Scribd
Upload
67 views25 pages

Introduction to Information Security

This document introduces information security concepts. It describes the challenges of securing information due to diverse attacks and evolving threats. Common attackers are identified as hackers, cybercriminals, and insiders. The basic steps of an attack are reconnaissance, weaponization, delivery, exploitation, installation, and achieving objectives. Five fundamental principles of defense are outlined: layering defenses, limiting access, using diverse defenses, obscuring details, and keeping defenses simple.

Uploaded by

Muhammad Goda
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
67 views25 pages

Introduction to Information Security

This document introduces information security concepts. It describes the challenges of securing information due to diverse attacks and evolving threats. Common attackers are identified as hackers, cybercriminals, and insiders. The basic steps of an attack are reconnaissance, weaponization, delivery, exploitation, installation, and achieving objectives. Five fundamental principles of defense are outlined: layering defenses, limiting access, using diverse defenses, obscuring details, and keeping defenses simple.

Uploaded by

Muhammad Goda
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

Lecturer # 1

Chapter 1
Introduction to Security

Security+ Guide to Network Security Fundamentals, FOURTH Edition


and Security Certified, CCNA, security 210-260, 2015
prepared by: Dr. Tahani Allam – 2022-2023
Objectives

• Describe the challenges of securing information


• Define information security and explain why it is
important
• Identify the types of attackers that are common
today
• List the basic steps of an attack
• Describe the five basic principles of defense

Security+ Guide to Network Security Fundamentals 2


Challenges of Securing Information

• Securing information
– No simple solution
– Many different types of attacks
– Defending against attacks often difficult

Security+ Guide to Network Security Fundamentals 3


Today’s Security Attacks

• Examples of popular and recent attacks


– WannaCry ransomware .
– Shamoon malware (first indicator of attack was on
August 2012).
– Data breach (Facebook).
– Taking control of IOT devices and wireless cameras.
– Identity theft.
– Social Engineering (Kevin Mitnick).
– Malware threat is rising.
Security+ Guide to Network Security Fundamentals 4
Difficulties in Defending Against Attacks

• Universally connected devices


• Increased speed of attacks
• Greater sophistication of attacks
• Availability and simplicity of attack tools
• Faster detection of vulnerabilities
• Delays in security updating (patching)
• Weak security update distribution
• Introduction of BYOD
• Distributed attacks
• User confusion

Security+ Guide to Network Security Fundamentals 5


Security+ Guide to Network Security Fundamentals 6
What Is Information Security?

• Before defence is possible, one must understand:


– What information security is
– Why it is important
– Who the attackers are

Security+ Guide to Network Security Fundamentals 7


Defining Information Security

• Security
– The steps we take to protect person or property from
harm
• Harm may be intentional or non-intentional
– Sacrifices convenience for safety
– As security is increased, convenience is often
decreased.
• Information security
– The task of securing information that is in a digital
format.
• The goal is to ensure that protective measures are
properly implemented.
Security+ Guide to Network Security Fundamentals 8
Defining Information Security (cont’d.)
• Three types of information
protection: often called CIA
Triad
– Confidentiality
• Only approved individuals
may access information
– Integrity
• Information is correct and
unaltered
– Availability
• Information is accessible to
authorized users

Security+ Guide to Network Security Fundamentals 9


Defining Information Security (cont’d.)

• Protections implemented to secure information


– Authentication
• Individual is who they claim to be
– Authorization
• Grant ability to access information
– Accounting
• Provides tracking of events

Security+ Guide to Network Security Fundamentals 10


Defining Information Security (cont’d.)

Figure 1-3 Information security components


© Cengage Learning 2012

Security+ Guide to Network Security Fundamentals 11


Defining Information Security (cont’d.)

Table 1-3 Information security layers

Security+ Guide to Network Security Fundamentals 12


Information Security Terminology

• Asset
– Item of value
• Threat
– Actions or events that have potential to cause
harm
• Threat agent
– Person or element with power to carry out a
threat

Security+ Guide to Network Security Fundamentals 13


Information Security Terminology (cont’d.)

• Vulnerability
– Flaw or weakness that allows a threat agent
to bypass security
• Threat likelihood
– Likelihood that threat agent will exploit
vulnerability
• Risk
– A situation that involves exposure to some type
of danger.
Security+ Guide to Network Security Fundamentals 14
Information Security Terminology (cont’d.)

Security+ Guide to Network Security Fundamentals 15


Information Security Terminology (cont’d.)

Security+ Guide to Network Security Fundamentals 16


Table 1-4 Information technology assets

Security+ Guide to Network Security Fundamentals 17


Information Security Terminology
(cont’d.)
• Options to deal with risk
– Risk avoidance
– Acceptance
• Realize there is a chance of loss
– Risk mitigation ‫تخفيف المخاطر‬
• Take precautions.
• Most information security risks should be mitigated.
– Deterrence ‫الردع‬
• Example: logging.
– Transference: transferring the risk to someone else
• Example: purchasing insurance

Security+ Guide to Network Security Fundamentals 18


Who Are the Attackers?
• Categories of attackers
– Hackers (Black hat, White hat/Ethical hackers, Grey hat)
Person who uses computer skills to attack computers
– Cybercriminals
Network of attackers, identity thieves, spammers
– Script kiddies (over 40% of attacks require low or no skills)
– Brokers (e.g. The Shadow Brokers)
– Insiders
Employees, contractors, and business partners
– Cyberterrorists
Motivated by principles or beliefs, usually aim to cause disruption and panic
– Hactivists
The purpose is to make a political statement.
– State-Sponsored Attackers (Cyberwar), e.g. Stuxnet.

Security+ Guide to Network Security Fundamentals 19


Attacks and Defenses

• Wide variety of attacks


– The same basic steps used in attack
• To protect computers against attacks:
– Follow five fundamental security principles

Security+ Guide to Network Security Fundamentals 20


Steps of an Attack

Cyber Kill Chain outlines the steps of an attack:


1. Reconnaissance ‫االستطالع‬- probe for information
about the system: type of hardware or software
used
2. Weaponization - attacker creates an exploit and
packages it into a deliverable payload
3. Delivery - weapon is transmitted to the target
4. Exploitation - after weapon is delivered, the
exploitation stage triggers the intruder’s exploit
5. Installation - the weapon is installed to either attack
the computer or install a remote “backdoor”

Security+ Guide to Network Security Fundamentals 21


Steps of an Attack (cont’d.)
Cyber Kill Chain outlines the steps of an attack:
6. Command and Control - the comprised system
connects back to the attacker so that the
system can be remotely controlled by the
attacker

7. Action on Objectives - now the attackers can


start to take actions to achieve their original
objectives

Security+ Guide to Network Security Fundamentals 22


Security+ Guide to Network Security Fundamentals 23
Defenses Against Attacks
Fundamental security principles for defenses
– Layering
Information security must be created in layers ➔ Single
defense mechanism may be easy to circumvent
– Limiting
Limiting access to information: Reduces the threat against it
– Diversity
Closely related to layering: Layers must be different (diverse)
– Obscurity
Obscuring inside details to outsiders Example: not revealing
details
– Simplicity
Simple from the inside and Complex from the outside
Security+ Guide to Network Security Fundamentals 24
Thanks
Enjoy...

You might also like