1 Figure 1-6: Attacks and Defenses (Study Figure) Access Control Access control is the body of strategies and practices that a company uses to prevent improper access Prioritize assets Specify access control technology and procedures for each asset Test the protection
2 Figure 1-6: Attacks and Defenses (Study Figure) Site Access Attacks and Defenses Wiretaps (including wireless LANs intrusions Hacking servers with physical access
3 Figure 1-6: Attacks and Defenses (Study Figure) Social Engineering Tricking an employee into giving out information or taking an action that reduces security or harms a system Opening an attachment that may contain a virus Asking for a password claming to be someone with rights to know it Asking for a file to be sent to you
4 Figure 1-6: Attacks and Defenses (Study Figure) Social Engineering Defenses Training Enforcement through sanctions (punishment)
5 Figure 1-6: Attacks and Defenses (Study Figure) Dialog Attacks and Defenses Eavesdropping Encryption for Confidentiality Imposters and Authentication Cryptographic Systems