Computer Security and

Information Assurance
 Course Description

This course is a survey of the fundamental elements of

computer security and information assurance. Topics may
include confidentiality, integrity, and availability; security
policies; authentication; access control; risk management;
threat and vulnerability assessment; common attack/defense
methods; ethical issues.
 Computation of the Grades
Prelim Term 30% Midterm 30%
Attendance 20% Attendance 20%
Class Participation 30% Class Participation 20%
Final exam 30% Final exam 20%
Research Paper 20% Seminar Certificates 40%

Final Term 40%

Attendance 20%
Final exam 20%
Seminar – 60%
PROGRAM INTENDED LEARNING
OUTCOMES

• Apply knowledge of computing, science, and mathematics

appropriate to the discipline.
• Analyze complex problems, and identify and define the
computing requirements appropriate to its solution.
• Identify and analyze user needs and take them into account
in the selection, creation, evaluation and administration of
computer based systems.
• Design, implement, and evaluate computer based systems,
processes, components, or programs to meet desired needs
and requirements under various constraints.
• Integrate IT-based solutions into the user environment
effectively.
• Assist in the creation of an effective IT project plan.
• Apply knowledge through the use of current techniques,
skills, tools and practices necessary for the IT profession.
Understand best practices and standards and their applications
• Analyze the local and global impact of computing
information technology on individuals, organizations,
and society.
• Understand professional, ethical, legal, security and
social issues and responsibilities in the utilization of
information technology.
• Recognize the need for and engage in planning self-
learning and improving performance as a foundation for
continuing professional development.
Week 1-2 Principles of
Cybersecurity

Interrelated components of the computing environment

Cybersecurity models
Variation on a theme: computer security, information security,
and information assurance
Week 3-4 Security Plans
and Policies

Levels of Planning
Planning misalignment
The System Security Plan
Policy Development and Implementation
Week 5-6 Risk Management

Principles of risk
Type of risk
Risk strategies
The Risk Management Framework (RMF)
Week 7 - Security Metrics and Key
Performance Indicators (KIPS)

The challenge of security metrics

What makes a good metric
Approaches to security metrics
Week 8 Physical Security and
Environmental Events

Physical and environmental threats

Physical and environmental controls
Week 9 – Security Technology
and Cloud Security
- Quiz (min of 20 – max of 30)
LEARNING OBJECTIVES

• To students should be able to understand the technical knowledge and

skills needed to protect and defend computer systems and networks.
• To students can plan, implement, and monitor cyber security
mechanisms to help ensure the protection of information technology
assets.
 Level of Security

1. PERSONAL IDENTITY – online or offl ine transaction

2. WORK IDENTITY – private or public sectors
3. GOVERNMENT IDENTITY – public sectors
 Advantages of Cybersecurity Tools
1. PROTECTION OF BUSINESS
2. INCREASE PRODUCTIVITY
3. INSPIRES CUSTOMERS CONFIDENCE
4. STOPS YOUR WEBSITE FROM CRASHING
5. PROTECTION OF YOUR CUSTOMERS
 Importance of Cyber Security
 The Internet allows an attacker to work from anywhere on the planet.

 Risks caused by poor security knowledge and practice:

 Identity Theft – by uses the identity of a person.
 Monetary Theft – taking money of a person without permission.
 Legal Ramifications (for yourself and your organization) – consequences
of breaking the law.
 Sanctions or termination if policies are not followed.

 According to the SANS Institute, the top vectors for vulnerabilities

available to a cyber criminal are:
 Web Browser
 IM Clients
 Web Applications
Cyber Security
• Cyber security refers to the body of technologies, processes, and practices
designed to protect networks, devices, programs, and data from attack,
damage, or unauthorized access.
Cyber Security is Safety
• Security: We must protect our computers and data in the same way
that we secure the doors to our homes.
• Safety: We must behave in ways that protect us against risks and
threats that come with technology.
What is a Secure System? (CIA Triad)
• Confidentiality – restrict access to
authorized individuals

• Integrity – data has not been altered

in an unauthorized manner (access
level)
Availability
• Availability – information can be
accessed and modified by authorized
individuals in an appropriate
timeframe
CIA Triad

Confidentiality

Protecting Example:
information Criminal steals
from customers’ usernames,
passwords, or credit card
unauthorized
information
access and
disclosure
 CIA Triad

Integrity

Protecting
information
from
unauthorized
modification
Example:
Someone alters payroll
information or a proposed
product design.
CIA Triad
Availability
Example:
Your customers are
unable to access your
online services.
Preventing
disruption in
how
information
is accessed
Cybersecurity Motivation

- Demand money or ransom

- Damage the reputation
- Disrupting business continuity
- Create confusion
- Achieve military objective
- Just for fun
 Types of Hackers

Black Hat: Criminal Hackers

A black hat hacker is a cybercriminal who breaks into computer
systems with malicious or criminal intent. Black hat hackers are
probably what you think of when you picture a typical hacker or
cybercriminal.

Motives: to profit from data breaches

 Types of Hackers

White Hat: Authorized Hackers

Similar to black hat hackers, white hat hackers are cybersecurity
experts who use their skills to find vulnerabilities in organizational
networks and computer systems.
Motives: help businesses prevent cybersecurity attacks
 Types of Hackers

Gray Hat: “Just for Fun” Hackers

A gray hat hacker is a cybersecurity expert who finds ways to hack
into computer networks and systems but without the malicious intent
of a black hat hacker. Typically, they engage in hacking activities for
the pure enjoyment of finding gaps in computer systems.

Motives: personal enjoyment

 Types of Hackers

Green Hat: Hackers in Training

A green hat hacker is someone who is new to the hacking world but is
intently focused on increasing their cyberattack skills. They primarily
focus on gaining knowledge of how to perform cyberattacks on the
same level as their black hat counterparts.
Motives: to learn how to become an experienced hacker
 Types of Hackers

Blue Hat: Authorized Software Hackers

Blue hat hackers are hired by organizations to bug-test a new software
or system network before it’s released. Their role is to find loopholes
or security vulnerabilities in the new software and remedy them before
it launches.

Motives: to identify vulnerabilities in new organizational software

before it’s released.
 Types of Hackers

Red Hat: Government-Hired Hackers

Red hat hackers are hired by government agencies to spot
vulnerabilities in security systems, with a specific focus on finding
and disarming black hat hackers. They’re known to be particularly
ruthless in their hunt for black hat criminals, and typically use any
means possible to take them down.

Motives: to find and destroy black hat hackers

 Types of Hackers

Script Kiddies: Amateur Hackers

Script kiddies are amateur hackers who don’t possess the same level of
skill or expertise as more advanced hackers in the field. To make up
for this, they turn to existing malware created by other hackers to
carry out their attacks.

Motives: to cause disruption

 Types of Hackers

State/Nation Sponsored Hackers: International Threat Prevention

Hackers

State/nation sponsored hackers are appointed by a country’s

government to gain access to another nation’s computer systems. They
use their cybersecurity skills are used to retrieve confidential
information from other countries.

Motives: to monitor and prevent international threats

 Types of Hackers

Malicious Insider: Whistleblower Hackers

Malicious insider hackers are individuals who employ a cyberattack

from within the organization they work for. Also known as
whistleblowers, their motivation for attack can vary from acting on a
personal grudge they have against someone they work for to finding
and exposing illegal activity within the organization.

Motives: to expose or exploit an organization’s confidential

information
 Types of Hackers

Hacktivists: Politically Motivated Hackers

A hacktivist is someone who hacks into government networks and
systems to draw attention to a political or social cause—hence why the
name “hacktivist” is a play on the word “activist.”

Motives: to shed light on an alarming social or political cause (or to

make a political or ideological statement)
 Common Attacks in Cybersecurity
1. DOS (Denial of Service) – send multiple request (to flood)
the server request.
2. Malware – virus (thru email, website, malicious website)
3. Phishing – email links
4. Man in the Middle – hacker (computer and network)
5. Cross site script attack (Pop-up message in the website)
6. Password Attack – Guessing game from the hackers
7. Eavesdropping Attack – same with Man in the Middle.
8. SQL Injection Attack - Database
 How to Secure your Data
• 2-Factor Authentication
• Secure your Password
• Password Complexity
• Regular Updates
• Updated Antivirus
• Firewall (Company)
• Spam Filtering (Spam Software)
• Encryption
• Secure DNS
• Daily Backup
Threats and Vulnerabilities

 What are we protecting in and our stakeholders

information from?
Threats: Any circumstances or events that can potentially
harm an information system by destroying it, disclosing
the information stored on the system, adversely modifying
data, or making the system unavailable
Vulnerabilities:
Weakness in an information system or its
components that could be exploited.
  Phishing and
Spear- phishing
Attacks
 Social Engineering Scams
WHAT KINDS  Common Malware and
OF Ransomware
THREATS  Business Email
ARE THERE? Compromise
Fake websites that steal
data or infect devices
 And much more
 Phishing
Phishing refers to the practice of creating fake emails or SMS that appear to come from
someone you trust, such as: Bank, Credit Card Company, Popular Websites
 The email/SMS will ask you to “confirm your account details or your vendor’s account
details”, and then direct you to a website that looks just like the real website, but
whose sole purpose is for steal information.
 Of course, if you enter your information, a cybercriminal could use it to steal your
identity and possible make fraudulent purchases with your money.
Example of Phishing
Social Engineering
 When attempting to steal information or a person’s
identity, a hacker will often try to trick you into giving
out sensitive information rather than breaking into your
computer.
 Social Engineering can happen:
 Over the phone
 By text message
 Instant message
 Email
Malware
 Malware = “malicious software”
 Malware is any kind of unwanted software that is installed
without your consent on your computer and other digital devices.
 Viruses, Worms, Trojan horses, Bombs, Spyware, Adware,
Ransomware are subgroups of malware.
Viruses
Avirus tries to infect a carrier, which in turn relies on the
carrier to spread the virus around.
Acomputer virus is a program that can replicate itself and
spread from one computer to another.
 Bombs
 LogicBombs: is programming code that is designed to execute
or explode when a certain condition is reached.
 Most the time it goes off when a certain time is reached or a program
fails to execute. But it these bombs wait for a triggered event to
happen.
 Most common use of this is in the financial/business world.
 Most IT employees call this the disgruntled employee syndrome.
Trojans
 Trojan horse: is a program or software designed to look like a useful or
legitimate file.
 Once the program is installed and opened it steals information or deletes data.
 Trojan horses compared to other types of malware is that it usually runs only
once and then is done functioning.
 Some create back-door effects
 Another distribution of Trojans is by infecting a server that hosts websites.
 Downfall of Trojans: very reliant on the user.
Worms
 Worms and viruses get interchanged commonly in the media.
 In reality a worm is more dangerous than a virus.
 User Propagation vs. Self Propagation
 Worm is designed to replicate itself and disperse
throughout the user’s network.
 Email
Worms and Internet Worms are the two most common
worm.
Identity Theft
 Identity Theft
 Impersonation by private information
 Thief can ‘become’ the victim
 Reported incidents rising
Identity Theft
 Loss of privacy
 Personal information is stored electronically
Purchases are stored in a database
 Data is sold to other companies
 Public records on the Internet
 Internet use is monitored and logged
 None of these techniques are illegal
Ransomware

 is a type of malware that

locks and encrypts a
victim's data, files, devices
or systems, rendering them
inaccessible and unusable
until the attacker receives a
ransom payment.
Ransomware Controls

 Plan to Fail Well (Incident Response Plan)

 Know who to call!
 Training and Testing Your People
 Don’t Open that Email Link/Attachment
COVID-19 Cyber Threats
COVID-19 Cyber Threats
COVID-19 Cyber Threats
COVID-19 Cyber Threats
Cyber Crime
Cyber Crime is a generic term that refers to all criminal activities done using
the medium of communication devices, computers, mobile phones, tablets
etc. It can be categorized in three ways:
•The computer as a target – attacking the computers of others.
•The computer as a weapon- Using a computer to commit
“traditional crime” that we see in the physical world.
•The computer as an accessory- Using a computer as a “fancy filing cabinet”
to store illegal or stolen information.
Types of Cybercrime
• Phishing
• Identity Theft
• Malware
• Online Scams
• Harassment
• Piracy
• Cyberbullying
• Credit Card Theft
• Many more.
Which hat you want to wear?
Attacks today are AUTOMATED!
It’s not some dude sitting at his hacker desk all day typing out
ping commands to IP addresses via the command prompt
manually…
What does a Cyber Security Professional
look like?
What does a Cyber Security Professional
look like?
 In reality…

David Ulevitch, Founder OpenDNS Katie Moussouris, Microsoft Bug Bounty creator

Eugene Kaspersky, CEO Kaspersky Labs, £1.1bn

Dr Laura Toogood, MD Digitalis Reputation

8
James Lyne, CTO, SANS
Erin Jacobs, CSO at UCB Financial Services
How We Protect Information?

 People
 Training, education, awareness, repetition

 Process
 Governance, oversight, policy, reporting

 Technology
 Firewalls, IDS/ISP, SIEM, anti-malware
 Strong passwords, Logging/monitoring
 Social Engineering Best Practices
 USE YOUR SECURITY SPIDER SENSE!
 ALWAYS validate requests for
information if you’re not 100000%
sure
 Calla number YOU know
 Google it…
 ALWAYS ASK QUESTIONS!
 Is this who I think it is FOR SURE?
 Did someone mention this to me
personally, or was it discussed at a staff
meeting?
 Is this the FIRST I’m hearing about this?
Cyber Security and Privacy Starts and
Ends with Us!

Security Tips
Commit to a disciplined practice of information
security and continue to refresh yourself so you
don’t become a point of vulnerability in our
security defenses.
Ethical Hacking
 ou !
k y
h a n
T