1.

Introduction to Information
Security
Security+ Guide to Network Security Fundamentals
 Objectives

• Describe the challenges of securing information

• Define information security and explain why it is
important
• Identify the types of attackers that are common
today
• List the basic steps of an attack
• Describe the five basic principles of defense

Security+ Guide to Network Security Fundamentals 2

 Challenges of Securing Information

• Securing information
– No simple solution
– Many different types of attacks
– Defending against attacks often difficult

Security+ Guide to Network Security Fundamentals 3

 Today’s Security Attacks

• Examples of popular and recent attacks

– WannaCry ransomware that infected the NHS and
other organisations across the globe.
– Shamoon malware (first indicator of attack was on
August 2012).
– Data breach (Facebook).
– Taking control of IOT devices and wireless cameras.
– Identity theft.
– Social Engineering (Kevin Mitnick)
– Malware threat is rising (variants released monthly
could be as high as 96.1)[symantec July 2017]

Security+ Guide to Network Security Fundamentals 4

 Difficulties in Defending Against Attacks

• Universally connected devices

• Increased speed of attacks
• Greater sophistication of attacks
• Availability and simplicity of attack tools
• Faster detection of vulnerabilities
• Delays in security updating (patching)
• Weak security update distribution
• Introduction of BYOD
• Distributed attacks
• User confusion

Security+ Guide to Network Security Fundamentals 5

Security+ Guide to Network Security Fundamentals 6
 What Is Information Security?

• Before defence is possible, one must understand:

– What information security is
– Why it is important
– Who the attackers are

Security+ Guide to Network Security Fundamentals 7

 Defining Information Security

• Security
– The steps we take to protect person or property from
harm
• Harm may be intentional or non-intentional
– Sacrifices convenience for safety
– As security is increased, convenience is often
decreased.
• Information security
– The task of securing information that is in a digital
format.
• The goal is to ensure that protective measures are
properly implemented.
Security+ Guide to Network Security Fundamentals 8
 Defining Information Security (cont’d.)

• Three types of information

protection: often called CIA
Triad
– Confidentiality
• Only approved individuals
may access information
– Integrity
• Information is correct and
unaltered
– Availability
• Information is accessible to
authorized users

Security+ Guide to Network Security Fundamentals 9

 Defining Information Security (cont’d.)

• Protections implemented to secure information

– Authentication
• Individual is who they claim to be
– Authorization
• Grant ability to access information
– Accounting
• Provides tracking of events

Security+ Guide to Network Security Fundamentals 10

 Defining Information Security (cont’d.)

Figure 1-3 Information security components

© Cengage Learning 2012

Security+ Guide to Network Security Fundamentals 11

 Defining Information Security (cont’d.)

Table 1-3 Information security layers

Security+ Guide to Network Security Fundamentals 12

 Information Security Terminology

• Asset
– Item of value
• Threat
– Actions or events that have potential to cause harm
• Threat agent
– Person or element with power to carry out a threat

Security+ Guide to Network Security Fundamentals 13

 Information Security Terminology (cont’d.)

• Vulnerability
– Flaw or weakness that allows a threat agent to
bypass security
• Threat likelihood
– Likelihood that threat agent will exploit vulnerability
• Risk
– A situation that involves exposure to some type of
danger.

Security+ Guide to Network Security Fundamentals 14

 Information Security Terminology (cont’d.)

Security+ Guide to Network Security Fundamentals 15

 Information Security Terminology (cont’d.)

Security+ Guide to Network Security Fundamentals 16

 Table 1-4 Information technology assets

Security+ Guide to Network Security Fundamentals 17

 Information Security Terminology
(cont’d.)
• Options to deal with risk
– Risk avoidance
– Acceptance
• Realize there is a chance of loss
– Risk mitigation
• Take precautions.
• Most information security risks should be mitigated.
– Deterrence
• Example: logging.
– Transference: transferring the risk to someone else
• Example: purchasing insurance

Security+ Guide to Network Security Fundamentals 18

 Who Are the Attackers?
• Categories of attackers
– Hackers (Black hat, White hat/Ethical hackers, Grey hat)
Person who uses computer skills to attack computers
– Cybercriminals
Network of attackers, identity thieves, spammers
– Script kiddies (over 40% of attacks require low or no skills)
– Brokers (e.g. The Shadow Brokers)
– Insiders
Employees, contractors, and business partners
– Cyberterrorists
Motivated by principles or beliefs, usually aim to cause disruption and panic
– Hactivists
The purpose is to make a political statement.
– State-Sponsored Attackers (Cyberwar), e.g. Stuxnet.

Security+ Guide to Network Security Fundamentals 19

 Attacks and Defenses

• Wide variety of attacks

– The same basic steps used in attack
• To protect computers against attacks:
– Follow five fundamental security principles

Security+ Guide to Network Security Fundamentals 20

 Steps of an Attack
Cyber Kill Chain outlines the steps of an attack:
1. Reconnaissance - probe for information about the
system: type of hardware or software used
2. Weaponization - attacker creates an exploit and
packages it into a deliverable payload
3. Delivery - weapon is transmitted to the target
4. Exploitation - after weapon is delivered, the
exploitation stage triggers the intruder’s exploit
5. Installation - the weapon is installed to either attack
the computer or install a remote “backdoor”

Security+ Guide to Network Security Fundamentals 21

 Steps of an Attack (cont’d.)
Cyber Kill Chain outlines the steps of an attack:
6. Command and Control - the comprised system
connects back to the attacker so that the system can
be remotely controlled by the attacker

7. Action on Objectives - now the attackers can start to

take actions to achieve their original objectives

Security+ Guide to Network Security Fundamentals 22

Security+ Guide to Network Security Fundamentals 23
 Defenses Against Attacks
Fundamental security principles for defenses
– Layering
Information security must be created in layers ➔ Single
defense mechanism may be easy to circumvent
– Limiting
Limiting access to information: Reduces the threat against it
– Diversity
Closely related to layering: Layers must be different (diverse)
– Obscurity
Obscuring inside details to outsiders Example: not revealing
details
– Simplicity
Simple from the inside and Complex from the outside

Security+ Guide to Network Security Fundamentals 24