1. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Information Security
Sukant Kole
Advanced Centre for Informatics & Innovative Learning
Indira Gandhi National Open University, New Delhi
August 24, 2010
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
2. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
What is Information Security ?
Definition
Information Security means protection of information and
information system from unauthorized access, modification and
misuse of information or destruction.
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
3. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
What is Information Security ?
Definition
Information Security means protection of information and
information system from unauthorized access, modification and
misuse of information or destruction.
Impact of Weather Forecasting & Flight Scheduling System
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
4. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Integrity
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
5. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Integrity
Confidentiality
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
6. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Integrity
Confidentiality
Availability
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
7. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Integrity
Confidentiality
Availability
Security
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
8. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Integrity
Confidentiality
Availability
Security
Privacy
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
9. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
10. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
11. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
12. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
13. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
14. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
15. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
16. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices Mobile devices, USB Devices
Social Networking
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
17. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices Mobile devices, USB Devices
Social Networking
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
18. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices Mobile devices, USB Devices
Social Networking
Cloud computing security
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
19. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices Mobile devices, USB Devices
Social Networking
Cloud computing security
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
20. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Physical (Malicious insiders, Careless Employees)
Network
Application (Exploited Vulnerabilities, Zero day attacks)
Access Devices Mobile devices, USB Devices
Social Networking
Cloud computing security
Cyber Espionage
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
21. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Access restriction to datacentre, Security surveillance,
Disaster Recovery
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
22. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Access restriction to datacentre, Security surveillance,
Disaster Recovery
VLAN, Authentication Authorization & Auditing service,
WPA-PSK
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
23. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Access restriction to datacentre, Security surveillance,
Disaster Recovery
VLAN, Authentication Authorization & Auditing service,
WPA-PSK
Security patches, Stable version, 3 tier architecture
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
24. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
What is encryption ?
Definition
“....In cryptography, encryption is the process of transforming
information (referred to as plaintext) using an algorithm (called
cipher) to make it unreadable to anyone except those possessing
special knowledge, usually referred to as a key. The result of the
process is encrypted information (in cryptography, referred to as
ciphertext....” (Source: Wikipedia)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
25. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Symmetric Encryption
(Ref: http://www.devx.com/dbzone/Article/29232/1954)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
26. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
Asymmetric Encryption
(Ref: www.uic.edu/depts/accc/newsletter/adn26/figure2.html)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
27. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
28. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
29. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies (Password, Resource Access)
IT Policies
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
30. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies (Password, Resource Access)
IT Policies
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
31. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies (Password, Resource Access)
IT Policies (Backup, firewall, IDS & IPS)
General
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
32. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies (Password, Resource Access)
IT Policies (Backup, firewall, IDS & IPS)
General
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
33. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Attributes of Information Security
Type of threats
Types of security measures
Encryption
Security Policies
User Policies (Password, Resource Access)
IT Policies (Backup, firewall, IDS & IPS)
General (Service License Agreement, Business Continuity)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
34. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
35. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
36. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
37. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
38. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
39. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
40. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Worm
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
41. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Worm
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
42. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Worm (Morris Worm, November 2, 1988)
Trojan Horses
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
43. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Worm (Morris Worm, November 2, 1988)
Trojan Horses
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
44. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Introduction
Infection process
Viruses
Worm (Morris Worm, November 2, 1988)
Trojan Horses
Social Engineering attacks
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
45. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Definition
“....In the field of networking, the specialist area of network
security consists of the provisions and policies adopted by the
network administrator to prevent and monitor unauthorized access,
misuse, modification, or denial of the computer network and
network-accessible resources....” (Source: Wikipedia)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
46. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Denial of Service (ARP Posioning, DNS Cache Poisoning,
Packet flooding)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
47. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Denial of Service (ARP Posioning, DNS Cache Poisoning,
Packet flooding)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
48. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Denial of Service (ARP Posioning, DNS Cache Poisoning,
Packet flooding)
Unauthorized access to resources (unsecured LAN /WLAN
network points)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
49. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Denial of Service (ARP Posioning, DNS Cache Poisoning,
Packet flooding)
Unauthorized access to resources (unsecured LAN /WLAN
network points)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
50. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Denial of Service (ARP Posioning, DNS Cache Poisoning,
Packet flooding)
Unauthorized access to resources (unsecured LAN /WLAN
network points)
MAC Spoofing, Man-in-the-middle attack
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
51. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
52. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
53. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
54. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
55. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Intrusion Detection & Prevention System
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
56. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Intrusion Detection & Prevention System
Honeypots
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
57. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Intrusion Detection & Prevention System
Honeypots
Directory Services (LDAP, MS-ADS)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
58. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Intrusion Detection & Prevention System
Honeypots
Directory Services (LDAP, MS-ADS)
Vulnerability Assessment tools (Nessus, Wireshark)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
59. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
Firewall [Software, Hardware]
Virtual LANs, Virtual Private Networks
Secured and encrypted access to resources
De-Militarized Zones
Intrusion Detection & Prevention System
Honeypots
Directory Services (LDAP, MS-ADS)
Vulnerability Assessment tools (Nessus, Wireshark)
Penetration Testing assessment
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
60. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
De-Militarized Zones
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
61. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
De-Militarized Zones
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
62. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
De-Militarized Zones
Virtual LANs
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
63. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
De-Militarized Zones
Virtual LANs
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
64. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
What is network security
Threats to network security
Tools of network security
Secure network devices
De-Militarized Zones
Virtual LANs
Authentication, Authorization, Auditing Service (Desktop,
Web)
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting
65. Information Security Concerns
Software Vulnerabilties
Network Security and Authentication
Open Discussion
Sukant Kole BPOI-007 Course 7 - IT Skills: DBPO-Finance & Accounting