Published on February 21, 2014
Prepared by MUSTAHID ALI 02/21/14 1
CONCEPT OF INFORMATION Information is obtained through processing of data Data is raw fact and figure which helps to process to produce the information Data Instruction Information Information Instruction Example:-100+200=300 Raw Data 02/21/14 2
Information security means protecting information and information system from unauthorized access,use, disclosure ,disruption, modification or destruction. Basic Principle of Information Security Confidentiality Integrity Availability 02/21/14 3
PARKERIAN HEXAD Confidentiality Possession or control Integrity Authenticity Availability Utility 02/21/14 4
Access control system Physical and Environmental Protection Encryption Personal Security 02/21/14 5
The goal of access control is to allow access by authorized individuals and devices and to disallow access to all others. Access should be authorized and provided only to individuals whose identity is established, and their activities should be limited to the minimum required for business purposes. 02/21/14 6
What Firewalls Do They can be configured to keep unauthorized or outside users from gaining access to internal or private networks and services. They can also be configured to prevent internal users from gaining access to outside or unauthorized networks and services. 02/21/14 7
Firewalls A Network Firewall is a system or group of systems used to control access between two networks -- a trusted network and an untrusted network -- using preconfigured rules or filters. 02/21/14 8
1.Packet filtering 2.Circuit filtering 3.Application gateways 02/21/14 9
It is a cryptography technology to encrypted the data with a key so that no one can make sense of it while its being transmitted. Characteristic of encryption and decryption: Data encrypted with public key can only be decrypted with private key. Data encrypted with private key can only be decrypted with public key. 02/21/14 10
Encryption or encoding information helps prevent it by authorized user. Both the sender and receiver have to know what set of rules (cipher text) he was used to transform original information in to its cipher text (code). Example: ” UDUPA”-is the original message “IRIDA”-is cipher text (arbitrary no. chosen is”12’) 1 2 3 4 5 6 7 8 9 10 11 12 A B C D E F G H I J K L M N O P Q R S T U V W X Y S 02/21/14 11
Three types of encryption exist: 1) Symmetric encryption 2) Asymmetric encryption 3) One-Way Hashing 02/21/14 12
SYMMETRIC ENCRYPTION 02/21/14 13
Asymmetric encryption 02/21/14 14
One-Way Hashing 02/21/14 15
There are many things that you can do to protect our Personal information…. Password Backups Software updates Antivirus software Routers 02/21/14 16
♠ Security is a very difficult topic. Everyone has a different idea of what security'' is, and what levels of risk are acceptable. Once that has been defined, everything that goes on with the network can be evaluated with respect to that policy. ♠ Define the Security Policy for the company. This should be endorsed by top management and should convey their concern and commitment. . In other words we can say that :- ♠ Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution. ♠ The never ending process of information security involves ongoing training, assessment, protection, monitoring & detection, incident response & repair, documentation, and review. 02/21/14 17
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption ...
Das Information Security Management System (ISMS, engl. für „Managementsystem für Informationssicherheit“) ist eine Aufstellung von Verfahren und ...
Willkommen bei 8com Information Security. Ihre Spezialisten für Prüfungs- und Beratungsleistungen & Awarenessmaßnahmen in Informationssicherheit.
Infosecurity Magazine is the award winning online magazine dedicated to the strategy, insight and technology of information security
Der Information Security Day (ISD) bietet Themen der IT-Sicherheit aus Praxis und Wissenschaft. Seien Sie dabei am 12. und 13. November 2015 in Würzburg!
Information Security Training Our IT Security courses are the foundation of InfoSec Institute. It's where we got our start, our name, and our reputation.
Die atsec information security GmbH mit Hauptsitz in Muenchen ist ein unabhaengiges Unternehmen, das sich auf die Erbringung von Dienstleistungen im ...
Information Security Forum The ISF is the world's leading authority on cyber, information security and risk management
Ralf Röhrig, Gerald Spyra (Hrsg.) Information Security Management Praxishandbuch für Aufbau, Zertifizierung und Betrieb. DIN A5, 2 Ordner + CD-ROM
Sicherheits-Updates: Angreifer können Dells SonicWALL Email Security kapern. heute, 14:35 Uhr; Durch die Kombination von zwei Lücken lassen sich ...