This document discusses network defense systems and cyber security. It covers topics like the importance of cyber security, goals of cyber security including confidentiality, integrity and availability, and components of cyber security such as encryption, access control, authentication and authorization. The document is presented by Ahmad Zarif and provides contact information.
This document discusses network defense systems and cyber security. It covers topics like the importance of cyber security, goals of cyber security including confidentiality, integrity and availability, and components of cyber security such as encryption, access control, authentication and authorization. The document is presented by Ahmad Zarif and provides contact information.
This document discusses network defense systems and cyber security. It covers topics like the importance of cyber security, goals of cyber security including confidentiality, integrity and availability, and components of cyber security such as encryption, access control, authentication and authorization. The document is presented by Ahmad Zarif and provides contact information.
For Assignments For Paper Total marks/Major Subjects - 50 1. Total marks/Major Subjects - 45 (1st Asg =15 Marks) (2nd Asg =15 Marks) (3rd Asg =10 Marks) (4th Asg =10 Marks)
Punctuality Total Subject marks
& Discipline Marks - 5 100
Passing Subject marks
50
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Agenda 1.0 Network Defense System Introduction
1.1 Cyber Security
1.3 Importance of Cyber Security
1.4 Goals of Cyber Security
1.5 Components of Cyber Security
1.5.1 Confidentiality 1.5.1.1 Encryption 1.5.1.2 Access control 1.5.1.3 Authentication 1.5.1.4 Authorization 1.5.1.5 Physical Security Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 1.0 Network Defense System Introduction
Network Defense System (NDS) is a form of cyber security
for the securing of military and government computer systems. Like everyone else in the world, national agencies also have to secure their systems against malicious cyber attacks.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Introduction……. We live in a highly technological era, with computers and other technology being used for good all over the world. People use computers to create new things for people everywhere to enjoy. People use computers to write stories, make videos, and even build exciting new things online, like websites and video games
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Introduction……. Unfortunately, like every other good thing in the world, computers can also be used to do bad things, like hack into shared networks and steal customer data and intellectual property. Hackers have been doing this since the internet was invented, forcing companies and webmasters to adapt their security practices with the changing times.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Introduction…….
All over the world, militaries and government agencies are
using computer network defense to secure their systems and protect their national security by keeping hackers out of highly important systems. This helps to make critical infrastructure and other important national systems safe from those who wish to do them harm.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Introduction……. “Network Defense System is the protection of Internet- connected systems, including hardware, software, and data from cyber attacks. It is made up of two words one is cyber and other is security. Cyber is related to the technology which contains systems, network and programs or data. Whereas security related to the protection which includes systems security, network security and application and information security”
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.2 Cyber Security Cyber security refers to protect the networks from attack like, damage, or unauthorized access. Cyber security may also be referred to as Network Defense system.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.3 Importance of Cyber Security Cyber security is important because government, military, corporate and medical organizations collect and store huge amounts of data on computers and other devices. A significant portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or disclosure could have negative consequences.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Importance of Cyber Security…… cyber security describes the discipline dedicated to protecting that information and the systems used to process or store it.companies and organizations, especially those that are tasked with safeguarding information relating to national security, health, or bank records, need to take steps to protect their sensitive business and personnel information. (Link:https://digitalguardian.com/blog/biggest-incidents- cybersecurity-past-10-years-infographic ) Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 1.4 Goals of Cyber Security The objective of Cyber security is to protect information from being stolen or attacked. Cyber security can be measured by at least one of three goals- 1) Protect the confidentiality of data. 2) Preserve the integrity of data. 3) Promote the availability of data for authorized users These goals form the confidentiality, integrity, availability (CIA) triad, Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 Goals of Cyber Security…….. The CIA triad is a security model that is designed to guide policies for information security within the site of an organization or company. This model is also referred to as the AIC (Availability, Integrity, and Confidentiality) triad to avoid the confusion with the Central Intelligence Agency.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Goals of Cyber Security…….. The elements of the CIA are considered the three most important Components of security.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5 Components of Cyber Security 1.5.1 Confidentiality: Confidentiality is equivalent to privacy and avoids the unauthorized leak of information.
it involves the protection of data, providing access for those
who are allowed to see it while disallowing others from learning anything about its content.
It prevents necessary information from reaching the wrong
people while making sure that the right people can get it. Data encryption is a good example to ensure confidentiality. Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 Tools for Confidentiality
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.1 Encryption Encryption is a method of transforming information to make it unreadable for unauthorized users by using an algorithm. The transformation of data uses a secret key (an encryption key) so that the transformed data can only be read by using another secret key (decryption key). It protects sensitive data such as credit card numbers by encoding and transforming data into unreadable cipher text. This encrypted data can only be read by decrypting it.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Encryption…….
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Encryption…….
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.2 Access control Access control defines rules and policies for limiting access to a system or to physical resources. It is a process by which users are granted access and certain rights to systems, resources or information. In access control systems, users need to present identification before they can be granted access such as a person's name or a computer's serial number. Access control is a security technique that control who or what can view or use resources in a computing environment. It is a fundamental concept in security that minimizes risk to the business or organization
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.3 Authentication An authentication is a process that ensures and confirms a user's identity.
It can be done in a number of different ways, but it is usually based on a
combination of- 1. something the person has (like a smart card ), 2. something the person knows (like a password), 3. something the person is (like a human with a fingerprint).
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Authentication
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.4 Authentication Authentication is the necessity of every organizations because it enables organizations to keep their networks secure by permitting only authenticated users to access its protected resources.
These resources may include computer systems, networks,
databases, websites and other network-based applications or services.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.5 Authorization Authorization is a security mechanism which gives permission to do or have something. It is used to determine a person or system is allowed access to resources, based on an access control policy. It is normally preceded by authentication for user identity verification. System administrators are typically assigned permission levels covering all system and user resources. During authorization, a system verifies an authenticated user's access rules and either grants or refuses resource access.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Difference b/w Authorization and Authentication
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
Difference b/w Authorization and Authentication The terms authentication and authorization are often used interchangeably.
Most people believe there is only a subtle difference between
authentication and authorization and they basically mean the same.
While you know that authentication and authorization are
excellent ways to secure and protect digital identities.
it is important to understand that they are independent of each
other and serve different purposes. Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 Difference b/w Authorization and Authentication The two main differences between authentication and authorization are; One can determine “who you are” with authentication and “what you can do” with authorization. The first step is always the authentication. While authorization is done only after successful authentication. Authentication needs a username and password for validation, whereas for authorization, various other factors such as the role of the user, necessity of granting the right to access, etc. are taken into consideration.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
1.5.1.6 Physical Security
Physical security describes measures designed to deny the unauthorized
access of IT assets like facilities, equipment, personnel, resources and other properties from damage.
Physical security is the protection of personnel, hardware, software,
networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 1.5.1.6 Physical Security…….
Since physical security has technical and administrative elements
Physical security must be implemented correctly to prevent attackers from gaining physical access and take what they want. All the firewalls , cryptography and other security measures would be useless if that were to occur. The challenges of implementing physical security are much more problematic now than in previous decades. Laptops, USB drives, tablets, flash drives and smart phones all have the ability to store sensitive data that can be lost or stolen Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404 Thanks Any Question? Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404