Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by : - Ankit kumar Mishra Rohit gir

Published byMyron Bishop Modified over 6 years ago

Similar presentations

Presentation on theme: "Presented by : - Ankit kumar Mishra Rohit gir"— Presentation transcript:

1 Presented by : - Ankit kumar Mishra Rohit gir
Information Security Presented by : - Ankit kumar Mishra Rohit gir

2 The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu

3 Information Security (IS)
when raw facts and figures are processed Communicate meaningful/understandable sentence Security :- Degree of resistance or protection from harm As quoted by Institute for Security and Open Methodologies (ISECOM) “a form of protection where a separation is created between the assets and the threat”

4 Information Security (cont.)
“Preservation of confidentiality, integrity and availability of information. Note: In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.” (ISO/IEC 27000:2009) “The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.” (CNSS, 2010) Note :- IEC – International Electro-technical Commission ISO – International Organization for Standard CNSS – Committee on National Security Systems

5 Terminologies Confidentiality: In information security, confidentiality "is the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes" (Excerpt ISO27000). Integrity: In information security, data integrity means maintaining and assuring the accuracy and completeness of data over its entire life-cycle. This means that data cannot be modified in an unauthorized or undetected manner. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of consistency as understood in the classic ACID model of transaction processing. Information security systems typically provide message integrity in addition to data confidentiality.

6 Terminologies (cont.) Availability: For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down. Non-repudiation: In law, non-repudiation implies one's intention to fulfil their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. Note: This is also regarded as part of Integrity.

7 Threat level Low: The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (ii) result in minor damage to organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to individuals. Moderate: The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect means that, for example, the loss might (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (ii) result in significant damage to organizational assets; (iii) result in significant financial loss; or (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries.

8 Threat level (cont.) High: The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect means that, for example, the loss might (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of life or serious, life- threatening injuries.

9 Penetration testing(Pentest) Phases
Phase 1 – Reconnaissance Phase 2 – Scanning Phase 3 – Gaining Access Phase 4 – Maintaining Access Phase 5 – Covering Tracks

10 Phase 1 – Reconnaissance
What enables the enlightened rulers and good generals to conquer the enemy at every move and achieve extraordinary success is foreknowledge. —Sun-tzu longest phase Information gained through Internet searches Social engineering Dumpster diving Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) treasures like access codes or passwords written down on sticky notes, phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques

11 Phase 1 – Reconnaissance (cont.)
Employees are often easily tricked For providing tidbits of information which, over time, act to complete a complete picture of processes, organizational structure, and potential soft-spots Non-intrusive network scanning Don't alert them Domain name management/search services WhoIS

12 Phase 1 – Reconnaissance (Prevention)
Make sure your systems don't leak information to the Web, including: Software versions and patch levels addresses Names and positions of key personnel Ensure proper disposal of printed information Provide generic contact information for domain name registration lookups Like company info. and contact Prevent perimeter LAN/WAN devices from responding to scanning attempts

13 Phase 2 – Scanning Open ports Open services
Vulnerable applications, including operating systems Weak protection of data in transit Make and model of each piece of LAN/WAN equipment

14 Phase 2 – Scanning (cont.)

15 Phase 3 - Gaining Access Modern-day attack
to either extract information of value to the attacker or use the network as a launch site for attacks against other targets

16 Phase 3 - Gaining Access (cont.)

17 Phase 3 - Gaining Access (Prevention)
Physical security controls should detect attempts at a hands-on attack delay an intruder long enough to allow effective internal or external human response (i.e., security guards or law enforcement). Security managers should make every effort to ensure end-user devices and servers are not easily accessible by unauthenticated users. denying local administrator access to business users closely monitoring domain and local admin access to servers

18 Phase 3 - Gaining Access (Prevention)
encrypt highly sensitive information and protect keys Even if network security is weak, scrambling information and denying attacker access to encryption keys is a good final defence when all other controls fail. But don't rely on encryption alone. There are other risks due to weak security, such as system unavailability or use of your network in the commission of a crime.

19 Phase 4 - Maintaining Access
Having gained access, an attacker must maintain access long enough to accomplish his or her objectives.  Although an attacker reaching this phase has successfully circumvented your security controls, this phase can increase the attacker's vulnerability to detection. Detect and filter file transfer content to external sites or internal devices Look for connections to odd ports or nonstandard protocols Prevent/detect direct session initiation between servers in your data centre and networks/systems not under your control

20 Phase 4 - Maintaining Access (cont.)

21 Phase 5 – Covering Tracks
After achieving his or her objectives, the attacker typically takes steps to hide the intrusion and possible controls left behind for future visits.  Again, in addition to anti-malware, personal firewalls, and host-based IPS solutions, deny business users local administrator access to desktops.  Alert on any unusual activity, any activity not expected based on your knowledge of how the business works.  To make this work, the security and network teams must have at least as much knowledge of the network as the attacker has obtained during the attack process.

22 Why is IS needed? We need information security to reduce the risk of unauthorized information disclosure, modification, and destruction. We need information security to reduce risk to a level that is acceptable to the business (management). We need information security to improve the way we do business.

23 If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. ― Sun Tzu, The Art of War Any Questions

24 Thank You

Download ppt "Presented by : - Ankit kumar Mishra Rohit gir"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network security policy: best practices

Network security policy: best practices
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
APA of Isfahan University of Technology In the name of God.

APA of Isfahan University of Technology In the name of God.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.

Similar presentations

Ads by Google