Presentation is loading. Please wait.

Presentation is loading. Please wait.

Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.

Published byRosalind Randall Modified over 9 years ago

Similar presentations

Presentation on theme: "Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to."— Presentation transcript:

1 Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to compensate, partially or fully, for vulnerabilities someone who intentionally attempts to violate security

2 More Definitions an attack has succeeded (causes the security system to fail) an attempt to exploit vulnerabilities potential for a breach probability of a breach in conjunction with the cost of the resultant damage the method, medium mode of delivery for an attack

3 Security Crash Course

4 Authentication Authentication is a process for verifying identity (and possibly ownership). authentication factors To authenticate requires something more than the object being authenticated. 2-factor authentication Authentication is often followed by ______________.

5 Complexity yet another hacker advantage Complexity yet another hacker advantage __________________ are ever more complex.

6 Common Threats/Attacks What are they? virus/worm spoofing shoulder surfing packet sniffing denial of service (DoS) malware replay

7 What are they? logic bomb cracking (password or encryption) social engineering session hijacking spyware & keyloging bot / DDoS backdoor physical theft or vandalism More Threats/Attacks

8 The Goals of Mitigation

9 Threat Mitigation Methods Physical authentication device (locks, card readers, biometric scanners, etc.) surveillance system

10 Threat Mitigation Methods Network firewall security protocol intrusion detection system (IDS) honeypot

11 Threat Mitigation Methods Software firewall encryption (including digital signature) intrusion detection system (IDS) authorization system anti-virus software backup system audit/logging SPAM filter software upgrade/patch

Download ppt "Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to."

Similar presentations

1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
CHAPTER OVERVIEW SECTION 4.1 – Ethics

CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
22 November 2010. Security and Privacy  Security: the protection of data, networks and computing power  Privacy: complying with a person's desires when.

22 November Security and Privacy  Security: the protection of data, networks and computing power  Privacy: complying with a person's desires when.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved ETHICS SECTION 4.1.
4-1 Chapter Four Overview SECTION 4.1 - ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.

4-1 Chapter Four Overview SECTION ETHICS –Ethics –Information Ethics –Developing Information Management Policies –Ethics in the Workplace SECTION.
E-Commerce Security and Fraud Issues and Protections

E-Commerce Security and Fraud Issues and Protections
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.

CSUN Information Systems IS312 Information Systems for Business Lecture 9 Ethic & Information Security.
CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS

CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

Similar presentations

Ads by Google