Suche senden
Hochladen
Aula 01 - Fundamentos da segurança dos sistemas de informações
•
2 gefällt mir
•
128 views
Leinylson Fontinele
Folgen
Slides das aula de Segurança Computacional
Weniger lesen
Mehr lesen
Bildung
Melden
Teilen
Melden
Teilen
1 von 38
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Leinylson Fontinele
Aula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurança
Leinylson Fontinele
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Leinylson Fontinele
Aula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramento
Leinylson Fontinele
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
Dr. Ahmed Al Zaidy
Empfohlen
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Aula 02 - Aplicação de contramedidas de segurança para mitigar ataques malici...
Leinylson Fontinele
Aula 04 - Implementação efetiva da política de segurança
Aula 04 - Implementação efetiva da política de segurança
Leinylson Fontinele
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Aula 03 - Controles de acesso apropriados para sistemas, aplicativos e acesso...
Leinylson Fontinele
Aula 05 - Importância do teste, auditoria e monitoramento
Aula 05 - Importância do teste, auditoria e monitoramento
Leinylson Fontinele
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Dr. Ahmed Al Zaidy
Funsec3e ppt ch06
Funsec3e ppt ch06
Skillspire LLC
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
Dr. Ahmed Al Zaidy
Forensic3e ppt ch13
Forensic3e ppt ch13
Skillspire LLC
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
PECB
Funsec3e ppt ch07
Funsec3e ppt ch07
Skillspire LLC
Forensic3e ppt ch03
Forensic3e ppt ch03
Skillspire LLC
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
Dr. Ahmed Al Zaidy
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
William Tanenbaum
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
Dr. Ahmed Al Zaidy
Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
Mukesh Chinta
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
Pim Piepers
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec
Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
jeffreye3
Weitere ähnliche Inhalte
Was ist angesagt?
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Dr. Ahmed Al Zaidy
Funsec3e ppt ch06
Funsec3e ppt ch06
Skillspire LLC
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
Dr. Ahmed Al Zaidy
Forensic3e ppt ch13
Forensic3e ppt ch13
Skillspire LLC
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
PECB
Funsec3e ppt ch07
Funsec3e ppt ch07
Skillspire LLC
Forensic3e ppt ch03
Forensic3e ppt ch03
Skillspire LLC
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
Dr. Ahmed Al Zaidy
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
William Tanenbaum
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
Dr. Ahmed Al Zaidy
Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
Mukesh Chinta
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
Pim Piepers
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec
Was ist angesagt?
(20)
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Funsec3e ppt ch06
Funsec3e ppt ch06
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
Forensic3e ppt ch13
Forensic3e ppt ch13
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Approche intégrée de la gestion des risques, de la sécurité de l’information,...
Funsec3e ppt ch07
Funsec3e ppt ch07
Forensic3e ppt ch03
Forensic3e ppt ch03
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
Funsec3e ppt ch11
Funsec3e ppt ch11
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
A 5 step guide to protecting backup data by Iron Mountain
A 5 step guide to protecting backup data by Iron Mountain
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Ähnlich wie Aula 01 - Fundamentos da segurança dos sistemas de informações
Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
jeffreye3
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
kenjordan97598
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Edgar Alejandro Villegas
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
MhndHTaani
Five Common Causes of Data Breaches
Five Common Causes of Data Breaches
Seclore
Data security in the cloud
Data security in the cloud
IBM Security
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
IDERA Software
Meetup presenation 06192013
Meetup presenation 06192013
Sqrrl
Data security in a big data environment sweden
Data security in a big data environment sweden
IBM Sverige
M7 internet security
M7 internet security
Josep Bardallo
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
AkfeteAssefa
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
InnoTech
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
MorganLudwig40
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
NetIQ
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
Denim Group
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
Eric Kavanagh
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Priyanka Aash
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
shericehewat
Dstca
Dstca
ajay vj
Ähnlich wie Aula 01 - Fundamentos da segurança dos sistemas de informações
(20)
Funsec3e ppt ch03
Funsec3e ppt ch03
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
Security Strategies in Windows Platforms and ApplicationsL.docx
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
Five Common Causes of Data Breaches
Five Common Causes of Data Breaches
Data security in the cloud
Data security in the cloud
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Idera live 2021: Database Auditing - on-Premises and in the Cloud by Craig M...
Meetup presenation 06192013
Meetup presenation 06192013
Data security in a big data environment sweden
Data security in a big data environment sweden
M7 internet security
M7 internet security
Network Security for Computer science and Engineering.ppt
Network Security for Computer science and Engineering.ppt
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
CHap 13 and 12winsec3e_ppt_ch12(1).pptxSecurity Strategies
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
Dstca
Dstca
Mehr von Leinylson Fontinele
Utilização do editor de texto Word
Utilização do editor de texto Word
Leinylson Fontinele
Prática com slide.pptx
Prática com slide.pptx
Leinylson Fontinele
A galinha carijó
A galinha carijó
Leinylson Fontinele
Descrição do Projeto 8 puzzle
Descrição do Projeto 8 puzzle
Leinylson Fontinele
Aula 02 - Agentes Inteligentes
Aula 02 - Agentes Inteligentes
Leinylson Fontinele
Aula 01 - Visão Geral da IA
Aula 01 - Visão Geral da IA
Leinylson Fontinele
A história da Segurança da Informação
A história da Segurança da Informação
Leinylson Fontinele
Introdução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. Costa
Leinylson Fontinele
Caso 1 - Boing 777
Caso 1 - Boing 777
Leinylson Fontinele
Caso 2 - Aeroporto de Denver
Caso 2 - Aeroporto de Denver
Leinylson Fontinele
Aula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de busca
Leinylson Fontinele
Aula 01 - Visão geral da IA
Aula 01 - Visão geral da IA
Leinylson Fontinele
Aula 7 - Modelagem de Software
Aula 7 - Modelagem de Software
Leinylson Fontinele
Aula 6 - Qualidade de Software
Aula 6 - Qualidade de Software
Leinylson Fontinele
Aula 07 - Diagrama de sequencia
Aula 07 - Diagrama de sequencia
Leinylson Fontinele
Aula 06 - Diagrama de classes
Aula 06 - Diagrama de classes
Leinylson Fontinele
Aula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de uso
Leinylson Fontinele
Aula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de Software
Leinylson Fontinele
Aula 2 - Modelos de processos
Aula 2 - Modelos de processos
Leinylson Fontinele
Minicurso de App Inventor
Minicurso de App Inventor
Leinylson Fontinele
Mehr von Leinylson Fontinele
(20)
Utilização do editor de texto Word
Utilização do editor de texto Word
Prática com slide.pptx
Prática com slide.pptx
A galinha carijó
A galinha carijó
Descrição do Projeto 8 puzzle
Descrição do Projeto 8 puzzle
Aula 02 - Agentes Inteligentes
Aula 02 - Agentes Inteligentes
Aula 01 - Visão Geral da IA
Aula 01 - Visão Geral da IA
A história da Segurança da Informação
A história da Segurança da Informação
Introdução ao Prolog - Prof. Sérgio S. Costa
Introdução ao Prolog - Prof. Sérgio S. Costa
Caso 1 - Boing 777
Caso 1 - Boing 777
Caso 2 - Aeroporto de Denver
Caso 2 - Aeroporto de Denver
Aula 02 - Agentes e problemas de busca
Aula 02 - Agentes e problemas de busca
Aula 01 - Visão geral da IA
Aula 01 - Visão geral da IA
Aula 7 - Modelagem de Software
Aula 7 - Modelagem de Software
Aula 6 - Qualidade de Software
Aula 6 - Qualidade de Software
Aula 07 - Diagrama de sequencia
Aula 07 - Diagrama de sequencia
Aula 06 - Diagrama de classes
Aula 06 - Diagrama de classes
Aula 04 - Diagrama de casos de uso
Aula 04 - Diagrama de casos de uso
Aula 1 - Introdução a Engenharia de Software
Aula 1 - Introdução a Engenharia de Software
Aula 2 - Modelos de processos
Aula 2 - Modelos de processos
Minicurso de App Inventor
Minicurso de App Inventor
Kürzlich hochgeladen
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
pradhanghanshyam7136
Single or Multiple melodic lines structure
Single or Multiple melodic lines structure
dhanjurrannsibayan2
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
marlenawright1
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
agholdier
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
AreebaZafar22
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Pooja Bhuva
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
Understanding Accommodations and Modifications
Understanding Accommodations and Modifications
MJDuyan
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
Pooky Knightsmith
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Dr Vijay Vishwakarma
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
camerronhm
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
christianmathematics
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
Celine George
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University of Engineering & Technology, Jamshoro
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
Celine George
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
Jisc
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
MaryamAhmad92
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
neillewis46
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
Jisc
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
Kürzlich hochgeladen
(20)
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Single or Multiple melodic lines structure
Single or Multiple melodic lines structure
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
Understanding Accommodations and Modifications
Understanding Accommodations and Modifications
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Aula 01 - Fundamentos da segurança dos sistemas de informações
1.
© 2012 Jones
and Bartlett Learning, LLC www.jblearning.com Fundamentos da segurança dos sistemas de informação Unit 1 Information Systems Security Fundamentals
2.
Page 2Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
3.
Page 3Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Key Concepts § Confidentiality, integrity, and availability (CIA) concepts § Layered security solutions implemented for the seven domains of a typical IT infrastructure § Common threats for each of the seven domains § IT security policy framework § Impact of data classification standard on the seven domains
4.
Page 4Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: CONCEPTS
5.
Page 5Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Introducing ISS ISS Informat ion System s Informat ion
6.
Page 6Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com The CIA Triad Confidentiality Integrity Availability
7.
Page 7Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Confidentiality Personal Data and Information • Credit card account numbers and bank account numbers • Social Security numbers and address information Intellectual Property • Copyrights, patents, and secret formulas • Source code, customer databases, and technical specifications National Security • Military intelligence • Homeland security and government-related information
8.
Page 8Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que estamos protegendo?
9.
Page 9Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Integrity Maintain valid, uncorrupted, and accurate information. § User names and passwords § Patents and copyrights § Source code § Diplomatic information § Financial data
10.
Page 10Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
11.
Page 11Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Availability X X X
12.
Page 12Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Conduct and Ethics in ISS §ISS is a classic battle of “good vs. evil.” §No global laws, rules, or regulations govern cyberspace. §U.S. government and Internet Architecture Board (IAB) have developed joint Internet acceptable use policy (AUP). §Security professionals are in high demand as the “good guys.”
13.
Page 13Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Leis de Conformidade
14.
Page 14Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Compliance Laws Driving ISS Health Insurance Portability and Accountability Act (HIPAA) Sarbanes-Oxley (SOX) Act Children’s Internet Protection Act (CIPA)
15.
Page 15Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com IT Security Policy Framework POLICY Standard Procedure Guideline A short written statement that defines a course of action that applies to the entire organization A detailed written definition of how software and hardware are to be used Written instructions for how to use the policy and standard Suggested course of action for using the policy, standard, or procedure
16.
Page 16Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
17.
Page 17Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Seven Domains of a Typical IT Infrastructure
18.
Page 18Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Ciberespaço: uma nova fronteira
19.
Page 19Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com
20.
Page 20Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com O que está representado na figura?
21.
Page 21Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain §Lack of user awareness §User apathy toward policies §User violating security policy §User inserting CD/DVD/USB with personal files
22.
Page 22Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the User Domain (Continued) §User downloading photos, music, or videos §User destructing systems, applications, and data §Disgruntled employee attacking organization or committing sabotage §Employee blackmail or extortion
23.
Page 23Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized workstation access §Unauthorized access to systems, applications, and data §Desktop or laptop operating system vulnerabilities §Desktop or laptop application software vulnerabilities or patches Common Threats in the Workstation Domain
24.
Page 24Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Viruses, malicious code, and other malware §User inserting CD/DVD/USB with personal files §User downloading photos, music, or videos Common Threats in the Workstation Domain (Continued)
25.
Page 25Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain §Unauthorized physical access to LAN §Unauthorized access to systems, applications, and data §LAN server operating system vulnerabilities §LAN server application software vulnerabilities and software patch updates
26.
Page 26Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the LAN Domain (Continued) §Rogue users on WLANs §Confidentiality of data on WLANs §LAN server configuration guidelines and standards
27.
Page 27Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Unauthorized probing and port scanning §Unauthorized access §Internet Protocol (IP) router, firewall, and network appliance operating system vulnerability §Local users downloading unknown file types from unknown sources Common Threats in the LAN-to-WAN Domain WAN
28.
Page 28Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Open, public, and accessible data §Most of the traffic being sent as clear text §Vulnerable to eavesdropping §Vulnerable to malicious attacks §Vulnerable to Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks Common Threats in the WAN Domain WAN
29.
Page 29Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com §Vulnerable to corruption of information and data §Insecure Transmission Control Protocol/Internet Protocol (TCP/IP) applications §Hackers and attackers e-mailing Trojans, worms, and malicious software freely and constantly Common Threats in the WAN Domain (Continued) WAN
30.
Page 30Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Remote Access Domain Internet § Brute force user ID and password attacks § Multiple logon retries and access control attacks § Unauthorized remote access to IT systems, applications, and data § Confidential data compromised remotely § Data leakage in violation of data classification standards
31.
Page 31Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Common Threats in the Systems/Applications Domain Cloud Computing § Unauthorized access to data centers, computer rooms, and wiring closets § Difficult-to-manage servers that require high availability § Server operating systems software vulnerability management § Security required by cloud computing virtual environments § Corrupt or lost data
32.
Page 32Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: PROCESSES
33.
Page 33Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad Confidentiality AUP Security Awareness Policy Enhanced Access Control
34.
Page 34Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Integrity AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management
35.
Page 35Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Implementing the CIA Triad (Continued) Availability AUP Security Awareness Policy Enhanced Access Control Threat Assessment and Monitoring Asset Protection Policy Vulnerability Assessment and Management Data Classification Standard
36.
Page 36Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com DISCOVER: ROLES
37.
Page 37Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Who Implements the CIA Triad? Confidentiality Integrity Availability §User §IT administrator §Network administrator §Human resources §Senior management §User §IT administrator §Network administrator §Human resources §Senior management §IT administrator §Network administrator §Third-party vendor
38.
Page 38Fundamentals of
Information Systems Security © 2012 Jones and Bartlett Learning, LLC www.jblearning.com Summary §Terms associated with ISS include risks, threats, and vulnerabilities. §Layered security strategy protects an IT infrastructure’s CIA. §IT policy framework includes policies, standards, procedures, and guidelines. §Data classification standard defines how data is to be handled within an IT infrastructure.
Jetzt herunterladen