SlideShare uma empresa Scribd logo

Aula 01 - Fundamentos da segurança dos sistemas de informações

Leinylson Fontinele
Leinylson Fontinele

Slides das aula de Segurança Computacional

Educação
1 de 38
Baixar para ler offline
© 2012 Jones and Bartlett Learning, LLC www.jblearning.com Fundamentos da segurança dos sistemas de informação Unit 1 Information Systems Security Fundamentals
Page 2Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
Page 3Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Key Concepts § Confidentiality, integrity, and availability (CIA) concepts § Layered security solutions implemented for the seven domains of a typical IT infrastructure § Common threats for each of the seven domains § IT security policy framework § Impact of data classification standard on the seven domains
Page 4Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: CONCEPTS
Page 5Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Introducing ISS ISS Informat ion System s Informat ion
Page 6Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com The CIA Triad Confidentiality Integrity Availability
Page 7Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Confidentiality Personal Data and Information • Credit card account numbers and bank account numbers • Social Security numbers and address information Intellectual Property • Copyrights, patents, and secret formulas • Source code, customer databases, and technical specifications National Security • Military intelligence • Homeland security and government-related information
Page 8Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que estamos protegendo?
Page 9Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Integrity Maintain valid, uncorrupted, and accurate information. § User names and passwords § Patents and copyrights § Source code § Diplomatic information § Financial data
Page 10Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
Page 11Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Availability X X X
Page 12Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Conduct and Ethics in ISS §ISS is a classic battle of “good vs. evil.” §No global laws, rules, or regulations govern cyberspace. §U.S. government and Internet Architecture Board (IAB) have developed joint Internet acceptable use policy (AUP). §Security professionals are in high demand as the “good guys.”
Page 13Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Leis de Conformidade
Page 14Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Compliance Laws Driving ISS Health Insurance Portability and Accountability Act (HIPAA) Sarbanes-Oxley (SOX) Act Children’s Internet Protection Act (CIPA)
Page 15Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com IT Security Policy Framework POLICY Standard Procedure Guideline A short written statement that defines a course of action that applies to the entire organization A detailed written definition of how software and hardware are to be used Written instructions for how to use the policy and standard Suggested course of action for using the policy, standard, or procedure
Page 16Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
Page 17Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Seven Domains of a Typical IT Infrastructure
Page 18Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Ciberespaço: uma nova fronteira
Page 19Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
Page 20Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que está representado na figura?
Page 21Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain §Lack of user awareness §User apathy toward policies §User violating security policy §User inserting CD/DVD/USB with personal files
Page 22Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain (Continued) §User downloading photos, music, or videos §User destructing systems, applications, and data §Disgruntled employee attacking organization or committing sabotage §Employee blackmail or extortion
Page 23Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized workstation access §Unauthorized access to systems, applications, and data §Desktop or laptop operating system vulnerabilities §Desktop or laptop application software vulnerabilities or patches Common Threats in the Workstation Domain
Page 24Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Viruses, malicious code, and other malware §User inserting CD/DVD/USB with personal files §User downloading photos, music, or videos Common Threats in the Workstation Domain (Continued)
Page 25Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain §Unauthorized physical access to LAN §Unauthorized access to systems, applications, and data §LAN server operating system vulnerabilities §LAN server application software vulnerabilities and software patch updates
Page 26Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain (Continued) §Rogue users on WLANs §Confidentiality of data on WLANs §LAN server configuration guidelines and standards
Page 27Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized probing and port scanning §Unauthorized access §Internet Protocol (IP) router, firewall, and network appliance operating system vulnerability §Local users downloading unknown file types from unknown sources Common Threats in the LAN-to-WAN Domain WAN
Page 28Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Open, public, and accessible data §Most of the traffic being sent as clear text §Vulnerable to eavesdropping §Vulnerable to malicious attacks §Vulnerable to Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks Common Threats in the WAN Domain WAN
Page 29Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Vulnerable to corruption of information and data §Insecure Transmission Control Protocol/Internet Protocol (TCP/IP) applications §Hackers and attackers e-mailing Trojans, worms, and malicious software freely and constantly Common Threats in the WAN Domain (Continued) WAN
Page 30Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Remote Access Domain Internet § Brute force user ID and password attacks § Multiple logon retries and access control attacks § Unauthorized remote access to IT systems, applications, and data § Confidential data compromised remotely § Data leakage in violation of data classification standards
Page 31Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Systems/Applications Domain Cloud Computing § Unauthorized access to data centers, computer rooms, and wiring closets § Difficult-to-manage servers that require high availability § Server operating systems software vulnerability management § Security required by cloud computing virtual environments § Corrupt or lost data
Page 32Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: PROCESSES
Page 33Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad Confidentiality AUP Security Awareness Policy Enhanced Access Control
Page 34Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Integrity AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management
Page 35Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Availability AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management Data Classification Standard
Page 36Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: ROLES
Page 37Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Who Implements the CIA Triad? Confidentiality Integrity Availability §User §IT administrator §Network administrator §Human resources §Senior management §User §IT administrator §Network administrator §Human resources §Senior management §IT administrator §Network administrator §Third-party vendor
Page 38Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Summary §Terms associated with ISS include risks, threats, and vulnerabilities. §Layered security strategy protects an IT infrastructure’s CIA. §IT policy framework includes policies, standards, procedures, and guidelines. §Data classification standard defines how data is to be handled within an IT infrastructure.

Recomendados

Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Leinylson Fontinele
 
Aula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurançaAula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurançaLeinylson Fontinele
 
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...Leinylson Fontinele
 
Aula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramentoAula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramentoLeinylson Fontinele
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 

Recomendados

Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...Leinylson Fontinele
 
Aula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurançaAula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurançaLeinylson Fontinele
 
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...Leinylson Fontinele
 
Aula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramentoAula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramentoLeinylson Fontinele
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13Skillspire LLC
 
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...PECB
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07Skillspire LLC
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William Tanenbaum
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11Skillspire LLC
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Mukesh Chinta
 
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainA 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainPim Piepers
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03Skillspire LLC
 
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxSecurity Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxjeffreye3
 

Mais conteúdo relacionado

Mais procurados

Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...PECB
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William Tanenbaum
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Mukesh Chinta
 
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainA 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainPim Piepers
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 

Mais procurados (20)

Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13
 
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
 
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
 
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron MountainA 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 

Semelhante a Aula 01 - Fundamentos da segurança dos sistemas de informações

Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxSecurity Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxjeffreye3
 
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxSecurity Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxkenjordan97598
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxMhndHTaani
 
Five Common Causes of Data Breaches
Five Common Causes of Data Breaches Five Common Causes of Data Breaches
Five Common Causes of Data Breaches Seclore
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...IDERA Software
 
Meetup presenation 06192013
Meetup presenation 06192013 Meetup presenation 06192013
Meetup presenation 06192013 Sqrrl
 
Data security in a big data environment sweden
Data security in a big data environment swedenData security in a big data environment sweden
Data security in a big data environment swedenIBM Sverige
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptAkfeteAssefa
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies MorganLudwig40
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxFundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxshericehewat
 

Semelhante a Aula 01 - Fundamentos da segurança dos sistemas de informações (20)

Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03
 
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxSecurity Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
 
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docxSecurity Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
 
Five Common Causes of Data Breaches
Five Common Causes of Data Breaches Five Common Causes of Data Breaches
Five Common Causes of Data Breaches
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
 
Meetup presenation 06192013
Meetup presenation 06192013 Meetup presenation 06192013
Meetup presenation 06192013
 
Data security in a big data environment sweden
Data security in a big data environment swedenData security in a big data environment sweden
Data security in a big data environment sweden
 
M7 internet security
M7 internet securityM7 internet security
M7 internet security
 
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.pptNetwork Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
 
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docxFundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
 
Dstca
DstcaDstca
Dstca
 

Mais de Leinylson Fontinele

Utilização do editor de texto Word
Utilização do editor de texto WordUtilização do editor de texto Word
Utilização do editor de texto WordLeinylson Fontinele
 
A história da Segurança da Informação
A história da Segurança da InformaçãoA história da Segurança da Informação
A história da Segurança da InformaçãoLeinylson Fontinele
 
Introdução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. CostaIntrodução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. CostaLeinylson Fontinele
 
Aula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de buscaAula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de buscaLeinylson Fontinele
 
Aula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de usoAula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de usoLeinylson Fontinele
 
Aula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de SoftwareAula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de SoftwareLeinylson Fontinele
 

Mais de Leinylson Fontinele (20)

Utilização do editor de texto Word
Utilização do editor de texto WordUtilização do editor de texto Word
Utilização do editor de texto Word
 
Prática com slide.pptx
Prática com slide.pptxPrática com slide.pptx
Prática com slide.pptx
 
A galinha carijó
A galinha carijóA galinha carijó
A galinha carijó
 
Descrição do Projeto 8 puzzle
Descrição do Projeto 8 puzzleDescrição do Projeto 8 puzzle
Descrição do Projeto 8 puzzle
 
Aula 02 - Agentes Inteligentes
Aula 02 - Agentes InteligentesAula 02 - Agentes Inteligentes
Aula 02 - Agentes Inteligentes
 
Aula 01 - Visão Geral da IA
Aula 01 - Visão Geral da IAAula 01 - Visão Geral da IA
Aula 01 - Visão Geral da IA
 
A história da Segurança da Informação
A história da Segurança da InformaçãoA história da Segurança da Informação
A história da Segurança da Informação
 
Introdução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. CostaIntrodução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. Costa
 
Caso 1 - Boing 777
Caso 1 - Boing 777Caso 1 - Boing 777
Caso 1 - Boing 777
 
Caso 2 - Aeroporto de Denver
Caso 2 - Aeroporto de DenverCaso 2 - Aeroporto de Denver
Caso 2 - Aeroporto de Denver
 
Aula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de buscaAula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de busca
 
Aula 01 - Visão geral da IA
Aula 01 - Visão geral da IAAula 01 - Visão geral da IA
Aula 01 - Visão geral da IA
 
Aula 7 - Modelagem de Software
Aula 7 - Modelagem de SoftwareAula 7 - Modelagem de Software
Aula 7 - Modelagem de Software
 
Aula 6 - Qualidade de Software
Aula 6 - Qualidade de SoftwareAula 6 - Qualidade de Software
Aula 6 - Qualidade de Software
 
Aula 07 - Diagrama de sequencia
Aula 07 - Diagrama de sequenciaAula 07 - Diagrama de sequencia
Aula 07 - Diagrama de sequencia
 
Aula 06 - Diagrama de classes
Aula 06 - Diagrama de classesAula 06 - Diagrama de classes
Aula 06 - Diagrama de classes
 
Aula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de usoAula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de uso
 
Aula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de SoftwareAula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de Software
 
Aula 2 - Modelos de processos
Aula 2 - Modelos de processosAula 2 - Modelos de processos
Aula 2 - Modelos de processos
 
Minicurso de App Inventor
Minicurso de App InventorMinicurso de App Inventor
Minicurso de App Inventor
 

Último

General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structuredhanjurrannsibayan2
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfssuserdda66b
 

Último (20)

General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdfVishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
Vishram Singh - Textbook of Anatomy Upper Limb and Thorax.. Volume 1 (1).pdf
 

Aula 01 - Fundamentos da segurança dos sistemas de informações

  • 1. © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Fundamentos da segurança dos sistemas de informação Unit 1 Information Systems Security Fundamentals
  • 2. Page 2Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
  • 3. Page 3Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Key Concepts § Confidentiality, integrity, and availability (CIA) concepts § Layered security solutions implemented for the seven domains of a typical IT infrastructure § Common threats for each of the seven domains § IT security policy framework § Impact of data classification standard on the seven domains
  • 4. Page 4Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: CONCEPTS
  • 5. Page 5Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Introducing ISS ISS Informat ion System s Informat ion
  • 6. Page 6Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com The CIA Triad Confidentiality Integrity Availability
  • 7. Page 7Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Confidentiality Personal Data and Information • Credit card account numbers and bank account numbers • Social Security numbers and address information Intellectual Property • Copyrights, patents, and secret formulas • Source code, customer databases, and technical specifications National Security • Military intelligence • Homeland security and government-related information
  • 8. Page 8Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que estamos protegendo?
  • 9. Page 9Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Integrity Maintain valid, uncorrupted, and accurate information. § User names and passwords § Patents and copyrights § Source code § Diplomatic information § Financial data
  • 10. Page 10Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
  • 11. Page 11Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Availability X X X
  • 12. Page 12Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Conduct and Ethics in ISS §ISS is a classic battle of “good vs. evil.” §No global laws, rules, or regulations govern cyberspace. §U.S. government and Internet Architecture Board (IAB) have developed joint Internet acceptable use policy (AUP). §Security professionals are in high demand as the “good guys.”
  • 13. Page 13Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Leis de Conformidade
  • 14. Page 14Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Compliance Laws Driving ISS Health Insurance Portability and Accountability Act (HIPAA) Sarbanes-Oxley (SOX) Act Children’s Internet Protection Act (CIPA)
  • 15. Page 15Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com IT Security Policy Framework POLICY Standard Procedure Guideline A short written statement that defines a course of action that applies to the entire organization A detailed written definition of how software and hardware are to be used Written instructions for how to use the policy and standard Suggested course of action for using the policy, standard, or procedure
  • 16. Page 16Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
  • 17. Page 17Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Seven Domains of a Typical IT Infrastructure
  • 18. Page 18Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Ciberespaço: uma nova fronteira
  • 19. Page 19Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
  • 20. Page 20Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que está representado na figura?
  • 21. Page 21Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain §Lack of user awareness §User apathy toward policies §User violating security policy §User inserting CD/DVD/USB with personal files
  • 22. Page 22Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain (Continued) §User downloading photos, music, or videos §User destructing systems, applications, and data §Disgruntled employee attacking organization or committing sabotage §Employee blackmail or extortion
  • 23. Page 23Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized workstation access §Unauthorized access to systems, applications, and data §Desktop or laptop operating system vulnerabilities §Desktop or laptop application software vulnerabilities or patches Common Threats in the Workstation Domain
  • 24. Page 24Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Viruses, malicious code, and other malware §User inserting CD/DVD/USB with personal files §User downloading photos, music, or videos Common Threats in the Workstation Domain (Continued)
  • 25. Page 25Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain §Unauthorized physical access to LAN §Unauthorized access to systems, applications, and data §LAN server operating system vulnerabilities §LAN server application software vulnerabilities and software patch updates
  • 26. Page 26Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain (Continued) §Rogue users on WLANs §Confidentiality of data on WLANs §LAN server configuration guidelines and standards
  • 27. Page 27Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized probing and port scanning §Unauthorized access §Internet Protocol (IP) router, firewall, and network appliance operating system vulnerability §Local users downloading unknown file types from unknown sources Common Threats in the LAN-to-WAN Domain WAN
  • 28. Page 28Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Open, public, and accessible data §Most of the traffic being sent as clear text §Vulnerable to eavesdropping §Vulnerable to malicious attacks §Vulnerable to Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks Common Threats in the WAN Domain WAN
  • 29. Page 29Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Vulnerable to corruption of information and data §Insecure Transmission Control Protocol/Internet Protocol (TCP/IP) applications §Hackers and attackers e-mailing Trojans, worms, and malicious software freely and constantly Common Threats in the WAN Domain (Continued) WAN
  • 30. Page 30Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Remote Access Domain Internet § Brute force user ID and password attacks § Multiple logon retries and access control attacks § Unauthorized remote access to IT systems, applications, and data § Confidential data compromised remotely § Data leakage in violation of data classification standards
  • 31. Page 31Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Systems/Applications Domain Cloud Computing § Unauthorized access to data centers, computer rooms, and wiring closets § Difficult-to-manage servers that require high availability § Server operating systems software vulnerability management § Security required by cloud computing virtual environments § Corrupt or lost data
  • 32. Page 32Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: PROCESSES
  • 33. Page 33Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad Confidentiality AUP Security Awareness Policy Enhanced Access Control
  • 34. Page 34Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Integrity AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management
  • 35. Page 35Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Availability AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management Data Classification Standard
  • 36. Page 36Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: ROLES
  • 37. Page 37Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Who Implements the CIA Triad? Confidentiality Integrity Availability §User §IT administrator §Network administrator §Human resources §Senior management §User §IT administrator §Network administrator §Human resources §Senior management §IT administrator §Network administrator §Third-party vendor
  • 38. Page 38Fundamentals of Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Summary §Terms associated with ISS include risks, threats, and vulnerabilities. §Layered security strategy protects an IT infrastructure’s CIA. §IT policy framework includes policies, standards, procedures, and guidelines. §Data classification standard defines how data is to be handled within an IT infrastructure.