Cyber Security Part 2 PDF
Document Details
Uploaded by Deleted User
Thebes El-Maadi School
Dr. Madiha Ibrahim
Tags
Related
- Chapter 1 Cryptography and Network Security Overview + 2024 PDF
- Combined Question Set - Past Paper PDF
- Network Security Concepts - GuidesDigest Training PDF
- Discovering Computers: Chapter 8 - Digital Security, Ethics, and Privacy PDF
- Question Banks 16-20 PDF
- CH1-6 PDF - Information Technology Security Concepts
Summary
This document is a presentation on cyber security, discussing various concepts like network security, cloud security, and endpoint security. It also details different types of security attacks. It seems to be part of a larger course on computer science. The information is aimed at secondary school students.
Full Transcript
CONTENT o TYPES OF SECURITY o WHAT ARE TYPES OF CYBER SECURITY? o CYBER SECURITY NETWORKING BASICS o CAESAR CIPHER Types of security COMPUTER SECURITY – GENERIC NAME FOR THE COLLECTION OF TOOLS DESIGNED TO PROTECT DATA AND TO DETECT HACKER’S THREATS....
CONTENT o TYPES OF SECURITY o WHAT ARE TYPES OF CYBER SECURITY? o CYBER SECURITY NETWORKING BASICS o CAESAR CIPHER Types of security COMPUTER SECURITY – GENERIC NAME FOR THE COLLECTION OF TOOLS DESIGNED TO PROTECT DATA AND TO DETECT HACKER’S THREATS. NETWORK SECURITY – MEASURES TO PROTECT DATA DURING THEIR TRANSMISSION INTERNET SECURITY – MEASURES TO PROTECT DATA DURING THEIR TRANSMISSION OVER A COLLECTION OF INTERCONNECTED NETWORKS TYPES OF CYBER SECURITY? It can be divided into seven main pillars: Network Security. Cloud Security.... Endpoint Security.... Mobile Security.... IoT Security.... Application Security.... Zero Trust 1. Network Security Most attacks occur over the network, and network security solutions are designed to identify and block these attacks. These solutions include data and access controls such as: o Data Loss Prevention (DLP), o IAM (Identity Access Management), o NAC (Network Access Control), o and NGFW (Next-Generation Firewall) application controls to enforce safe web use policies. 2. Cloud Security As organizations increasingly adopt cloud computing, securing the cloud becomes a major priority. A cloud security strategy includes cyber security solutions, controls, policies, and services that help to protect an organization’s entire cloud deployment (applications, data, infrastructure, etc.) against attack. 3. Endpoint Security The zero-trust security model prescribes creating micro-segments around data wherever it may be. One way to do that with a mobile workforce is using endpoint security. With endpoint security, companies can secure end- user devices such as desktops and laptops with data and network security controls, advanced threat prevention such as anti-phishing and anti- ransomware, and technologies that provide forensics such as endpoint detection and response (EDR) solutions. 4. Mobile Security Often overlooked, mobile devices such as tablets and smartphones have access to corporate data, exposing businesses to threats from malicious apps, zero-day, phishing, and IM (Instant Messaging) attacks. Mobile security prevents these attacks and secures the operating systems and devices from rooting and jailbreaking. When included with an MDM (Mobile Device Management) solution, this enables enterprises to ensure only compliant mobile devices have access to corporate assets. 5. IoT Security While using Internet of Things (IoT) devices certainly delivers productivity benefits, it also exposes organizations to new cyber threats. Threat actors seek out vulnerable devices inadvertently connected to the Internet for nefarious uses such as a pathway into a corporate network or for another bot in a global bot network. example of a smart home security 6. Application Security Application security is the process of developing, adding, and testing security features within applications to prevent security vulnerabilities against threats such as unauthorized access and modification. 7. Zero Trust Zero Trust security means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network. Access is denied by default. For example, when a new service account is defined, or a new employee joins a company, they initially do not have access to any systems. Administrators need to explicitly approve specific permissions and access levels for the new account. CYBER SECURIT Y NET WORKING BASICS The OSI Model The OSI ("Open Systems Interconnection") model represents an easy and intuitive way to standardize the different parts required to communicate across networks. The model clarifies what is needed to communicate on a network by splitting the requirements into multiple layers. Layer 4, the Transport layer, connects the software with the hardware layers. SDN ("Software Defined Networking") is technology which allows more layers of the hardware to be implemented via software. SECURITYATTACKS Ameans of classifying security attacks is in terms of passive attacks and active attacks Apassive attack attempts to learn or make use of information from the system but does not affect system resources An active attack attempts to alter system resources or affect their operation PASSIVEPASSIVE ATTACKS ATTACKS Are like eavesdropping on, or monitoring of, transmissions The goal of the opponent is to obtain Two types of passive attacks are: information that is being transmitted The release of message contents Traffic analysis Caesar cipher https://www.youtube.com/watch?v=o6TPx1Co_wg ACTIVITY 2 o What are the examples of o What are the protocols of the application layers the session layer? THANK YOU