Lecturesocial media ppt social media ppt social media ppt 5.pptx

1230200206 10 views 27 slides Mar 04, 2025
Slide 1
Slide 1 of 27
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27

About This Presentation

social media ppt

Size: 9.93 MB
Language: en
Added: Mar 04, 2025
Slides: 27 pages

Slide Content

Operating System & Data Base Security

Contents What is OS? OS Security Common OS Threats Security Methods of OS Database Security Database Security Threats Evolving IT environment Security Planning Approaches

What is Operating System (OS)? An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Any vulnerability in the operating system could compromise the security of the application. By securing the operating system, you make the environment stable, control access to resources, and control external access to the environment. Microsoft Windows OS Mac OS Unix OS Linux Operating System

Operating System (OS) Security Operating system security (OS security) is the process of ensuring OS C onfidentiality, I ntegrity, and A vailability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised.

What are Common OS Security Threats? Most common threat vectors that can affect an operating system are as follow; Malware Denial of Service Attacks Network Intrusion Buffer Overflow

Malware Malware is short for malicious software, which encompasses a range of attack vectors such as viruses, worms, trojans, and rootkits. Malware is injected into a system without the owner’s consent, or by masquerading as legitimate software, with the objective of stealing, destroying or corrupting data, or compromising the device.

Denial of Service Attacks A Denial of Service (DoS) attack is intended to clog a system with fake requests so it becomes overloaded, and eventually stops serving legitimate requests. Some DoS attacks, in addition to overwhelming a system’s resources, can cause damage to the underlying infrastructure.

Network Intrusion Network intrusion occurs when an individual gains access to a system for improper use. There are several types of network intrusion depending on the type of intruder: Careless insiders: Authorized users who neglect to follow security policies or best practices, causing exposure of sensitive assets. Malicious insiders: Authorized users who misuse their privileges for malicious need. Masqueraders: External individuals who pose as legitimate users, exploiting the account or credentials of an authorized user to gain access to the system. Clandestine users: Attackers who penetrate the system by gaining supervisory control and going around access controls.

Buffer Overflow The main function of a buffer is to temporarily store data. Each buffer has a capacity of data it can hold. During a buffer overflow attack, the buffer or other temporary data stores are overflowing with data. When the buffer overflows, the program attempting to write the data may overwrite other memory locations containing important information. Buffer Overflow is most commonly found in languages ​​such as C and C ++ , where there is the need for prior definition of the memory size of the buffer to be used.

Security Methods of Operating System Except memory protection, Access Control and logging approaches, the basics of protection is separation ; keeping one’s user object separate from the others. Physical Separation: Physical separation provides, perhaps, the most security, however is not practical for modern applications. Temporal Separation: Process having different security requirements are executed at different time.

But separation is only half of the answer, although we want to separate users and their objects, at the same time we want to be able to provide sharing for some of those objects. Logical Separation: Each process can have its own sandbox. Sandboxing prevents code executing from doing something harmful. Access to resources outside the sandbox is strictly limited. Cryptographic separation: It lets pages in the memory being encrypted by cryptographic keys. Although other processors may be able to read this information, they may not be able to decrypt the information without the key. Security Method of Operating System… An object is an instance of a class, which provides a certain set of functionalities. Two objects can be differentiated based on the functionalities (or methods) they support. In an operating system context, objects are associated with a resource.

Beside separation, OS may offer protection at any of the several levels; No Protection: These systems are appropriate when sensitive procedure are being run at separate time. Isolation: Different processes running concurrently are unaware of the presence of each other. Each process has its own address space, files, and other objects. Share all or Share nothing: With this form of protection the owner of an object declares it to be public (available to all users) or private (available only to its owner). Security Method of Operating System…

Share via access limitation: OS checks the allowability of each potential access. Access control is implemented for a specific user and a specific object, the OS act as a guard between user and objects ensuring that only authorized accesses occur. Share by capability: An extension of limited access sharing, where it allows dynamic creation of sharing rights for objects. The degree of sharing can depend on the owner or on the object itself. Limit use of and object: It limit not just the access to an object but the use of that object after it has been accessed. For example a user may have the right to view a sensitive documents but not allow to print a copy of it. Security Method of Operating System…

Database Security Database security includes a variety of measures used to secure database management systems from malicious cyber-attacks and illegitimate use. Database security programs are designed to protect not only the data within the database, but also the data management system itself, and every application that accesses it, from misuse, damage, and intrusion. Database security encompasses tools, processes, and methodologies which establish security inside a database environment.

Database Security Threats Many software vulnerabilities, misconfigurations, or patterns of misuse or carelessness could result in breaches. Here are a number of the most known causes and types of database security cyber threats. Insider Threats; An  insider threat  is a security risk from one of the following three sources, each of which has privileged means of entry to the database: A malicious insider with ill-intent A negligent person within the organization who exposes the database to attack through careless actions An outsider who obtains credentials through  social engineering  or other methods, or gains access to the database’s credentials An insider threat is one of the most typical causes of database security breaches and it often occurs because a lot of employees have been granted privileged user access.

Database Security Threats… Human Error; Weak passwords, password sharing, accidental erasure or corruption of data, and other undesirable user behaviors are still the cause of almost half of data breaches reported. Attackers constantly attempt to isolate and target vulnerabilities in software, and database management software is a highly valuable target. New vulnerabilities are discovered daily, and all open source database management platforms and commercial database software vendors issue security patches regularly. However, if you don’t use these patches quickly, your database might be exposed to attack. Even if you do apply patches on time, there is always the risk of  zero-day attacks . A ttackers discover a vulnerability, but it has not yet been discovered and patched by the database vendor.

Database Security Threats… Buffer Overflow Attacks: Buffer overflow takes place when a process tries to write a large amount of data to a fixed-length block of memory, more than it is permitted to hold. Attackers might use the excess data, kept in adjacent memory addresses, as the starting point from which to launch attacks. Denial of Service (DoS/DDoS) Attacks: In a denial of service (DoS) attack, the cybercriminal overwhelms the target service in this instance the database server using a large amount of fake requests. The result is that the server cannot carry out genuine requests from actual users, and often crashes or becomes unstable. Malware: Malicious software

An Evolving IT Environment The evolving IT environment is making databases more vulnerable to threats. Here are trends that can lead to new types of attacks on databases, or may require new defensive measures: Growing data volumes storage, data capture, and processing is growing exponentially across almost all organizations. Any data security practices or tools must be highly scalable to address distant and near-future requirements. Distributed infrastructure network environments are increasing in complexity, especially as businesses transfer workloads to hybrid cloud or multi-cloud architectures, making the deployment, management, and choice of security solutions more difficult. Global shortage of skilled cybersecurity professionals, and organizations are finding it difficult to fill security roles. This can make it more difficult to defend critical infrastructure, including databases.

How to Secure Your Database Server? A database server is a physical or virtual machine running the database. Securing a database server, also known as “hardening”, is a process that includes physical security, network security, and secure operating system configuration.

Planning for Security Security planning considers how security risk management practices are designed, implemented, monitored, reviewed and continually improved. Entities must develop a security plan that sets out how they will manage their security risks and how security aligns with their priorities and objectives. Provides direction for the organization’s future. Allows managing resources. Optimizes the use of the resources. Coordinates the effort of independent organizational units.

Security planning approach A security plan specifies the approach, responsibilities and resources applied to managing protective security risks. The security plan allows entities to review the degree of security risk that exists in different areas of operations and take action to mitigate identified risks. A security risk management process manages risks across all areas of security (governance, information, personnel and physical) to determine sources of threat that could affect government or entity business. Security risk management includes: Security risk assessments , which are structured and comprehensive processes to identify, analyze and evaluate security risks and determine practical steps to minimize the risks Security risk treatments , which are the considered, coordinated and efficient actions and resources required to mitigate or lessen the likelihood or negative consequences of risks.

Security planning

Planning for Data Security Implementation of information/data security can be accomplished in two ways Bottom-up Top-down

Bottom-Up Approach The bottom-up approach places the responsibility of successful information security on a single staff member or security department, such as a network security professional, cyber engineer, or other expert who doesn't hold a top-level management position. Grass-roots effort Individual administrators try to improve security No coordinated planning from upper management No coordination between departments Unpredictable funding

Top-Down Approach In the top-down approach to management, a team or project manager makes decisions, which then filter down through a hierarchical structure. Strong upper management support A dedicated defender Guaranteed funding Clear planning and implementation process

C hief executive officer Chief financial officer Chief operating officer Chief information officer

Thank You
Tags
social media ppt business social media forecast facebook marketing quarterly ppy
Categories
Marketing Business Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 10
  • Slides 27
  • Age 272 days
Related Slideshows
The Ins and Outs of Sports Sponsorship: What Characterizes the Best Deals and Activations 83
The Ins and Outs of Sports Sponsorship: What Characterizes the Best Deals and Activations
NeilHorowitz
35 views
Commerce at the Limit - Marketecture - October 2025_v5.pptx 50
Commerce at the Limit - Marketecture - October 2025_v5.pptx
EricSeufert
369 views
Marketing Environment and navigating changes 13
Marketing Environment and navigating changes
neetinaag
29 views
FAMILY_PLANNING_METHODS available for women 34
FAMILY_PLANNING_METHODS available for women
Isaiah47
26 views
himani .8.pptx this is about marketing presentation that how marketing control works 8
himani .8.pptx this is about marketing presentation that how marketing control works
sakshi287109
28 views
GAT NEW.pptxfgjjkkkbhhhjjjjiiiuuuuuu8uy4rr 54
GAT NEW.pptxfgjjkkkbhhhjjjjiiiuuuuuu8uy4rr
SirajudinAkmel1
25 views
View More in This Category