Scribd Logo
Upload

Welcome to Scribd!

  • 41 views

    Security Unit 5: Neha Ijaz

    Uploaded by

    neha ijaz
    security

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Security Unit 5: Neha Ijaz

    Uploaded by

    neha ijaz
    41 views11 pages
    security

    Original Title

    Presentation1 (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    security

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    41 views11 pages

    Security Unit 5: Neha Ijaz

    Uploaded by

    neha ijaz
    security

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 11

    Security

    UNIT 5

    NEHA IJAZ
    What Is Security?
    • In general, security is “the quality or state of being secure—to
    be free from danger.”

    • In other words, protection against adversaries—from those


    who would do harm, intentionally or otherwise—is the
    objective.
    ORGANIZATIONAL SECURITY

    ● Physical security, to protect physical items, objects, or areas from unauthorized


    access and misuse

    ● Personnel security, to protect the individual or group of individuals who are


    authorized to access the organization and its operations

    ● Operations security, to protect the details of a particular operation or series of


    activities

    ● Communications security, to protect communications media, technology, and


    content

    ● Network security, to protect networking components, connections, and contents

    ● Information security, to protect the confidentiality, integrity and availability of


    information assets, whether in storage, processing, or transmission. It is achieved via
    the application of policy, education, training and awareness, and technology.
    Layers of IT Layer 5

    Layer 4
    Security Layer 3
    User
    Layer 2
    Security
    Layer 1
    Application
    Ensures that
    Security a valid user
    System
    Covers the use of is logged in
    Security and that the
    Network software,
    Protects the hardware, and logged‐in
    Security system and its user is
    Physical procedural
    Protects the information methods to allowed to
    Security
    networks and from theft, protect use an
    Safeguards the their services corruption, applications application/
    personnel, from unauthorized from external program
    hardware, unauthorized access, or threats
    programs, modification, misuse
    networks, and destruction, or
    data from disclosure
    physical
    threats

    17 Copyright © by EC-Council
    All Rights Reserved. Reproduction is Strictly Prohibited.
    Why I T
    Security?
    Computer security is Computer administration
    important for protecting the and management have
    confidentiality, integrity, and become more complex
    availability of computer which produces more attack
    systems and their resources avenues

    Evolution of technology has


    Network environments and
    focused on the ease of use
    network‐based applications
    while the skill level needed
    provide more attack paths
    for exploits has decreased

    11 Copyright © by EC-Council
    All Rights Reserved. Reproduction is Strictly Prohibited.
    Potential Losses Due to
    Attacks
    Misuse of computer
    resources Financial loss

    Unavailability of
    Data loss/theft
    resources

    Loss of trust Identity theft

    12 Copyright © by EC-Council
    All Rights Re served. Reproduction is Strictly Prohibited.
    1-1: Basic Security
    Terminology
    • Security Goals
    • Confidentiality
    • Confidentiality means that people cannot read sensitive information,
    either while it is on a computer or while it is traveling across a
    network.

    Copyright Pearson
    Prentice-Hall 2010 7
    1-1: Basic Security
    Terminology
    • Security Goals
    • Integrity
    • Integrity means that attackers cannot change or destroy information,
    either while it is on a computer or while it is traveling across a
    network. Or, at least, if information is changed or destroyed, then
    the receiver can detect the change or restore destroyed data.

    Copyright Pearson
    Prentice-Hall 2010 8
    1-1: Basic Security
    Terminology
    • Security Goals
    • Availability
    • Availability means that people who are authorized to use
    information are not prevented from doing so
    • Authentication
    • Users are who they say they are.

    • Authorization
    • Your level of authorization basically determines what you're
    allowed to do once you are authenticated and allowed access
    to a network, system, or some other resource such as data or
    information.
    Copyright Pearson
    Prentice-Hall 2010 9
    Threat vs. Vulnerability
    • A threat is anything that can disrupt the operation,
    functioning, integrity, or availability of a network or system.
    There are different categories of threats. There are natural
    threats, occurrences such as floods, earthquakes, and storms.
    There are also unintentional threats that are the result of
    accidents and stupidity. Finally, there are intentional threats
    that are the result of malicious indent.

    • A vulnerability is an inherent weakness in the design,


    configuration, or implementation of a network or system that
    renders it susceptible to a threat.
    RISKS

    You might also like