Information Assurance and Security Lesson 1-3 PDF

Information Assurance and Security Lesson 1 - Essential Security Concepts Cyberspace information in the internet or cloud. On-Premise information in the local network or organization. Data Privacy is concerned with proper handling, processing, storage, and usage of personal information. Cybersecurity is the ability to protect or defend the use of cyberspace from cyber-attacks. Information Security is the protection of information, information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. Information Security Threats Phishing (Whale-in, Vishing, Smishing) Ransomware Social Engineering (Insider Abuse, Scams, Blackmail) Malware (DDos, Worm Infection) Intrusion (Windows, Linux, Defacement) Data Leakage (Malicious, Network Behavior) Threat Actors Hacktivism Crime Insider Espionage Terrorism Warfare CIA Triad (Core Principles of Security) Confidentiality ensures that information is only known to authorized users. Prevents disclosure. Threats: Database breaches, network sniffing, malware (Trojans, worms). Integrity ensures that information is not modified by un-authorized user. Prevents alteration. Threats: Website defacement, phishing, identity theft. Availability ensures that information is available when needed. Prevents denial (inaccessibility). Threats: DDoS attacks, viruses, hardware failures. Traditional IT Disciplines Network Administrator System Administrator Database Administrator Software Developer Lesson 2 - Intro to Access Control Access Control is a part of information security that limits who or what can view or use resources in a computing environment. Types of Access Control Physical - Limits access to buildings, rooms, or facilities (e.g., locks, biometrics). Logical - Limits access to networks, devices, files, and data (e.g., passwords, firewalls). Securing Facilities (Physical) Barriers, Locks, Doors Electronic Access Control Systems Securing IT Resources (Logical) Identification - claiming to be an identity when attempting to access. Authentication - providing that you are that identity. Authorization - defining the permissions. Auditing - recording a log of the events and activities. Accounting - reviewing logs to check for violations in order to hold subjects accountable of their actions. Lesson 3 - Access Control Technologies Identification Methods: Identification Badge is the most common, contains the name or logo of the organization, the name, and picture of the holder. Access Badge is used to enter secured areas of a facility. Username / User ID provides the system with a way of uniquely identifying a user amongst all the users of that system. Account Number / PIN provides the authentication information needed Media Access Control (MAC) Address is a 48-bit number, globally unique. IP Address gives the logical location of a device on the IP network and are organized to logical groups called subnetworks or subnets. Radio Frequency Identification (RFID) is a non-contact and automatic identification technology that uses radio signals to identify and track. RFID Components RFID Tag – Contains an integrated circuit and antenna. RFID Reader – Reads the signal from the tag. Back-end Database – Stores and processes the collected data. Identity Management Implementation Password Management are policies, standards, and complexity associated with password use need to be managed in a consistent way throughout the enterprise. Account Management attempts to streamline the administration of user identity across multiple systems. Profile Management is a collection of information associated with a particular identity or a group. Directory Management a directory that contains a hierarchy of objects storing information about Users, Groups, Systems, Servers, Printers. Single Sign-On a unified login experience when accessing one or more systems. Directory Services: Lightweight Directory Access Protocol (LDAP) - uses a hierarchical tree structure for directory entries. Active Directory Domain Services (ADDS) - provides central authentication and authorization capabilities for users and system services on an enterprise-wide level. Perimeter-based Web Portal Access - an organization that has directory such as LDAP in place, it is possible to quickly leverage the directory data to manage user identity, authentication, authorization. Single Sign-On (SSO) - Allows users to log in once and access multiple systems without re-authenticating. Kerberos Security System - guards a network with authentication, authorization, auditing. A secure authentication protocol using tickets. Authentication Methods: Single-Factor Authentication (SFA): Using one factor (e.g., password). Multi-Factor Authentication (MFA): Using two or more factors (e.g., password + biometrics). o Something you know: Password or PIN. o Something you have: Token or smart card. o Something you are: Biometrics (e.g., fingerprint, face recognition). Tokens is used to provide their identity and authenticate to a system or application. Tokens for Authentication Soft Token - Digital authentication stored on a device (e.g., smartphone apps). Hard Token - Physical token that stores credentials on hardened dedicated devices to authenticate an identity e.g., smart card, key fob). Biometrics involves data that is unique to the individual and is difficult to counterfeit. Examples: Fingerprint scanning, facial recognition, iris scanning.

Information Assurance and Security Lesson 1-3 PDF

Document Details

Tags

Related

Summary

Full Transcript