際際滷

際際滷Share a Scribd company logo

IA 124 Lecture 01 2022 -23-1.pdf hahahah

F
flyinimohamed

The document provides an overview of key concepts in information security. It discusses security concepts like vulnerabilities, threats, and controls. It also covers specialized security areas like physical security, personal security, and network security. The goals of information security are defined as confidentiality, integrity, and availability. Common security threats include human errors, harmful acts like interruption, interception, modification and fabrication. The importance of computer and network security is to protect organizations from attackers and ensure the CIA triad.

1 of 38
Download to read offline
1
IA 124: INTRODUCTION TO IT SECURITY LECTURE 01 SECURITY CONCEPTS 1 3/24/2023
2
INTRODUCTION What is a Security? 2 What do you think?
Most read
3
WHAT IS SECURITY? Security: A state of well-being of information and infrastructure in which the possibility of theft, tempering, and disruption of information and services is kept low or tolerable. Security is the quality or state of being secure--to be free from danger. 3 3/24/2023
4
Specialized Areas of Security 3/24/2023 4 Physical security: Protect the physical items, objects, or areas of an organization from unauthorized access and misuse. Personal security: Protect the individual or group of individuals who are authorized to access the organization and its operations. Communications security: Protect an organizations communications media, technology, and content.
5
Specialized Areas of Security 3/24/2023 5 Network Security: Protect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness. Data security: Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.
6
Computer Security 3/24/2023 6 .Protection of computers hardware, software, data, information and other related computer devices, from theft, corruption, or natural disaster destruction.. Computer security is concern with protecting a computer systems information assets, as well as the computer systems themselves. Asset = item of value Assets include: Hardware, Software, Data
7
The Vulnerability Threat Control Paradigm A major goal of information security as a discipline and as a profession is to protect valuable assets To study methods of asset protection, we use vulnerability threat control framework: Vulnerability Is a weakness in an information system or its components that might be exploited to compromise the security of the system. Attack is the deliberate act that exploits vulnerability. Is the actual attempt to violate security. Threat A set of circumstances or events that has the potential to course loss or harm an information system by destroying it, disclosing the information stored on the system, adversely modifying data, or making the system unavailable. Control An action, device, procedure, or technique that eliminates or reduces a vulnerability Also called a countermeasure 3/24/2023 7
Most read
8
The Vulnerability Threat Control Paradigm A threat is blocked by control of a vulnerability. 3/24/2023 8 Example: The finger of the man can control a water leak.
9
Security VULNERABILITIES 3/24/2023 9 1. Poor system management: If managers at all levels don't make security, their number one priority, then the threats to an information system is easily to become real. 2. Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker to have the tools or knowledge to exploit the weakness. 3. Poor System Design: If the System Analyst did not consider the security aspect, during system design process then creates a loop hole for an attacker to damage a system. WHY Information systems are vulnerable?
10
Security VULNERABILITIES 3/24/2023 10 3. Poor Password management: The computer users stores the password on the computer or open place where an attacker can access it. 5. Unchecked user input: The programmers assumes that all user input is safe, but there programs that do not check user input which allow unintended direct execution of commands. 6. Default configuration: of the OS and Network Operating System (NOS), network devices firewalls and encryption weaknesses. WHY Information systems are vulnerable?
11
Threats and C-I-A Threats can apply to the confidentiality, integrity, or availability (C-I-A) of a system Confidentiality: Assurance that the information is accessible only to those authorized to have access. Integrity: The trustworthiness of data of resources in terms of preventing improper and unauthorized changes. Availability: Assurance that the systems are accessible when required by the authorized users. 3/24/2023 11 C-I-A = The security Triad C-I-A = The Goals/Objectives of Information Security
12
SECURITY GOALS 3/24/2023 12 CONFIDENTIALITY AVAILABILITY INTEGRITY
13
CIATriad 3/24/2023 13
14
Additional Pillars of Information Security Aside from C-I-A, authentication, nonreputiation, and auditability are also desirable system properties Authentication: The ability of a system to confirm the identity of a sender. Nonrepudiation: The ability of a system to confirm that a sender cannot convincingly deny having sent a message. Auditability: The ability of a system to trace all actions related to a given asset. Determine who did what and when in order to ensure that responsible parties are held account. 3/24/2023 14
15
Threats to Information Systems 3/24/2023 15
16
Threats to Information Systems 3/24/2023 16
17
Threats to Information Systems 3/24/2023 17 Includes acts done without malicious intent Caused by: Inexperience Improper training Incorrect assumptions Other circumstances Employees are greatest threats to information security They are closest to the organizational data Example: Acts of Human Error or Failure
18
Threats to Information Systems 3/24/2023 18 Employee mistakes can easily lead to the following: Revelation of classified data Entry of erroneous data Accidental deletion or modification of data Storage of data in unprotected areas Failure to protect information Example: Acts of Human Error or Failure Many of these threats can be prevented with controls Control: Is an action, procedure or technique that removes or reduces the vulnerabilities.
19
3/24/2023 19
20
Harmful Acts Harm to information systems can be affected on four different ways 1. Interruption: This is an attack on availability 2. Interception: This is an attack on confidentiality 3. Modification: This is an attack on integrity 4. Fabrication: This is an attack on authenticity 20
21
21 Information source Information destination Normal Flow
22
Interruption Interruption: This is an attack on availability Approach: Destruction of hardware, physical damages to communication links, Disrupting traffic (introduction to noise), erase of a program or a file, DoS attacks. 22 Information source Information destination
Most read
23
Interception Interception: This is an attack on confidentiality Approach: Eavesdropping over a communication line, Link monitoring, packet capturing, system compromisation. 23 Information source Information destination
24
Modification Modification: This is an attack on integrity Approach: Corrupting transmitted data or tampering with it before it reaches its destination. E.g. Changing a record in database. 24 Information source Information destination
25
Fabrication Fabrication: This is an attack on authenticity Approach: Faking data as if it were created by a legitimate and authentic party. E.g. Adding a new record to a database, insertion of new network packet. 25 Information source Information destination
26
Types of attackers Amateurs Opportunistic attackers Use a password that he or she found Script kiddies Hackers: Non-malicious Crackers: Malicious Career criminals Organized crime syndicates Cyber terrorists State-supported spies and information warriors 3/24/2023 26
27
Method Opportunity - Motive Attackers need MOM Method Skills, knowledge, tools, etc. with which to attempt an attack Opportunity Time and access to attempt an attack Motive A reason to attempt an attack 3/24/2023 27
28
Method of Defense Six approaches to defense of computing systems 1. Prevent attack Block attack / close vulnerability 2. Deter attack Make attack harder (if we cant make it impossible) 3. Deflect attack Make another target more attractive than this target 4. Mitigate attack Make the impact of an attack less severe 5. Detect attack during or after 6. Recover from attack 3/24/2023 28
29
Importance of Computer Security 3/24/2023 29 1. To protect organization's valuable resources, such as information, hardware, and software, through the selection of appropriate techniques. 2. Security helps the organization's mission of protecting its. Physical and financial resources. Gaining reputation and legal position from employees, and customers trust.
30
Importance of Computer Security 3/24/2023 30 3. Preserving, Integrity, Confidentiality and Availability of information system resources that includes. Organizations data. Customers information. Organizations hardware and software etc. 4. To protect the organizations information from criminal, natural hazards and other threats.
31
Importance of Computer Security 3/24/2023 31 5. To protect the organization from hackers, crackers and terrorists. Hacker: Intelligent individual with excellent computer skills, with the ability to create and explore or exploits weaknesses in computer systems and network. Cracker: System intruder/destroyer who Breaching security on software or systems. Virus: Is a program that reproduces its own code by attaching itself to other executable files in such a way that the virus code is executed when the infected executable file is executed. Is a program designed and to cause problems to computers or computer network systems.
32
SECURITY MEASURES 3/24/2023 32 The following measures can be used to protect your computer from security threats and attacks: 1. Locking your computer with a password. 2. Installing Anti-Virus software and ensure it is up- to-date. 3. Using up-to-date software (operating systems and user applications) 4. Logging off or shutting down your computer when going away. Protecting Computers
33
SECURITY MEASURES 3/24/2023 33 5. Make a backup of your important documents and data. 6. Protect your files with passwords 7. Before clicking on any e-mail attachment, make sure that the attachment is scanned even if you know the source. 8. Before using media given to you by someone else, scan it to remove viruses Protecting Computers
34
SECURITY MEASURES 3/24/2023 34 The following measures can be used to protect your network from security threats and attacks 1. Firewalls: A firewall defines a single choke point of control and monitoring that keeps unauthorized users out of the protected network. 2. Intrusion Detection System (IDS) Protecting Computers Networks
35
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 35 It is difficult to prove if your computer has been affected with a virus. However, one can suspects that a computer is infected with a virus, by considering some primary indicators that are; 1. The computer runs slower than usual. 2. The computer stops responding, or it locks up frequently. 3. The computer crashes, and then it restarts every few minutes. 4. Your computer has much less memory or hard drive space is unavailable.
36
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 36 5. Applications programs on the computers do not work correctly. 6. Disks or flash disk drives are inaccessible. 7. You cannot print soft copy to hardcopy correctly or PC prints bogus information. 8. You see unusual error messages. 9. There is a double extension on an attachment that you recently opened, such as a .jpg, .gif, or .exe. extension. 10. An antivirus program is disabled for no reason and sometimes it cannot be restarted.
37
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 37 11. An antivirus program cannot be installed on the computer, or the antivirus program will not run. 12. New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs. 13. There are error messages popping out on a regular basis. 14. Your files and folders are getting deleted automatically. 15. Abnormal sound.
38
38 IA 124 LECTURE 01 END 3/24/2023
IA 124: INTRODUCTION TO IT SECURITY LECTURE 01 SECURITY CONCEPTS 1 3/24/2023
INTRODUCTION What is a Security? 2 What do you think?
WHAT IS SECURITY? Security: A state of well-being of information and infrastructure in which the possibility of theft, tempering, and disruption of information and services is kept low or tolerable. Security is the quality or state of being secure--to be free from danger. 3 3/24/2023
Specialized Areas of Security 3/24/2023 4 Physical security: Protect the physical items, objects, or areas of an organization from unauthorized access and misuse. Personal security: Protect the individual or group of individuals who are authorized to access the organization and its operations. Communications security: Protect an organizations communications media, technology, and content.
Specialized Areas of Security 3/24/2023 5 Network Security: Protect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness. Data security: Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.
Computer Security 3/24/2023 6 .Protection of computers hardware, software, data, information and other related computer devices, from theft, corruption, or natural disaster destruction.. Computer security is concern with protecting a computer systems information assets, as well as the computer systems themselves. Asset = item of value Assets include: Hardware, Software, Data
The Vulnerability Threat Control Paradigm A major goal of information security as a discipline and as a profession is to protect valuable assets To study methods of asset protection, we use vulnerability threat control framework: Vulnerability Is a weakness in an information system or its components that might be exploited to compromise the security of the system. Attack is the deliberate act that exploits vulnerability. Is the actual attempt to violate security. Threat A set of circumstances or events that has the potential to course loss or harm an information system by destroying it, disclosing the information stored on the system, adversely modifying data, or making the system unavailable. Control An action, device, procedure, or technique that eliminates or reduces a vulnerability Also called a countermeasure 3/24/2023 7
The Vulnerability Threat Control Paradigm A threat is blocked by control of a vulnerability. 3/24/2023 8 Example: The finger of the man can control a water leak.
Security VULNERABILITIES 3/24/2023 9 1. Poor system management: If managers at all levels don't make security, their number one priority, then the threats to an information system is easily to become real. 2. Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker to have the tools or knowledge to exploit the weakness. 3. Poor System Design: If the System Analyst did not consider the security aspect, during system design process then creates a loop hole for an attacker to damage a system. WHY Information systems are vulnerable?
Security VULNERABILITIES 3/24/2023 10 3. Poor Password management: The computer users stores the password on the computer or open place where an attacker can access it. 5. Unchecked user input: The programmers assumes that all user input is safe, but there programs that do not check user input which allow unintended direct execution of commands. 6. Default configuration: of the OS and Network Operating System (NOS), network devices firewalls and encryption weaknesses. WHY Information systems are vulnerable?
Threats and C-I-A Threats can apply to the confidentiality, integrity, or availability (C-I-A) of a system Confidentiality: Assurance that the information is accessible only to those authorized to have access. Integrity: The trustworthiness of data of resources in terms of preventing improper and unauthorized changes. Availability: Assurance that the systems are accessible when required by the authorized users. 3/24/2023 11 C-I-A = The security Triad C-I-A = The Goals/Objectives of Information Security
SECURITY GOALS 3/24/2023 12 CONFIDENTIALITY AVAILABILITY INTEGRITY
CIATriad 3/24/2023 13
Additional Pillars of Information Security Aside from C-I-A, authentication, nonreputiation, and auditability are also desirable system properties Authentication: The ability of a system to confirm the identity of a sender. Nonrepudiation: The ability of a system to confirm that a sender cannot convincingly deny having sent a message. Auditability: The ability of a system to trace all actions related to a given asset. Determine who did what and when in order to ensure that responsible parties are held account. 3/24/2023 14
Threats to Information Systems 3/24/2023 15
Threats to Information Systems 3/24/2023 16
Threats to Information Systems 3/24/2023 17 Includes acts done without malicious intent Caused by: Inexperience Improper training Incorrect assumptions Other circumstances Employees are greatest threats to information security They are closest to the organizational data Example: Acts of Human Error or Failure
Threats to Information Systems 3/24/2023 18 Employee mistakes can easily lead to the following: Revelation of classified data Entry of erroneous data Accidental deletion or modification of data Storage of data in unprotected areas Failure to protect information Example: Acts of Human Error or Failure Many of these threats can be prevented with controls Control: Is an action, procedure or technique that removes or reduces the vulnerabilities.
3/24/2023 19
Harmful Acts Harm to information systems can be affected on four different ways 1. Interruption: This is an attack on availability 2. Interception: This is an attack on confidentiality 3. Modification: This is an attack on integrity 4. Fabrication: This is an attack on authenticity 20
21 Information source Information destination Normal Flow
Interruption Interruption: This is an attack on availability Approach: Destruction of hardware, physical damages to communication links, Disrupting traffic (introduction to noise), erase of a program or a file, DoS attacks. 22 Information source Information destination
Interception Interception: This is an attack on confidentiality Approach: Eavesdropping over a communication line, Link monitoring, packet capturing, system compromisation. 23 Information source Information destination
Modification Modification: This is an attack on integrity Approach: Corrupting transmitted data or tampering with it before it reaches its destination. E.g. Changing a record in database. 24 Information source Information destination
Fabrication Fabrication: This is an attack on authenticity Approach: Faking data as if it were created by a legitimate and authentic party. E.g. Adding a new record to a database, insertion of new network packet. 25 Information source Information destination
Types of attackers Amateurs Opportunistic attackers Use a password that he or she found Script kiddies Hackers: Non-malicious Crackers: Malicious Career criminals Organized crime syndicates Cyber terrorists State-supported spies and information warriors 3/24/2023 26
Method Opportunity - Motive Attackers need MOM Method Skills, knowledge, tools, etc. with which to attempt an attack Opportunity Time and access to attempt an attack Motive A reason to attempt an attack 3/24/2023 27
Method of Defense Six approaches to defense of computing systems 1. Prevent attack Block attack / close vulnerability 2. Deter attack Make attack harder (if we cant make it impossible) 3. Deflect attack Make another target more attractive than this target 4. Mitigate attack Make the impact of an attack less severe 5. Detect attack during or after 6. Recover from attack 3/24/2023 28
Importance of Computer Security 3/24/2023 29 1. To protect organization's valuable resources, such as information, hardware, and software, through the selection of appropriate techniques. 2. Security helps the organization's mission of protecting its. Physical and financial resources. Gaining reputation and legal position from employees, and customers trust.
Importance of Computer Security 3/24/2023 30 3. Preserving, Integrity, Confidentiality and Availability of information system resources that includes. Organizations data. Customers information. Organizations hardware and software etc. 4. To protect the organizations information from criminal, natural hazards and other threats.
Importance of Computer Security 3/24/2023 31 5. To protect the organization from hackers, crackers and terrorists. Hacker: Intelligent individual with excellent computer skills, with the ability to create and explore or exploits weaknesses in computer systems and network. Cracker: System intruder/destroyer who Breaching security on software or systems. Virus: Is a program that reproduces its own code by attaching itself to other executable files in such a way that the virus code is executed when the infected executable file is executed. Is a program designed and to cause problems to computers or computer network systems.
SECURITY MEASURES 3/24/2023 32 The following measures can be used to protect your computer from security threats and attacks: 1. Locking your computer with a password. 2. Installing Anti-Virus software and ensure it is up- to-date. 3. Using up-to-date software (operating systems and user applications) 4. Logging off or shutting down your computer when going away. Protecting Computers
SECURITY MEASURES 3/24/2023 33 5. Make a backup of your important documents and data. 6. Protect your files with passwords 7. Before clicking on any e-mail attachment, make sure that the attachment is scanned even if you know the source. 8. Before using media given to you by someone else, scan it to remove viruses Protecting Computers
SECURITY MEASURES 3/24/2023 34 The following measures can be used to protect your network from security threats and attacks 1. Firewalls: A firewall defines a single choke point of control and monitoring that keeps unauthorized users out of the protected network. 2. Intrusion Detection System (IDS) Protecting Computers Networks
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 35 It is difficult to prove if your computer has been affected with a virus. However, one can suspects that a computer is infected with a virus, by considering some primary indicators that are; 1. The computer runs slower than usual. 2. The computer stops responding, or it locks up frequently. 3. The computer crashes, and then it restarts every few minutes. 4. Your computer has much less memory or hard drive space is unavailable.
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 36 5. Applications programs on the computers do not work correctly. 6. Disks or flash disk drives are inaccessible. 7. You cannot print soft copy to hardcopy correctly or PC prints bogus information. 8. You see unusual error messages. 9. There is a double extension on an attachment that you recently opened, such as a .jpg, .gif, or .exe. extension. 10. An antivirus program is disabled for no reason and sometimes it cannot be restarted.
SYMPTOMS OF INFECTED COMPUTER 3/24/2023 37 11. An antivirus program cannot be installed on the computer, or the antivirus program will not run. 12. New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs. 13. There are error messages popping out on a regular basis. 14. Your files and folders are getting deleted automatically. 15. Abnormal sound.
38 IA 124 LECTURE 01 END 3/24/2023
Ad

Recommended

Ia 124 1621324143 ia_124_lecture_01
Ia 124 1621324143 ia_124_lecture_01Ia 124 1621324143 ia_124_lecture_01
Ia 124 1621324143 ia_124_lecture_01
ITNet
Data information and security unit 1.pdf
Data information and security unit 1.pdfData information and security unit 1.pdf
Data information and security unit 1.pdf
deepakbharathi16
Chapter 1 compu secur.pptx of security service
Chapter 1 compu secur.pptx of security serviceChapter 1 compu secur.pptx of security service
Chapter 1 compu secur.pptx of security service
yhalemayalu
Computer Security Chapter 1
Computer Security Chapter 1Computer Security Chapter 1
Computer Security Chapter 1
Temesgen Berhanu
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.ppt
shahadd2021
PPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptxPPT0-Computer Security Concepts.pptx
PPT0-Computer Security Concepts.pptx
PiBits
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mukesh Chinta
Information Security and Privacy-Unit-1.pptx
Information Security and Privacy-Unit-1.pptxInformation Security and Privacy-Unit-1.pptx
Information Security and Privacy-Unit-1.pptx
NiharikaDubey17
Unit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptxUnit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptx
Guna Dhondwad
MODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA AMODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA A
juan60m3zz
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
Zara Nawaz
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptxCS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
ShreyaChavan28
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
TikdiPatel
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
desalewminale
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
shambelworku8
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
Computer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptxComputer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptx
dagiabebe267
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
Manoj VNV
IT.pptx
IT.pptxIT.pptx
IT.pptx
RaaviKapoor
CH01-CompSec4e.pptx
CH01-CompSec4e.pptxCH01-CompSec4e.pptx
CH01-CompSec4e.pptx
ams1ams11
cryptographic security
cryptographic securitycryptographic security
cryptographic security
Priyamvada Singh
cyber secuirty.pptx
cyber secuirty.pptxcyber secuirty.pptx
cyber secuirty.pptx
Godwin585235
Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1
ssuserf35ac9
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
vkarthi314
Information Security Lecture One for Basic
Information Security Lecture One for BasicInformation Security Lecture One for Basic
Information Security Lecture One for Basic
hassankhan978073
Capitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptxCapitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptx
CapitolTechU
GEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdfGEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdf
SHERAZ AHMAD LONE

More Related Content

Similar to IA 124 Lecture 01 2022 -23-1.pdf hahahah (20)

Unit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptxUnit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptx
Guna Dhondwad
MODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA AMODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA A
juan60m3zz
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
Zara Nawaz
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptxCS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
ShreyaChavan28
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
TikdiPatel
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
desalewminale
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
shambelworku8
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
Computer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptxComputer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptx
dagiabebe267
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
Manoj VNV
IT.pptx
IT.pptxIT.pptx
IT.pptx
RaaviKapoor
CH01-CompSec4e.pptx
CH01-CompSec4e.pptxCH01-CompSec4e.pptx
CH01-CompSec4e.pptx
ams1ams11
cryptographic security
cryptographic securitycryptographic security
cryptographic security
Priyamvada Singh
cyber secuirty.pptx
cyber secuirty.pptxcyber secuirty.pptx
cyber secuirty.pptx
Godwin585235
Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1
ssuserf35ac9
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
vkarthi314
Information Security Lecture One for Basic
Information Security Lecture One for BasicInformation Security Lecture One for Basic
Information Security Lecture One for Basic
hassankhan978073
Unit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptxUnit 1 Network Fundamentals and Security .pptx
Unit 1 Network Fundamentals and Security .pptx
Guna Dhondwad
MODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA AMODELING THREATS HAER YERE SINIRR JKOA A
MODELING THREATS HAER YERE SINIRR JKOA A
juan60m3zz
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
Zara Nawaz
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptxCS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
CS PPT CHP 1 PART 1-Types of attacks and basics of computer security.pptx
ShreyaChavan28
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
Vamsee Krishna Kiran
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
sneha padhiar
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
TikdiPatel
security system by desu star chapter 1.pptx
security system by desu star chapter 1.pptxsecurity system by desu star chapter 1.pptx
security system by desu star chapter 1.pptx
desalewminale
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
EBRE TABOR UNIVERSITY Gafat Institute of Technology Department of Information...
shambelworku8
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
Computer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptxComputer security ppt for computer science student.pptx
Computer security ppt for computer science student.pptx
dagiabebe267
Security in network computing
Security in network computingSecurity in network computing
Security in network computing
Manoj VNV
IT.pptx
IT.pptxIT.pptx
IT.pptx
RaaviKapoor
CH01-CompSec4e.pptx
CH01-CompSec4e.pptxCH01-CompSec4e.pptx
CH01-CompSec4e.pptx
ams1ams11
cryptographic security
cryptographic securitycryptographic security
cryptographic security
Priyamvada Singh
cyber secuirty.pptx
cyber secuirty.pptxcyber secuirty.pptx
cyber secuirty.pptx
Godwin585235
Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1
ssuserf35ac9
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
vkarthi314
Information Security Lecture One for Basic
Information Security Lecture One for BasicInformation Security Lecture One for Basic
Information Security Lecture One for Basic
hassankhan978073

Recently uploaded (20)

Capitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptxCapitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptx
CapitolTechU
GEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdfGEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdf
SHERAZ AHMAD LONE
Sustainable Innovation with Immersive Learning
Sustainable Innovation with Immersive LearningSustainable Innovation with Immersive Learning
Sustainable Innovation with Immersive Learning
Leonel Morgado
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
parmarjuli1412
Revista digital preescolar en transformaci坦n
Revista digital preescolar en transformaci坦nRevista digital preescolar en transformaci坦n
Revista digital preescolar en transformaci坦n
guerragallardo26
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKANMATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
aditya23173
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Himalayan Group of Professional Institutions (HGPI)
IDF 30min presentation - December 2, 2024.pptx
IDF 30min presentation - December 2, 2024.pptxIDF 30min presentation - December 2, 2024.pptx
IDF 30min presentation - December 2, 2024.pptx
ArneeAgligar
Black and White Illustrative Group Project Presentation.pdf (1).pdf
Black and White Illustrative Group Project Presentation.pdf (1).pdfBlack and White Illustrative Group Project Presentation.pdf (1).pdf
Black and White Illustrative Group Project Presentation.pdf (1).pdf
AnnasofiaUrsini
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition OecdEnergy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
razelitouali
Unit- 4 Biostatistics & Research Methodology.pdf
Unit- 4 Biostatistics & Research Methodology.pdfUnit- 4 Biostatistics & Research Methodology.pdf
Unit- 4 Biostatistics & Research Methodology.pdf
KRUTIKA CHANNE
Basic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Basic English for Communication - Dr Hj Euis Eti Rohaeti MpdBasic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Basic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Restu Bias Primandhika
Overview of Employee in Odoo 18 - Odoo 際際滷s
Overview of Employee in Odoo 18 - Odoo 際際滷sOverview of Employee in Odoo 18 - Odoo 際際滷s
Overview of Employee in Odoo 18 - Odoo 際際滷s
Celine George
Nice Dream.pdf /
Nice Dream.pdf /Nice Dream.pdf /
Nice Dream.pdf /
ErinUsher3
Exploring Ocean Floor Features for Middle School
Exploring Ocean Floor Features for Middle SchoolExploring Ocean Floor Features for Middle School
Exploring Ocean Floor Features for Middle School
Marie
Ray Dalio How Countries go Broke the Big Cycle
Ray Dalio How Countries go Broke the Big CycleRay Dalio How Countries go Broke the Big Cycle
Ray Dalio How Countries go Broke the Big Cycle
Dadang Solihin
How to Create an Event in Odoo 18 - Odoo 18 際際滷s
How to Create an Event in Odoo 18 - Odoo 18 際際滷sHow to Create an Event in Odoo 18 - Odoo 18 際際滷s
How to Create an Event in Odoo 18 - Odoo 18 際際滷s
Celine George
june 10 2025 ppt for madden on art science is over.pptx
june 10 2025 ppt for madden on art science is over.pptxjune 10 2025 ppt for madden on art science is over.pptx
june 10 2025 ppt for madden on art science is over.pptx
roger malina
How to Manage & Create a New Department in Odoo 18 Employee
How to Manage & Create a New Department in Odoo 18 EmployeeHow to Manage & Create a New Department in Odoo 18 Employee
How to Manage & Create a New Department in Odoo 18 Employee
Celine George
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKANMATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
aditya23173
Capitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptxCapitol Doctoral Presentation -June 2025.pptx
Capitol Doctoral Presentation -June 2025.pptx
CapitolTechU
GEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdfGEOGRAPHY-Study Material [ Class 10th] .pdf
GEOGRAPHY-Study Material [ Class 10th] .pdf
SHERAZ AHMAD LONE
Sustainable Innovation with Immersive Learning
Sustainable Innovation with Immersive LearningSustainable Innovation with Immersive Learning
Sustainable Innovation with Immersive Learning
Leonel Morgado
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
THERAPEUTIC COMMUNICATION included definition, characteristics, nurse patient...
parmarjuli1412
Revista digital preescolar en transformaci坦n
Revista digital preescolar en transformaci坦nRevista digital preescolar en transformaci坦n
Revista digital preescolar en transformaci坦n
guerragallardo26
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKANMATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 4 LANDASAN FILOSOFIS PENDIDIKAN
aditya23173
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Vikas Bansal Himachal Pradesh: A Visionary Transforming Himachals Educationa...
Himalayan Group of Professional Institutions (HGPI)
IDF 30min presentation - December 2, 2024.pptx
IDF 30min presentation - December 2, 2024.pptxIDF 30min presentation - December 2, 2024.pptx
IDF 30min presentation - December 2, 2024.pptx
ArneeAgligar
Black and White Illustrative Group Project Presentation.pdf (1).pdf
Black and White Illustrative Group Project Presentation.pdf (1).pdfBlack and White Illustrative Group Project Presentation.pdf (1).pdf
Black and White Illustrative Group Project Presentation.pdf (1).pdf
AnnasofiaUrsini
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition OecdEnergy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
Energy Balances Of Oecd Countries 2011 Iea Statistics 1st Edition Oecd
razelitouali
Unit- 4 Biostatistics & Research Methodology.pdf
Unit- 4 Biostatistics & Research Methodology.pdfUnit- 4 Biostatistics & Research Methodology.pdf
Unit- 4 Biostatistics & Research Methodology.pdf
KRUTIKA CHANNE
Basic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Basic English for Communication - Dr Hj Euis Eti Rohaeti MpdBasic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Basic English for Communication - Dr Hj Euis Eti Rohaeti Mpd
Restu Bias Primandhika
Overview of Employee in Odoo 18 - Odoo 際際滷s
Overview of Employee in Odoo 18 - Odoo 際際滷sOverview of Employee in Odoo 18 - Odoo 際際滷s
Overview of Employee in Odoo 18 - Odoo 際際滷s
Celine George
Nice Dream.pdf /
Nice Dream.pdf /Nice Dream.pdf /
Nice Dream.pdf /
ErinUsher3
Exploring Ocean Floor Features for Middle School
Exploring Ocean Floor Features for Middle SchoolExploring Ocean Floor Features for Middle School
Exploring Ocean Floor Features for Middle School
Marie
Ray Dalio How Countries go Broke the Big Cycle
Ray Dalio How Countries go Broke the Big CycleRay Dalio How Countries go Broke the Big Cycle
Ray Dalio How Countries go Broke the Big Cycle
Dadang Solihin
How to Create an Event in Odoo 18 - Odoo 18 際際滷s
How to Create an Event in Odoo 18 - Odoo 18 際際滷sHow to Create an Event in Odoo 18 - Odoo 18 際際滷s
How to Create an Event in Odoo 18 - Odoo 18 際際滷s
Celine George
june 10 2025 ppt for madden on art science is over.pptx
june 10 2025 ppt for madden on art science is over.pptxjune 10 2025 ppt for madden on art science is over.pptx
june 10 2025 ppt for madden on art science is over.pptx
roger malina
How to Manage & Create a New Department in Odoo 18 Employee
How to Manage & Create a New Department in Odoo 18 EmployeeHow to Manage & Create a New Department in Odoo 18 Employee
How to Manage & Create a New Department in Odoo 18 Employee
Celine George
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKANMATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
MATERI PPT TOPIK 1 LANDASAN FILOSOFIS PENDIDIKAN
aditya23173
Ad

IA 124 Lecture 01 2022 -23-1.pdf hahahah

  • 1. IA 124: INTRODUCTION TO IT SECURITY LECTURE 01 SECURITY CONCEPTS 1 3/24/2023
  • 2. INTRODUCTION What is a Security? 2 What do you think?
  • 3. WHAT IS SECURITY? Security: A state of well-being of information and infrastructure in which the possibility of theft, tempering, and disruption of information and services is kept low or tolerable. Security is the quality or state of being secure--to be free from danger. 3 3/24/2023
  • 4. Specialized Areas of Security 3/24/2023 4 Physical security: Protect the physical items, objects, or areas of an organization from unauthorized access and misuse. Personal security: Protect the individual or group of individuals who are authorized to access the organization and its operations. Communications security: Protect an organizations communications media, technology, and content.
  • 5. Specialized Areas of Security 3/24/2023 5 Network Security: Protect the network and the network-accessible resources from unauthorized access, consistent and continuous monitoring and measurement of its effectiveness. Data security: Data security is the means of ensuring that data is kept safe from corruption and that access to it is suitably controlled.
  • 6. Computer Security 3/24/2023 6 .Protection of computers hardware, software, data, information and other related computer devices, from theft, corruption, or natural disaster destruction.. Computer security is concern with protecting a computer systems information assets, as well as the computer systems themselves. Asset = item of value Assets include: Hardware, Software, Data
  • 7. The Vulnerability Threat Control Paradigm A major goal of information security as a discipline and as a profession is to protect valuable assets To study methods of asset protection, we use vulnerability threat control framework: Vulnerability Is a weakness in an information system or its components that might be exploited to compromise the security of the system. Attack is the deliberate act that exploits vulnerability. Is the actual attempt to violate security. Threat A set of circumstances or events that has the potential to course loss or harm an information system by destroying it, disclosing the information stored on the system, adversely modifying data, or making the system unavailable. Control An action, device, procedure, or technique that eliminates or reduces a vulnerability Also called a countermeasure 3/24/2023 7
  • 8. The Vulnerability Threat Control Paradigm A threat is blocked by control of a vulnerability. 3/24/2023 8 Example: The finger of the man can control a water leak.
  • 9. Security VULNERABILITIES 3/24/2023 9 1. Poor system management: If managers at all levels don't make security, their number one priority, then the threats to an information system is easily to become real. 2. Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker to have the tools or knowledge to exploit the weakness. 3. Poor System Design: If the System Analyst did not consider the security aspect, during system design process then creates a loop hole for an attacker to damage a system. WHY Information systems are vulnerable?
  • 10. Security VULNERABILITIES 3/24/2023 10 3. Poor Password management: The computer users stores the password on the computer or open place where an attacker can access it. 5. Unchecked user input: The programmers assumes that all user input is safe, but there programs that do not check user input which allow unintended direct execution of commands. 6. Default configuration: of the OS and Network Operating System (NOS), network devices firewalls and encryption weaknesses. WHY Information systems are vulnerable?
  • 11. Threats and C-I-A Threats can apply to the confidentiality, integrity, or availability (C-I-A) of a system Confidentiality: Assurance that the information is accessible only to those authorized to have access. Integrity: The trustworthiness of data of resources in terms of preventing improper and unauthorized changes. Availability: Assurance that the systems are accessible when required by the authorized users. 3/24/2023 11 C-I-A = The security Triad C-I-A = The Goals/Objectives of Information Security
  • 14. Additional Pillars of Information Security Aside from C-I-A, authentication, nonreputiation, and auditability are also desirable system properties Authentication: The ability of a system to confirm the identity of a sender. Nonrepudiation: The ability of a system to confirm that a sender cannot convincingly deny having sent a message. Auditability: The ability of a system to trace all actions related to a given asset. Determine who did what and when in order to ensure that responsible parties are held account. 3/24/2023 14
  • 15. Threats to Information Systems 3/24/2023 15
  • 16. Threats to Information Systems 3/24/2023 16
  • 17. Threats to Information Systems 3/24/2023 17 Includes acts done without malicious intent Caused by: Inexperience Improper training Incorrect assumptions Other circumstances Employees are greatest threats to information security They are closest to the organizational data Example: Acts of Human Error or Failure
  • 18. Threats to Information Systems 3/24/2023 18 Employee mistakes can easily lead to the following: Revelation of classified data Entry of erroneous data Accidental deletion or modification of data Storage of data in unprotected areas Failure to protect information Example: Acts of Human Error or Failure Many of these threats can be prevented with controls Control: Is an action, procedure or technique that removes or reduces the vulnerabilities.
  • 20. Harmful Acts Harm to information systems can be affected on four different ways 1. Interruption: This is an attack on availability 2. Interception: This is an attack on confidentiality 3. Modification: This is an attack on integrity 4. Fabrication: This is an attack on authenticity 20
  • 22. Interruption Interruption: This is an attack on availability Approach: Destruction of hardware, physical damages to communication links, Disrupting traffic (introduction to noise), erase of a program or a file, DoS attacks. 22 Information source Information destination
  • 23. Interception Interception: This is an attack on confidentiality Approach: Eavesdropping over a communication line, Link monitoring, packet capturing, system compromisation. 23 Information source Information destination
  • 24. Modification Modification: This is an attack on integrity Approach: Corrupting transmitted data or tampering with it before it reaches its destination. E.g. Changing a record in database. 24 Information source Information destination
  • 25. Fabrication Fabrication: This is an attack on authenticity Approach: Faking data as if it were created by a legitimate and authentic party. E.g. Adding a new record to a database, insertion of new network packet. 25 Information source Information destination
  • 26. Types of attackers Amateurs Opportunistic attackers Use a password that he or she found Script kiddies Hackers: Non-malicious Crackers: Malicious Career criminals Organized crime syndicates Cyber terrorists State-supported spies and information warriors 3/24/2023 26
  • 27. Method Opportunity - Motive Attackers need MOM Method Skills, knowledge, tools, etc. with which to attempt an attack Opportunity Time and access to attempt an attack Motive A reason to attempt an attack 3/24/2023 27
  • 28. Method of Defense Six approaches to defense of computing systems 1. Prevent attack Block attack / close vulnerability 2. Deter attack Make attack harder (if we cant make it impossible) 3. Deflect attack Make another target more attractive than this target 4. Mitigate attack Make the impact of an attack less severe 5. Detect attack during or after 6. Recover from attack 3/24/2023 28
  • 29. Importance of Computer Security 3/24/2023 29 1. To protect organization's valuable resources, such as information, hardware, and software, through the selection of appropriate techniques. 2. Security helps the organization's mission of protecting its. Physical and financial resources. Gaining reputation and legal position from employees, and customers trust.
  • 30. Importance of Computer Security 3/24/2023 30 3. Preserving, Integrity, Confidentiality and Availability of information system resources that includes. Organizations data. Customers information. Organizations hardware and software etc. 4. To protect the organizations information from criminal, natural hazards and other threats.
  • 31. Importance of Computer Security 3/24/2023 31 5. To protect the organization from hackers, crackers and terrorists. Hacker: Intelligent individual with excellent computer skills, with the ability to create and explore or exploits weaknesses in computer systems and network. Cracker: System intruder/destroyer who Breaching security on software or systems. Virus: Is a program that reproduces its own code by attaching itself to other executable files in such a way that the virus code is executed when the infected executable file is executed. Is a program designed and to cause problems to computers or computer network systems.
  • 32. SECURITY MEASURES 3/24/2023 32 The following measures can be used to protect your computer from security threats and attacks: 1. Locking your computer with a password. 2. Installing Anti-Virus software and ensure it is up- to-date. 3. Using up-to-date software (operating systems and user applications) 4. Logging off or shutting down your computer when going away. Protecting Computers
  • 33. SECURITY MEASURES 3/24/2023 33 5. Make a backup of your important documents and data. 6. Protect your files with passwords 7. Before clicking on any e-mail attachment, make sure that the attachment is scanned even if you know the source. 8. Before using media given to you by someone else, scan it to remove viruses Protecting Computers
  • 34. SECURITY MEASURES 3/24/2023 34 The following measures can be used to protect your network from security threats and attacks 1. Firewalls: A firewall defines a single choke point of control and monitoring that keeps unauthorized users out of the protected network. 2. Intrusion Detection System (IDS) Protecting Computers Networks
  • 35. SYMPTOMS OF INFECTED COMPUTER 3/24/2023 35 It is difficult to prove if your computer has been affected with a virus. However, one can suspects that a computer is infected with a virus, by considering some primary indicators that are; 1. The computer runs slower than usual. 2. The computer stops responding, or it locks up frequently. 3. The computer crashes, and then it restarts every few minutes. 4. Your computer has much less memory or hard drive space is unavailable.
  • 36. SYMPTOMS OF INFECTED COMPUTER 3/24/2023 36 5. Applications programs on the computers do not work correctly. 6. Disks or flash disk drives are inaccessible. 7. You cannot print soft copy to hardcopy correctly or PC prints bogus information. 8. You see unusual error messages. 9. There is a double extension on an attachment that you recently opened, such as a .jpg, .gif, or .exe. extension. 10. An antivirus program is disabled for no reason and sometimes it cannot be restarted.
  • 37. SYMPTOMS OF INFECTED COMPUTER 3/24/2023 37 11. An antivirus program cannot be installed on the computer, or the antivirus program will not run. 12. New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs. 13. There are error messages popping out on a regular basis. 14. Your files and folders are getting deleted automatically. 15. Abnormal sound.
  • 38. 38 IA 124 LECTURE 01 END 3/24/2023
About
息 2025 際際滷