Introduction to Systems Security

(January 12, 2015)

© Abdou Illia – Spring 2015

2

Learning Objectives

Discuss state of security threats in the U.S.

Discuss how to manage info security

Plan-Protect-Respond cycle

People-Technology-Policy approach

3

Preventing Security Threats

What can you do, as a user of computer connected to the Internet or as a business having a network that is connected to the Internet, to prevent security threats/attacks from occurring?

4

Preventing Security Threats Use anti-virus software

Use software firewall

Use hardware/appliance firewall

Use Intrusion Defense Systems

Use Intrusion Prevention Systems

Install OS updates

Install applications’ updates

Not open file attachments from unknown sources

Not click URL in emails from unknown sources

Social engineering tests/Mock phishing schemes

Awareness training

Acceptable computer use policy

Password policy

Etc.

5

Countermeasures

Tools used to thwart attacks

Also called safeguards, protections, and controls

Types of countermeasures Preventative

Detective

Corrective

Question: Match each of the countermeasures from the previous slide with its type.

6

Dominates security management thinking

The Plan-Protect-Respond cycle

Figure 2-6

6

How is the book organized?

7

8

2010/2011 CSI Security Report

Survey conducted by the Computer Security Institute (http://www.gocsi.com).

Copy of Survey report on course web site

Survey Summary online

9

10

Types of attacks: by % of respondents

11

2011 CSI Report (cont.)

12

CSI Survey (cont.)

13

14

Satisfaction with Security Technology (cont.)

15

16

Types of Technology Used (cont.)

17

2011 Sophos Security Threat Report

Malware* hosted on websites

* Malicious software

18

2011 Sophos Security Threat Report

Malware hosting countries

19

2011 Sophos Security Threat Report

Web server’s software affected

As of March 2011 Apache served 58% of all web servers

Apache available for Microsoft Windows, Novell NetWare and Unix-like OS

Web server softwareApache IIS SunONE

Operating System

Computer hardware

HDRAM chip

Processor

Web server computer

20

Summary Questions

1. What is Plan-Protect-Respond? How important is it for information security?

2. What is PTP?

3. What does malware refer to?

4. Systems running Microsoft operating systems are more likely to be attacked than others. T F

5. With Windows OS, you can use IIS or another web server software like Apache. T

F

6. What web server software is most affected by web threats today?