Unit 1: INTRODUCTION TO INFORMATION ASSURANCE AND SECURITY

In overall IAS involve making sure that information is kept safe

and reliable. It means protecting information from unauthorized
access or changes. Making sure it is available when needed and
ensuring that it comes from trustworthy sources.

How can we say that the information has assurance?

Correct- The information is accurate and free from mistakes or
misleading details.
Trustworthy- It comes from reliable sources and can be believed.
Secure- It's protected from unauthorized access, keeping it safe
from tampering or theft.
Clear- It's easy to understand and transparent, so people can see
where it came from and how it was assessed.

How can we say that the information is secured?

Access Control- Only authorized individuals can access the
information, preventing unauthorized access.
Encryption- Information is encoded to prevent it from being
understood by anyone without the proper decryption key.
Firewalls- Barriers are in place to block unauthorized access to
networks, keeping information safe from external threats.
Regular Updates- Systems and software are kept up-to-date with
the latest security patches to prevent vulnerabilities from being
exploited.
 Understanding Information Security Functions
CIA Triad: Security objectives

1. Confidentiality- Confidentiality ensures that a particular

information or resources is accessible only to those who are
authorized to access it. This function involves measures such as
encryption, access controls, and data classification.
Security System – authentication, multi, encryption
2. Integrity- Integrity ensures that data remains accurate,
consistent, and unaltered throughout its lifecycle. This function
aims to prevent unauthorized modifications, deletions, or
tampering of information. Information is trustworthy. True to
itself.
3. Availability- Availability ensures that information and resources
are accessible to authorized users whenever needed. This
function involves mitigating threats that could disrupt or deny
access to critical systems and data.
Information Security: Ensures assets that needs protection/ensures
the CIA of Information.
Forms of information: DIGITAL, MATERIAL, TRADITIONAL.
4. Authentication and Authorization:
-Authentication verifies the identity of users or entities attempting to
access resources or information systems. It ensures that only
legitimate users gain access to authorized resources.
-Authorization determines the actions or operations that
authenticated users are allowed to perform within the system. It
enforces access controls based on users' roles, privileges, and
permissions.
Unit 1.1: INTRODUCTION TO INFORMATION ASSURANCE AND SECURITY
Information security is paramount in today's digital age. With the
increasing reliance on technology and the internet, protecting sensitive
information from unauthorized access, use, disclosure, disruption,
modification, or destruction is crucial.
1. Definition of Information Security
- Information security refers to the protection of information and
information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction.
- It encompasses various measures, including policies, procedures, and
technologies, to safeguard data and ensure confidentiality, integrity,
and availability.
2. Common Threats to Information Security
a. Malware
- Malware, short for malicious software, includes viruses, worms, trojans,
ransomware, and spyware.
- It can infect systems, steal data, disrupt operations, and cause
financial losses.
b. Phishing
- Phishing involves fraudulent attempts to obtain sensitive information,
such as usernames, passwords, and credit card details, by posing as
a trustworthy entity.
- Phishing attacks often occur through deceptive emails, websites, or
messages.
c. Insider Threats
- Insider threats arise from individuals within an organization who misuse
their access privileges to compromise information security.
- This could be intentional, such as data theft, or unintentional, such as
negligence or human error.
d. Denial of Service (DoS) Attacks
- DoS attacks aim to disrupt services or networks by overwhelming them
with a flood of traffic, rendering them inaccessible to legitimate users.
- Distributed Denial of Service (DDoS) attacks involve multiple
compromised systems targeting a single system simultaneously.
e. Data Breaches
- Data breaches involve unauthorized access to sensitive information,
resulting in its disclosure or theft.
- Breached data may include personal identifiable information (PII),
financial records, or intellectual property.

3. Consequences of Information Security Threats

- Financial Losses: Organizations may incur financial losses due
to theft, fraud, or disruption of operations.
- Reputational Damage: Data breaches and security incidents
can tarnish an organization's reputation, leading to loss of trust
among customers, partners, and stakeholders.
- Legal and Regulatory Consequences: Failure to protect
sensitive information may result in legal liabilities, regulatory
fines, and penalties.
- Disruption of Operations: Security incidents can disrupt business
operations, leading to downtime, productivity losses, and
operational inefficiencies.
- Loss of Intellectual Property: Theft or unauthorized access to
intellectual property can undermine competitive advantage
and innovation.
4. Mitigation Strategies
a. Implement Strong Authentication: Use multi-factor

authentication (MFA) to enhance login security and prevent

unauthorized access.

b. Keep Software Updated: Regularly update software, operating

systems, and applications to patch known vulnerabilities and

protect against malware.

c. Educate Users: Provide security awareness training to

employees to recognize and respond to phishing attempts,

insider threats, and other security risks.

d. Encrypt Sensitive Data: Use encryption to protect sensitive data

both in transit and at rest, ensuring confidentiality and integrity.

e. Monitor and Audit: Implement monitoring tools and conduct

regular security audits to detect and respond to security

incidents promptly.

f. Develop Incident Response Plan: Establish an incident response

plan to outline procedures for addressing security breaches,

minimizing their impact, and restoring normal operations.

 Navigating Information Trends and Challenges
1. Current Information Trends
a. Big Data:
- The proliferation of digital devices and online platforms has led
to the generation of vast amounts of data.
- Big data refers to the collection, storage, and analysis of large
datasets to extract insights and inform decision-making.
b. Artificial Intelligence (AI) and Machine Learning:
- AI and machine learning technologies are increasingly being
used to automate processes, analyze data, and provide
personalized experiences.
- Applications include virtual assistants, recommendation
systems, predictive analytics, and autonomous systems.
c. Internet of Things (IoT):
- IoT devices, such as smart sensors, wearables, and connected
appliances, are interconnected via the internet, enabling data
exchange and remote control.
- IoT applications span various domains, including healthcare,
smart homes, transportation, and industrial automation.
d. Cloud Computing:
- Cloud computing allows users to access computing resources,
such as storage and processing power, over the internet on a
payas-you-go basis.
- Benefits include scalability, flexibility, and cost-effectiveness for
businesses and individuals.
2. Challenges in the Information Landscape
a. Data Privacy and Security:
- With the increasing volume and value of data, concerns about
privacy and security have escalated.
- Data breaches, cyberattacks, and unauthorized access pose
significant risks to individuals' and organizations' sensitive
information.
b. Information Overload:
- The abundance of information available online can lead to
information overload, making it challenging to find relevant
and reliable sources.
- Filtering through vast amounts of data to extract meaningful
insights can be time-consuming and overwhelming.
c. Digital Divide:
- The digital divide refers to disparities in access to and use of
information and communication technologies (ICTs) among
different populations.
- Socio-economic factors, including income, education, and
geographical location, contribute to unequal access to digital
resources and skills.
d. Misinformation and Disinformation:
- The spread of misinformation and disinformation, facilitated by
social media and online platforms, undermines trust in
information sources and threatens democratic processes.
- Fake news, propaganda, and conspiracy theories can
manipulate public opinion and fuel polarization.
3. Impact of Information Trends and Challenges:
- Societal Impact: Information trends and challenges influence
societal norms, behaviors, and interactions, shaping public
discourse, political engagement, and cultural practices.
- Economic Impact: Businesses must adapt to the evolving
information landscape to remain competitive, innovate, and
meet customer demands while addressing cybersecurity
threats and data privacy regulations.
- Individual Impact: Individuals navigate a complex digital
environment, balancing the benefits of access to information
and digital services with concerns about privacy, security, and
information reliability.

4. Strategies for Addressing Information Trends and Challenges

a. Promote Digital Literacy: Educate individuals on critical
thinking, media literacy, and digital citizenship to discern
credible sources, evaluate information, and protect their
privacy online.
b. Enhance Data Privacy and Security: Implement robust
cybersecurity measures, such as encryption, access controls,
and regular security audits, to safeguard sensitive data and
mitigate cyber risks.
c. Bridge the Digital Divide: Invest in infrastructure, digital skills
training, and community initiatives to reduce disparities in
access to technology and promote digital inclusion.
d. Combat Misinformation: Foster media literacy and
factchecking efforts, collaborate with technology platforms,
and promote responsible online behavior to combat
misinformation and promote accurate information
dissemination.
 NETWORK SERVICES
Network services are applications at the network application layer
that connect users working in offices, branches, or remote locations
to applications and data in a network. These services typically run on
servers.
HTTP- Hypertext Transfer Protocol
- a method to fetch resources such as HTML documents and
images.
Sensitive Information
-Name -Credit Card Number
-Usernames -Passwords
-Address
HTTPS-HTTP with security features.
- is now the main protocol for transferring data across the web
because it protects people’s information from being compromised

HTTP- as a ranking signal

- Security is a top priority for Google. We invest a lot in making sure
that our services use industry-leading security, like strong.

HTTPS encryption by default.

That means that people using Search, Gmail, and Google, for
example, automatically have a secure connection to Google.
- Beyond our own stuff, we’re also working to make the Internet safer
more broadly. A big part of that is making sure that websites
people access from Google are secure. For instance, we have
created resources to help webmasters prevent and fix security
breaches on their sites.
- We want to go even further. At Google I/O a few months ago, we
called for “HTTPS everywhere” on the web.
- We’ve also seen more and more webmasters adopting HTTPS (Also
known as HTTP over TLS, or Transport Layer Security), on their
website, which is encouraging.
 HTTPS cryptographic protocols
SSL- Secure Sockets Layer
-It helps to authenticate the identity of a website so a
secure HTTP session can happen between the client and the
server

TSL- Transport Layer Security

-It follows the same principles in authentication and
encryption and is today’s current security standard.

Feature HTTP HTTPS

Protocol Hypertext Transfer Protocol Hypertext Transfer Protocol
Secure
Security Not Secure Secure (Encrypted)
Encryption No Encryption SSL/TLS encryption
Data Integrity No data integrity validation Data integrity ensured
through encryption
Authentication No authentication Server Authentication
Port Default port BO Default Port 443
URL Begins with “http://” Begins with “http://”
Certificate Not required Required (SSL/TLS certificate)
Performance Generally faster due to lack Slightly slower due to
of encryption encryption overhead
SEO Impact Potentially lower ranking due Higher ranking due to
to lack of security security and trustworthiness
Usage Suitable for non-sensitive Essential for sensitive data or
data resources transactions
Common Use New websites, blogs, non- E-commerce, banking,
Cases sensitive information sharing sensitive data exchange
 Seven Domains of IT Infrastructure
Each of these domains is viewed as portals for attackers if
countermeasures are missing or fail. It is very imperative for businesses to
protect each of these seven domains. It only takes one unprotected
domain for an attacker to gain access to private data.
User Domain.
The User Domain covers all the users (of any rank) that have access to
the other six domains.
RISKS:
- User can destroy data in application (intentionally or not) and delete all
- User can find that his girlfriend cheated on him and use her password to
delete all of her work so that she would be fired.
- User can insert infected CD or USB flash drive into the work computer

Workstation Domain.
A computer of an individual user where the production takes place
RISKS:
- The workstation’s OS can have a known software vulnerability that allows
a hacker to connect remotely and steal data.
- A workstation’s browser can have a software vulnerability which allows
unsigned scripts to silently install malicious software.
- A workstation’s hard drive can fail causing lost data
LAN Domain.
Contains all of the workstations, hubs, switches, and routers. The LAN is a
trusted zone
RISKS:
- A worm can spread through the LAN and infect all computers in it.
- LAN server OS can have a known software vulnerability.
- An unauthorized user can access the organization’s workstations in a
LAN
 WAN Domain.
Stands for Wide Area Network and consists of the Internet and semi-
private lines
RISKS:
- Service provider can have a major network outage.
- Server can receive a DOS or DDOS attack.
- An FTP server can allow anonymously uploaded illegal software

LAN / WAN Domain.

The boundary between the trusted and un-trusted zones. The zones are
filtered with a firewall
RISKS:
- A hacker can penetrate your IT infrastructure and gain access to your
internal network.
- Weak ingress/egress traffic filtering can degrade performance.
- A firewall with unnecessary ports open can allow access from the
Internet

System / Application Storage Domain.

This domain is made up of user-accessed servers such as email and
database
RISKS:
- A fire can destroy primary data
- A DOS attack can cripple the organization’s email
- A database server can be attacked by SQL injection, corrupting the
data

Remote Access Domain

The domain in which a mobile user can access the local network
remotely, usually through a VPN
RISKS:
- Communication circuit outage can deny connection.
- Remote communication from office can be unsecured.
- VPN tunneling between remote computer and ingress/egress router can
be hacked