Intrusion Detection And Prevention...Cloud Computing Using Intrusion Detection And Prevention...
Cloud Computing Using Intrusion Detection And Prevention...Veronica Smith
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Twobackdoor
 
امن نظم المعلومات وامن الشبكات
امن نظم المعلومات وامن الشبكاتامن نظم المعلومات وامن الشبكات
امن نظم المعلومات وامن الشبكاتAmr Rashed
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfJazmine Brown
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
 
Mobile Device Management And Network Security Automation...
Mobile Device Management And Network Security Automation...Mobile Device Management And Network Security Automation...
Mobile Device Management And Network Security Automation...Jennifer Lord
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges  Contributors Kim Wanders.docxSecurity and Ethical Challenges  Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 

Semelhante a information security technology (20)

Network srcurity
Network srcurityNetwork srcurity
Network srcurity
 
Global Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityGlobal Security Law And Act Of Network Security
Global Security Law And Act Of Network Security
 
Global Security Law And Act Of Network Security
Global Security Law And Act Of Network SecurityGlobal Security Law And Act Of Network Security
Global Security Law And Act Of Network Security
 
Enhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 datasetEnhanced method for intrusion detection over kdd cup 99 dataset
Enhanced method for intrusion detection over kdd cup 99 dataset
 
Cyber Security And Technology Detection System
Cyber Security And Technology Detection SystemCyber Security And Technology Detection System
Cyber Security And Technology Detection System
 
Network and web security
Network and web securityNetwork and web security
Network and web security
 
Is4560
Is4560Is4560
Is4560
 
Cloud Computing Using Intrusion Detection And Prevention...
Cloud Computing Using Intrusion Detection And Prevention...Cloud Computing Using Intrusion Detection And Prevention...
Cloud Computing Using Intrusion Detection And Prevention...
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
 
امن نظم المعلومات وامن الشبكات
امن نظم المعلومات وامن الشبكاتامن نظم المعلومات وامن الشبكات
امن نظم المعلومات وامن الشبكات
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Network security
Network security Network security
Network security
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptx
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
 
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
 
Data security
Data securityData security
Data security
 
Mobile Device Management And Network Security Automation...
Mobile Device Management And Network Security Automation...Mobile Device Management And Network Security Automation...
Mobile Device Management And Network Security Automation...
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges  Contributors Kim Wanders.docxSecurity and Ethical Challenges  Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 

Último

LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Shubham Pant
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteMavein
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdfShreedeep Rayamajhi
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024Jan Löffler
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSedrianrheine
 
Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilitiesalihassaah1994
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpressssuser166378
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxnaveenithkrishnan
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsRoxana Stingu
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfmchristianalwyn
 

Último (12)

LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a Website
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
 
Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilities
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpress
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptx
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
 

information security technology

  • 2. Information security, sometimes shortened to InfoSec , is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Process by which digital information assets are protected. Julius Caesar is credited with the invention of the Caesar cipher c. 50 B.C., which was created in order to prevent his secret messages from being read should a message fall into the wrong hands
  • 4. Key features Confidentiality Integrity Availability Importance Prevents data theft Avoids legal consequences of not securing information Maintains productivity Foils cyberterrorism Thwarts identity theft
  • 5. Technologies Cloud Access Security Brokers Cloud access security brokers are on-premises or cloud-based security policy enforcement points placed between cloud services consumers and cloud services providers to interject enterprise security policies as the cloud-based resources are accessed. In many cases, initial adoption of cloud-based services has occurred outside the control of IT, and cloud access security brokers offer enterprises to gain visibility and control as its users access cloud resources.
  • 6. Adaptive Access Control Adaptive access control is a form of context-aware access control that acts to balance the level of trust against risk at the moment of access using some combination of trust elevation and other dynamic risk mitigation techniques. Context awareness means that access decisions reflect current condition, and dynamic risk mitigation means that access can be safely allowed where otherwise it would have been blocked Use of an adaptive access management architecture enables an enterprise to allow access from any device, anywhere, and allows for social ID access to a range of corporate assets with mixed risk profiles
  • 7. Virtual private networks A Virtual Private Network (VPN) is a private communications network that makes use of public networks, oftentimes for communication between different organizations. A VPN is not inherently secure, though in its most common incarnation it does utilize encryption to ensure the confidentiality of data transmitted. There are three types of VPNs available today: dedicated, SSL and opportunistic. appear to currently be the most prominent deployment The basic goal of a Virtual Private Network is to ensure the integrity of the connection and communications. When encryption is added, the goal of preserving confidentiality may also be achieved.
  • 8. Endpoint Detection and Response Solutions The endpoint detection and response (EDR) market is an emerging market created to satisfy the need for continuous protection from advanced threats at endpoints (desktops, servers, tablets and laptops) — most notably significantly improved security monitoring, threat detection and incident response capabilities. These tools record numerous endpoint and network events and store this information in a centralized database. Analytics tools are then used to continually search the database to identify tasks that can improve the security state to deflect common attacks, to provide early identification of ongoing attacks (including insider threats), and to rapidly respond to those attacks. These tools also help with rapid investigation into the scope of attacks, and provide remediation capability
  • 9. Intrusion detection and analysis system The concept of intrusion detection has been around since 1980. In its most essential form, intrusion detection is designed to detect misuse or abuse of network or system resources and report that occurrence. This detection occurs as a result of identifying behaviour based on anomalies or signatures. The most common form of intrusion detection system (IDS) today relies on signature-based detection. Other forms are: Intrusion Prevention System (IPS) Event Correlation System (ECS) Anomaly Detection System (ADS)
  • 10. Interactive Application Security Testing Interactive application security testing (IAST) combines static application security testing (SAST) and dynamic application security testing (DAST) techniques. This aims to provide increased accuracy of application security testing through the interaction of the SAST and DAST techniques. IAST brings the best of SAST and DAST into a single solution. This approach makes it possible to confirm or disprove the exploitability of the detected vulnerability and determine its point of origin in the application code
  • 11. Antivirus Antivirus software was developed to detect the presence, and eventually the attempted infection, of a system by malware. There are generally two types of antivirus scanning software: signature-based and heuristic. Signature-based scanning relies on a database of known malware signatures. It must be updated on a regular basis in order to ensure a current database of known malware. According to eBCVG, an IT Security company, a heuristic scanner "looks at characteristics of a file, such as size or architecture, as well as behaviors of its code to determine the likelihood of an infection." The downside to heuristic scanners is that they often generate results that misidentify software as being malware (a.k.a. "false positives").
  • 14. Firewalls A firewall is defined as a "component or set of components that restricts access between a protected network and the Internet, or between other sets of networks.“ Firewalls are network security resources that are defined to control the flow of data between two or more networks. From a high-level perspective, they can serve as a choke-point. "Firewalls are powerful tools, but they should never be used instead of other security measures. They should only be used in addition to such measures." The primary role of a firewall, in the traditional sense, is to protect against unauthorized access of resources via the network as part of a “defense in depth” solution.
  • 15. Few more technologies Audit data reduction Network mapping Password cracking Public key infrastructure Vulnerability scanning systems Software-defined Security
  • 16. Conclusion Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution. The never ending process of information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review. This makes information security an indispensable part of all the business operations across different domains.