Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Slides:



Advertisements
Similar presentations
A NASSCOM ® Initiative Comprehensive Computer Security Software An advanced computer security software usually have one or more of the following utilities.
Advertisements

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Security Issues and Challenges in Cloud Computing
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Barracuda Web Application Firewall
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
DIYTP What is Cybercrime?  Using the Internet to commit a crime.  Identity Theft  Hacking  Viruses  Facilitation of traditional criminal activity.
presentation topic : cyber crimes and security By ashwini awatare
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Securing Information Systems
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
Computer Crime and Information Technology Security
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Computing Essentials 2014 Privacy, Security and Ethics © 2014 by McGraw-Hill Education. This proprietary material solely for authorized instructor use.
C8- Securing Information Systems
8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.
Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
Chap1: Is there a Security Problem in Computing?.
Malicious Software.
Computer Security By Duncan Hall.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
FIREWALLS Created and Presented by: Dawn Blitch & Fredda Hutchinson.
DEPARTMENT OF COMPUTER SCIENCE INTRODUCTION TO CYBER AND SECURITY.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Securing Information Systems
Web Application Protection Against Hackers and Vulnerabilities
Critical Security Controls
Instructor Materials Chapter 7 Network Security
Introduction to Network Security
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
CHAPTER 4 Information Security.
Computer Security Fundamentals
Securing Information Systems
Security in Networking
Computer Security Elaine Munn Introduction to Computer Security.
Introduction to Cybercrime and Security
Introduction to Network Security
Computer Security By: Muhammed Anwar.
Presentation transcript:

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 2 Chapter 1 Objectives Identify top threats to a computer network Assess the likelihood of an attack Define key terms like cracker, sneaker, firewall, and authentication Compare and contrast perimeter and layered approaches to network security Use online resources

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 3 Introduction Computer systems and networks are all around us.  Online banking  Automated supermarket checkouts  Online classes  Online shopping  Online travel resources

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 4 Introduction (cont.) How is personal information safeguarded? What are the vulnerabilities? What secures these systems?

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 5 How Seriously Should You Take Threats to Network Security? Which group do you belong to?  “No one is coming after my computer.”  “The sky is falling!”  Middle ground.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 6 Identifying Types of Threats Malware: MALicious softWARE Security Breaches DoS: Denial o f S ervice attacks Web Attacks Session Hijacking DNS Poisoning

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 7 Malware Software with a malicious purpose  Virus  Trojan horse  Spyware  Logic Bomb

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 8 Malware (cont.) Virus  One of the two most common types  Usually spreads through  Uses system resources, causing slowdown or stoppage

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 9 Malware (cont.) Trojan Horse  The other most common kind of malware  Named after the wooden horse of ancient history

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 10 Malware (cont.) Spyware  The most rapidly growing types of malware Cookies Key logger

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 11 Malware (cont.) Logic Bomb  Lays dormant until some logical condition is met, often a specific date.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 12 Compromising System Security Intrusions  Attacks that break through system resources Hackers Crackers Social engineering War-driving

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 13 Denial of Service Attacks The attacker does not intrude into the system but just blocks access by authorized users.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 14 Web Attacks The attacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 15 Session Hijacking This is a complex attack that involves actually taking over an authenticated session.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 16 DNS Poisoning This involves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 17 Assessing the Likelihood of an Attack on Your Network Viruses  Catch up on new and refurbished viruses Unauthorized use of systems  DoS attacks  Intrusions  Employee misuse

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 18 Basic Security Terminology People:  Hackers White hats Black hats Gray hats  Script kiddies  Sneakers  Ethical hackers

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 19 Basic Security Terminology (cont.) Devices  Firewall Filters network traffic  Proxy server Disguises IP address of internal host  Intrusion Detection System Monitors traffic, looking for attempted attacks

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 20 Basic Security Terminology (cont.) Activities  Authentication  Auditing

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 21 Network Security Paradigms How will youprotect your network?  CIA Triangle  Least Privileges  Perimeter security approach  Layered security approach  Proactive versus reactive  Hybrid security method

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 22 How Do Legal Issues Impact Network Security? The Computer Security Act of 1987 OMB Circular A-130 See legal/statelaw.txt for state computer lawswww.alw.nih.gov/Security/FIRST/papers/ legal/statelaw.txt Health Insurance Portability and Accountability Act of 1996, HIPAA

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 23 Online Security Resources CERT  Microsoft Security Advisor  F-Secure  SANS 

© 2012 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security 24 Summary Network security is a constantly changing field. You need three levels of knowledge.  Take the courses necessary to learn the basic techniques.  Learn your enterprise system intimately, with all its strengths and vulnerabilities.  Keep current in the ever-changing world of threats and exploits.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.