IS02-Design Principles

IS02-Design Principles - Unit 2: Design Principles Pintu R...

Info iconThis preview shows pages 1–19. Sign up to view the full content.

View Full Document Right Arrow Icon
intu Shah Unit 2: Design Principles Pintu R Shah
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
In this unit. . c Various Security attacks c Method of defense c Design Principles c Security policies Pintu R Shah MPSTME SVKM's NMIMS 2 c Types of security policies
Background image of page 2
Threat c Threat: an object, person, or other entity that represents a constant danger to an asset c Management must be informed of the different threats facing the organization Pintu R Shah MPSTME SVKM's NMIMS 3 c By examining each threat category, management effectively protects information through policy, education, training, and technology controls
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Threats to Information Security 1. Potential Acts of Human Error or Failure 2. Compromises to Intellectual Property 3. Deliberate Acts of Espionage or Trespass 4. Deliberate Acts of Information Extortion 5. Deliberate Acts of Sabotage or Vandalism 6. Deliberate Acts of Theft Pintu R Shah MPSTME SVKM's NMIMS 4 7. Deliberate Software Attacks 8. Forces of Nature 9. Potential Deviations in Quality of Service from Service Providers 10. Technical Hardware Failures or Errors 11. Technical Software Failures or Errors 12. Technological Obsolescence
Background image of page 4
Classification of Security Attacks Classification of Security Attacks c Passive attacks -eavesdropping on, or monitoring of, transmissions to: –obtain message contents, or –monitor traffic flows Pintu R Shah MPSTME SVKM's NMIMS 5 c Active attacks –modification of data stream to: –masquerade of one entity as some other –replay previous messages –modify messages in transit –denial of service
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Passive Attack: release of message Passive Attack: release of message contents Pintu R Shah MPSTME SVKM's NMIMS 6
Background image of page 6
Passive Attack: traffic analysis Passive Attack: traffic analysis Pintu R Shah MPSTME SVKM's NMIMS 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Active Attack: replay Active Attack: replay Pintu R Shah MPSTME SVKM's NMIMS 8
Background image of page 8
Active Attack: denial of service Active Attack: denial of service Pintu R Shah MPSTME SVKM's NMIMS 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Examples of security attacks Examples of security attacks c Social engineering Pintu R Shah MPSTME SVKM's NMIMS 10
Background image of page 10
Examples of security attacks Examples of security attacks Impersonation Pintu R Shah MPSTME SVKM's NMIMS 11
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Phishing Pintu R Shah MPSTME SVKM's NMIMS 12 "Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 12
Spoofing Pintu R Shah MPSTME SVKM's NMIMS 13 "Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Web spoofing Pintu R Shah MPSTME SVKM's NMIMS 14 " Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 14
Web spoofing Pintu R Shah MPSTME SVKM's NMIMS 15 "Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Email Spoofing Pintu R Shah MPSTME SVKM's NMIMS 16 "Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 16
Malware c Pest on your PC Pintu R Shah MPSTME SVKM's NMIMS 17 "Reproduced with permission. Please visit www.SecurityCartoon.com for more material."
Background image of page 17

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Other examples c Botnet c DoS c Net Threats c Losing your data Pintu R Shah MPSTME SVKM's NMIMS 18 c Drive by downloads c Misleading Applications c Under ground economy
Background image of page 18
Image of page 19
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 09/04/2011 for the course IT 100 taught by Professor Rickdas during the Spring '11 term at University of Mumbai.

Page1 / 61

IS02-Design Principles - Unit 2: Design Principles Pintu R...

This preview shows document pages 1 - 19. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online