Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security fundamentals Topic 1 Addressing security threats and vulnerabilities.

Published byGrant Jacobs Modified over 8 years ago

Similar presentations

Presentation on theme: "Security fundamentals Topic 1 Addressing security threats and vulnerabilities."— Presentation transcript:

1 Security fundamentals Topic 1 Addressing security threats and vulnerabilities

2 Agenda Goals of security Risk assessment Common threats Types of attacks Common defences Security guidelines

3 Goals of security Confidentiality – Ensures that information is accessed only by those who are authorized to do so Integrity – Ensures that the information is modified or deleted only by those who are authorized to do so Availability – Ensures that information and equipment can be used only by those who are authorized to do so C-I-A triad – Trade-offs

4

5 Basic steps of risk assessment 1.Identifying assets, such as computers or data 2.Assigning a value to the assets 3.Assigning a likelihood that an event will occur that could cause loss or damage 4.Assigning values to that risk based on both the possible damage and the likelihood that an event will occur

6 Identifying assets Take an inventory of tangible and intangible assets. Tangible Assets – Physical items that the business owns, IT equipment, network, servers, desktops, applications, databases, procedures Intangible Assets – Goodwill, intellectual property, patents, copyrights, and trademarks, logos, reputation

7 Method Assign a value to the assets: 1.For tangible assets get the initial cost and adjust for depreciation 2.Make an estimate based on market value 3.Estimate of the value of revenue that could be generated from the asset 4.Compare to a similar asset’s value Assign a likelihood that an event will occur that could cause loss or damage: – Use a scale such as high, moderate, low Assign values to a risk based on both the possible damage and the likelihood that an event will occur: – Prioritise your risks

8 Key security terms 1.Risk 2.Threat 3.Vulnerability 4.Risk acceptance 5.Risk transfer 6.Risk avoidance 7.Risk mitigation

9 Risk management Identify the risks – List assets – Assign value to assets – Likelihood of damage – Assign priority Identify threats Identify vulnerabilities – Where are the weaknesses? Minimise risk – Minimise weakness by taking preventative steps Review

10 Identifying threats Disasters Natural disasters – eg flood, earthquake, fire Man made disasters – eg arson, loss of power Mishap – eg accidental deletion of data, misconfiguration Threats from attack – An attempt to bypass security controls – To defend from these threats you must understand the technology How severe will the impact be? What is the likelihood of the event happening?

11 Threats from attack Specific to business – DoS attack on the company Web Server Threats that are not directed – DDoS Widely known threats – worms, viruses External threats – originates from outside the company (not the network) Internal threats – originates from within the company (eg technically savvy users)

12 Intrusion points Physical access points – Access to the media (cable, devices, storage) – Security guards and locks and cameras Access points via the network – Wireless – Dial-in via phone lines – Hacking through security controls – Internet Data disposal – Printed material – Laptops and hard drives

13 Attack sources It is your responsibility to both defend against possible attacks and detect successful attacks. White hats: ethical security experts looking for vulnerabilities Black hats: hackers/crackers – Expert: finding areas of weakness – Intermediate: programmers creating exploits from the vulnerabilities – Novice: script kiddies – What motivates them?

14 Identifying attacks Scanning – Ping and port scans – is there an IP and an open port? Fingerprinting – What OS, applications and services are running, what versions and protocols? Denial of Service (DoS) – Shutting down or overloading a service so it becomes unavailable Spoofing – Disguising the source (IP, email or others)

15 Identifying attacks Source routing – Route is specified in packet header and bypasses controls Man-in-middle – Messages are intercepted and reviewed or altered before being sent on to destination Back door – Unknown and undocumented way to access a program or system Left in by developers Installed by hackers

16 Identifying attacks Password guessing – Default passwords – Blank passwords – Easy to guess passwords – Short passwords – Common words – Automated scripts to find password hashes – Dictionary attack – Brute force attack

17 Identifying attacks Replay attack – Intercepting and recording a connection setup and replaying at a later time to gain authorised access Encryption breaking – Breaking the encryption algorithm or guessing the key used by the algorithm Hijacking – Taking over an existing connection- sending packets as if from source Malicious code – Viruses, worms and trojans

18 Identifying attacks Software exploitation – Buffer overflow attack – Cross site scripting – inserting malicious HTTP code on a webpage Social engineering – Manipulating people by exploiting their ignorance, fears or willingness to help – Impersonation, piggybacking entry into restricted areas – This is the most difficult to prevent

19 Defending against threats Defence in depth Must include multiple elements Layered defence Hacker must overcome multiple defence checks Each defence check is monitored and alarmed

20 Defending against threats Secure the network infrastructure – Network Access Control – Secure Communications Protocols – System hardening – systems, applications and resources (files and databases) Authenticating users – Passwords – Biometrics – Certificates – Tokens – Smart Cards Auditing – Monitoring operations – intrusion detection, logs

21 Basic security guidelines Physical security – Locks, facility access controls, surveillance – Circumvention threats, using bootable media to access hard drives, key loggers Trust – Trusting administrators – Trusting certificates – Servers trusting servers Privilege levels – Principle of least privilege – Standard, admin and root accounts

22 Maintaining documentation Document all procedures related to systems security: – Planning – Policies – Configurations – Monitoring and reporting – Archiving

23 Lesson summary Addressing security threats and vulnerabilities – Goals of security – Risks, threats and vulnerabilities – Risk assessment – Common threats – Types of attacks – Common defences – Basic security guidelines

Download ppt "Security fundamentals Topic 1 Addressing security threats and vulnerabilities."

Similar presentations

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.

OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Introducing Computer and Network Security

Introducing Computer and Network Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Similar presentations

Ads by Google