information security nafis
TRANSCRIPT
-
8/9/2019 Information Security Nafis
1/10
-
8/9/2019 Information Security Nafis
2/10
unauthorized use.
*.'nsure the confidentiality of the customer"s and your processed data, and prevent
unauthorized disclosure or use.
+.'nsure the integrity of the customer"s and your processed data, and prevent the
unauthorized
). What is a security policy and why do we need one?
security policy is the essential !asis on which an effective and comprehensive
security program can !e developed. his critical component of the overall security
architecture, however, is often overloo(ed. security policy is the primary way in
which management"s e$pectations for security are translated into specific,
measura!le, and testa!le goals and o!-ectives. t is crucial to ta(e a top down
approach !ased on a well/stated policy in order to develop an effective security
architecture. 0onversely, if there isn"t a security policy defining and communicating th
decisions, then they will !e made !y the individuals !uilding, installing, and maintain
computer systems and this will result in a disparate and less than optimal security architect
!eing implemented.
he characteristics of good security policies are&
1.hey must !e implementa!le through system administration procedures,pu!lishing of accepta!le use guidelines, or other appropriate methods.2.hey must !e enforcea!le with security tools, where appropriate, and withsanctions, where actual prevention is not technically feasi!le.
).hey must clearly define the areas of responsi!ility for the users, administrators,and management.
*.hey must !e documented, distri!uted, and communicated.
*. What is the difference !etween logical and physical security? 0an you give an e$ample of !oth?
*. What are the most common types of attac( that threaten enterprise data security?
1. Spoofing.
2. Sniffing.
3. Mapping.
4. Hijacking.
-
8/9/2019 Information Security Nafis
3/10
5. Trojans.
6. DoS and DDoS.
7. Social engineering.
+. What is the difference !etween a threat and vulnera!ility?
. What is a security control?
3. What are the different types of security control?
4. What is incident management?
ncident management is a defined process for logging, recording and resolving incidents
he aim of incident management is to restore the service to the customer as %uic(ly as possi!le, often thro
a wor( around or temporary fi$es, rather than through trying to find a permanent solution
What are the differences !etween incident management and
pro!lem management?
Pro!lem management differs from incident management in that its main goal is the detection of the underly
causes of an incident and the !est resolution and prevention. n many situations, the goals of pro!lem
management
can !e in direct conflict with the goals of incident management.
5eciding which approach to ta(e re%uires careful consideration. sensi!le approach would !e to restore th
service
as %uic(ly as possi!le 6incident management7, !ut ensuring that all details are recorded. his will ena!le
pro!lem
management to continue once a wor(around has !een implemented.
5iscipline is re%uired, as the idea that the incident is fi$ed is li(ely to prevail. 8owever, the incident may w
appear
again if the resolution to the pro!lem is not found.
ncident versus pro!lem
n incident is where an error occurs& something doesn"t wor( the way it is e$pected.
his is often descri!ed as&
a fault
an error
it doesn"t wor(9
a pro!lem
!ut the : term used with is an incident.
-
8/9/2019 Information Security Nafis
4/10
pro!lem 6is different7 and can !e&
the occurrence of the same incident many times
an incident that affects many users
the result of networ( diagnostics revealing that some systems are not operating
in the e$pected way
pro!lem can e$ist without having immediate impact on the users, whereas incidents are usually more visi
and
the impact on the user is more immediate.; 0 S : & < ; 5 ' # = 0 5 ' = > = < '
' = 2
'$amples of incidents
;ser e$perienced incidents
pplication
Service not availa!le 6this could !e due to either the networ( or the application, !ut at first the user will no
!e
a!le to determine which7
'rror message when trying to access the application
pplication !ug or %uery preventing the user from wor(ing
5is( space full
echnical incident
8ardware
System down
Printer not printing=ew hardware, such as scanner, printer or digital camera, not wor(ing
echnical incident
echnical incidents
echnical incidents can occur without the user !eing aware of them. here may !e a slower response on the
networ(
or on individual wor(stations !ut, if this is a gradual decline, the user may not notice.
echnicians using diagnostics or proactive monitoring usually spot technical incidents. f a technical inciden
not
resolved, the impact can affect many users for a long time.
n time, e$perienced users and the service des( will spot these ncidents !efore the impact affects most user
'$amples of technical incidents&
5is( space nearly full 6this will affect users only when it is completely full7
=etwor( card intermittent fault sometimes it appears that the user cannot connect to the networ(, !ut on
a second attempt the connection wor(s. @eplacing the card !efore it stops wor(ing completely provides mo
-
8/9/2019 Information Security Nafis
5/10
!enefit to the users
>onitor flic(ering it is more trou!lesome in some applications than others
lthough the flic(er may !e easy to live with or ignore, the monitor will not usually last more than a few
wee(s in this state
Why use incident management?
here are ma-or !enefits to !e gained !y implementing an incident management process&
improved information to customersAusers on aspects of service %uality
improved information on the relia!ility of e%uipment
!etter staff confidence that a process e$ists to (eep services wor(ing
certainty that incidents logged will !e addressed and not forgotten
reduction of the impact of incidents on the !usinessAorganisation
resolving the ncident first rather than the pro!lem, which will help in (eeping the service availa!le 6!ut
!eware of too many %uic( fi$es that pro!lem management does not ultimately resolve7
wor(ing with (nowledge a!out the configuration and any changes made, which will ena!le you to identify
the
cause of incidents %uic(ly
improved monitoring and a!ility to interpret the reports, which will help to identify ncidents !efore they
have
an impact
B. What is !usiness continuity management? 8ow does it relate to security?
1C. What is an security audit?11. What is the difference !etween authentication and authorization?
12. What is a firewall?
1). What are the layers of the #S model?
1*. What information security challenges are faced in a cloud computing environment?
1+. he typical responsi!ilities of a 0hief Security #fficer 60S#7?
the individual primarily responsi!le for the assessment, management, and implementation of securing the
information in the organization. he 0S# may also !e referred to as the >anager for Security, the Security
dministrator, or a similar title.
1. n your opinion, what are the top five information securities threats facing an organization such as ours?
-
8/9/2019 Information Security Nafis
6/10
13.What is Sensitive 5ata?
Sensitive data encompasses a wide range of information and can include& your ethnic or ra
origin political opinion religious or other similar !eliefs mem!erships physical or men
health details personal life or criminal or civil offences. hese e$amples of information are
protected !y your civil rights. Sensitive data can also include information that relates to you
a consumer, client, employee, patient or student and it can !e identifying information as wyour contact information, identification cards and num!ers, !irth date, and parents" names.
ll of this data !elongs to you. Dou have full rights to access and use this information and y
also have rights to (now how others are doing the same. Dou should !e protective of t
information, -ust li(e you would !e of your other !elongings.
Sensitie 'ata
Sensitive 5ata is information covering&
he racial or ethnic origin of the 5ata Su!-ect
Political opinions
@eligious or other !eliefs of a similar nature
>em!ership of trade unions
Physical or mental health or condition
Se$ual :ife
he commission of any offence or criminal records
Sensitive data must !e collected using an opt/in and should !e carefully handled. #ther clas
of data which might !e regarded as sensitive are data relating to children and finan
information.
14.Why 5ata =eeds Protecting?
ns&With the advent of the nternet and new technologies that allow easier, %uic(er, as wel
anonymous access to more information than ever
-
8/9/2019 Information Security Nafis
7/10
!efore, people have now !ecome more aware of identity theft and ma(e conscious decisions
how to protect themselves. f the information is sensitive, it"s li(ely to !e protected !y law
regulations, or policies. 8owever, you can ta(e an active approach to ma(ing sure y
information has not fallen into the hands of those who would misuse it for financial gain
other reasons. dentity theft and online crime have now surpassed any other form of crime
profits earned, including drug/related crimes, so it is important to !e wary of how e$posed y
information really is. Protecting Einancial nformation Felow are some tips to minimize
e$posure of your personal financial information.
Ghe nternet& Hnow with whom you"re doing !usiness, especially when you provide
financial or identity information. #nly deal with we! sites that provide secure we! pages, i.e
those addresses that start with IhttpsJ rather than Ihttp,J for your transactions. :egitimate si
will provide contact information and signed certificates for your verification. When logging
to financial accounts, use a strong password that you change on a regular !asis.
G0redit cards online& 0onsider designating only one of your credit cards for online purchas
f a pro!lem occurs with that card, you can cancel it and still have other cards. Dou can also
re%uest that your credit card limit !e set to a level consistent with your credit card activities
6rather than the high line of credit the company assigns7. Fut, don"t set it so low that you"ll
have to use a second credit card.
G0redit card receipts& lways chec( your credit card receipts and other financial paperwor(
hey should not have the complete credit card num!er listed, only the last four digits. f the
full num!er is listed, as( that it !e truncated in the future.
GDour credit report& Dou should get a report at least once a year. Eederal law entitles citiz
to a free credit report per year from each of the three national credit !ureaus. f you thin( y
are in a high/ris( category for identity theft, !e sure to get a copy of your credit report o
every three months.
1B. 8ow s 5ata '$posed?
ns&8ere are three ways your data can !e e$posed&
ntrusion& ntruders can gain access to your data through a wea(ness in your computer syste
o protect against this, (eep your operating system updated, and use virus protection and
strong passwords.
GPhishing& his is a clever method of e$tracting information from unsuspecting individuals
n e/mail, designed to loo( li(e it originated from a reputa!le company, usually a !an( or
online store, will tell you that there is a pro!lem with your account. f lin(s appear in this (in
of e/mail message, never clic( on them regardless of how I!elieva!leJ they seem or who the
source is. f you have an account with the organization, it"s !etter to call your service
representative and verify the authenticity of the e/mail. f it is legitimate, as( to complete the
-
8/9/2019 Information Security Nafis
8/10
process !y phone. his eliminates the need to send your sensitive data over an unprotected
networ( connection.
GSocial engineering& Sometimes swindlers attempt to gather sensitive information, such as
!irthplace or mother"s maiden name, !y posing as a representative of a legitimate organizati
Dou should always !e wary of unsolicited re%uests from your !an( or financial institution in
which you are as(ed for information that could potentially !e used for fraudulent purposes.
SK never as(s you to provide your username and password in e/mail or over the phone. E
lin(s and further information, see the rear panel of this pamphlet
2C. 5efine security Policy and write the goals of security policy?
21. What are the characteristics of good security policies?
22. Write the Structure Security Policy.
2). 8ow we can protect of computer from virus infection?
2*. '$plain Security Policy for ccess 0ontrol.
2+. What are the different methods for 0omputer Liruses 5etection and @emoval?
2 .Write are the Security Policy for 5ata!ase.
23. Write a note on nformation Systems udit Policy.
24.What are the sources of threats to information systems?
ns7
The sources of threats to any organization can be both internal and external. The main
threats to your information assets can be categorized as follows:
Internal and Unintentional
Uninformed workers - mistakes can be made, information can be destroyed, condentiadata exposed
Uninformed contract workers - not fully briefed, hence security can be compromised.
Internal and Intentional
isgruntled employees - lea!ing bugs behind in your system
"ontract workers trying to increase their employment !alue
-
8/9/2019 Information Security Nafis
9/10
"ontract workers re#uiring access to get the $ob done despite opening your company tsecurity risk
External and Technical
%olitical acti!ist &acti!ists&
'ackers looking to steal credit card numbers
(nformation &brokers&
2B.Why cy!er attac(s have !een on the rise?)C. (hat is Pacet Sniffing?
)1. What is information security management) What are the !enefits of S>S?
What is S>S?
nformation Security >anagement Systems 6S>S7 is a systematic and structuredapproach to managing information so that it remains secure. S>S
implementation includes policies, processes, procedures, organizational
structures and software and hardware functions. he S>S implementation
should !e directly influenced !y the organization"s o!-ectives, securityre%uirements, processes employed, size and structure.
Why do we need S>S?#rganizations and their information systems and networ(s are e$posed with
security 8@'S such as fraud, espionage, fire, flood and sa!otage from a wide
range of sources. he increasing num!er of security !reaches has led to
increasing information security concerns among organizations worldwide.
1. Provides the means for information security corporate governance2. mproves the effectiveness of the information security environment
). llows for mar(et differentiation due to a positive influence on company prestige and image, as we
a possi!le effect on the asset or share value of the company
*. Provides satisfaction and confidence of that customers" information security re%uirements are !eing +. llows for focused staff responsi!ilities
. 'nsures compliance with mandates and laws
3. @educes lia!ility and ris( due to implemented or enforced policies and procedures, which demonstdue diligence
4. Potentially lowers rates on insuranceB. Eacilitates !etter awareness of security throughout the organization1C. Provides competitive advantages and reduction in costs connected with the improvement of pro
efficiency and the management of security costs
*+. plain the Security Systems Development Life Cycle.
33.What are 0ommon =etwor( Security Pro!lems?
-
8/9/2019 Information Security Nafis
10/10