Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
www.itms.pnp.gov.ph
COMPUTER SECURITY
ESSENTIAL TERMINOLOGIES
THREAT EXPLOIT VULNERABILITY
An action or event that Existence of a weakness,
has the potential to A defined way to design or implementation
compromise and/or breach the security of error that can lead to an
violate security an IT system through unexpected, undesirable
vulnerability event compromising the
security of a system
www.itms.pnp.gov.ph
Why Computer Security?
Computer Security is important for protecting the
confidentiality, integrity, and availability of computer systems
and their resources.
www.itms.pnp.gov.ph
Potential Losses Due to
Computer Security Attacks
Misuse of computer
resources Financial loss
www.itms.pnp.gov.ph
ELEMENTS OF SECURITY
Authenticity is “the Availability is “ensuring that the
identification and information is accessible to authorized
assurance of the origin of persons when required without delay”
information”
Non-
Confidentiality Authenticity Integrity Availability
repudiation
www.itms.pnp.gov.ph
THE SECURITY, FUNCTIONALITY, AND
EASE OF USE TRIANGLE
• Applications/software products by default are preconfigured for ease of use, which
makes the user vulnerable to various security flaws
• Similarly, increased functionality (features) in an application make it difficult to use in
addition to being less secure
Security
Moving the ball toward security
means moving away from the (Restrictions)
functionality and ease of use
Functionality
Ease of Use
(Features)
www.itms.pnp.gov.ph
Fundamental Concepts of
Computer Security
PRECAUTION
MAINTENANCE
REACTION
www.itms.pnp.gov.ph
Computer Security Risks to Home Users
• Home computers are prone to various cyber attacks as they provide attackers easy
targets due to a low level of security awareness
• Security risk to home users arise from various computer attacks and accidents
causing physical damage to computer systems
Computer Attacks
• Malware attacks
Computer Accidents • Email attacks
• Mobile code (Java/JavaScript/ActiveX)
attacks
• Hard disk or other component failures
• Denial of service and cross-site scripting
• Power failure and surges attacks
• Identity theft and computer frauds
• Theft of a computing device
• Packet sniffing
• Being an intermediary for another attack
(zombies)
www.itms.pnp.gov.ph
WHAT TO SECURE IN RELATION
TO COMPUTER SECURITY?
INFORMATION
HARDWARE
Personal
Laptops, Desktop identification such
PCs, CPU, hard as Social Security
disk, storage Number (SSN),
devices, cables, etc SOFTWARE passwords, credit
card numbers, etc
Operating COMMUNICATIONS
system and Emails, instant
software messengers, and
applications browsing activities
www.itms.pnp.gov.ph
WHAT MAKES A HOME COMPUTER VULNERABLE??
www.itms.pnp.gov.ph
WHAT MAKES A COMPUTER
SYSTEM SECURE?
SYSTEM ACCESS DATA ACCESS CONTROLS
CONTROLS • Monitor system activities such as who
is accessing the data and for what
• Ensure that unauthorized users do not get
purpose
into the system
• Define access rules based on the
• Force legal users to be conscious about
system security levels
security
www.itms.pnp.gov.ph
COMPUTER SECURITY THINGS
TO REMEMBER
• Security is a state of well-being of information and infrastructures
• Security risk to home users arise from various computer attacks and
accidents causing physical damage to computer systems
www.itms.pnp.gov.ph
BASIC COMPUTER
SECURITY CHECKLIST
Use of strong passwords
Use of anti-virus systems
Regular update of operating system and other installed applications
Regular backup of important files
Use of encryption techniques and digital signatures
Use of firewall and intrusion detection systems
Following standard guidelines for internet activities
Physical security of computing infrastructure
Awareness of current security scenario and attack techniques
www.itms.pnp.gov.ph
ITMS WSCSD
7230404 loc 4225
wscsditms@pnp.gov.ph
www.itms.pnp.gov.ph