ICT Intro, OS and Applications, Security
-
Upload
timon-odingo -
Category
Documents
-
view
127 -
download
6
Transcript of ICT Intro, OS and Applications, Security
![Page 1: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/1.jpg)
Instructor: Timon Odhiambo Odingo
ICT, Crime and Security
![Page 2: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/2.jpg)
Operating systems An operating system or OS is a software program
that enables the computer hardware to communicate and operate with the computer software. Without a computer operating system, a computer and software programs would be useless. The picture to the right is an example ofMicrosoft Windows XP, a popular operating system and what the box may look like if you were to purchase it from a local retail store.
![Page 3: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/3.jpg)
Operating system types As computers have progressed and developed so have
the operating systems. Below is a basic list of the different operating systems and a few examples of operating systems that fall into each of the categories. Many computer operating systems will fall into more than one of the below categories.
GUI - Short for Graphical User Interface, a GUI Operating System contains graphics and icons and is commonly navigated by using a computer mouse. See the GUIdefinition for a complete definition. Below are some examples of GUI Operating Systems.
![Page 4: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/4.jpg)
Operating system types Windows 98
Windows CE
Multi-user - A multi-user operating system allows for multiple users to use the same computer at the same time and different times. See the multi-user definition for a complete definition for a complete definition. Below are some examples of multi-user operating systems.
![Page 5: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/5.jpg)
Linux and Variants(Ubuntu, Fedora, Kubuntu, Debain, UnixMac OSMS-DOSIBM OS/2 WarpUnix and VariantsWindows CEWindows 3.xWindows 95Windows 98
Windows 98 SEWindows MEWindows NTWindows 2000Windows XPWindows VistaWindows 7Windows 8Windows 8.1
![Page 6: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/6.jpg)
Applications: Application software is all the computer software that causes a computer to perform useful tasks beyond the running of the computer itself. A specific instance of such software is called a software application, application program, application orapp.[1]
The term is used to contrast such software with system software, which manages and integrates a computer's capabilities but does not directly perform tasks that benefit the user. The system software serves the application, which in turn serves the user.Examples include accounting software, enterprise software, graphics software, media players, and office suites. Many application programs deal principally with documents.
![Page 7: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/7.jpg)
Applications: . Many application programs deal principally with documents. Applications may be bundled with the computer and its system software or published separately, and can be coded as university projects.[2]
Application software applies the power of a particular computing platform or system software to a particular purpose.Some applications are available in versions for several different platforms; others have narrower requirements and are thus called, for example, a Geography application for Windows, an Android application for education, or Linux gaming. Sometimes a new and popular application arises which only runs on one platform, increasing the desirability of that platform. This is called akiller application.
![Page 8: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/8.jpg)
Applications: An application suite consists of multiple applications bundled together. They usually have related functions, features and user interfaces, and may be able to interact with each other, e.g. open each other's files. Business applications often come in suites, e.g. Microsoft Office, LibreOffice and iWork, which bundle together a word processor, a spreadsheet, etc.; but suites exist for other purposes, e.g. graphics or music.Enterprise software addresses the needs of an entire organization's processes and data flow, across most all departments, often in a large distributed environment. (Examples include financial systems, customer relationship management (CRM) systems and supply chain management software). Departmental Software is a sub-type of enterprise software with a focus on smaller organizations and/or groups within a large organization. (Examples include travel expense management and IT Helpdesk.)
![Page 9: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/9.jpg)
Applications: management and IT Helpdesk.)Enterprise infrastructure software provides common capabilities needed to support enterprise software systems. (Examples include databases, email servers, and systems for managing networks and security.)Information worker software lets users create and manage information, often for individual projects within a department, in contrast to enterprise management. Examples include time management, resource management, documentation tools, analytical, and collaborative. Word processors, spreadsheets, email and blog clients, personal information system, and individual media editors may aid in multiple information worker tasks.
![Page 10: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/10.jpg)
Applications: Content access software is used primarily to access content without editing, but may include software that allows for content editing. Such software addresses the needs of individuals and groups to consume digital entertainment and published digital content. (Examples include media players, web browsers, and help browsers.)Educational software is related to content access software, but has the content and/or features adapted for use in by educators or students. For example, it may deliver evaluations (tests), track progress through material, or include collaborative capabilities.Simulation software simulates physical or abstract systems for either research, training or entertainment purposes.
![Page 11: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/11.jpg)
Applications: Media development software generates print and electronic media for others to consume, most often in a commercial or educational setting. This includes graphic-art software, desktop publishing software, multimedia development software, HTML editors, digital-animation editors, digital audio and video composition, and many others.[10]
Product engineering software is used in developing hardware and software products. This includes computer-aided design (CAD), computer-aided engineering (CAE), computer language editing and compiling tools, integrated development environments, and application programmer interfaces.Applications can also be classified by computing platform such as a particular operating system, delivery network such as in cloud computing and Web 2.0 applications, or delivery devices such as mobile apps for mobile devices.
![Page 12: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/12.jpg)
Applications: The operating system itself can be considered application software when performing simple calculating, measuring, rendering, and word processing tasks not used to control hardware via command-line interface or graphical user interface. This does not include application software bundled within operating systems such as a software calculator or text editor.Information worker software
![Page 13: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/13.jpg)
Applications: . Many application programs deal principally with documents. Applications may be bundled with the computer and its system software or published separately, and can be coded as university projects.[2]
Application software applies the power of a particular computing platform or system software to a particular purpose.Some applications are available in versions for several different platforms; others have narrower requirements and are thus called, for example, a Geography application for Windows, an Android application for education, or Linux gaming. Sometimes a new and popular application arises which only runs on one platform, increasing the desirability of that platform. This is called akiller application.
![Page 14: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/14.jpg)
A database is an organized collection of data. The data are typically organized to model relevant aspects of reality in a way that supports processes requiring this information. For example, modelling the availability of rooms in hotels in a way that supports finding a hotel with vacancies.
Database management systems (DBMSs) are specially designed software applications that interact with the user, other applications, and the database itself to capture and analyze data. A general-purpose DBMS is a software system designed to allow the definition, creation, querying, update, and administration of databases. Well-known DBMSs include MySQL, MariaDB, PostgreSQL, SQLite, Microsoft SQL Server, Microsoft Access, Oracle, SAP HANA, dBASE, FoxPro, IBM DB2, LibreOffice Base, FileMaker Pro andInterSystems Caché. A database is not generally portable across different DBMSs, but different DBMSs can interoperate by using standards such as SQL and ODBC or JDBC to allow a single application to work with more than one database.
![Page 15: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/15.jpg)
ICT Security Introduction
Good security in an organization starts at the top, not with firewalls, shielded cables or biometrics.
Senior management has a much more significant role to play in achieving security than they may think.
![Page 16: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/16.jpg)
Security vs. Privacy
Privacy deals with the degree of control that an entity, whether a person or organization, has over information about itself.
Security deals with vulnerability to unauthorized access to content.
![Page 17: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/17.jpg)
What Should Sr. Management Know?
Security is not a technical issue; it is a management issue
Total security is a myth. Not all information is of equal value it is not technically possible to protect all
information assets Stakeholders will be increasingly less
tolerant of cyber-related vulnerabilities
![Page 18: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/18.jpg)
Threats
Numerous adversaries are aligned against any firm's information, systems, and the critical infrastructures that support them. disgruntled current or former employees Hackers virus writers criminal groups those engaged in corporate espionage Terrorists foreign intelligence services information warfare by foreign militaries and various
other actors.
![Page 19: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/19.jpg)
Barriers to Security
The worldwide diffusion of the Internet opens up new business opportunities (e.g., 3-R Framework)
It also increases an organization's vulnerability since so many more individuals of unknown origin and intent now have access to its systems
![Page 20: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/20.jpg)
Clue IT In!
Organizations commonly look for technical certification when hiring IT staff, but how often is any effort made to educate new security workers on the organization's strategic focus or to communicate to them the criticality levels of their information assets?
![Page 21: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/21.jpg)
Critical Infrastructures
Critical Infrastructure Protection Government-Industry Collaboration Management's Role in Critical
Infrastructure Protection To recognize that critical infrastructure
protection is an essential component of corporate governance as well as organizational security
![Page 22: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/22.jpg)
Organization
Structure leads to locus of ownership of data and processes
Business Environment: threats are based on… Value of the firm's intellectual property The degree of change the firm is facing Its accessibility Its industry position
Culture SOPs Education, Training, and Awareness
![Page 23: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/23.jpg)
Technology
Firewalls and Intrusion Detection Password Layering Public Key Infrastructure Secure Servers VPNs
![Page 24: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/24.jpg)
Ok, So What? Managerial Implications
Asset Identification Risk Assessment The Control Environment
Physical Data Implementation Operations Administrative Application System Controls
![Page 25: ICT Intro, OS and Applications, Security](https://reader033.fdocuments.net/reader033/viewer/2022051521/58706cfe1a28ab48378b6bbf/html5/thumbnails/25.jpg)
Balancing Risks and Costs
Step 1: Identify information assets at an appropriate level of aggregation Step 2: Identify the financial consequences of these information assets being compromised, damaged, or lost Step 3: Identify the costs of implementing the control mechanisms that are being proposed to enhance organizational security Step 4: Estimate overall risk based on the likelihood of compromise Step 5: Estimate the benefits expected by implementing the proposed security mechanisms Step 6: Compare the expected benefits obtained in Step 5 with the cost estimates obtained in Step 3