TASK 3 Lecture 4 b

TASK 3 Lecture 4 b - SIT284 IT Security Management Session...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 SIT284: IT Security Management A Professor J. H. Abawajy IT Security Management Slide#: 1 Lecture Lecture 4: 4: Information Security Incident Information Security Incident Response Response Planning Planning Session Objective This lecture is based on chapter 3 (pages 82-93) of the textbook The session is designed to provide insight into the work that an information security incident handler may perform. Upon completion of this lecture, you should be able to: Understand the technical issues relating to commonly reported attack types; Understand the fundamentals of information security incident handling tasks; Explain a high-level overview of the key issues and decisions that must be addressed in establishing an incident response plan; Describe the nature of incident response activities. A Professor J. H. Abawajy IT Security Management Slide#: 1 IT Security Incident An information security incident is any adverse event whereby some aspect of information security (i.e., loss of data confidentiality, disruption of data or system integrity or denial of availability) could be threatened. Integrity Compromise - when a virus infects a program or the discovery of a serious system vulnerability. A Professor J. H. Abawajy IT Security Management Slide#: 1 Service Denial - when an attacker has disabled a system or a network worm has saturated network bandwidth. Misuse - unauthorised use of an account or information. Damage - when a virus destroys data. Intrusions - a server known to hold sensitive data is compromised by an unauthorised party. Physical Lose - the theft or physical loss of computer equipment known to hold files containing sensitive data Information Security Incident When a threat becomes a valid attack , it is classified as an information security incident if: It is directed against information asset It has a realistic chance of success A Professor J. H. Abawajy IT Security Management Slide#: 1 It threatens the confidentiality, integrity or availability of information asset. When a security incident occurs, reactions and decisions must be made very quickly (often in a matter of minutes). An example is fire incident. Fire Incident Management Workflow A Professor J. H. Abawajy IT Security Management Slide#: 1 Fire brigade IT Security Incident Response Plan Having specific controls in place and a plan of action for responding to attacks or incidents can greatly reduce the resultant costs to an organisation.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 09/25/2010 for the course SIT 202 taught by Professor Robindoss during the Two '09 term at Deakin.

Page1 / 4

TASK 3 Lecture 4 b - SIT284 IT Security Management Session...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online