Information Systems Security

Presented By
Dr. Mohamed Marie
1
 Course Overview
✓ 1 Accountability and Access Control
✓ 2 Attacks and Monitoring
✓ 5 Security Management Concepts and Principles
✓ 7 Data and Application Security Issues
✓ 8 Malicious Code and Application Attacks

2
 Chapter 1
Accountability and Access Control
This chapter presents the following:
❑Access Control Overview
❑ Access controls are security features that control how users and systems communicate
and interact with other systems and resources.
❑ Access is the flow of information between a subject and an object.
❑ Identification, Authentication, Authorization, and Accountability
❑Accountability Overview
❑Access Control Techniques
❑ Discretionary Access Controls. Access control is based on the discretion (in other
words, a decision) of the owner. Using access control lists (ACL). Each ACL defines
the types of access granted or restricted to individual or grouped subjects. Like
windows and Unix (read, write and execute).
❑ Nondiscretionary Access Control can be further subdivided into specific techniques,
such as mandatory, role-based, and task-based access controls.
❑Access Control Models
❑ Centralized and Decentralized Access Control.
❑Access Control Administration
❑ Collection of tasks and duties assigned to an administrator to manage user accounts,
access, and accountability.
❑Identification and Authentication Techniques
❑Access Control Methodologies and Implementation
3
❑ How to implement Centralized and Decentralized Access Control.
 Chapter 2
Attacks and Monitoring
This chapter presents the following:
❑Monitoring
❑ Using log files
❑Intrusion Detection
❑ An intrusion detection system (IDS) is a product that automates the inspection of
audit logs and real- time system events.
❑ Intrusion prevention Systems (IPS)
❑ Host-Based and Network-Based IDSs
❑ Knowledge-Based and Behavior-Based Detection
❑ IDS-Related Tools
❑ honey pots,
❑ padded cells,
❑ vulnerability scanners
❑Penetration Testing
❑ Penetration testing seeks to find any and all detectable weaknesses in your existing
security perimeter.
❑Access Control Attacks
❑ Brute-force and dictionary attacks
❑ Denial-of-service attacks
❑ Spoofing
❑ Man-in-the-middle attacks
❑ Spamming
4
❑ Sniffers
❑ Crackers, Hackers, and Attackers
 Chapter 5
Security Management Concepts and Principles
This chapter presents the following:
❑Security Management Concepts and Principles
❑Protection Mechanisms
❑ Layering
❑ Abstraction
❑ Data Hiding
❑ Encryption

❑Change Control/Management
❑Data Classification
❑ Data classification is the primary means by which data is protected
based on its need for secrecy, sensitivity, or confidentiality.

5
 Chapter 7
Data and Application Security Issues
This chapter presents the following:
❑Application Issues
❑ Local/Nondistributed Environment
❑ Viruses
❑ Trojan Horses
❑ Logic Bombs
❑ Worms
❑ Distributed Environment
❑ Agents
❑ Applets
❑ Java Applets
❑ ActiveX Controls
❑ Object Request Brokers
❑ Microsoft Component Models
❑Databases and Data Warehousing
❑Data/Information Storage
❑Knowledge-Based Systems
❑Systems Development Controls
❑Security Control Architecture
6
 Chapter 8
Malicious Code and Application Attacks
This chapter presents the following:
❑Malicious Code
❑ Sources
❑ Viruses
❑ Multipartite Viruses
❑ Stealth Viruses
❑ Polymorphic Viruses
❑ Encrypted Viruses
❑ Logic Bombs
❑ Trojan Horses
❑ Worms
❑ Spyware and Adware
❑Methods of Attack
❑ Password Attacks
❑ Password Guessing
❑ Dictionary Attacks
❑ Social Engineering
❑ Denial-of-Service Attacks
❑ SYN Flood
❑ Distributed DoS Toolkits
❑ Smurf
❑Application Attacks
❑ Buffer Overflows
❑ Trap Doors
❑ Rootkits
❑Web Application Security
❑ Cross-Site Scripting (XSS)
7
❑ SQL Injection