IS Network and Telecommunications Risks Chapter Six.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Ethics, Privacy and Information Security
Protection of Information Assets I. Joko Dewanto 1.
Crime and Security in the Networked Economy Part 4.
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
1 Agendas Chapter 5 (Recap) Chapters 6 – Diverse IT Infrastructures Case – The iPremier Company: Denial of Service Attack.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Network Security Overview Tales from the trenches.
1 Packet Sniffers Prepared By: Amer Alhorini Supervised By: Dr. Lo'ai Tawalbeh NYIT New York Institute of Technology.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
Telecommunications and Networks Business value of networks Network components Chapter 6 McGraw-Hill/Irwin Copyright © 2007 by The McGraw-Hill Companies,
Lecture 11 Reliability and Security in IT infrastructure.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
E-Commerce Security and Fraud Issues and Protections
Controls for Information Security
Payment Card Industry (PCI) Data Security Standard
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Securing Information Systems
SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
Computer Crime and Information Technology Security
Defining Security Issues
1 Chapter Six IT Networks and Telecommunications Risks.
The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Web-based E-commerce Architecture
C8- Securing Information Systems
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Networking and Security Issues in Digital Library Dr. R. Radhakrishna Pillai IIM Kozhikode.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Completing network setup. INTRODUCTION Course Overview Course Objectives.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
Module 11: Designing Security for Network Perimeters.
NETWORK INFRASTRUCTURE SECURITY Domain 5. Computer Security “in short, the average computer is about as secure as a wet paper bag, and it is one of the.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Communications and Networks Chapter 9 9-1Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Securing Interconnect Networks By: Bryan Roberts.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Securing Information Systems
CompTIA Security+ Study Guide (SY0-401)
ISSeG Integrated Site Security for Grids WP2 - Methodology
Critical Security Controls
Securing Information Systems
CompTIA Security+ Study Guide (SY0-401)
Firewalls Routers, Switches, Hubs VPNs
Chapter 9 E-Commerce Security and Fraud Protection
Contact Center Security Strategies
Networking for Home and Small Businesses – Chapter 8
Security week 1 Introductions Class website Syllabus review
PLANNING A SECURE BASELINE INSTALLATION
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Presentation transcript:

IS Network and Telecommunications Risks Chapter Six

Network Components Computers and terminals Computers processed data in a networked telecommunication system Networked computers send and receive data from terminals Telecommunications channels – physical and wireless Telecommunications processors Routers and switching devices

Network Types Local versus wide area networks Internet, intranet, extranet Virtual private networks (VPN) Client/server networks

Network Configuration Types Star-shaped – centralized Ring – decentralized Bus - decentralized

Network Protocols and Software Open Systems Interconnect (OSI) model – a standard architecture for networking that allows different computers to communicate across networks Network and telecommuncations software – network OS, networks management software, middleware, web browsers, software

IS Network and Telecommunications Risks Social Engineering Physical Infrastructure Threats – the elements, natural disasters, power supply, intentional human attacks Programmed Threats – viruses, worms, Trojan horses, hoaxes, blended threats Denial of Service Attacks Software Vulnerabilities

Social Engineering Techniques Familiarity exploit Gathering and using information Phishing Tailgating Quid pro quo

Sample Scenario In one penetration test, Nickerson used current events, public information available on social network sites, and a $4 Cisco shirt he purchased at a thrift store to prepare for his illegal entry. The shirt helped him convince building reception and other employees that he was a Cisco employee on a technical support visit. Once inside, he was able to give his other team members illegal entry as well. He also managed to drop several malware-laden USBs and hack into the company's network, all within sight of other employees. Source: basics

Countermeasures Personnel training Awareness program Establish security protocols

IS Network and Telecommunications Security Network security administration Authentication Encryption – secret key and public key Firewalls – packet filtering and stateful inspection Intrusion Detection Systems Penetration Testing – war dialing, port scanning, sniffers, password crackers

Auditing Network Security Risk assessment and best practices Benchmark tools IT audit programs for network security

Security Service Comparison Evaluation against policy and security baseline Regulatory / industry compliance, e.g. SOX Evaluation against standards such as NIST800/ISO27002 Governance Framework – COBIT/COSO

Testing Security Controls Risk assessment Policy assessment Social Engineering Security Design review Security process review Document review Technology review

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.