lecture1 intro to cs
TRANSCRIPT
![Page 1: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/1.jpg)
Computer Security IComputer Security I
Unit 1: Introduction to Computer Security
![Page 2: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/2.jpg)
ObjectivesObjectives
Overview of Computer SecurityHighlight the principles of Computer
SecurityEvaluate the types of computer assets
and the threats, vulnerabilities and risks associated with each
![Page 3: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/3.jpg)
What is it?◦ Computer Security is the science of managing
malicious intent and behaviour that involves information and communication technology.
◦ Malicious Behaviour includes Fraud/Theft – Unauthorised access to $$ (credit
card, goods, services etc.) Vandalism – Causing damage for personal reasons Terrorism
Computer SecurityComputer Security
![Page 4: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/4.jpg)
Espionage – Stealing information to gain competitive advantage
Sabotage – Causing damage to gain competitive advantage
Spam – unsolicited marketing wasting time/resources
![Page 5: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/5.jpg)
Where is computer security a concern?◦ In the business environment: Cash flow,
competitive advantage, commercial image, reputation◦ In the military environment: Access to
weapons, communication secrecy◦ In the medical environment: Patient records,
equipment safety, treatment info.◦ In the household: Burglar alarms, utility bills
![Page 6: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/6.jpg)
Principles of Computer SecurityPrinciples of Computer SecurityThe top aspects of computer security are the
preservation of:◦ Confidentiality: Ensuring that ONLY authorized
persons can access the information◦ Integrity: safeguarding the accuracy of
information by ensuring that ONLY authorized persons are able to modify the information◦ Availability: Ensuring that if you are an
authorized person, information should be accessible to you whenever required.
![Page 7: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/7.jpg)
![Page 8: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/8.jpg)
Assets, Threats, Vulnerabilities, Assets, Threats, Vulnerabilities, Risks, CountermeasuresRisks, CountermeasuresWhat are they?◦ Asset: A useful or valuable thing. May include
hardware, software, documentation, data, communications, environment and people.
◦ Threat: Intention to inflict injury or damage. Potential to cause loss or harm. May include users, terrorist, hackers, criminals, motivated groups, acts of God
![Page 9: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/9.jpg)
Vulnerability: Is a weakness that might be exploited to cause loss or harm. May include the ability to be exposed, stolen, lost, deleted, contain s/ware bugs
Risk: Is a potential problem that a system or its user may experience. An asset is usually at risk when a threat exploits its vulnerabilities.
![Page 10: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/10.jpg)
Countermeasure: Procedures / Processess put in place to reduce or mitigate or control a risk. Countermeasures seek to do the following:
Reduce the threat Reduce the vulnerability Reduce the impact Detect a hostile event Recover from an event
![Page 11: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/11.jpg)
Vulnerabilities
Countermeasures
Aftercare
Assets Threats
Risk
A risk management model is used to manage threats
![Page 12: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/12.jpg)
Risk Assessment
A risk matrix is used to evaluate the threat and countermeasure.
High Expectancy
Low Expectancy
Low Impact
High Impact
Control & Contain Prevention
Live withContingency Plan or Insurance
![Page 13: Lecture1 intro to cs](https://reader033.vdocuments.mx/reader033/viewer/2022052400/5599df011a28abf7248b45d8/html5/thumbnails/13.jpg)
Summary