Chaptar1.pdf

Full Transcript

11/7/2023 IT department Chamchamal Technical Institute Second Stage An Introduction to Information Security (Lecture one) Muhamad A.Fatih 2023-2024 Syllabus CH1: Introduction to Security CH2: Malware and Stoical engineering attacks CH3:Application and Networking –Based Attacks CH4:Cryptography CH5:Network Security Fundamentals 1 11/7/2023 What is Security ? Security refers to all the measures that are taken to protect a place, or to ensure that only people with permission enter it or leave it. What is Security ? Definition: “the quality or state of being secure—to be free from danger” Security is often achieved by means of several strategies undertaken simultaneously or used in combination with one another Specialized areas of security –Physical security –operations security, –communications security, and –network security 2 11/7/2023 Information security protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. The concept of computer security has been replaced by the concept of information security -Covers a broad range of issues From protection of data to protection of human resources Funding and Planning for Security  Information security decisions should involve three distinct groups of decision makers (communities of interest) – – – Information security managers and professionals Information technology managers and professionals Non-technical business managers and professionals 3 11/7/2023 Computer security Computer security, also known as cybersecurity or IT security Is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection. Network security Is the generic name for the collection of tools designed to protect data during their transmission. Network security is a broad term that covers a multitude of technologies, devices and processes. it is a set of rules and configurations designed to protect the integrity, confidentiality and accessibility of computer networks and data using both software and hardware technologies. Every organization, regardless of size, industry or infrastructure, requires a degree of network security solutions in place to protect it from the ever-growing landscape of cyber threats in the wild today. 4 11/7/2023 An Information Security Model C C.I.A. triangle – Confidentiality, integrity, and availability – Has expanded into a more comprehensive list of critical characteristics of information The three most crucial components of security (C.I.A. triangle ) 5 11/7/2023 Confidentiality The characteristic of information whereby only those with sufficient privileges may access certain information  Measures used to protect confidentiality – – – – Information classification Secure document storage Application of general security policies Education of information custodians and end users 11 Integrity The quality or state of being whole, complete, and uncorrupted  Information integrity is threatened –  If exposed to corruption, damage, destruction, or other disruption of its authentic state Corruption can occur while information is being compiled, stored, or transmitted 12 6 11/7/2023 Availability The characteristic of information that enables user access to information in a required format, without interference or obstruction – – A user in this definition may be either a person or another computer system Availability does not imply that the information is accessible to any user  Implies availability to authorized users 13 Other key concepts  Privacy – – Information collected, used, and stored by an organization is to be used only for the purposes stated to the data owner at the time it was collected Privacy as a characteristic of information does not signify freedom from observation  Means that information will be used only in ways known to the person providing it Management of Information Security, 3rd Edition 14 7 11/7/2023 Other key concepts (contd)  Identification – –  An information system possesses the characteristic of identification when it is able to recognize individual users Identification and authentication are essential to establishing the level of access or authorization that an individual is granted Authentication – Occurs when a control proves that a user possesses the identity that he or she claims Management of Information Security, 3rd Edition 15 Other key concepts (contd)  Authorization – – –  Assures that the user has been specifically and explicitly authorized by the proper authority to access, update, or delete the contents of an information asset User may be a person or a computer Authorization occurs after authentication Accountability – Exists when a control provides assurance that every activity undertaken can be attributed to a named person or automated process 16 Management of Information Security, 3rd Edition 8 11/7/2023 A more general security model  CNSS Security Model – – – – Also known as the McCumber Cube Provides a more detailed perspective on security Covers the three dimensions of information security Document available at http://www.cnss.gov/Assets/pdf/nstissi_4011.pdf Management of Information Security, 3rd Edition 17 CNSS Security Model Figure 1-1 Components of Information security Management of Information Security, 3rd Edition 18 Source: Course Technology/Cengage Learning 9 11/7/2023 CNSS Security Model (contd) Figure 1-2 CNSS security Model Management of Information Security, 3rd Edition 19 Source: Course Technology/Cengage Learning (adapted from NSTISSI No. 4011) The Causes of Insecurity Three types of fundamental weaknesses open the door to security problems:- A. Technology weakness B. Policy weakness C. Configuration weakness 10 11/7/2023 Technology weakness Every technology has some known or unknown inherent weaknesses, or vulnerabilities that can be exploited by a sufficiently motivated troublemaker  Internet protocols were not designed for security. Security services, and an array of products from many vendors work together to reduce the risks inherent in the environment.  Computer and Network Operating Systems. Every operating system (OS) has vulnerabilities that need to be addressed through patches, upgrades, and best practices.  Network Device Weaknesses. It can have vulnerabilities, often called “holes,” that can be exploited. Whenever possible, patches, IOS upgrades, and best practices should be applied to eliminate or mitigate known problems 11 11/7/2023 Policy Weakness Policy weakness is a catchall phrase for company policies, or a lack of policies, that inadvertently lead to security threats to the network system. No written security policy Lack of a disaster recover plan No policy for software and hardware additions or changes. Lack of security monitoring. Employment policies. Internal policies Configuration Weakness/ Many network devices have default settings that emphasize performance or ease of installation without regard for security issues. Some common configuration issues include the following:      Ineffective access control lists failing to block intended traffic Default, missing, or old passwords Unneeded ports or services left active User IDs and passwords exchanged in clear text Weak or unprotected remote access through the Internet or dial-up services 12 11/7/2023 Summary In this chapter, we first have introduced some important concepts: information security, computer security and network security, and the differences among these concepts. Secondly, we have presented some causes of insecurity of information and classified security attacks and attackers types according to different criteria. Finally, we have included a section with some of the best practices for home users so as to increase their level of protection. 13