Information Security Lecture One for Basic

hassankhan978073 51 views 24 slides Oct 18, 2024
Slide 1
Slide 1 of 24
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24

About This Presentation

Basic of Information Security

Size: 458.52 KB
Language: en
Added: Oct 18, 2024
Slides: 24 pages

Slide Content

Information Security Lecture #1 Hassan Khan

Information Security Information security is a set of practices designed to carry private data secure from unauthorized access and alteration for the duration of storing or transmitting from one location to another. Information security is designed and carried out to protect the print, digital, and other private, sensitive, and private data from unauthorized persons. It can be used to secure data from being misused, acknowledgment, destruction, alteration, and disruption.

S ervices of information security There are various services of information security which are as follows − Message Confidentiality  − Message confidentiality or privacy defines that the sender and the receiver expect confidentiality. The transmitted message should make sense to only the predetermined receiver. When a user connects with the bank, they predict that the communication is completely confidential. Message Integrity  − Message integrity defines that the data should appear at the receiver accurately as they were sent. There should be no changes for the duration of the transmission, neither by chance nor maliciously. As increasingly monetary exchanges appear over the web, integrity is crucial. Message Authentication  − Message authentication is a service that furthers message integrity. In message authentication the receiver is required to be certain of the sender's identity and that an imposter has not sent the message. Message Nonrepudiation  − Message nonrepudiation defines that a sender should not be able to deny sending a message that they send. The burden of data falls on the receiver. Entity Authentication  − In entity authentication, the entity or user is documented previous to access to the system resources. For instance, a student who is required to access the university resources is required to be authenticated during the logging phase. This is to assure the interests of the university and the student.

Is information system security the same as cyber security? Information security protects a variety of types of information. This includes digital data, physical records, and intellectual property (IP). Cyber security is a subfield of information security that protects computer systems and networks from cyber attacks

Models for discussing security issues When we discuss security issues, it is often helpful to have a model that we can use as a foundation or a baseline. This gives us a consistent set of terminology and concepts that we, as security professionals, can refer to when security issues arise.

Three pillars of information security: the CIA triad Confidentiality Privacy is a major component of InfoSec, and organizations should enact measures that allow only authorized users access to information. Data encryption, multi-factor authentication, and data loss prevention are some of the tools enterprises can employ to help ensure data confidentiality. Integrity Enterprises must maintain data’s integrity across its entire lifecycle. Enterprises with strong InfoSec will recognize the importance of accurate, reliable data, and permit no unauthorized user to access, alter, or otherwise interfere with it. Tools like file permissions, identity management, and user access controls help ensure data integrity. Availability InfoSec involves consistently maintaining physical hardware and regularly completing system upgrades to guarantee that authorized users have dependable, consistent access to data as they need it.

Parkerian Hexad The Parkerian hexad is a set of six elements of information security proposed by Donn B. Parker in 1998. The Parkerian hexad adds three additional attributes to the three classic security attributes of the CIA triad (confidentiality, integrity, availability). Confidentiality Possession or Control Integrity Authenticity Availability Utility These attributes of information are atomic in that they are not broken down into further constituents; they are non-overlapping in that they refer to unique aspects of information. Any information security breach can be described as affecting one or more of these fundamental attributes of information.

Attacks We may face attacks from a wide variety of approaches and angles. When we look at what exactly makes up an attack, we can break it down according to the type of attack that it represents, the risk the attack represents, and the controls we might use to mitigate it

Types of Attacks

Interception Interception attacks allow unauthorized users to access our data, applications, or environments, and are primarily an attack against confidentiality. Interception might take the form of unauthorized file viewing or copying, eavesdropping on phone conversations, or reading e-mail, and can be conducted against data at rest or in motion. Properly executed, interception attacks can be very difficult to detect.

Interruption Interruption attacks cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis. Interruption attacks often affect availability but can be an attack on integrity as well. In the case of a DoS attack on a mail server, we would classify this as an availability attack. In the case of an attacker manipulating the processes on which a database runs in order to prevent access to the data it contains, we might consider this an integrity attack, due to the possible loss or corruption of data, or we might consider it a combination of the two. We might also consider such a database attack to be a modification attack rather than an interruption attack.

Modification Modification attacks involve tampering with our asset. Such attacks might primarily be considered an integrity attack but could also represent an availability attack. If we access a file in an unauthorized manner and alter the data it contains, we have affected the integrity of the data contained in the file. However, if we consider the case where the file in question is a configuration file that manages how a particular service behaves, perhaps one that is acting as a Web server, we might affect the availability of that service by changing the contents of the file. If we continue with this concept and say the configuration we altered in the file for our Web server is one that alters how the server deals with encrypted connections, we could even make this a confidentiality attack.

Fabrication An unauthorized party inserts counterfeit objects into the system. This is an attack on the authenticity. Examples include the insertion of fake messages in a network or the addition of records to a file.

How Do Threats, Vulnerabilities, and Risk Differ?

Threats A threat refers to any potential danger or harmful event that can exploit a vulnerability and cause harm to a system, organization, or individual. Threats can be intentional or unintentional in nature. Intentional threats are deliberate actions or attacks carried out by threat actors with malicious intent. These can include cyberattacks , such as malware infections, malicious code or SQL injection attacks, ransomware , phishing attempts, and distributed denial-of-service ( DDoS ) attacks. On the other hand, unintentional threats originate from human error or accidental actions that can lead to security breaches. These threats include accidental disclosure of sensitive information or falling victim to social engineering tactics.

Vulnerabilities A vulnerability is a weakness or flaw in an operating system, network, or application. A threat actor tries to exploit vulnerabilities to gain unauthorized access to data or systems. Security vulnerabilities can arise for many reasons, including misconfigurations, design flaws, or outdated software versions. Common vulnerabilities include software vulnerabilities (that is, bad code), easily guessable passwords, unpatched systems, lack of encryption, insecure network configurations, and human error such as falling for phishing scams or sharing sensitive information unintentionally.

Risk Risk is the likelihood of a threat exploiting a vulnerability and causing harm. It represents the potential loss or damage associated with a specific threat. Cyber risk encompasses the potential financial, operational, legal, or reputational consequences of a successful cyberattack or data breach. Risks can vary depending on the specific threat landscape, the value of the assets at risk, and the effectiveness of existing security controls. Organizations employ risk management processes and methodologies to identify, evaluate, and prioritize security risks. Risk assessment is the systematic identification of potential cybersecurity threats, vulnerabilities and their associated impacts; and risk assessment is one of the most important parts of risk management. Risk assessment helps organizations to understand their security posture, prioritize resources, and make informed decisions regarding risk mitigation.

Control

Security controls Security controls are not chosen or implemented arbitrarily. They typically flow out of an organization’s risk management process, which begins with defining the overall IT security strategy, then goals. This is followed by defining specific control objectives—statements about how the organization plans to effectively manage risk. For example, “Our controls provide reasonable assurance that physical and logical access to databases and data records is restricted to authorized users” is a control objective.

Physical controls Physical controls describe anything tangible that’s used to prevent or detect unauthorized access to physical areas, systems, or assets. This includes things like fences, gates, guards, security badges and access cards, biometric access controls, security lighting, CCTVs, surveillance cameras, motion sensors, fire suppression, as well as environmental controls like HVAC and humidity controls.

Technical controls Technical controls (also known as logical controls) include hardware or software mechanisms used to protect assets. Some common examples are authentication solutions, firewalls, antivirus software, intrusion detection systems (IDSs), intrusion protection systems (IPSs), constrained interfaces, as well as access control lists (ACLs) and encryption measures.

Administrative controls Administrative controls refer to policies, procedures, or guidelines that define personnel or business practices in accordance with the organization's security goals. These can apply to employee hiring and termination, equipment and Internet usage, physical access to facilities, separation of duties, data classification, and auditing. Security awareness training for employees also falls under the umbrella of administrative controls.
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 51
  • Slides 24
  • Age 409 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category