NS sos20 osic_for_security |. "lo _provide_contidentiality, integrity —ovoilability, authentication : . ing_secc message [tt nat only protects data from altevation but it con. als 24 for aubentication af wie] Uaveadable Readable eraptogron message |b system message ate nation of count ay ay egy ihy-and_exypta= love aaaaae rizetfon= ise acme Sf iersine ogi lgvetmast aaa ent Capea eae ETO 9 ca, _\nfzingeras : — [Oe vaaassment— Against people :Exomple of Active attack t { Man=in-the= middle ,impersanotion, Session hijacking [Example of Passive attack a “lapping. Encryption, scanning. “Hroffic_Anolysis __ | Needs of Tivewalls: i +A firewall _works os o tamer, ov a shield, between your Pc_ond cyber space. jS-rlhen-you-sre—esnnected—to—internet—youore —consantly—sending—and—seceiving—infoxmakion in. —=seclimunits—colled—packets— +Wt_prevents hackers and temate occesss + Wt_protects data. erie ee + }t_mnsures better privy and security» ~ Kerber | Authentication Sewer: eset ete —{*\t_performs initial authentication and ticket for kicket granting sewice [Ticket Granting Server: _ Wk issues ticket for sewer. {criteria fox infarmation classification Io Nvatai geese er eevee rca oeceeceeceeae nee a *\t is_common_critetia_of inform otion classification _ = —*When_informatian_is moxe valvable for 4 nization nee then information should be __ classified pnts 3Ae ott states ths ct classification ef infeumnation night Jower if informations valve decreases overt |—# lewd es [+t stotes thet if infoxmation hos been made _a we_to new! information ox ony otner re [then thet sinformation con sequlanly be doc ie qt fee nd toe To Pexsonal Asso Association, [+ The information which is personally ossoriated i | particular indiviuals or ibis addressed bya prio Authentication es |» Wis a process of proving on identity ov itis the | pineess of verifying who someane is |___tq: When user provides cowect password with o enon word proves that user is wner of usernam: @ Auttiorization |* Once o user is identified ond authenticated, they |__ ran pe granted , authorization based an thereSymmetric Aaymmetvic ingle key is used for. Two seperate keys ate [used for encryption_and—— decryption ———— so known os single key | Also knawin-os _public | pkogyo phy — lond_private —Kexy ———— - encnyphian ——————— Key should be agreed by |No need ta agiee—90 —— noth - sender and receiver | keys less security __} Mote security —— imp Eq: DE Data _tnexypitian I stondoxd ____— ccuyption and decryption to implement [ord ta_implement_——— fq# Digital signature —| ||Stenography technique | ———_—_——— | \ is 0 technique of hidis _secret_message within — on ordinary messag a lt ig an art and science of writing hidden e | message in _such_o woy that. ‘no one apart frm | -sender ond intended receiver even vealize that _ {here is o_bidden _message- = ne |. stenaqsnpny message —will_appear_to_he_something- _else = picture ,on article ,.oudio or video oy some __ other _message— suse aap coe + Enenyptea dota will be added in coer See using steqa=key.—wiesen| + [stego] = [stese. ota key medion Trecture | —Templote __lfprecessing a [generator] [Sensor eal4% block is interface betneen‘eal_iorld_and | our system a |e 24 block “performs all necessary _puepsiocessing like _xemoval_of orhifocts _fromn_senser, enhance input ,use same kind of normalization ———— 2 3t9 block featur a block 0 vertor of qumbers ox-on_image with ticular properties is used ta_crenteternplote le If enrollment ia_perfarmed template —is_sioply — |—staed_sameunexe concord or within database erformed , obtained —_ knot compares iw sandefing soneferm atinn ly listing passin 28S —___ tra =e 23 4 Sg go Boo ik es cases! galas aoa Ta on 2a osoop At Noni, shift each alphahet hy and then —ciphertest will be encrypted Sn nae a Tia ree SS [stop St Encrypted message: o1 ciphertext is_iqieuemaieg— itoges of setting up o DM7 with two firewalls: we Pe aera 2 Commend, ap 0) “To You con_contisl where traffic qaes in 3 networks To You condo statefil packet filtering _1@ Noucon do load polancing uh _1@ \mprove network performance It ina process of Searching tinugh o targets trash in onterta find Vile bits af information See bisa technique used to tet ion_ohaut echnal ee ~Hiawe—n-decumented—ensipment—decommissinning-process “Ike appmprinte —secure—stmmge-media—deletion prncess Destroy ony CDs/ovns containing personal data ftibinse you na longer need yon Pojmeke site youl haus ~{ecastea ail aotaso- thot it cant “he tecavered ji Raper_ancuments shusld be pemanenily destrayed /soieded “~fompanies should look waste bins and should hove a safe y~tisposat_pa Seer oescee eke aEio fsucnax “Technique [Requiar— Lfotomnst “onspasitien iii oo © “lake plaintext as input |__inrormation sEcuriT4 + @ “Take encryption Key ond write it down in Sequence teste, _a2aise = - Write plaintext ise sequence -and= x ® ® ©@ Rend message Column wise and then — spitite ciphertext _00k@ NOD IAN MSO RNG EO Invegulot —Columnax“Tronspasition ) “Toke plaintext ‘ __ FORMATION SECURITY —_ ibs I “Toke encxyption Key ond write it down in. sequence Seee as Firewall ond _Instausian _Detectian Si Firenall Detection System [instrosion Detection System Firewall ina netussk secunity [10S fsadevice ox softwar that filters in lapplization that me Ageing netiiork traffic based on |tuafie £ licia determined 1 icy siolatinns ond send slert_on_detection. op_blork conn ectiay connst_bleck_cannection [it is o device on softwore [Ik is 0 software ox —_ bot st stween_o local |hardwaxe as installed etic kernet and. network ox host to fiers irafiz thot might he [detect ond vopert instnus fu 9s tok: IMost based _ instmsion Aetection sistem = [They ove sun_on indisiual hosts ne_deices —on_nahiinak * Atips maniters inbound and outbound packets fram device |ony ond will olest user_or administrator when suspicious ctivity is detected.HIDS_is_\coking_for_certain -activities.in-10q file 0gins__at_odd hours —Login_authentication failure |—Adding_nen_vser_occount Moaitication ov access._of critical_system. Modification or xemevol of binary files — horting ot stopping—_processes————— —|\_hrivitege escalation —____— files. —\se_ of _cestoinproqzams ——— eitea | Tate es Reaataae! hoffe S *Lanalysis || couector engine Alarm storage Traffic collector [Analysis engine __ Signotuse__dotobase ser Interface ond Reporting lsmrre ae |Siaple_Matl_“Transfex_Pratocal: t1s_used_for_sending_email_ messages fram one_email_account —to_onother_via internet: : = 10