INFORMATION SECURITY
INFORMATION SECURITY
Information security (infosec) is a set of strategies for managing the
processes, tools and policies necessary to prevent, detect, document and
counter threats to digital and non-digital information. Infosec
responsibilities include establishing a set of business processes that will
protect information assets regardless of how the information is formatted or
whether it is in transit, is being processed or is at rest in storage.
Infosec programs are built around the core objectives of the CIA
triad: maintaining
the confidentiality, integrity and availability of IT systems and
business data. These objectives ensure that sensitive information is only
disclosed to authorized parties (confidentiality), prevent unauthorized
modification of data (integrity) and guarantee the data can be accessed by
authorized parties when requested (availability).
Many large
enterprises employ a dedicated security group to implement and maintain the
organization's infosec program. Typically, this group is led by a chief
information security officer. The security group is generally responsible for
conducting risk management, a process through which vulnerabilities and threats
to information assets are continuously assessed, and the appropriate protective
controls are decided on and applied. The value of an organization lies within
its information -- its security is critical for business operations, as well as
retaining credibility and earning the trust of clients.
Threats to sensitive and private information come in many different
forms, such as malware and phishing attacks, identity theft and ransomware. To
deter attackers and mitigate vulnerabilities at various points, multiple
security controls are implemented and coordinated as part of a layered defense
in depth strategy. This should minimize the impact of an attack. To be prepared
for a security breach, security groups should have an incident response plan
(IRP) in place. This should allow them to contain and limit the damage, remove
the cause and apply updated defense controls.
Information security processes and policies typically involve physical
and digital security measures to protect data from unauthorized access, use,
replication or destruction. These measures can
include mantraps, encryption key management, network intrusion
detection systems, password policies and regulatory compliance. A security
audit may be conducted to evaluate the organization's ability to maintain
secure systems against a set of established criteria.
Information security (IS) is designed to protect the confidentiality,
integrity and availability of computer system data from those with malicious
intentions. Confidentiality, integrity and availability are sometimes referred
to as the CIA Triad of information security. This triad has evolved into what
is commonly termed the Parkerian hexad, which includes confidentiality,
possession (or control), integrity, authenticity, availability and utility.
Information security handles risk management. Anything can act as a risk
or a threat to the CIA triad or Parkerian hexad. Sensitive information must be
kept - it cannot be changed, altered or transferred without permission. For
example, a message could be modified during transmission by someone
intercepting it before it reaches the intended recipient. Good cryptography
tools can help mitigate this security threat. Digital signatures can improve
information security by enhancing authenticity processes and prompting
individuals to prove their identity before they can gain access to computer
data.
Introduction to Ethical Hacking
o Key issues plaguing the information security world, incident
management process, and penetration testing
Footprinting and Reconnaissance
o Various types of footprinting, footprinting tools, and countermeasures
Scanning Networks
o Network scanning techniques and scanning countermeasures
Enumeration
o Enumeration techniques and enumeration countermeasures
System Hacking
System hacking
methodology, steganography, steganalysis attacks, and covering tracks
Malware Threats
o Different types of Trojans, Trojan analysis, and Trojan
countermeasures
o Working of viruses, virus analysis, computer worms, malware analysis
procedure, and countermeasures
Sniffing
Packet sniffing techniques and how to defend against sniffing
Social Engineering
Social Engineering techniques, identify theft, and social engineering countermeasures
Denial of Service
o
DoS/DDoS attack
techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures
Session Hijack
Session hijacking
techniques and countermeasures
Hacking Web Servers
o
Different types of
webserver attacks, attack methodology, and countermeasures Hacking Web
Applications
o Different types of web application attacks, web application hacking
methodology, and countermeasures
SQL Injection
o SQL injection attacks and injection detection tools
Hacking WiFi
o
Wireless
Encryption, wireless hacking methodology, wireless hacking tools, and wi-fi
security tools
Hacking Mobile Platforms
o Mobile platform attack vector, android vulnerabilities, jailbreaking
iOS, windows phone 8 vulnerabilities, mobile security guidelines, and tools
Evading IDS, Firewall
Firewall, IDS and
honeypot evasion techniques, evasion tools, and countermeasures
Cloud Computing
Various cloud
computing concepts, threats, attacks, and security techniques and tools
Cryptography
o Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools
Various types of
penetration testing, security audit, vulnerability assessment, and penetration
testing roadmap