foundations of security - mercu buana...

Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.

1

Foundations of Security

Simplifying Security.

Module 1


2

Scenario

Franklin, an employee working for an organization, downloads free software from a website. After installing the software, however, Franklin's system reboots and starts to malfunction.

What might have gone wrong with Franklin’s system?

What would you have done in Franklin’s place?


3

Home‐computer Users at Risk Due to Use of ‘Folk Model’ Security

EAST LANSING, Mich. —Most home computers are vulnerable to hacker attacks because the users either mistakenly think they have enough security in place or they don’t believe they have enough valuable information that would be of interest to a hacker.

That’s the point of a paper published this month by Michigan State University’s Rick Wash, who says that most home‐computer users rely on what are known as “folk models.” Those are beliefs about what hackers or viruses are that people use to make decisions about security – to keep their information safe.

Unfortunately, they don’t often work the way they should.

“Home security is hard because people are untrained in security,” said Wash, an assistant professor in the Department of Telecommunication, Information Studies and Media. “But it isn’t because people are idiots. Rather they try their best to make sense of what’s going on and frequently make choices that leave them vulnerable.”

May 23, 2011

http://news.msu.edu


4

'Fakefrag' Trojan Scares You into Paying Up

A devious new Trojan is putting the fear of hard drive failure into computer owners, and then rushing in to "save" the day —at your expense.

Once the "Fakefrag" Trojan finds its way onto your system via specially crafted malicious Web pages, it gets to work on the task of making you believe all your files have been erased from your hard drive, the security firm Symantec reported.

Scareware scams, which try to convince users they have a computer virus, and then trick them into purchasing fake antivirus software, are nothing new. However, Fakefrag takes the crime a step further: it actually moves your files from the "All Users" folder to a temporary location, and hides files in the "Current User" folder, Symantec said.

http://www.msnbc.msn.com

May 23, 2011 8:21:51 PM ET


5

Module ObjectivesSecurity Incidents

Essential Terminologies

Computer Security

Why Security?

Potential Losses Due to Security Attacks

Elements of Security

Fundamental Concepts of Security

Layers of Security

Security Risks to Home Users

What to Secure?

What Makes a Home Computer Vulnerable?

What Makes a System Secure?

Benefits of Computer Security Awareness

Basic Computer Security Mechanisms


6

Computer Security





Benefits of Computer Security

Awareness

Basic Computer Security

Mechanisms

What to Secure?

Module Flow

Layers of Security

Security Risks to

Home Users


7

0

100

200

300

400

500

600

700

2002 2003 2004 2005 2006 2007 2008 2009 2010

http://datalossdb.org

800

900

Security Incident Occurrences Over Time

2011

Report on January, 2011

Sec

urit

y In

cide

nt O

ccur

renc

es O

ver

Tim

e

Years

6 14 23

141

537511

787

604

409

10


8

Security Incidents by Breach Type - 2011

A security incident is “Any real or suspected adverse event in relation to the security of computer systems or computer networks.”

http://www.cert.org

10% 10% 10% 10% 10% 10%

40%

HackStolen Laptop

Stolen Document

Lost Laptop

Disposal Document

Web Unknown

http://datalossdb.org


9


Threat Exploit Vulnerability

Cracker, Attacker, or Intruder Attack Data Theft

An action or event that has the potential to compromise and/or violate security

A defined way to breach the security of an IT system through vulnerability

Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system

An individual who breaks into computer systems in order to steal, change, or destroy information

Any action derived from intelligent threats to violate the security of the system

Any action of stealing the information from the users’ system


10

21

Security is a state of well‐being of information and infrastructure

Computer security refers to the protection of computer systems and the information a user stores or processes

Users should focus on various security threats and countermeasures in order to protect their information assets

Computer Security

3


11

Why Security?

Computer security is important for protecting the confidentiality, integrity, and availability of computer systems and their resources

Computer administration and management have become more complex which produces more attack avenues

Network environments and network‐based applications provide more attack paths

Evolution of technology has focused on the ease of usewhile the skill level needed for exploits has decreased


12

Misuse of computer resources

Data loss/theft

Loss of trust

Financial loss

Unavailability of resources

Identity theft



13

Module Flow

Computer Security






Awareness


Mechanisms

What to Secure?

Layers of Security

Security Risks to

Home Users


14


Authenticity is “the identification and assurance of the origin of information”

Confidentiality is “ensuring that information is accessible only to those authorized to have access” (ISO‐17799)

Availability is “ensuring that the information is accessible to authorized persons when required without delay”

Integrity is “ensuring that the information is accurate, complete, reliable, and is in its original form”

Non‐repudiation is “ensuring that a party to a contract or a communication cannot deny the authenticity of their signature on a document”

Non‐RepudiationAvailabilityIntegrityAuthenticityConfidentiality


15

The Security, Functionality, and Ease of Use Triangle

Functionality(Features)

Ease of Use

Security(Restrictions)

Moving the ball toward security means moving away from the functionality and ease of use

Applications/software products by default are preconfigured for ease of use, which makes the user vulnerable to various security flaws

Similarly, increased functionality (features) in an application make it difficult to use in addition to being less secure


16

Precaution

Maintenance

Reaction

Adhering to the preventative measures while using computer system and applications

Managing all the changes in the computer applications and keeping them up to date

Acting timely when security incidents occur

Fundamental Concepts of Security


17

Layers of Security

Layer 1

Layer 2

Layer 3

Layer 4

Layer 5

Physical Security

Safeguards the personnel, hardware, programs, networks, and data from physical threats

Network Security

Protects the networks and their services from unauthorized modification, destruction, or disclosure

System Security

Protects the system and its information from theft, corruption, unauthorized access, or misuse

Application Security

Covers the use of software, hardware, and procedural methods to protect applications from external threats

User Security

Ensures that a valid user is logged in and that the logged‐in user is allowed to use an application/ program


18

Security Risks to Home UsersHome computers are prone to various cyber attacks as they provide attackers easy targets due to a low level of security awareness

Security risk to home users arise from various computer attacks and accidentscausing physical damage to computer systems

Computer AttacksMalware attacks

Email attacks

Mobile code (Java/JavaScript/ActiveX) attacks

Denial of service and cross‐site scripting attacks

Identity theft and computer frauds

Packet sniffing

Being an intermediary for another attack (zombies)

Computer AccidentsHard disk or other component failures

Power failure and surges

Theft of a computing device

Note: These threats and their countermeasures will be discussed in detail in the later modules


19

What to Secure?Hardware Software

Information Communications

Laptops, Desktop PCs, CPU, hard disk, storage devices, cables, etc.

Operating system and software applications

Personal identification such as Social Security Number (SSN), passwords, credit card numbers, etc.

Emails, instant messengers, and browsing activites


20

Module Flow

Computer Security






Awareness


Mechanisms

What to Secure?

Layers of Security

Security Risks to

Home Users


21


Low level of security awareness

Default computer and application settings

Increasing online activities

None or very little investment in security systems

Not following any standard security policies or guidelines


22

System Access Controls Data Access Controls

System and Security Administration

System Design

What Makes a System Secure?System security measures help protect computers and information stored in the systems from accidental loss, malicious threats, unauthorized access, etc.

Ensure that unauthorized users do not get into the system

Force legal users to be conscious about security

Monitor system activities such as who is accessing the data and for what purpose

Define access rules based on the system security levels

Perform regular system and security administration tasks such as configuring system settings, implementing security policies, monitoring system state, etc.

Deploy various security characteristics in system hardware and software design such as memory segmentation, privilege isolation, etc.


23

Benefits of Computer Security Awareness

Computer security awareness helps minimize the chances of computer attacks

It helps prevent the loss of information stored on the systems

It helps users to prevent cybercriminals from using their systems in order to launch attacks on the other computer systems

It helps users minimize losses in case of an accident that causes physical damage to computer systems

It enables users to protect sensitive information and computing resources from unauthorized access


24

Module Summary

Security is a state of well‐being of information and infrastructures

Computer security is the protection of computing systems and the data that they store or access

Confidentiality, integrity, non‐repudiation, authenticity, and availability are the elements of security

Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems

Computer security awareness helps minimize the chances of computer attacks and prevent the loss of information stored on the systems


25

Basic Computer Security Checklist

Regular backup of important files

Use of strong passwords

Use of firewall and intrusion detection systems

Use of anti‐virus systems

Use of encryption techniques and digital signatures

Regular update of operating system and other installed applications

Following standard guidelines for Internet activities

Physical security of computing infrastructure

Awareness of current security scenario and attack techniques

foundations of security - mercu buana...

Documents