1. Intro to Information Security Phil Grimes Coach / Mentor Security Consultant

2. Why Are We here? ● To have fun ● To learn some stuff ​ ● Career path? ● A class about breaking things ● To make the world more secure

3. NOT to be the bad guys! NOT to be the bad guys!

5. Knowledge is power.

6. Level the Playing Field Level the Playing Field Information Technology Information Technology Information Security Information Security Hacker Hacker Attacker Attacker TCP/IP TCP/IP Ports Ports Domain Name Service Domain Name Service Domain Name Resolution Domain Name Resolution Domain names / host names Domain names / host names Web browser Web browser

7. The Info Sec Triad The Info Sec Triad ● Confidentiality Only those who should have access do Only those who should have access do ● Integrity Ensure the data has not been changed Ensure the data has not been changed ● Availability Data is accessible when needed Data is accessible when needed

8. Confidentiality Confidentiality ● Assurance of data privacy Intended, authorized users have access Intended, authorized users have access ● Disclosure to unauthorized parties Network sniffing Network sniffing ● Cryptographic mechanisms Examples? Examples?

9. Integrity Integrity Data integrity Data integrity Not been altered Not been altered Not been corrupted Not been corrupted Source integrity Source integrity Sender is who they say Sender is who they say Mail spoofing Mail spoofing Example controls Example controls

10. Availability Availability ● Timely, reliable access There when needed There when needed Reasonable rate Reasonable rate ● Robust protocols and operating systems ● Redundant network architectures ● System hardware ● Denial of Service (DoS)

11. Ten Commandments of Computer Ethics 1. Thou shalt not use a computer to harm other people. 2. Thou shalt not interfere with other people's computer work. 3. Thou shalt not snoop around in other people's computer files. 4. Thou shalt not use a computer to steal. 5. Thou shalt not use a computer to bear false witness. 6. Thou shalt not copy or use proprietary software for which you have not paid. 7. Thou shalt not use other people's computer resources without authorization or proper compensation. 8. Thou shalt not appropriate other people's intellectual output. 9. Thou shalt think about the social consequences of the program you are writing or the system you are designing. 10.Thou shalt always use a computer in ways that insure consideration and respect for your fellow humans.

12. More Info Sec Ethics ● Be a Good Online Citizen ● Safer for me, more secure for all: What you do online has the potential to affect everyone – at home, at work and around the world. Practicing good online habits benefits the global digital community. ● Respect other online citizens: Post only about others as you would have them post about you. ● Reference and Acknowledgment: Represent authorship and reference others when using their ideas. ● Help the authorities fight cybercrime: Report stolen finances or identities and other cybercrime.

13. Ew, Homework!?! ● At least one assignment per lesson ● Don't do it, don't compete ● Study groups are GOOD ● I am always accessible ● You only get what you give ● Mediocrity isn't acceptable ● Strive for greatness ● Hack the planet!

14. Q & A // Discussions ● th3grap3ap3@gmail.com ● @grap3_ap3 ● phillipgrimes.com