Download Web server software

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
Document related concepts

Unix security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Transcript 
Introduction to
Systems Security
(January 11, 2016)
© Abdou Illia – Spring 2016
Learning Objectives
 Discuss state of security threats in the U.S.
 Discuss how to manage info security

Plan-Protect-Respond cycle

People-Technology-Policy approach
2
Preventing Security Threats
What can you do, as a user of a
computer connected to the
Internet or as a business having
a network that is connected to
the Internet, to prevent security
threats/attacks from occurring?
3
Preventing Security Threats

Use anti-virus software

Use software firewall

Use hardware/appliance firewall

Use Intrusion Defense Systems

Use Intrusion Prevention Systems

Install OS updates

Install applications’ updates

Not open file attachments from unknown sources

Not click URL in emails from unknown sources

Social engineering tests/Mock phishing schemes

Awareness training

Acceptable computer use policy

Password policy

Etc.
4
Countermeasures
 Tools used to thwart attacks
 Also called safeguards, protections, and controls
 Types of countermeasures

Preventative

Detective

Corrective
 Question: Match each of the countermeasures
from the previous slide with its type.
5
The Plan-Protect-Respond cycle
Figure 2-6
Dominates security management thinking
6
6
How is the book organized?
7
2012/2013 CSI Security Report
Survey Summary online
 Survey conducted by the Computer Security
Institute (http://www.gocsi.com).
 Copy of Survey report on course web site
8
9
Types of attacks: by % of respondents
10
2013 CSI Report (cont.)
11
CSI Survey (cont.)
12
13
Satisfaction with Security Technology (cont.)
14
15
Types of Technology Used (cont.)
16
2014 Sophos Security Threat Report
 Malware* hosted on websites
17
* Malicious software
2014 Sophos Security Threat Report
 Malware hosting countries
18
2014 Sophos Security Threat Report
 Web server’s software affected
Web server software
Apache IIS SunONE
Operating System
Computer hardware
RAM chip
HD
Processor
Web server computer
 As of March 2014 Apache served 58% of all web servers
 Apache available for Microsoft Windows, Novell NetWare and Unix-like OS
19
Summary Questions
1.
What is Plan-Protect-Respond? How important is it
for information security?
2.
What is PTP?
3.
What does malware refer to?
4.
Systems running Microsoft operating systems are
more likely to be attacked than others.
T
F
5.
With Windows OS, you can use IIS or another web
server software like Apache.
T
F
6.
What web server software is most affected by web
threats today?
20
Related documents
A. Explain the nature of marketing plans. B. Explain the role
A. Explain the nature of marketing plans. B. Explain the role
A. Explain the nature of marketing plans. B. Explain the role of
A. Explain the nature of marketing plans. B. Explain the role of
Upstream Intelligence - Indiana University of Pennsylvania
Upstream Intelligence - Indiana University of Pennsylvania
Security Standards and Threat Evaluation
Security Standards and Threat Evaluation
Customer markets
Customer markets
Slayt 1
Slayt 1
Testimony - American Security Project
Testimony - American Security Project
jones, c - Computer Science
jones, c - Computer Science
Emerging Threats to Business Security
Emerging Threats to Business Security
Managing Security Events 101
Managing Security Events 101
the Presentation
the Presentation
Introduction - Northern Kentucky University
Introduction - Northern Kentucky University
3 - School-Portal.co.uk
3 - School-Portal.co.uk
Introduction to Information Security Chapter N
Introduction to Information Security Chapter N
File
File
file - Conservation Gateway
file - Conservation Gateway
Why Cryptography is Harder Than It Looks
Why Cryptography is Harder Than It Looks
E-Commerce and Bank Security
E-Commerce and Bank Security
chap16
chap16
NITC yearly Work Plan FY2065/66
NITC yearly Work Plan FY2065/66
Overview of Database Security
Overview of Database Security
slides - University of Cambridge Computer Laboratory
slides - University of Cambridge Computer Laboratory