Upload
conan
View
33
Download
1
Embed Size (px)
DESCRIPTION
Plug-in B6. INFORMATION SECURITY. THE FIRST LINE OF DEFENSE - PEOPLE. Organizations must enable employees, customers, and partners to access information electronically The biggest issue surrounding information security is not a technical issue, but a _______ issue - PowerPoint PPT Presentation
Citation preview
INFORMATION SECURITY
Plug-in B6
THE FIRST LINE OF DEFENSE - PEOPLE
Organizations must enable employees, customers, and partners to access information electronically
The biggest issue surrounding information security is not a technical issue, but a _______ issue
___% of security incidents originate within the organization Insiders – legitimate users who purposely
or accidentally misuse their access to the environment and cause some kind of business-affecting incident
THE FIRST LINE OF DEFENSE - PEOPLE
The first line of defense an organization should follow to help combat insider issues is to develop information security _______ and an information security _____ Information security policies – identify the
rules required to maintain information security
Information security plan – details how an organization will __________ the information security policies
THE FIRST LINE OF DEFENSE - PEOPLE
Hackers frequently use “_______ engineering” to obtain password
Social engineering – using one’s social skills to trick people into revealing access credentials or other information valuable to the attacker
THE FIRST LINE OF DEFENSE - PEOPLE
Five steps to creating an information security plan:
1. Develop the information security policies2. ____________ the information security
policies3. Identify critical information assets and risks4. Test and reevaluate risks5. Obtain ___________ support
Person, group, or organization that has direct or indirect stake in an organization because it can affect or be affected by the organization's actions, objectives, and policies.
THE SECOND LINE OF DEFENSE - TECHNOLOGY
There are three primary information technology security areas
1. Authentication and authorization2. Prevention and resistance3. Detection and response
Authentication and Authorization
Authentication – a method for confirming users’ __________
Authorization – giving someone _________ to do or have something
The most secure type of authentication involves:
1. Something the user knows such as a user ID and password
2. Something the user has such as a smart card or token
3. Something that is part of the user such as a fingerprint or voice signature
Something the User Knows
This is the most common way to identify individual users and typically contains a user ID and a password
This is also the most _________ form of authentication
Over ____ percent of help-desk calls are password related
Something the User Knows
Identity theft – a crime used to refer to ______ that involves someone pretending to be someone else in order to steal money or get other benefits.
Phishing – The act of sending an ______ to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft
Something the User Knows
Smart cards and tokens are more effective than a user ID and a password
Tokens – may be a _________ device that an authorized user of computer services is given to ease authentication.
Smart card – a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited ___________
Something That Is Part Of The User
This is by far the best and most effective way to manage authentication
Biometrics – technologies that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for ____________ purposes.
Unfortunately, this method can be costly and intrusive
Prevention and Resistance
Downtime can cost an organization anywhere from $100 to $1 million per hour
Technologies available to help prevent and build resistance to attacks include:
1. Content filtering2. Encryption3. Firewalls
Content Filtering
Organizations can use content filtering technologies to prevent e-mails containing sensitive information from transmitting and stop spam and viruses from spreading.
Content filtering –using software that filters content to prevent the transmission of unauthorized information
Spam – the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages
Corporate losses caused by spam (_______ $)
Encryption
If there is an information security breach and the information was encrypted, the person stealing the information would be unable to read it
Encryption – the process of transforming information using an _________ (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key
Public key encryption (PKE) – an encryption system that uses two keys: a public key for everyone and a private key for the recipient
Firewalls
One of the most common defenses for preventing a security breach is a firewall
Firewall – hardware and/or software that guards a private network by analyzing the information leaving and entering the network
Detection and Response
Antivirus software is the most common type of detection and response technology
Hacker - people very knowledgeable about computers who use their knowledge to invade other people’s computers
White-hat hacker Black-hat hacker Hactivist Script kiddies or script bunnies Cracker Cyber terrorist
Detection and Response
Virus - software written with malicious intent to cause annoyance or damage
Worm: spreads itself among files & computers Denial-of-service attack (DoS): flooding web
sites Distributed denial-of-service attack (DDoS):
attacks from multiple computers Trojan-horse: hides inside other software Backdoor program: open a way for future
attack Polymorphic virus and worm: change their
form as they propagate
Detection and Response
Security threats to e-business include: Elevation of privilege Hoaxes Malicious code Spoofing Spyware Sniffer Packet tampering