IT Security Chain

IT Security Chain has three components:

1. Network Security
2. Internet Security
3. Endpoint Security

*Internet and endpoint security are already

discussed in Chapter 2
First, what is a network?
A network consists of two or more
computers that are linked in order to share
resources such as printers and data server,
exchange files, or allow electronic
communications.
What is a Network?
The computers on a network may be linked
through cables, telephone lines, radio waves,
satellites, or infrared light beams.
What is a Network?
We have already discussed yung mga
network devices na necessary to run a
network such as switch, router, and modem.
What is a Network?
Napag-aralan na din natin yung mga
examples ng local area network (LAN) such
as LAN sa computer lab and internet shop.
What is a Network?
There is another type ng network which is
WAN (Wide Area Network). As the name
suggest, WAN refers to a wider version ng
LAN.
What is a Network?
Network din sya pero it covers a large area
such as a city. Yung internet actually WAN
din sya. Internet yung pinakamalawak na
example ng WAN.
So what is network security?
Network security is anything you do to
protect your network, including both
hardware and software.
 API security is an overarching
term referring to practices
API and products that prevent
Security malicious attacks on or
misuse of APIs.

One way to protect your

network is through Application
Program Interfaces (API)
 API
Security

Example ng API is yung mga

interface na ginagamit natin to
use or access applications such
as Facebook and Chrome.
APIs have become the API Security
key to programming
web-based interactions.

API yung tinatarget ng mga

hackers para makapasok sa
system.
Kaya nanjan si multi-factor API Security
authentication (MFA) to
prevent these attacks.

Example ng MFA is yung

paggamit ng one-time
password (OTP) na sent
through text or e-mail
before mo ma-access yung
isang account.

Security
Engineering
▪ Vulnerability Assessment
▪ Penetration Testing
▪ Network Intrusion Detection
System (NIDS)
Security engineering is the
practice of protecting against
threats by building networks to
be safe, dependable, and secure
against malicious attacks.
Penetration Testing is
yung ita-try i-hack yung
system para malaman
kung gaano ka-effective
yung security.
Password Salt and Peppering
▪ Adding a “salt” or random
data to a password makes
common passwords less
common.
▪ A “pepper” is also a
random value attached to
the password, which is
helpful in slowing hackers
down.
Password Salt and Peppering
▪ For example ang gusto mong password is
“apple.”
▪ Syempre very common sya, madaling
mahulaan ng mga password cracking
software.
▪ To make it more secure, pwede mo syang
lagyan ng “salt” like gawin mo syang:
@ppl3
▪ Tapos pwede mo pa syang dagdagan ng
“pepper” like pwede mo syang lagyan ng
random number: @ppl39741
Virtual Private Network (VPN)
▪ An encrypted connection
over the Internet from a
device to a network.
▪ The encrypted connection
helps ensure that sensitive
data is safely transmitted.
Virtual Private Network (VPN)
▪ VPNs are great to masked yourself in the
internet.
▪ Some even use VPN as a disguise like when
gusto mong maaccess yung isang website
or app pero naka-block sya sa country mo
▪ Like when binlock ng India ang maraming
apps from China
▪ Just be careful lang dahil baka nirerecord
na ng VPN provider mo yung ilang
confidential information mo
Application Whitelisting
▪ Prevents unauthorized apps from
running on a computer

Firewalls
▪ Block unauthorized access to a
network or data interceptions

Honeypots
▪ Decoy databases that attract
hackers but do not house any
important information.
Application Whitelisting
▪ Example nito is when naka-block
ang mga social media, gaming,
and other leisure apps and
websites sa university or office
computers.
▪ Others naman is bawal ka mag-
install ng program para
maprotektahan yung computer
from malwares.
Antivirus Software
▪ A program or set of programs
that are designed to prevent,
search for, detect, and remove
software viruses, and other
malicious software.
Encryption
▪ Decoding data, in transit or at
rest, including end-to-end
encryption often used in
messaging apps and platforms
that only allows encrypted
messages to be read by sender
and receiver.
Malwares
▪ Short for malicious software
▪ Malware is any piece of
software that was written with
the intent of damaging devices,
stealing data, and generally
causing a mess. Malwares
Virus
▪ Infects files then replicates to
infect other files
▪ Can spread uncontrollably,
damaging a system’s core
functionality by deleting or
corrupting files. Examples of Malware
▪ Usually appear as an executable
file (.exe)
Worms
▪ Acts like a virus
▪ But viruses needed a “trigger”
to start infecting such as when a
person opens an exe file of a
virus
▪ Worms can self-replicate as soon
Examples of Malware
as they have breached the
system without a trigger
Trojans
▪ Disguises itself as legitimate
software or is hidden in
legitimate software that has
been tampered with.
▪ Acts unnoticeably and create
backdoors in your security to let Examples of Malware
other malware in.
Spyware
▪ Designed to spy on you
▪ Hides in the background
▪ Records what you do online,
including passwords, credit card
numbers, surfing habits, etc.
Examples of Malware
Ransomware
▪ Typically locks down your
computer and your files or a
website and threatens to erase
everything unless you pay a
ransom.
Examples of Malware
Adware
▪ Not always malicious in nature
▪ But aggressive advertising
software can destabilize your
security just to serve you ads
which can give other malware an
easy way in. Examples of Malware
▪ Plus pop-ups are really annoying.
Botnets
▪ Networks of infected computers
that are made to work together
under the control of an attacker

Examples of Malware
 IT Disaster
Recovery Plan
IT Disaster Recovery Plan
▪ A critical process that can help
an organization survive and
recover in case of disaster –
whether a natural disaster,
accidental data loss, or
malicious cyberattack.
▪ The typical structure of this plan
is shown on the next pages.
What does the organization
aims to achieve?
▪ Target Recovery Time
▪ Maximum downtime
allowed for each critical
system Goals
▪ Maximum amount of
acceptable data loss
Who is responsible for
executing the plan?
Personnel
 List hardware and
software assets, their
criticality, and whether
they are leased, owned, IT inventory
or used a service
How and where (exactly on
which devices and in which
folders) each data resource Backup
is backed up, and how to Procedures
recover from backup.
 Emergency response to
minimize damages, last-
minute backups, mitigation, Recovery
and eradication (for Procedures
cybersecurity threats).
▪ A robust plan should
include a hot disaster
recovery site – an
alternative data center in a
remote location that has all
critical systems, with data
Recovery
replicated or frequently Sites
backed up to them.
▪ Operations can be switched
over to the hot site when
disaster strikes.
Procedures for recovering from
complete systems loss to full
operations Restoration