Scribd Logo
Upload

Welcome to Scribd!

  • Lesson 4 Protecting Information Resources

    Uploaded by

    Reymart Selverio
    11 views16 pages
    This document discusses computer and network security. It outlines learning outcomes related to security threats, measures, and guidelines for a comprehensive security system. It describes basic safeguards like biometric and non-biometric security measures. It also discusses establishing a comprehensive security system that includes people, procedures, and technology, as well as implementing a business continuity plan to maintain operations during disasters.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses computer and network security. It outlines learning outcomes related to security threats, measures, and guidelines for a comprehensive security system. It describes basic safeguards like biometric and non-biometric security measures. It also discusses establishing a comprehensive security system that includes people, procedures, and technology, as well as implementing a business continuity plan to maintain operations during disasters.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views16 pages

    Lesson 4 Protecting Information Resources

    Uploaded by

    Reymart Selverio
    This document discusses computer and network security. It outlines learning outcomes related to security threats, measures, and guidelines for a comprehensive security system. It describes basic safeguards like biometric and non-biometric security measures. It also discusses establishing a comprehensive security system that includes people, procedures, and technology, as well as implementing a business continuity plan to maintain operations during disasters.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.

    Innovation for Quality Education


    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    LEARNING OUTCOMES

    • LO1 Describe basic safeguards in computer and network


    security.
    • LO2 Explain the major security threats.
    • LO3 Describe security and enforcement measures.
    • LO4 Summarize the guidelines for a comprehensive
    security system, including business continuity
    planning.
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    COMPUTER AND NETWORK SECURITY: BASIC


    SAFEGUARDS

    • Critical for most organizations


    • Especially in recent years, with “hackers” becoming more numerous and adept at stealing
    and altering private information

    • Hackers use a variety of tools to break into computers and networks


    • Sniffers, password crackers, and rootkits
    • Journals Phrack and 2600: The Hacker Quarterly
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • Comprehensive security system


    • Protects an organization’s resources
    • Including information and computer and network equipment, e-mails,
    invoices transferred via electronic data interchange (EDI), new product
    designs, marketing campaigns, and financial statements

    • Threats
    • Include sharing passwords with coworkers, leaving a computer unattended
    while logged on to the network, or even spilling coffee on a keyboard
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • Comprehensive security system


    • Includes hardware, software, procedures, and personnel that collectively
    protect information resources

    • Confidentiality
    • System must not allow disclosing information to anyone who isn’t authorized
    to access it
    • Secure government agencies
    • Businesses
    • E-commerce
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • Integrity
    • Ensures the accuracy of information resources in an organization
    • Financial transactions
    • Availability
    • Ensures that computers and networks are operating
    • Authorized users can access the information they need
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • Three levels of security


    • Level 1: front-end servers
    • Level 2: back-end systems
    • Level 3: corporate network
    • Fault-tolerant systems
    • Combination of hardware and software for improving reliability
    • Uninterruptible power supply (UPS)
    • Redundant array of independent disks (RAID)
    • Mirror disks
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    SECURITY THREATS: AN OVERVIEW

    • Some threats can be controlled completely or partially, but


    some can’t be controlled
    • Categories
    • Unintentional
    • Intentional
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    INTENTIONAL THREATS
    • Viruses
    • Worms
    • Trojan programs
    • Logic bombs
    • Backdoors
    • Blended threats (e.g., worm launched by Trojan)
    • Denial-of-service attacks
    • Social engineering
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    PROTECTING AGAINST DATA THEFT AND DATA


    LOSS

    • 1. GET RID OF PAPER


    • 2. ASSESS WHICH DATA YOU NEED TO PROTECT MOST
    • 3. RESTRICT ACCESS TO YOUR SENSITIVE DATA
    • 4. ENFORCE DATA PRIVACY CONTROLS INSIDE AND OUT
    • 5. USE STRONG PASSWORDS
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • 6. INSTALL OR ENABLE A FIREWALL


    • 7. SECURE YOUR WIRELESS NETWORK
    • 8. USE ENCRYPTION TO PREVENT DATA THEFT
    • 9. USE A PROXY
    • 10. ACTIVATA TWO-FACTOR AUTHENTICATION
    • 11. RESTRICT MOVEMENT OF INFORMATION
    • 12. TAKE EXTRA STEPS TO PROTECT YOUR MOST SENSITIVE DATA
    • 13. USE ANTI-VIRUS SOFTWARE AND ANTI-SPYWARE.
    • 14. REQUIRE STRONG PASSWORDS FOR ALL EMPLOYESS
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    • 16. GUARD AGAINST SOCIAL ENGINEERING


    • 17. BEWARE OF PERSONAL DEVICES
    • 18. IMPLEMENT SOCIAL MEDIA POLICIES
    • 19. BE PREPARED FOR MISTAKES
    • 20 BE NICE TO YOUR EMPLOYEES
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    SECURITY MEASURES AND ENFORCEMENT: AN


    OVERVIEW
    • Biometric security measures
    • Nonbiometric security measures
    • Physical security measures
    • Access controls
    • Virtual private networks
    • Data encryption
    • E-commerce transaction security measures
    • Computer Emergency Response Team
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    GUIDELINES FOR COMPREHENSIVE SECURITY


    SYSTEM

    • Train employees
    • Guidelines and steps involved:
    • People
    • Procedures
    • Equipment and technology
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    SUMMARY

    • Types of threat
    • Basic safeguards
    • Biometric
    • Nonbiometric
    • Fault tolerance
    • Establish comprehensive security system and business continuity plan
    ICT-ED INSTITUTE OF SCIENCE AND TECHNOLOGY INC.
    Innovation for Quality Education

    BUSINESS CONTINUITY PLANNING

    • Outlines procedures for keeping an organization


    operational
    • Prepare for disaster
    • Plan steps for resuming normal operations as soon as
    possible

    You might also like