FUNDAMENTALS OF

COMPUTER SECURITY
Introduction to Computer Security
 Objective
At the end of the module, students should be able to
identify and prioritize potential threats to the network
Specific Objectives:
• Identify top threats to a computer network
• Assess the likelihood of an attack
• Define key security terminologies
• Compare and contrast perimeter and layered approaches to
network security
• Determine the use of online security resources
 Types of Threats

 Malware

HEHv9
 Types of Threats

 Security Breaches

https://www.researchgate.net/figure/Latest-Security-Breaches-discovery_fig1_26408
4730
 Types of Threats

 DoS Attacks

https://searchsecurity.techtarget.com/definition/denial-of-service
 Types of Threats

 Web Attacks
 Cross-site scripting

https://cdn.ttgtmedia.com/rms/onlineImages/security-cross_site_scripting.png
 Types of Threats

 Web Attacks
 SQL Injections

http://www.veracode.com/sites/default/files/styles/media_responsive_widest/public/what-is-sql-
 Types of Threats

 Web Attacks

https://www.ptsecurity.com/ww-en/analytics/web-application-attacks-2019/
 Types of Threats

 Session hijacking

https://heimdalsecurity.com/blog/wp-content/uploads/hs-Session-hijacking-with-TCP-sequence-
 Types of Threats

 Insider Threats

https://www.google.com/url?
sa=i&source=images&cd=&ved=2ahUKEwjH-
qGWyOrkAhUPE4gKHZRxBegQjRx6BAgBEAQ&url=ht
tps%3A%2F%2Fmedium.com%2Fbugbountywriteup
%2Finsider-threats-importance-prevention-
2a5b6a55264b&psig=AOvVaw3YMwy33jIm06ne06_c
bAPO&ust=1569452455479605
 Types of Threats

 Insider
Threats
 Types of Threats

 DNS Poisoning
 Types of Threats

 Doxing
 Types of Threats

 Top
Securit
y
Trends
 Likelihood of an Attack on Network

 Computer Virus
 Likelihood of an Attack on Network

 Unauthorized usage of Computers

 Dos Attack
 Employee misusing resources

ttps://images.wisegeek.com/login-field-for-website.jpg
 Security Terminologies

 Basic
 Hacker

https://bestiphider.com/wp-content/uploads/2019/02/types-of-hackers.jpg
 Security Terminologies

 Basic
 Script Kiddies

https://image.slidesharecdn.com/adversaryroi-evaluatingsecurityfromthethreatactorsperspectiveforslideshare-
121102140511-phpapp01/95/adversary-roi-evaluating-security-from-the-threat-actors-perspective-28-638.jpg?
 Security Terminologies

 Basic
 Ethical Hacking: Penetration Testing
 Security Terminologies

 Basic
 Phreaking

https://voicegal.files.wordpress.com/2011/04/phone-phreaking-www_setelecom_ca_.jpg
 Security Terminologies

 Professional
 Security Devices

http://www.conceptdraw.com/How-To-Guide/picture/Computer-and-Networks-Network-Security-Diagrams-Access-Control-and-
 Security Terminologies

 Professional
 Security Activities

https://pacificinvestmentbank.com/wp-content/uploads/2018/11/free-cyber-security-policy-template-best-introduction-to-the-nist-cybersecurity-framework-for-a-of-free-cyber-security-policy-
template.png
4 Most-Adopted Security Frameworks to Ensure
Cybersecurity
• Healthcare Insurance Portability and Accountability Act (HIPAA)
• National Institute of Standards and Technology (NIST)
Cybersecurity Framework
• General Data Protection Regulation (GDPR) Framework
• Payment Card Industry Data Security Standard (PCI-DSS)
 Concepts and Approaches

 Concept
 CIA Triangle
 Concepts and Approaches

 Concept
 Least Privileges
 Concepts and Approaches

 Approaches
 Perimeter

Security
Approach
 Concepts and Approaches

 Approaches
 Layered

Security
Approach

https://www.designnews.com/sites/default/files/Defense-In-Depth-Security-Approach_new.jpg
 Concepts and Approaches

 Approaches
 Proactive/

Reactive

https://www.faa.gov/about/initiatives/sms/explained/basis/media/
reactive_proactive_predictive.png
 Concepts and Approaches

 Approache
s
 Passive

Security

https://www.researchgate.net/profile/Sammy_Chan3/publication/260670326/figure/download/fig2/
AS:669047918174227@1536524862995/Cyber-security-threats-on-smart-grid-communications.png
 Concepts and Approaches

 Approaches
 Dynamic/

Proactive Defense
Legal Issues
 Legal Issues
•R.A. 8792 (E-Commerce Act)
•R.A. 9775 (Anti-Child Pornography Act of
2009)
•R.A. 9995 (Anti-Photo and Video Voyeurism
Act of 2009)
•R.A. 10173 (Data Privacy Act of 2012)
•Cybercrime Prevention Act of 2012 –
Philippines
 Online Security Resources
 AFP Cyber Bulletin
 Online Security Resources

 CERT
 Online Security Resources
 SANS Institute
 Online Security Resources

 SANS Institute
 Online Security Resources

 Microsoft Security Advisor

 Online Security Resources

 F-Secure
 Summary
 Identified top threats to a computer network
 Assessed the likelihood of an attack
 Defined key security terminologies
 Compared and contrast perimeter and layered approaches to
network security
 Determined the use of online security resources
 END OF MODULE 01

Introduction to Computer Security