* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download SetNo11
Multilevel security wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Cyberwarfare wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Unix security wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Distributed firewall wikipedia , lookup
Cyberattack wikipedia , lookup
Airport security wikipedia , lookup
Wireless security wikipedia , lookup
Information security wikipedia , lookup
Mobile security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Security-focused operating system wikipedia , lookup
Social engineering (security) wikipedia , lookup
Security+ Guide to Network Security Fundamentals Chapter 1 المدرس  :اياس القواسمة البريد االلكتروني [email protected] : الهاتف 0564569838: رقم المكتب2152 : Learning Objectives     Understand network security Understand security threat trends and their ramifications Understand the goals of network security Determine the factors involved in a secure network strategy Understanding Network Security  Network security   Process by which digital information assets are protected Goals    Maintain integrity Protect confidentiality Assure availability Understanding Network Security  Security ensures that users:    Perform only tasks they are authorized to do Obtain only information they are authorized to have Cannot cause damage to data, applications, or operating environment Security Threats    Identity theft Privacy concerns Wireless access To Offset Security Threats  Integrity   Confidentiality   Assurance that data is not altered or destroyed in an unauthorized manner Protection of data from unauthorized disclosure to a third party Availability  Continuous operation of computing systems Quiz: Give real example for each information Security principles ? • Examples of Information Security Fundamental Principles: – – – Confidentiality: Exam questions prior to exam must hidden from students. Integrity: Students grades must not be modified by students. Availability: Student schedules system must be online and available during the beginning of the semester. Information Security Layers Security Vulnerabilities for Sale  Anyone can buy attack tools to take over computers Examples of Security Breaches Difficulties in Defending against Attacks Information Security Terminology  Asset   Threat   Something that has a value An event or object that may defeat the security measures in place and result in a loss Threat agent  A person or thing that has the power to carry out a threat Information Security Terminology  Vulnerability   Exploit   Weakness that allows a threat agent to bypass security Takes advantage of a vulnerability Risk   The likelihood that a threat agent will exploit a vulnerability Realistically, risk cannot ever be entirely eliminated Information Security Terminology (continued) Information Security Terminology (continued) Security Ramifications: Costs of Intrusion  Causes of network security threats 1. 2. 3. 4. Technology weaknesses Configuration weaknesses Policy weaknesses Human error  Ramifications: تشعبات 1-Technology Weaknesses    TCP/IP Operating systems Network equipment 2-Configuration Weaknesses         Unsecured accounts System accounts with easily guessed passwords Mis-configured Internet services Unsecured default settings Mis-configured network equipment Trojan horse programs Vandals ( )المخربين Viruses 3- Policy Weaknesses        Lack of a written security policy Politics High turnover Concise access controls not applied Software and hardware installation and changes do not follow policy Proper security Nonexistent disaster recovery plan 4- Human Error         Accident Ignorance Workload Dishonesty Impersonation ( )التمثيل Disgruntled employees ( )الموظفين الساخطين Snoops ( )يتطفل Denial-of-service attacks Goals of Network Security  Achieve the state where any action that is not expressly permitted is prohibited     Eliminate theft Determine authentication Identify assumptions Control secrets Creating a Secure Network Strategy    Address both internal and external threats Define policies and procedures Reduce risk across across perimeter security, the Internet, intranets, and LANs Creating a Secure Network Strategy     Human factors Know your weaknesses Limit access Achieve security through persistence    Develop change management process Remember physical security Perimeter ( )محيطsecurity  Control access to critical network applications, data, and services Creating a Secure Network Strategy  Firewalls      Prevent unauthorized access to or from private network Create protective layer between network and outside world Replicate network at point of entry in order to receive and transmit authorized data Have built-in filters Log attempted intrusions and create reports Creating a Secure Network Strategy   Web and file servers Access control  Ensures that only legitimate traffic is allowed into or out of the network    Passwords PINs Smartcards Creating a Secure Network Strategy  Change management   Document changes to all areas of IT infrastructure Encryption  Ensures messages cannot be intercepted or read by anyone other than the intended person(s) Creating a Secure Network Strategy  Intrusion detection system (IDS)    Provides 24/7 network surveillance Analyzes packet data streams within the network Searches for unauthorized activity Simplicity     Information security is by its very nature complex Complex security systems can be hard to understand, troubleshoot, and feel secure about As much as possible, a secure system should be simple for those on the inside to understand and use Complex security schemes are often compromised to make them easier for trusted users to work with  Keeping a system simple from the inside but complex on the outside can sometimes be difficult but reaps a major benefit Who Are the Attackers?  The types of people behind computer attacks are generally divided into several categories       Hackers Script kiddies Spies Employees Cybercriminals Cyberterrorists The NSA Hacker   Gary McKinnon hacked into NASA and the US Military He was looking for evidence about UFOs Hackers  Hacker   Although breaking into another person’s computer system is illegal   Anyone who illegally breaks into or attempts to break into a computer system Some hackers believe it is ethical as long as they do not commit theft, vandalism, or breach any confidentiality Ethical Hacker  Has permission from the owner to test security of computers by attacking them Script Kiddies   Unskilled users Download automated hacking software (scripts) from Web sites and use it to break into computers  Image from ning.com Spies  Computer spy   A person who has been hired to break into a computer and steal information Excellent computer skills Employees   The largest information security threat Motives     An employee might want to show the company a weakness in their security Disgruntled employees may be intent on retaliating against the company Industrial espionage Blackmailing Cybercriminals     A loose-knit network of attackers, identity thieves, and financial fraudsters More highly motivated, less risk-averse, better funded, and more tenacious than hackers Many security experts believe that cybercriminals belong to organized gangs of young and mostly Eastern European attackers Cybercriminals have a more focused goal that can be summed up in a single word: money Cybercriminals  Cybercrime   Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information Financial cybercrime is often divided into two categories   Trafficking in stolen credit card numbers and financial information Using spam to commit fraud Cyberterrorists   Their motivation may be defined as ideology, or attacking for the sake of their principles or beliefs Goals of a cyberattack:    To deface electronic information and spread misinformation and propaganda To deny service to legitimate computer users To commit unauthorized intrusions into systems and networks that result in critical infrastructure outages and corruption of vital data Security Tradeoffs Security COST Ease of use Functionality Steps of an Attack  The five steps that make up an attack      Probe for information Penetrate any defenses Modify security settings Circulate to other systems Paralyze networks and devices Defenses against Attacks   Although multiple defenses may be necessary to withstand an attack These defenses should be based on five fundamental security principles:      Layering Limiting Diversity Obscurity Simplicity Layering   Information security must be created in layers One defense mechanism may be relatively easy for an attacker to circumvent    Instead, a security system must have layers, making it unlikely that an attacker has the tools and skills to break through all the layers of defenses A layered approach can also be useful in resisting a variety of attacks Layered security provides the most comprehensive protection Limiting   Limiting access to information reduces the threat against it Only those who must use data should have access to it   In addition, the amount of access granted to someone should be limited to what that person needs to know Some ways to limit access are technologybased, while others are procedural Diversity  Layers must be different (diverse)   If attackers penetrate one layer, they cannot use the same techniques to break through all other layers Using diverse layers of defense means that breaching one security layer does not compromise the whole system Obscurity الغموض INFORMATION SECURITY CAREERS AND THE SECURITY+ CERTIFICATION Surveying Information Security Careers and the Security+ Certification  Today, businesses and organizations require employees and even prospective applicants   To demonstrate that they are familiar with computer security practices Many organizations use the CompTIA Security+ certification to verify security competency CompTIA Security+ Certification   The CompTIA Security+ (2008 Edition) Certification is the premiere vendor-neutral credential The Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge   Used by organizations and security professionals around the world The skills and knowledge measured by the Security+ exam are derived from an industrywide Job Task Analysis (JTA) CompTIA Security+ Certification (continued)  The six domains covered by the Security+ exam:  Systems Security, Network Infrastructure, Access Control, Assessments and Audits, Cryptography, and Organizational Security Quiz: What Information security protect ? • Information Security protects – – – the integrity, confidentiality, and availability of information on the devices which store, manipulate, and transmit the information through products, people and procedures
 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                            