CPT 123 Internet Skills Class Notes Internet Security Session B.

Slides:



Advertisements
Similar presentations
FIREWALLS Chapter 11.
Advertisements

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
4/15: Security & Controls in IS Systems Vulnerabilities Controls: what to use to guard against vulnerabilities –General controls –Application controls.
—On War, Carl Von Clausewitz
Chapter 11 Firewalls.
Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 - Control in Computerized Environment ATG 383 – Spring 2002.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Payment Card Industry (PCI) Data Security Standard
Firewall Slides by John Rouda
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Securing Information Systems
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Intranet, Extranet, Firewall. Intranet and Extranet.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
CPT 499 Internet Skills for Educators. Internet Security Why security Server software security problems Server software security solutions Security Policies.
BUSINESS B1 Information Security.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Today’s Lecture Covers < Chapter 6 - IS Security
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
CPT 123 Internet Skills Class Notes Internet Security Session A.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Information Systems Security
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Note1 (Admi1) Overview of administering security.
SESSION 14 INFORMATION SYSTEMS SECURITY AND CONTROL.
Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.
1.1 1 Purpose of firewall : –Control access to or from a protected network; –Implements network access policy connections pass through firewall and are.
IT in Business Issues in Information Technology Lecture – 13.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Network Security & Accounting
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Information Systems Design and Development Security Precautions Computing Science.
Chapter 40 Internet Security.
Working at a Small-to-Medium Business or ISP – Chapter 8
Computer Data Security & Privacy
Chapter 17 Risks, Security and Disaster Recovery
UNIT 19 Data Security 2.
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Network Security: IP Spoofing and Firewall
INFORMATION SYSTEMS SECURITY and CONTROL
Presentation transcript:

CPT 123 Internet Skills Class Notes Internet Security Session B

Internet Security Policy A security policy is a set of enforced rules and behaviors that applies to people and systems Policies should be considered by all Internet users Single-user computers Large Organizational LANs

Internet Security Policy Security policies vary according to type of user organizations Some organizations have unrestricted access policies Other organizations have very restrictive policies

Internet Security Policy Single user should be aware that the system is secure if no Internet server applications are loaded Most Internet Service provider’s have extensive security policies and are capable of serving data without exposure

Internet Security Policy If service provider provides server applications, single user preserves the security level of client computer Thus security for single user not necessary For organization password policies and security standards are necessary

Internet Security Policy Commonly used security policies Least restrictive policy - permit all users to access all resources - used for years on the Internet - can be disastrous - mainly academic or scientific communities

Internet Security Policy Trusted access requires password access and authentication for every resource - requires careful design and time to implement - requires encrypted verification and passwords for all inbound and outbound traffic - purpose to ensure information not transmitted to or from an unsecured location

Internet Security Policy No access - defeats the purpose of Internet attachment - organizations not attached to the Internet by default implement this policy - several commercial organizations are not connected to the Internet

Internet Security Policy Commercial organizations, government agencies, and military establishments need a highly structured security policy Academic and scientific communities need cautious policies Single users need to think about the policy they want to follow

Internet Security Policy Every organization has more than one exposure point concerning security if the are connected to the Internet Organizations need to determine exposure points and establish these areas as the focus of security policy

Internet Security Policy Typical areas of focus Network security - the goal is to prevent any unauthorized entry into the system Physical protection of hardware - the goal is to physically secure computers and develop a tracking system for equipment assigned to individuals within the organization

Internet Security Policy Access rules and regulations - establish who may and may not enter specified areas of the computer network Virus protection - includes methods for keeping the protection against the latest viruses up-to-date

Internet Security Policy Disaster recovery - requires planning for major shutdowns or loss of computer capability or file storage due to extended power outages, severe weather such as floods, tornadoes, and earthquakes Backup plans - the goal is to preserve critical information

Internet Security Policy Steps in developing a security policy determine what needs protection determine who should and should not have access to protected areas and at what level determine how protection will occur draft and approve a policy implement a policy maintain and update the policy

Internet Security Policy Security is the act of protecting computer resources and data from unwanted access and use Security risks come mainly from inside organizations but can also come from Internaut hackers, crackers, and attackers

Internet Security Policy In addition to system Internaut attackers, computer systems need protection from viruses Viruses rob computer resources and destroy valuable data

Internet Security Policy Methods of protecting involve the use of firewalls, user identification and authentication, and encryption Firewalls establish barriers to system entry from inside as well as outside Firewalls can be broken down into three generations of firewalls

Internet Security Policy Packet-filtering systems Bastion hosts Proxy gateways and stateful inspection Identification and authentication identification is the process of obtaining information from the user to determine authorization

Internet Security Policy Authentication is the process of the system establishing the identity of users asking for entry into the system Passwords, user Ids are identification techniques Smart cards and biometrics are authentication techniques Digital Ids or certificates us both techniques

Internet Security Policy Encryption uses a mathematical formula to code or scramble data for transmission over the Internet Receiving end decodes using a “key” that solves the mathematical problem and reassembles the message

Internet Security Policy Virus protection uses special software designed to detect and protect a computer system from viruses New viruses develop daily so organizations must continually monitor new viruses and adapt the virus protection software to keep pace

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.