slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Fundamentals of Information Systems Security Lesson 3 PowerPoint Presentation
Download Presentation
Fundamentals of Information Systems Security Lesson 3

Loading in 2 Seconds...

play fullscreen
1 / 15

Fundamentals of Information Systems Security Lesson 3 - PowerPoint PPT Presentation


  • 165 Views
  • Uploaded on

Fundamentals of Information Systems Security Lesson 3 Malicious Attacks, Threats, and Vulnerabilities. Learning Objective. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Key Concepts.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Fundamentals of Information Systems Security Lesson 3' - rebekah-joyner


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Fundamentals of Information Systems Security

Lesson 3

Malicious Attacks, Threats, and Vulnerabilities

slide2

Learning Objective

  • Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
key concepts
Key Concepts
  • Attacks, threats, and vulnerabilities in a typical IT infrastructure
  • Common security countermeasures typically found in an IT infrastructure
  • Risk assessment approach to securing an IT infrastructure
  • Risk mitigation strategies to shrink the information security gap
types of threats
Types of Threats
  • Brute-force password attacks
  • Dictionary password attacks
  • IP address spoofing
  • Hijacking
  • Replay attacks
  • Man-in-the-middle attacks
types of threats1
Types of Threats
  • Masquerading
  • Social engineering
  • Phishing
  • Phreaking
  • Pharming
identify the criminal
Identify the Criminal

Criminal Profile #1

  • Victimizes people through unsolicited e-mail messages to get victim’s money
  • Does not rely on intrusive methods to commit crimes
  • Is motivated by financial gain
identify the criminal continued
Identify the Criminal (Continued)

Criminal Profile #2

  • Enters systems without permission to raise awareness of security issues
  • Does not work for the company or its clients
  • Does not intend harm, just tries to be “helpful”
  • Is motivated by impulse
identify the criminal continued1
Identify the Criminal (Continued)

Criminal Profile #3

  • Engages in illegal black market transactions on the Internet
  • Traffics drugs, weapons, or banned materials
  • Is motivated by financial gain
identify the criminal continued2
Identify the Criminal (Continued)

Criminal Profile #4

  • Enters systems without permission to take advantage of security issues
  • Does not work for the company or its clients
  • Does not intend to help, only wants to cause harm
  • Is motivated by peer acceptance
identify the criminal continued3
Identify the Criminal (Continued)

Criminal Profile #5

  • Intrudes upon systems to verify and validate security issues
  • Works for the company or one of its clients
  • Does not intend harm, just tries to be “helpful”
summary
Summary
  • Threats are controllable.
  • Risks are manageable.
  • Vulnerabilities are unavoidable.
  • All of these negatively affect the C-I-A triad.
  • Not all threats are intentional.
virtual lab
Virtual Lab
  • Performing a Vulnerability Assessment