Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 1: Information Security Fundamentals

Published byCarmella Holt Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapter 1: Information Security Fundamentals"— Presentation transcript:

1 Chapter 1: Information Security Fundamentals
Security+ Guide to Network Security Fundamentals Second Edition

2 Objectives Identify the challenges for information security
Define information security Explain the importance of information security List and define information security terminology Describe the CompTIA Security+ certification exam Describe information security careers Security+ Guide to Network Security Fundamentals, 2e

3 Today’s Attacks and Defenses
What is the deadliest security attack that you can imagine? A virus that erases all the contents of a hard disk drive? A malicious program that locks up files until the user pays a “ransom” to have them released? The theft of millions of user passwords? Although each of these attacks can be extremely harmful, the deadliest attacks could result in the actual death of the victim. These deadly attacks are directed against medical devices that sick patients rely upon to live.

4 Today’s Attacks and Defenses
An insulin pump is a small medical device worn by diabetics that administers insulin as an alternative to multiple daily injections with an insulin syringe or pen. One security researcher, himself a diabetic, demonstrated at a security conference a wireless attack on an insulin pump that could secretly change the delivery dosage of insulin to the patient. By scanning for wireless devices in a public space up to 300 feet (91 meters), this researcher could locate vulnerable insulin pumps made by a specific medical device manufacturer, and then force these devices to dispense fatal insulin dose just as an attacker could.

5 Difficulties in Defending Against Attacks
Universally connected devices(desktop computer, tablet, laptop, smartphone ...) it easy for an attacker halfway around world to silently launch an attack against a connected device. Increased speed of attacks. With modern tools attackers can quickly scan millions of devices to find weaknesses and launch attacks with unprecedented speed. Most attack tools initiate new attacks without any human participation,. Security+ Guide to Network Security Fundamentals, 2e

6 Difficulties in Defending Against Attacks
Greater sophistication of attacks. Attackers today use common Internet protocols and applications to perform attacks, making it more difficult to distinguish an attack from legitimate traffic. Availability and simplicity of attack tools. Today’s software attack tools do not require any sophisticated knowledge on the part of the attacker. In fact, many of the tools, such as the Kali Linux interface shown in Figure 1-1, have a graphical user interface (GUI) that allows the user to easily select options from a menu. Faster detection of vulnerabilities. Weakness in hardware and software can be more quickly exploited with new software tools and techniques. Distributed attacks. Attackers can use hundreds of thousands of computers under their control in an attack against a single server or network. This “many against one” approach makes it virtually impossible to stop an attack by identifying and blocking a single source.

7

8 Defining Information Security (continued)
– Tasks of guarding digital information, which is typically processed by a computer, stored on a storage device, and transmitted over a network spacing Security+ Guide to Network Security Fundamentals, 2e T

9 Defining Information Security (continued)
Information security is intended to protect information that has value to people and organizations This value comes from the characteristics of the information: Confidentiality Integrity Availability Information security is achieved through a combination of three entities Security+ Guide to Network Security Fundamentals, 2e R

10 Defining Information Security (continued)
Confidentiality: Prevention of unauthorized disclosure of information. Or keeping unwanted parties from accessing assets of a computer system Also known as: secrecy or privacy Integrity: Prevention of unauthorized modification of information. Availability: Prevention of unauthorized withholding(حجب) of information or resources. Or keeping system available Security+ Guide to Network Security Fundamentals, 2e ’t

11 Defining Information Security (continued)
Information security is achieved through a process that is a combination of three entities. As shown in Figure 1-3 and Table 1-3, information and the hardware, software, and communications are protected in three layers: products, people, and policies and procedures. These three layers interact with each other: procedures enable people to understand how to use products to protect information.

12

13 Defining Information Security (continued)
Security+ Guide to Network Security Fundamentals, 2e ’’

14 Defining Information Security (continued)
A more comprehensive definition of information security is: – That which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures Security+ Guide to Network Security Fundamentals, 2e ’‘

15 Understanding the Importance of Information Security
Information security is important to businesses: Prevents data theft Avoids legal consequences of not securing information Maintains productivity Foils cyberterrorism Thwarts(يحبط) identity theft Security+ Guide to Network Security Fundamentals, 2e ’³

16 Preventing Data Theft Security often associated with theft prevention
Drivers install security systems on their cars to prevent the cars from being stolen Same is true with information security—businesses cite preventing data theft as primary goal of information security Security+ Guide to Network Security Fundamentals, 2e ’9

17 Preventing Data Theft (continued)
Theft of data is single largest cause of financial loss due to a security breach One of the most important objectives of information security is to protect important business and personal data from theft Security+ Guide to Network Security Fundamentals, 2e ’‘

18 Avoiding Legal Consequences
Businesses that fail to protect data may face serious penalties Laws include: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) The Sarbanes-Oxley Act of 2002 (Sarbox) The Cramm-Leach-Blilely Act (GLBA) USA PATRIOT Act 2001 Security+ Guide to Network Security Fundamentals, 2e ’T

19 Maintaining Productivity
After an attack on information security, clean-up efforts divert resources, such as time and money away from normal activities Security+ Guide to Network Security Fundamentals, 2e ’M

20 Foiling إحباط Cyberterrorism
An area of growing concern among defense experts are surprise attacks by terrorist groups using computer technology and the Internet (cyberterrorism) These attacks could cripple a nation’s electronic and commercial infrastructure. Attacks are directed at targets such as the banking industry, power plants, air traffic control centers, and water systems. Our challenge in combating cyberterrorism is that many prime targets are not owned and managed by the federal government Security+ Guide to Network Security Fundamentals, 2e ’t

21 Thwarting اجهاضIdentity Theft
Identity theft involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating Security+ Guide to Network Security Fundamentals, 2e ’’

22 Information Security Terminology (continued)
Asset Something that has a value Threat An event or object that may defeat the security measures in place and result in a loss Threat agent A person or thing that has the power to carry out a threat Security+ Guide to Network Security Fundamentals, Third Edition ’’

23 Information Security Terminology (continued)
Vulnerability Weakness that allows a threat agent to bypass security Risk The likelihood that a threat agent will exploit a vulnerability Realistically, risk cannot ever be entirely eliminated Security+ Guide to Network Security Fundamentals, Third Edition ’‘

24 Information Security Terminology (continued)
Security+ Guide to Network Security Fundamentals, Third Edition ’³

25 Information Security Terminology (continued)
Security+ Guide to Network Security Fundamentals, Third Edition ’9

26 Table 1-4 lists a description of the elements of an organization’s information technology infrastructure and whether or not they would normally be considered as an asset.

27 Attacks and Defenses

28 Steps of an Attack A kill chain is a military term used to describe the systematic process to target and engage an enemy. An attacker who attempts to break into a web server or computer network actually follows these same steps. Known as the Cyber Kill Chain® it outlines these steps of an attack: 1. Reconnaissance. The first step in an attack is to probe for any information about the system: the type of hardware used, version of operating system software, and even personal information about the users. This can reveal if the system is a viable target for an attack and how it could be attacked. 2. Weaponization. The attacker creates an exploit (like a virus) and packages it into a deliverable payload (like a Microsoft Excel spreadsheet) that can be used against the target.

29 Steps of an Attack 3. Delivery. At this step the weapon is transmitted to the target, such as by an attachment or through an infected web server. 4. Exploitation. After the weapon is delivered to the victim, the exploitation stage triggers the intruders’ exploit. Generally the exploitation targets an application or operating system vulnerability, but it also could involve tricking the user into taking a specific action. 5. Installation. At this step the weapon is installed to either attack the computer or install a remote “backdoor” so the attacker can access the system. 6. Command and Control. Many times the compromised system connects back to the attacker so that the system can be remotely controlled by the attacker and receive future instructions. 7. Actions on Objectives. Now the attackers can start to take actions to achieve their original objectives, such as stealing user passwords or launching attacks against other computers.

30 Defenses Against Attacks
Although multiple defenses may be necessary to withstand an attack, these defenses should be based on five fundamental security principles: layering, limiting, diversity, obscurity, and simplicity. These principles provide a foundation for building a secure system.

31 Layering: information security must be created in layers
Layering: information security must be created in layers. If only one defense mechanism is in place, an attacker only has to circumvent that single defense. Instead, a security system must have layers, making it unlikely that an attacker has the tools and skills to break through all the layers of defenses. A layered approach also can be useful in resisting a variety of attacks. Layered security provides the most comprehensive protection. Limiting: Limiting access to information reduces the threat against it. This means that only those personnel who must use the data should have access to it. In addition, the type of access they have should be limited to what those people need to perform their jobs. For example, access to the human resource database for an organization should be limited to only employees who have a genuine need to access it, such as human resource personnel or vice presidents. And, the type of access also should be restricted: human resource employees may be able to view employee salaries but not change them.

32 Diversity: Information security diversity may be achieved in several ways. For example, some organizations use security products provided by different manufacturers. An attacker who can circumvent a security device from Manufacturer A could then use those same skills and knowledge to defeat all of the same devices used by the organization. However, if devices from Manufacturer A and similar devices from Manufacturer B were both used by the same organization, the attacker would have more difficulty trying to break through both types of devices because they would be different. Obscurity: An example of obscurity in information security would be not revealing the type of computer, version of operating system, or brand of software that is used. An attacker who knows that information could use it to determine the vulnerabilities of the system to attack it. However, if this information is concealed it is more difficult to attack the system, since nothing is known about it and it is hidden from the outside. Obscuring information can be an important means of protection.

33 Simplicity: Complex security systems can be hard to understand, troubleshoot, and even feel secure about. As much as possible, a secure system should be simple for those on the inside to understand and use. Complex security schemes are often compromised to make them easier for trusted users to work with, yet this can also make it easier for the attackers. In short, keeping a system simple from the inside, but complex on the outside, can sometimes be difficult but reaps a major benefit.

34 Exploring the CompTIA Security+ Certification Exam (continued)
Since 1982, the Computing Technology Industry Association (CompTIA) has been working to advance the growth of the IT industry CompTIA is the world’s largest developer of vendor- neutral IT certification exams The CompTIA Security+ certification tests for mastery in security concepts and practices Security+ Guide to Network Security Fundamentals, 2e ’‘

35 Exploring the CompTIA Security+ Certification Exam (continued)
The Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge Used by organizations and security professionals around the world The six domains covered by the Security+ exam: – Systems Security, Network Infrastructure, Access Control, Assessments and Audits, Cryptography, and Organizational Security Security+ Guide to Network Security Fundamentals, 2e ’T

36 Surveying Information Security Careers
Information security is one of the fastest growing career fields As information attacks increase, companies are becoming more aware of their vulnerabilities and are looking for ways to reduce their risks and liabilities Security+ Guide to Network Security Fundamentals, 2e ’M

37 Surveying Information Security Careers (continued)
Sometimes divided into three general roles: Security manager develops corporate security plans and policies, provides education and awareness, and communicates with executive management about security issues Security engineer designs, builds, and tests security solutions to meet policies and address business needs Security administrator configures and maintains security solutions to ensure proper service levels and availability Security+ Guide to Network Security Fundamentals, 2e ’R

38 Summary The challenge of keeping computers secure is becoming increasingly difficult Attacks can be launched without human intervention and infect millions of computers in a few hours Information security protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures Security+ Guide to Network Security Fundamentals, 2e ‘t

39 Summary (continued) Information security has its own set of terminology A threat is an event or an action that can defeat security measures and result in a loss Many organizations use the CompTIA Security+ certification to verify security competency Security+ Guide to Network Security Fundamentals, 2e ‘’

Download ppt "Chapter 1: Information Security Fundamentals"

Similar presentations

Network+ Guide to Networks, Fourth Edition

Network+ Guide to Networks, Fourth Edition
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Chapter 1 Introduction to Security

Chapter 1 Introduction to Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.

Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Course ILT Course Code CSN 208 Network Security. Course ILT Course Description This course provides an in-depth study of network security issues, standards,

Course ILT Course Code CSN 208 Network Security. Course ILT Course Description This course provides an in-depth study of network security issues, standards,
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
What does “secure” mean? Protecting Valuables

What does “secure” mean? Protecting Valuables

Similar presentations

Ads by Google