Information Security Terminologies

Information Security Assets

• Assets include personals, hardware, software, physical devices, and documents
• Identifying assets is crucial for creating an information security system

Security Terminologies

• Threat: a person, thing, event, or idea that poses danger to an asset's confidentiality, integrity, availability, or legitimate use
• Vulnerability: a weakness or absence of safeguards
• Risk: a measure of the cost of a realized vulnerability
• Exploits: programs, scripts, or code that perform unauthorized operations
• Impacts: results of an exploited vulnerability (e.g., deleted files, loss of information, loss of company image)

Focus of Security

• Security deals with managing risk to critical assets
• Security is an exercise in loss reduction
• Risk is the probability of a threat crossing or touching a vulnerability
• Risk = Threat x Vulnerability

Threats

• Accidental threats: natural disasters
• Intentional threats: active and passive threats
  • Passive threats: do not modify information or system state
  • Active threats: alter information or system state

Network Threats

• Risks of network intrusion: information theft, data loss and manipulation, identity theft
• Sources of network intrusion: social engineering, phishing
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
• Brute force attacks: guessing passwords using a fast computer
• Spyware and tracking cookies: collecting personal information without permission
• Spam: sending unsolicited emails, overloading ISPs, email servers, and individual systems

Malware Capabilities

• Destruction of data
• Leaking confidential information
• Providing backdoor access
• Countless other opportunities

Propagation Techniques

• Removable media
• E-mail attachments
• Web browsing
• Social networking
• Network vulnerabilities
• Instant messaging applications
• Peer-to-peer networks

Malware Defense Techniques

• Activity monitoring programs
• Malware scanners
• File and resource integrity checking
• Stripping e-mail attachments
• Defense-in-depth
• Patching all systems

Common Security Measures

• Security Policy: a formal statement of rules for accessing technology and information assets
• Updates and Patches: fixing specific problems and adding functionality to software
• Anti-virus Software: preventing infection, detecting, and removing viruses, worms, and Trojan horses
• Anti-Spam: identifying spam and performing an action
• Anti-Spyware: detecting and deleting spyware applications

Firewalls

• What is a Firewall?: a security tool that controls traffic between networks and prevents unauthorized access
• Types of Firewall:
  • Packet Filtering
  • Application/Web Site Filtering
  • Stateful Packet Inspection (SPI)
• Best Practices:
  • Define security policies
  • Physically secure servers and network equipment
  • Set login and file access permissions
  • Update OS and applications
  • Change permissive default settings
  • Run anti-virus and anti-spyware
  • Update antivirus software files
  • Activate browser tools

Mistakes People Make

• The SANS Institute's lists of mistakes that lead to security breaches
• The Four Worst Security Mistakes End Users Make
• The Six Worst Security Mistakes Senior Executives Make
• The Eight Worst Security Mistakes Information Technology People Make