HND...
Transcript of HND...
![Page 1: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/1.jpg)
HND COMPUTING
![Page 2: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/2.jpg)
UNIT 05 – SECURITY
Introduction to Security
Phil Smith
![Page 3: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/3.jpg)
LEARNING OUTCOMES
By the end of this unit you will be able to:
LO1 Assess risks to IT security.
LO2 Describe IT security solutions.
LO3 Review mechanisms to control organisational IT security.
LO4 Manage organisational security.
More detail on the wiki.
![Page 4: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/4.jpg)
ASSESSMENT - CRITERIA
Lets review the assessment criteria.
http://wiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-
assessment.pdf
![Page 5: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/5.jpg)
ASSIGNMENTS
• 2 summative assignments
• Each has a formative assignment with feedback.
![Page 6: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/6.jpg)
STRUCTURE
• 1-2 hours hours of lectures – approx., per week.
• 2 hour of tutorial/lab (approx.),
• Lab work will mostly be individual and in small groups.
• Additional independent study.
• The timings are a guide only.
![Page 7: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/7.jpg)
RESOURCES
• Lectures.
• Books (in lab).
• Books in LRC.
• Internet, you have internet access.
• Periodicals etc.
![Page 8: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/8.jpg)
WHAT THIS UNIT IS ABOUT
• Security is one of the most important challenges modern organisations face.
• Security is about protecting organisational assets, including personnel data,
equipment and networks from attack through the use of prevention techniques
in the form of vulnerability testing/security policies and detection techniques,
exposing breaches in security and implementing effective responses.
![Page 9: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/9.jpg)
AIMS
• The aim of this unit is to provide you with knowledge of security, associated
risks and how security breaches impact on business continuity.
• You will –
• examine security measures involving
• access authorisation,
• regulation of use,
• implementing contingency plans
• devising security policies and procedures.
![Page 10: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/10.jpg)
HOW
• Topics included in this unit are
• Network Security design -
• Operational topics -
• address translation,
• DMZ,
• VPN,
• firewalls,
• AV and intrusion
• detection systems -
• Remote access will be covered, as will the need for frequent vulnerability testing as part of
organisational and security audit compliance.
![Page 11: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/11.jpg)
SKILLS
• You will develop skills such as
1. communication literacy
2. critical thinking
3. analysis
4. reasoning and interpretation
• All of which are crucial for gaining employment and developing academic
competence.
![Page 12: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/12.jpg)
QUESTIONS ?
• Any questions?
![Page 13: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/13.jpg)
START
• We shall start with LO1
• LO1 - Assess risks to IT security.
![Page 14: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/14.jpg)
IT SECURITY RISKS
• Risks:
1. unauthorised use of a system;
2. unauthorised removal or copying of data or code from a system;
3. damage to or destruction of physical system assets and environment;
4. damage to or destruction of data or code inside or outside the system;
5. naturally occurring risks.
![Page 15: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/15.jpg)
ORGANISATIONAL SECURITY
• Organisational security:
• business continuance;
• backup/restoration of data;
• audits;
• testing procedures e.g.
• data,
• network,
• systems,
• operational impact of security breaches,
• WANs,
• intranets,
• wireless access systems.
![Page 16: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/16.jpg)
UNDERSTAND RISKS TO IT SECURITY
What types of risk to an organisation’s IT security exist in relation to unauthorised access of organisational data and equipment in different environments.
Also find examples and situations where unauthorised system access can occur.
Consider -
1. unauthorised use of a system;
2. unauthorised removal or copying of data or code from a system;
Create a new security document then -
• Draw up a list of possible risks. You can work in a group if you wish.
• 15 Minutes
• I will then ask each of you for what you think is the most important risk with your reasoning?
Task
![Page 17: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/17.jpg)
UNDERSTAND RISKS TO IT SECURITY
Research types of types of security threat and their impact on an organisation.
Consider -
1. Large organisations;
2. MWS;
Add the following to your document.
• Draw up a list of possible threats and their main impact. You can work in a group if you wish.
• 15 Minutes
• I will then ask each of you for one threat and its impact.
Task
![Page 18: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/18.jpg)
UNDERSTAND RISKS TO IT SECURITY
Research what ways can IT be used to detect unauthorised access – benefits and
drawbacks?
Add the following to your document.
• Draw up a list of possible threats and their main impact. You can work in a group if you wish.
• 15 Minutes
• I will then ask each of you for one detection method.
Task
![Page 19: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/19.jpg)
TYPES OF RISK (EXAMPLES)
• unauthorised use of a system without damage to data,
• unauthorised removal or copying of data or code from a system,
• damage to or destruction of physical system assets and environment
• damage to or destruction of data or code inside or outside the system
• naturally occurring risks
![Page 20: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/20.jpg)
EXAMPLES
• Variety of threats described, largely malware but includes deliberate
attack (cuts) to fibre cable in San Jose, California 2009.
• Logic bomb – Omega engineering 1996
• Fraud Citibank 1994
• Information warfare alert 1998 (false alarm)
• Various other malware
![Page 21: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/21.jpg)
CATEGORISING THREAT TYPES
Different ways to categorise:
• Origin: Internal vs external
• Sophistication: ‘Script kiddies’ vs elite hackers (vs nation states)
• Organisation: unstructured vs highly structured
![Page 22: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/22.jpg)
DIFFERENT TYPES
• Malware
• Intruders
• Insiders
• Criminal organisations
• Terrorists
• Information warfare
![Page 23: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/23.jpg)
TRENDS
Main-frame -> portable devices
Computing power increasing
Level of knowledge required decreasing (script kiddies)
Level of sophistication increasing
Number of potential attackers increasing
CSI Computer Crime and Security Survey (www.gocsi.com) generated by
FBI & Computer Security Institute (CSI)
![Page 24: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/24.jpg)
LOSSES
Difficult to quantify
Direct loss – fraud
Loss of proprietary information
Loss of business through outage
Damage to reputation
Repair costs
![Page 25: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/25.jpg)
REASONS FOR ATTACK
“You are a business, you have data, data is worth
having…”
• Specifically targeted
• Random
• Opportunistic
![Page 26: HND Computingwiki.computing.hct.ac.uk/_media/computing/hnd/l4-u05-lecture_01_introduction.pdf•Network Security design - •Operational topics - •address translation, •DMZ, •VPN,](https://reader036.fdocuments.net/reader036/viewer/2022062306/5e9cb82af05c0f2b9e1982ea/html5/thumbnails/26.jpg)
SUMMARY
• What have you learnt today – over to you!