Computer Security Presentation

18,484 views 65 slides Jun 10, 2021
Slide 1
Slide 1 of 65
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57
Slide 58
58
Slide 59
59
Slide 60
60
Slide 61
61
Slide 62
62
Slide 63
63
Slide 64
64
Slide 65
65

About This Presentation

This presentation includes 60+ slides that mainly deals with three Computer Security aspects i.e
1. Security Attacks and Threats
2. Security Services
3. Security Mechanisms
Along with that we've also includes Security Awareness and Security Policies

Size: 16.63 MB
Language: en
Added: Jun 10, 2021
Slides: 65 pages

Slide Content

COMPUTER SECURITY Presentation By: Prarthana Manandhar Praphulla Lal Shrestha

01 Introduction To Computer Security Security Threats and Attacks Security Services 02 03 04 05 06 Security Mechanisms Security Awareness Seurity Policies CONTENTS

Introduction to Computer Security Computer security basically is the protection of computer systems and information from harm, theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system. Computer Security mainly focuses on three factors: Security Attacks Security Services Security Mechanisms

Why is Computer Security Important? Cyber Crime is on the rise Damage is Significant Cyber Security builds trust Our identities protect our data Every organization has vulnerabilities.

QUICK FACTS 95% of Computer S ecurity breaches are due to human error. There is a hacker attack every 39 seconds Share prices fall 7.27% on average after a breach Approximately $6 trillion is expected to be spent globally on cybersecurity by 2021 Unfilled cybersecurity jobs worldwide is already over 4 million

Security threat and security attack Threat is a possible danger that might exploit vulnerability. The actions that cause it to occur are the security attacks. A security attack may be a passive attack or an active attack. The aim of a passive attack is to get information from the system but it does not affect the system resources. Passive attacks are difficult to detect but can be prevented. An active attack tries to alter the system resources or affect its operations. Active attack may modify the data or create a false data. Active attacks are difficult to prevent.

Security Attacks on Users, Computer hardware and Computer Software Attacks on users could be to the identity user and to the privacy of user. Identity attacks result in someone else acting on your behalf by using personal information like password, PIN number in an ATM, credit card number, social security number etc. Attacks on the privacy of user involve tracking of users habits and actions—the website user visits, the buying habit of the user etc. Cookies and spam mails are used for attacking the privacy of users. Attacks on computer hardware could be due to a natural calamity like floods or earthquakes; due to power related problems like power fluctuations, etc or by destructive actions of a burglar. Software attacks harm the data stored in the computer. Software attacks may be due to malicious software, or, due to hacking. Malicious software or malware is a software code included into the system with a purpose to harm the system. Hacking is intruding into another computer or network to perform an illegal act. This chapter will discuss the malicious software and hacking in detail.

Malicious Software Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware. Malware has actually been a threat to individuals and organizations since the early 1970s when the Creeper virus first appeared A wide variety of malware types exist:- Computer Viruses Worms Trojan Horses Ransom ware Java scripts and Java applets Spyware, etc.  

Virus A computer virus is a computer program that, when executed, replicates itself by modifying other computer programs It can attach itself to other healthy programs. It is difficult to trace a virus after it has spread across a network. Viruses can be spread through email and text message attachments, Internet file downloads, and social media scam links.  Computer viruses cause billions of dollars' worth of economic damage each year. If a virus has entered in the system then there might be frequent pop-up windows, Frequent crashes, Unusually slow computer performance, Unknown programs that start up when you turn on your computer, Unusual activities like password changes. Examples of virus:- Melissa, I Love You.

Worms A computer worm is a type of malware that spreads copies of itself from computer to computer without any human interaction. Computer worms could arrive as attachments in spam emails or instant messages (IMs). When computer is infected with worms then it starts to take up free space of your hard drive, programs might crash, your files may be replaced or deleted. A worm is however different from a virus. A worm does not modify a program like a virus. Examples of worms:- Code Red, Nimda

Trojan Horse A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. The term “Trojan” derives from the ancient Greek story about the deceptive Trojan horse which led to the fall of the city of Troy. A Trojan must be executed by its victim to do its work.  Trojan horses contain programs that corrupt the data or damage the files, corrupt software applications. Trojan horse does not replicate themselves like viruses. If your computer is breached by Trojan malware then, computer will start frequent crashing, redirected to unfamiliar websites when browsing online, increase in pop-ups.

Java Scripts, Java applets and ActiveX Controls Java Scripts JavaScript is a dynamic computer programming language, most commonly used as a part of web pages, whose implementations allow client-side script to interact with the user and make dynamic pages. JavaScript is widely used in Netscape, Internet Explorer, and other web browsers. JavaScript also allows website creators to run any code they want when a user visits their website.  Cyber criminals frequently manipulate the code on countless websites to make it perform malicious functions. If we’re browsing a malfunctioned website, the attackers can easily get access to our device.

Java Applets and ActiveX Controls Applets (Java programs), and ActiveX controls are used with Microsoft technology, generally used to provide added functionality such as sound and animation which are inserted in Web page. Anyone who uses the Internet will eventually access websites that contain mobile code. If these programs are designed with a malicious intention, then it can be disastrous for the client machine. Java’s design and security measures are better designed and inherently safer than ActiveX, which provides very few restrictions on the developer.

Hacking Hacking is the activity of identifying weaknesses in a computer system or a network to exploit the security to gain access to personal data or business data. Hackers are the one who are responsible for hacking and are increasingly growing in sophistication, using stealthy attack methods designed to go completely unnoticed by cyber security software and IT teams. Hacking is not always done for malicious purposes, nowadays most references to hacking as unlawful activity by cybercriminals motivated by financial gain, protest, spying, and even just for the “fun” of the challenge. Nowadays, hacking has become a multibillion-dollar industry with extremely sophisticated and successful techniques There are various ways hackers invade our privacy by packet sniffing, email hacking, password cracking.

Packet Sniffing The act of capturing data packet across the computer network is called packet sniffing. It is mostly used by  crackers and hackers  to collect information illegally about network. It is also used by  ISPs, advertisers and governments . Packet sniffing attacks normally go undetected. Ethereal and Zx Sniffer are some freeware packet sniffers. Telnet, FTP, SMTP are some services that are commonly sniffed.

Password Cracking Password cracking is the process of guessing the correct password to an account in an unauthorized way. Password cracking can be done for several reasons, but the most malicious reason is in order to gain unauthorized access to a computer without the computer owner’s awareness. One of the most common types of password attacks is a dictionary attack. The password is generally stored in the system in an encrypted form. Password cracker is an application that tries to obtain a password

Email Hacking Email hacking is the unauthorized access to, or manipulation of an account or email correspondence. Fraudster get our email by tricking us into clicking on a link in an SMS or email. Once they access your account, they read all your correspondence, have access to all your contacts and send emails from your account. Hackers use packet replay to retransmit message packets over a network. Packet replay may cause serious security threats to programs that require authentication sequences.

SECURITY SERVICES The security services provide specific kind of protection to system resources. Security services ensure Confidentiality, Integrity, Authentication, and Non-Repudiation of data or message stored on the computer, or when transmitted over the network. Additionally, it provides assurance for access control and availability of resources to its authorized users.

THE CIA TRIAD Computer security is mainly concerned with these three main areas: Confidentiality is  ensuring that information is available only to the intended audience 2.Integrity is  protecting information from being modified by unauthorized parties 3.Availability is making data and resources requested by authorized users available to them when requested.

CONFIDENTIALITY Typically, this involves ensuring that  only those who are authorized have access to specific assets  and that  those who are unauthorized are actively prevented from obtaining access . Confidentiality can be violated in many ways, for example, through direct attacks designed to gain unauthorized access to systems, applications, and databases in order to steal or tamper with data. A failure to maintain confidentiality means that someone who shouldn’t have access has managed to get access to private information. 01 Some information security basics to keep your data confidential are: Encryption Password Two-factor authentication Biometric verification

INTEGRITY Integrity is about  ensuring that data has not been tampered with and, therefore, can be trusted. It is correct, authentic, and reliable . Ecommerce customers, for example, expect product and pricing information to be accurate, and that quantity, pricing, availability, and other information will not be altered after they place an order.  Ensuring integrity involves protecting data in use, in transit (such as when sending an email or uploading or downloading a file), and when it is stored, whether on a laptop, a portable storage device, in the data center, or in the cloud. Integrity goes hand in hand with the concept of  non-repudiation: the inability to deny something . Non-repudiation assists in ensuring integrity. 02 Some security controls designed to maintain the integrity of information include: Encryption User access controls Version control Backup and recovery procedures Error detection software

AVAILABILITY Simply, availability means that  networks, systems, and applications are up and running . It ensures that  authorized users have timely, reliable access to resources when they are needed. Many things can jeopardize availability, including hardware or software failure, power failure, natural disasters, and human error. Perhaps the most well-known attack that threatens availability is the  D enial-of-service attack In Denial of service attack the performance of a system, website, web-based application, or web-based service is intentionally and maliciously degraded, or the system becomes completely unreachable. To prevent data loss from such occurrences, a backup copy may be stored in a geographically isolated location, perhaps even in a fireproof, waterproof safe. 03 Encryption Password Two-factor authentication Biometric verification

OTHER SECURITY SERVICES Authentication: It is the process of ensuring and confirming the identity of the user before revealing any information to the user. Authentication is facilitated by the use of username and password, smart cards, biometric methods like retina scanning and fingerprints. Non-Repudiation: Basically, to  repudiate  means to deny. Nonrepudiation  is the assurance that someone cannot deny something. Typically,  nonrepudiation  refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.

SECURITY MECHANISMS Security mechanisms  are technical tools and techniques that are used to implement security services. A mechanism might operate by itself, or with others, to provide a particular service. Security mechanisms deal with prevention, detection, and recovery from a security attack.

SECURITY MECHANISMS Intoduction INTRUSION DETECTION SYSTEM Functions Types Username and Password Smart Card Biometrics USER IDENTIFICATION AND AUTHENTICATION Secret Key Cryptography Public Key Cryptography Hash Functions CRYPTOGRAPHY FIREWALL Introduction DIGITAL SIGNATURE Virus Protection Software Data and Information Backups Secure Socket Layer(SSL) IP Security Protocol OTHER MECHANISMS 1. 2. 3. 4. 5. 6.

The prefix “crypt” means “hidden” and suffix “ graphy ” means “writing”. So Cryptography is the science of writing information in “hidden” or “secret” form. Cryptography is necessary when communicating data over any network, particularly the Internet. It protects the data in transit and also the data stored on the disk. CRYPTOGRAPHY

COMMON TERMS USED IN CRYPTOGRAPHY Plaintext Cipher and Code Cipher Text It is the coded message or the encrypted data. Encryption Decryption Cipher is an algorithm for performing encryption or decryption. A cipher converts the original message, called plaintext, into cipher text using a key.  Plaintext is ordinary readable text i.e. unencrypted data Encryption  is the process of converting normal message (plaintext) into meaningless message (Cipher text). Decryption  is the process of converting meaningless message (Cipher text) into its original form (Plaintext). Plain Text Encryption Cipher Text Decryption Plain Text Readable format Non- encrypted data Readable format Non- encrypted data Non- Readable format Encrypted data ALICE BOB HARRY

CRYPTOGRAPHIC KEY A cryptographic key is a string of bits used by a cryptographic algorithm to transform plain text into cipher text or vice versa.  Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it. The size of key is also important. The larger the key, the harder it is to crack a block of encrypted data. The three cryptographic schemes are as follows: Secret Key Cryptography (SKC) Public Key Cryptography (PKC) Hash Functions Shift by 3 Attack Dwwdfn

SECRET KEY CRYPTOGRAPHY Secret - key cryptography  is also called symmetric cryptography because the same key is used to both encrypt and decrypt the data.  In this type of cryptography the same key is used by both parties. The sender uses this key and an encryption algorithm to encrypt data; the receiver uses the same key and the corresponding decryption algorithm to decrypt the data. One of the big issues with secret key cryptography is the logistical dilemma of how to get the key from one party to the other without giving access to the attacker.  Secret key cryptography scheme are generally categorized as Stream Ciphers Block Ciphers.

STREAM CIPHER AND BLOCK CIPHER Stream Cipher Stream ciphers convert one symbol of plaintext directly into a symbol of cipher text. It converts one byte of plain text at a time. Uses 8 bits at a time. It is easier to reverse the encrypted text to plain text. Stream cipher is fast in comparison to block cipher. Block Cipher Block Cipher encrypt a group of plaintext symbols as one block. It converts plaintext block wise at a time. Uses 64 bits or more at a time. It is difficult to reverse the encrypted text to plain text Block cipher is slow as compared to stream cipher.

PUBLIC KEY CRYPTOGRAPHY In public-key cryptography, there are two keys: a private key and a public key. The public key can be shared freely and may be known publicly. The private key is never revealed to anyone and is kept secret. The two keys are mathematically related although knowledge of one key does not allow someone to easily determine the other key. Because a pair of keys is required for encryption and decryption; public-key cryptography is also called asymmetric encryption.

HASH FUNCTIONS Hash functions are one-way encryption algorithms that, in some sense, use no key. The meaning of the verb “to hash” – to chop or scramble something , that means hash functions “ scramble ” data and convert it into a numerical value. No matter how long the input is,  the output value is always of the same length . Hash functions are generally used to ensure that the file has not been altered by an intruder or virus.

34 A Video will explain this much clearly

DIGITAL SIGNATURE Bring the attention of your audience over a key concept using icons or illustrations 35 In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message. Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party. Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer. Digital signatures are easy for a user to produce, but difficult for anyone else to forge. Digital signature scheme is a type of asymmetric cryptography. Digital signatures use the public- key cryptography, which employs two keys—private key and public key.

36 How do Digital Signatures Work? ALICE BOB

37 How do Digital Signatures Work? Contd… Each person adopting this scheme has a public-private key pair. Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key. Signer feeds data to the hash function and generates hash of data. Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier. Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output. Verifier also runs same hash function on received data to generate hash value. For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid. Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future.

38 Importance of Digital Signature Contd… Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security. Some importance of Digital Security can be listed as follows: Message authentication  − When the verifier validates the digital signature using public key of a sender, he is assured that signature has been created only by sender who possess the corresponding secret private key and no one else. Data Integrity  − In case an attacker has access to the data and modifies it, the digital signature verification at receiver end fails. The hash of modified data and the output provided by the verification algorithm will not match. Hence, receiver can safely deny the message assuming that data integrity has been breached. Non-repudiation  − Since it is assumed that only the signer has the knowledge of the signature key, he can only create unique signature on a given data. Thus the receiver can present data and the digital signature to a third party as evidence if any dispute arises in the future.

39 A Video will explain this much clearly

A firewall is a network security mechanism that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules. Its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers. A firewall can be a hardware component, a software component, or a combination of both. FIREWALL

Functions of Firewall As a Network Security Post. All traffic that enters or exits the network must go through a firewall as a security post that will conduct an inspection. It prevents valuable information from being leaked without knowing. In this case, a firewall is useful to prevent users on the network from sending valuable confidential files to other parties. Firewalls can be used for hiding the structure and contents of a local network from external users. It prevents modification of other Party Data. For example in business matters for financial statement information, product specifications, and others that are company secrets and will have a negative impact if known to other parties. Firewall prevents modification of these data so that they remain safe.

How Firewall Works Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. From the perspective of a server, network traffic can be either outgoing or incoming. Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the server itself, allowed to pass. Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these three major Transport Layer protocols- TCP(Transmission Control Protocol) UDP(User Datagram Protocol) or ICMP(Internet Control Message Protocol). All these types have a source address and destination address. Also, TCP and UDP have port numbers. ICMP uses  type code  instead of port number which identifies purpose of that packet.

02 03 01 Types of Firewall Packet Filter Firewall (First Generation) Circuit Filter Firewall (Second Generation) Application- Level Gateway (Third Generation)

Packet Filter Firewall Packet filtering firewall is used to control network access by monitoring outgoing and incoming packet and allowing them to pass or stop based on source and destination IP address, protocols and ports. The IP packet header is checked for the source and the destination IP addresses and the port combinations. Packet firewalls treat each packet in isolation. They have no ability to tell whether a packet is part of an existing stream of traffic. Only It can allow or deny the packets based on unique packet headers. Packet filtering is fast, easy to use, simple and cost effective. A majority of routers in the market provide packet filtering capability. It is used in small and medium businesses. 01

Packet Filter Firewall 01 Contd … Packet filtering firewall maintains a filtering table which decides whether the packet will be forwarded or discarded. From the given filtering table, the packets will be Filtered according to following rules: Incoming packets from network 192.168.21.0 are blocked. Incoming packets destined for internal TELNET server (port 23) are blocked. Incoming packets destined for host 192.168.21.3 are blocked. All well-known services to the network 192.168.21.0 are allowed.

Circuit Filter Firewall 02 Where packet filter firewall examines the packet headers, circuit filter firewalls examine a variety of elements of each data packet and compare them to a database of trusted information. So the filtering decisions would not only be based on defined rules, but also on packet’s history in the state table. These elements include source and destination IP addresses, ports, and applications. Incoming data packets are required to sufficiently match the trusted information in order to be allowed through the firewall. Since this firewall does a lot of inspection it is also known as a “stateful inspection” firewall. TCP Request TCP Request TCP Response TCP Response

Application- Level Gateway 03 Application- Level Gateway is also called Proxy Server. A  proxy server is a type of gateway that hides the true network address of the computer(s) connecting through it. A proxy server creates a virtual connection between the source and the destination hosts. The client must send a request to the firewall, where it is then evaluated against a set of security rules and then permitted or blocked. Most notably, proxy firewalls monitor traffic for layer 7 protocols such as HTTP and FTP, and use both stateful and deep packet inspection to detect malicious traffic. Application level gateways or proxy server tend to be more secure than packet filters but . They work more slowly than other types of firewalls

BASIC SLIDES Elementary Layouts Users Identification and Authentication Identification  is the ability to identify uniquely a user of a system or an application that is running in the system.  Authentication  is the ability to prove that a user or application is genuinely who that person or what that application claims to be. For example, consider a user who logs on to a system by entering a user ID and password. The system uses the user ID to identify the user. The system authenticates the user at the time of logon by checking that the supplied password is correct. We will briefly discuss the following 3 authentication mechanisms: User name and password Smart Card Biometrics—Fingerprints, Iris/retina scan

PICTURES PLACEHOLDERS Username and Passwords The combination of username and password is the most common method of user identification and authentication. The systems that use password authentication first require the user to have a username and a password. Next time, when the user uses the system, user enters their username and password. The system checks the username and password by comparing it to the stored password for that username. If it matches, the user is authenticated and is granted access to the system

CLOSURE SLIDES Ways to Make Passwords Safe The problem with password is that, for them to be effective, they need to be an uncommon word, of eight letters or more and not used anywhere else. According to Microsoft’s TechNet, for a password to be effective, it needs to meet the following criteria: Changed every 60 days At least eight characters long Use both upper and lower case characters Contain a combination of alphanumeric characters and symbols Unique (only used for this particular profile/website) Stored using a reversible encryption. According to CERT, approximately 80% of all network security issues are caused by bad passwords. Any invalid user if gets to know of a valid password can get access to the system and a simple password can be easily cracked.

A smart card is a physical card that has an  embedded  integrated chip that acts as a security token. Smart cards are typically the same size as a driver's license or credit card and can be made out of metal or plastic. Smart cards are used for a variety of applications, though most commonly are used for credit cards and other payment cards. Smart cards are used in secure identity applications like employee-ID badges, citizen-ID documents, electronic passports, driver license and online authentication devices. SMART CARD

Smart card microprocessors or memory chips exchange data with card readers and other systems over a serial interface. The smart card itself is powered by an external source, usually the smart card reader. A smart card communicates with readers either via direct physical contact or using a short-range wireless connectivity standard such as RFID or NFC. The card reader then passes data from the smart card to its intended destination, usually a payment or authentication system connected to the smart card reader over a network connection. How Smart Cards Work?

Biometrics is the science and technology of measuring and statistically analyzing biological data. Biometric devices are for “authentication and verification” of an individual with the help of the unique, measurable and biological trait of that individual.  Three Types of Biometrics Security We can mostly label biometrics into three groups: Biological biometrics (use traits at a genetic and molecular level which may include features like DNA or your blood) Morphological biometrics ( involve the structure of your body. More physical traits like your eye, fingerprint, or the shape of your face) Behavioral biometrics (based on patterns unique to each person. How you walk, speak, or even type on a keyboard ) Biometric Techniques

Facial Recognition Voice Recognition Fingerprint Scanning Iris Rcognition

Intrusion Detection System 55 Intrusion basically refers to any unauthorized activity. An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching. Any malicious activity or violation is typically reported or collected centrally using a security information and event management system.

Detection Method of IDS 56 Signature-based Method: Signature-based IDS detects the attacks on the basis of the specific patterns such as number of bytes or number of 1’s or number of 0’s in the network traffic. It also detects on the basis of the already known malicious instruction sequence that is used by the malware. The detected patterns in the IDS are known as signatures. Signature-based IDS can easily detect the attacks whose pattern (signature) already exists in system but it is quite difficult to detect the new malware attacks as their pattern (signature) is not known.

Detection Method of IDS 57 2. Anomaly-based Method: Anomaly-based IDS was introduced to detect the unknown malware attacks as new malware are developed rapidly. In anomaly-based IDS there is use of machine learning to create a trustful activity model and anything coming is compared with that model and it is declared suspicious if it is not found in model. Machine learning based method has a better generalized property in comparison to signature-based IDS as these models can be trained according to the applications and hardware configurations.

The aim of security awareness is to enhance security of the organization’s resources by improving the awareness of the need to secure system resources Security awareness teaches users to spot phishing, avoid risks online, and use good cyber-hygiene practices at work and at home. In order to make the users and people in an organization aware of the security practices to be followed, frequent training programs should be conducted in organizations. SECURITY AWARENESS

Security Policies A security policy is a written document in an organization outlining how to protect the organization from threats, including computer security threats, and how to handle situations when they do occur. To be practical and implementable, policies must be defined by standards, guidelines, and procedures. The security policy states what is, and what is not allowed. A security policy must be comprehensive, up-to-date, complete, delivered effectively, and available to all staff. Generally, security policies are included within a security plan. A security plan details how the rules put forward by the security policy will be implemented The security policy also includes physical security of the computers.

Formulation of Security Policies Security policies are defined based on an organization’s needs. A security policy includes approaches and techniques that an organization is going to apply or include in order to secure its resources. The steps followed while formulating the security policy are: Analyzing Current Security Policies: The vulnerabilities and the current security policies must be analyzed by the security administrators before defining an effective security policy. The security administrator is required to study the existing documents containing details of the physical security policies, network security policies, data security policies, disaster recovery plans, and contingency plans.

Identifying IT Assets that Need to be Secure The security administrator must identify the IT resources of an organization that need to be secure. It may include the following: Physical resources like computers, servers like database servers and web servers, local networks that are used to share the local computer with the remote computer, private networks shared by two or more organizations, corporate network permanently connected to the Internet, laptop, manuals, backup media, communication equipment, network cables, and CDs. Information resources like password, data, or applications. The data of an organization can be classified for security purposes based upon the sensitivity and the integrity of data. For example, public information, internal information, confidential information, and secret information.

Ide ntifying Security Threats and Likely Security Attacks After identifying the IT assets and classifying them, a security administrator must identify the various security threats to the assets. For example, in a bank the security threat to the database storing the account details of the customers may be: Unauthorized access to information Attacks of viruses Worms and Trojan horses Natural disasters like earthquake, fire etc.

Defining the Proactive and Reactive Security Strategies A proactive strategy is a pre-attack strategy. It involves identifying possible damage from each type of attack, determining the vulnerabilities that each type of attack can exploit, minimizing those vulnerabilities and making a contingency plan. A contingency plan specifies the actions to be taken in case an attack penetrates into a system and damages the IT assets of the organization. A contingency plan aims at keeping the computer functional and ensuring the availability, integrity, and confidentiality of data. However, it is not possible for the security administrator to prepare a computer against all attacks. A reactive strategy is implemented on the failure of the proactive strategy. It defines the steps to be taken after the attack. It aims at identifying the cause of attack, vulnerabilities used to attack the system, damage caused by the attack, and repairing of the damage caused by the attack.

Computer Fundamentals, Anita Goel, Pearson Education India Introduction to Computers, Peter Norton, Confidentiality, Integrity, & Availability: Basics of Information Security | Smart Eye Technology What Is The CIA Triad? (f5.com) Cryptography Digital signatures - Tutorialspoint https://www.edureka.co/blog/what-is-computer-security/ https://en.wikipedia.org/wiki/Malware https://www.guru99.com/what-is-hacking-an-introduction.html https://www.geeksforgeeks.org/what-is-packet-sniffing/ https://www.techopedia.com/definition/4044/password-cracking References

Thank You! Do you have any questions? Feel free to ask! Photo credit : PeterArreola via Pixabay (Creative Commons Zero license )
Tags
computer security computer cyber security cryptography
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 18,484
  • Slides 65
  • Favorites 6
  • Age 1635 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category