Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.

Slides:



Advertisements
Similar presentations
Computer Security Ethics
Advertisements

 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.
Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Breaking Trust On The Internet
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security+ Guide to Network Security Fundamentals, Third Edition
Security+ Guide to Network Security Fundamentals
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Chapter 1 Introduction to Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CYBER CRIME AND SECURITY TRENDS
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
General Awareness Training
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Computer Crime and Information Technology Security
Cyber Crimes.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Presented by: Dr. Munam Ali Shah
Last modified Certificate in Network Security.
Computing Essentials 2014 Privacy, Security and Ethics © 2014 by McGraw-Hill Education. This proprietary material solely for authorized instructor use.
CYBER CRIME.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Lecture 21 Computer Security Ethics
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Topic 5: Basic Security.
McGraw-Hill/Irwin © 2013 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 11 Computer Crime and Information Technology Security.
Why Cryptography is Harder Than It Looks
Chap1: Is there a Security Problem in Computing?.
CONTROLLING INFORMATION SYSTEMS
Introduction to Security Dr. John P. Abraham Professor UTPA.
Computer Security By Duncan Hall.
Chapter 1: Information Security Fundamentals Security+ Guide to Network Security Fundamentals Second Edition.
Introduction to Security Niken D Cahyani Gandeva Bayu Satrya Telkom Institute of Technology Chapter -1.
Security+ Guide to Network Security Fundamentals, Fourth Edition
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Issues for Computer Users, Electronic Devices, Computer and Safety.
Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.
Introduction to Information Security Module 1. Objectives Definitions of information technology and information security Fundamental Security Concepts.
About the Presentations
Add video notes to lecture
3.6 Fundamentals of cyber security
Network Security Fundamentals
Fundamentals of Information Systems
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Chapter 11 crime and security in the networked economy
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.
Year 10 ICT ECDL/ICDL IT Security.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Cybersecurity Awareness
Chapter 1: Information Security Fundamentals
Chapter 1: Information Security Fundamentals
Chapter 1: Information Security Fundamentals
Security in mobile technologies
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security

Security+ Guide to Network Security Fundamentals, Third Edition Objectives Describe the challenges of securing information Define information security and explain why it is important Identify the types of attackers that are common today List the basic steps of an attack Describe the five steps in a defense Explain the different types of information security careers and how the Security+ certification can enhance a security career 2

Security+ Guide to Network Security Fundamentals, Third Edition Challenges of Securing Information There is ________________ to securing information This can be seen through the different types of attacks that users face everyday  Difficult and costly to defend against attacks ___________________________________ on computer security and the cost is rising  Attacks include: ________________________ attacks due to ___________________ Phishing scams Attacks due to __________________ etc 3

4

Security+ Guide to Network Security Fundamentals, Third Edition Difficulties in Defending against Attacks Difficulties include the following:  _______________________  Greater sophistication of attacks  ________________________________  Attackers can ____________________________ and more ______________________________ _______________ attack- an attack that occurs when an attacker _______________________________________ _______________________________________  Zero days of warning  Delays in patching hardware and software products  Most attacks are now _________________, instead of coming from only one source  User confusion 5

Security+ Guide to Network Security Fundamentals, Third Edition6 Difficulties in Defending against Attacks (summary)

Security+ Guide to Network Security Fundamentals, Third Edition Defining Information Security Information security involves the tasks of __________________________________  On PC’s, DVD’s, USB’s etc  ______________________________________ Also ensures that ______________________ __________________________________ Cannot completely prevent attacks or guarantee that a system is totally secure 7

Security+ Guide to Network Security Fundamentals, Third Edition Defining Information Security (continued) Information security is intended to protect valuable information with the following characteristics:  ____________________ ensures that ________ ____________________ can view the information  __________ ensures that the information is correct and _____________________________________  ______________________ ensures that ________ ____________________________________ 8

Security+ Guide to Network Security Fundamentals, Third Edition Comprehensive Definition of Information Security That which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures 9

Security+ Guide to Network Security Fundamentals, Third Edition Information Security Terminology _____________  Something that has a ____________ ______________  An event or object that may ___________________ in place and result in ____________________________ _______________________  A _______________ that has the __________________________ Includes __________________ such as flood, earthquake etc Includes man-made agents such a a _______________ ____________________________  _____________ that allows a threat agent to _______________  _______________________ a weakness is known as __________ a security weakness _______________________  The ______________ that a threat agent will _________________  Realistically, risk cannot ever be entirely eliminated 10

Security+ Guide to Network Security Fundamentals, Third Edition Five Main Goals of Information Security 1. __________________________________  The theft of data is one of the ____________________ _________________ due to an attack Example- data containing company research, list of customers, list of salaries etc  Individuals can also be victims of data thievery 2. _________________________________  Identity theft involves __________________________ ____________ to establish bank or credit card accounts Cards are then left unpaid, leaving the victim with the debts and ruining their credit rating  Best defense is to protect data from being stolen in the first place 11

Security+ Guide to Network Security Fundamentals, Third Edition Five Main Goals of Information Security (continued) 3. ______________________________  A number of federal and state laws have been enacted to protect the privacy of electronic data  _________________________________ ______________________________________  Examples of laws: HIPAA- deals with the protection of health information Sarbanes-Oxley- fights corporate corruption 12

Security+ Guide to Network Security Fundamentals, Third Edition Five Main Goals of Information Security (continued) 4. ____________________________  _______________________________ such as time and money away from normal activities 5. ________________________________  Cyberterrorism _____________________________________________ _____________________________________________ ___________________________________________ Prime targets-  Utility, telecommunications, and financial services companies 13

Security+ Guide to Network Security Fundamentals, Third Edition Who Are the Attackers? _________ Generic sense: _______________________ or attempts to break into ________________ Narrow sense: a ____________________ _________________________ only to expose security flaws Possess ___________________________  Some hackers believe it is ethical- although illegal- to break into another person’s computer system as long as they do not commit theft, vandalism, or breach any confidentiality 14

Security+ Guide to Network Security Fundamentals, Third Edition Who Are the Attackers? ___________ Want to _____________________________ _____________________________ _______________________ Download _________________________ (scripts) from Web sites and use it to break into computers  Script kiddies tend to be computer users who have almost unlimited amounts of leisure time, and therefore are often considered more dangerous than hackers 15

Security+ Guide to Network Security Fundamentals, Third Edition Who Are the Attackers? __________ Computer spy  A _____________________________________ ________________________________ Spies are hired to attack a _____________ ______________ that contains sensitive information and _____________________ without drawing any attention to their actions Possess _____________________________ 16

Security+ Guide to Network Security Fundamentals, Third Edition Who Are the Attackers? __________ One of the ____________________________ to a business actually comes from its employees Reasons:  An employee might want to ________________________ in their security  ______________________ may be intent on retaliating against the company  ________________________________  __________________________________ into stealing from employer 17

Security+ Guide to Network Security Fundamentals, Third Edition Who Are the Attackers? _____________ A ______________________________ _______________ who are highly motivated and ____________________, ___________, and tenacious  Launch ______________________ against financial networks, utility companies etc Cybercriminals have a more focused goal: ____________________! 18

Security+ Guide to Network Security Fundamentals, Third Edition Cybercrime ___________________________________, unauthorized access to information, and the __________________________ Financial cybercrime is often divided into two categories  Trafficking in stolen credit card numbers and financial information  Using spam to commit fraud 19

Security+ Guide to Network Security Fundamentals, Third Edition Cyberterrorists Motivation may be defined as ideology, or ________ _________________________________  May lie dormant for a period of time then strike without warning Goals of a cyberattack by cyberterrorists:  To ___________________________ and spread misinformation and propaganda  To _______________________________________  To __________________________ into systems and networks that result in critical infrastructure outages and corruption of vital data 20

Security+ Guide to Network Security Fundamentals, Third Edition Steps of an Attack There are a wide variety of attacks that can be launched against a computer or network The ________________ are used in most attacks 1. ______________________ this ___________________ is essential in ____________________________________ version of software etc. 2. _______________________ ex: breaking passwords 3. ________________________ AKA _________________ ~ Allows attacker to _____________________________ more easily 4. ______________________________ use of compromised system to attack other networks or computers 5. ___________________________ ex: delete or modify files, steal data, launch a DoS attack 21

Security+ Guide to Network Security Fundamentals, Third Edition22

Security+ Guide to Network Security Fundamentals, Third Edition Defenses against Attacks Protecting computers against the previous steps in an attack calls for __________ fundamental security principles:  _________________________________ to withstand an attack 23

Security+ Guide to Network Security Fundamentals, Third Edition Fundamental Security Principles: Layering Security system must have layers, making it ____________________________________ _______________________ of defenses  One defense mechanism may be relatively easy for an attacker to circumvent A _________________________ can also be _________________________________ Layered security provides the ___________ ______________________________ 24

Security+ Guide to Network Security Fundamentals, Third Edition Fundamental Security Principles: Limiting Limiting access to information reduces the threat against it ____________________________________ __________________________  In addition, the amount of access granted to someone should be limited to ______________ ______________________________ Some ways to limit access are technology- based, while others are procedural 25

Security+ Guide to Network Security Fundamentals, Third Edition Fundamental Security Principles: Diversity ________________________________  If attackers penetrate one layer, they cannot use the same techniques to break through all other layers Using diverse layers of defense means that ____________________________________ ________________________________  Example- use of security products from different vendors 26

Security+ Guide to Network Security Fundamentals, Third Edition Fundamental Security Principles: Obscurity AKA “Security by Obscurity” _________________________________________ _________________________________________ can be an important way to protect information An example of obscurity would be _____________ _______________________, software, and network connection a computer uses  An attacker who knows that information can more easily determine the weaknesses of the system to attack it 27

Security+ Guide to Network Security Fundamentals, Third Edition Fundamental Security Principles: Simplicity Information security is by its very nature complex Complex security systems can be hard to understand, troubleshoot, and feel secure about As much as possible, a ________________ ____________________________________ __________________ for a potential attacker  Complex security schemes are often compromised by employees themselves to make them easier for (trusted) users to work with 28

Security+ Guide to Network Security Fundamentals, Third Edition Summary Attacks against information security have grown exponentially in recent years There are several reasons why it is difficult to defend against today’s attacks Information security may be defined as that which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures The main goals of information security are to prevent data theft, thwart identity theft, avoid the legal consequences of not securing information, maintain productivity, and foil cyberterrorism 29

Security+ Guide to Network Security Fundamentals, Third Edition Summary (continued) The types of people behind computer attacks are generally divided into several categories There are five general steps that make up an attack: probe for information, penetrate any defenses, modify security settings, circulate to other systems, and paralyze networks and devices The demand for IT professionals who know how to secure networks and computers from attacks is at an all-time high 30

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.