Computer Security Fundamentals

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Instant Messenger Security with a focus on implementing security policies in corporate IM services Kaushal S Chandrashekar CS 691 Dr. Edward Chow UCCS.
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.
Computer Security Fundamentals by Chuck Easttom Chapter 3 Cyber Stalking, Fraud, and Abuse.
An Introduction to System Administration Chapter 1.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 6 Enterprise Security.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Computer Security: Principles and Practice
Factors to be taken into account when designing ICT Security Policies
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
1.0 Computer Lab Regulations 1.1 Computer Lab Rules 1.2 User 1.3 Equipment 1.4 Data and User Security.
Higher Administration
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Digital Citizenship By Web Design.  It is a system to teach students and teachers the way to use technology correctly. As new technology appears we all.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.
Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.
SECURITY POLICIES Indu Ramachandran. Outline General idea/Importance of security policies When security policies should be developed Who should be involved.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Project Management Methodology Project Closing. Project closing stage Must be performed for all projects, successfully completed or shut off by management.
CSU - DCE Internet Security... Privacy Overview - Fort Collins, CO Copyright © XTR Systems, LLC Setting Up & Using a Site Security Policy Instructor:
Chapter 3.  The characteristics and purpose of: ◦ Intranets ◦ Internet ◦ Extranets.
Enterprise Network Risks Attachments -- Workers opening an attachment could unleash a worm or virus onto the corporate network, and a new evolution.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Unit 4 IT 484 Networking Security Course Name – IT Networking Security 1203C Term Instructor.
Computer Security Fundamentals by Chuck Easttom Chapter 13 Cyber Detective.
Discovering Computers Fundamentals, Third Edition CGS 1000 Introduction to Computers and Technology Spring 2007.
1 User Policy (slides from Michael Ee and Julia Gideon)
13.6 Legal Aspects Corporate IT Security Policy. Objectives Understand the need for a corporate information technology security policy and its role within.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. 2-1 BUSINESS DRIVEN TECHNOLOGY Business Plug-In B2 Ethics.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
EECS 4482 Fall 2014 Session 8 Slides. IT Security Standards and Procedures An information security policy is at a corporate, high level and generally.
Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
By Liam Wright Manga comic group Japan SAFETY on your computer.
©Dr. Respickius Casmir Network Security Best Practices – Session 2 By Dr. Respickius Casmir.
Communications & Networks National 4 & 5 Computing Science.
Computer Security Fundamentals by Chuck Easttom Chapter 11 Network Scanning and Vulnerability Scanning.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B7 Ethics.
Computer Security By Duncan Hall.
Proposed UW Minimum Computer Security Standards From C&C 28 Jan 2005 Draft.
Virus Assignment JESS D. How viruses affect people and businesses  What is a virus? A computer virus is a code or a program that is loaded onto your.
MIS323 – Business Telecommunications Chapter 10 Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
For More Tutorials ACC 210 WEEK 1 DQ 1  How does information flow between departments at your organizations? Why do some organizations.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
Developing a Network Security Policy By: Chris Catalano.
Information Systems Security
CS457 Introduction to Information Security Systems
Managing Secure Network Systems
Computer Security Fundamentals
Chapter 17 Risks, Security and Disaster Recovery
Introduction to the Federal Defense Acquisition Regulation
MIP Assignments.
Computer Security Fundamentals
COMPUTER ETHICS: Gender Effects and Employee Internet Misuse
Virtual Private Networks (VPN)
Guidelines for building security policies. Building a successful set of security policies will ensure that your business stands the best possible chance.
Presentation transcript:

Computer Security Fundamentals by Chuck Easttom Chapter 10 Security Policies

Chapter 10 Objectives Recognize the importance of security policies Understand the various policies and the rationale for them Know what elements go into good policies Create policies for network administration Evaluate and improve existing policies Explain what cyber terrorism is and how it has been used in some actual cases. Understand the basics of information warfare. Have a working knowledge of some plausible cyber terrorism scenarios. Have an appreciation for the dangers posed by cyber terrorism. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Introduction Technology by itself cannot solve all network security problems. Cyber terrorism, according to the definition of the FBI: Premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents. Typically, loss of life in a cyber attack would be less than in a bombing attack. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Introduction (cont.) Virus software won't prevent a user from manually opening an attachment and releasing a virus. A technologically secured network is still vulnerable if former employees (perhaps some unhappy with the company) still have working passwords. Or if passwords are simply put on Post-it notes on computer monitors. A server is not secure if it is in a room that nearly everyone in the company has access to. Your network is not secure if end users are vulnerable to social engineering. All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

What Is a Policy? A security policy is a document that defines how an organization deals with some aspect of security. There can be policies regarding end-user behavior, IT response to incidents, or policies for specific issues and incidents. All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Defining User Policies Passwords Internet use E-mail attachments Installing/uninstalling software Instant messaging Desktop configuration All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

System Admin Policies New Employees Departing Employees Change Control Access Control All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Incident Response Policies Handling viruses Dealing with breaches All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Summary In this chapter, you learned the technology is not enough to ensure a secure network. You must have clear and specific policies detailing procedures on your network. Those policies must cover employee computer resource use, new employees, outgoing employees, access rights, how to respond to an emergency, and even how secure code in applications and websites is. User policies must cover all aspects of how the user is expected to use company technology. In some cases, such as instant messaging and web use, policies may be difficult to enforce, but that does not change that they must still be in place. If your user policies fail to cover a particular area of technology use, then you will have difficulty taking any action against any employee who performs that particular misuse. © 2012 Pearson, Inc. Chapter 10 Computer Security Policies

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.