Professional Documents
Culture Documents
Cyber Security
• Cyber security is the collection of tools, policies, security concepts,
security safeguards, guidelines, risk management approaches,
actions, training, best practices, assurance and technologies that can
be used to protect the cyber environment and organization and user’s
assets.
• Cyber security strives to ensure the attainment and maintenance of
the security properties of the organization and user’s assets against
relevant security risks in the cyber environment.
28-07-2020
Cyber Security
• The general security objectives comprise the following:
Confidentiality
Integrity, which may include authenticity and non-repudiation
Availability
28-07-2020
Confidentiality
• Assurance that information is shared only among authorized persons or
organizations.
• Network attacks against confidentiality are
Packet capturing
Password attacks
Keylogger
Phishing
Social Engineering
• Counter measures are
Encryption
Access Control
Integrity
• Assurance that the information is authentic and complete.
• Attacks against integrity are
Modification attacks
Replay attacks
Salami attacks
Man in the middle attack
Session hijacking attack
• Counter measures are
Digital Signature
28-07-2020
Availability
• Availability of information refers to ensuring that authorized parties
are able to access the information when needed
• Attacks against availability are
DOS Attack
DDOS Attack
SYN flood attacks and ICMP flood attacks
Non-Repudiation
• protection against denial by one of the parties in a communication
Nonrepudiation, Origin
Nonrepudiation, Destination
• Digital Signature ensures the Non-Repudiation
28-07-2020
Authentication
• Assurance that the communicating entity is the one that it claims to
be
• Access controls are used to provide authentication and authorization