Slide 1OutlineCyber SecurityC. I.A.Ten Major Modules of Cyber SecurityInformation Security and Risk ManagementAccess ControlSecurity Architecture and DesignPhysical and Environmental SecurityTelecommunications and Network SecurityCryptographyLegal Regulation and Compliance InvestigationApplications SecurityOperations SecurityDr. Bhavani ThuraisinghamCyber SecurityLecture for June 25, 2010Unit # 1: Overview of the Course13-201/14/19 07:29 Outline0What is Cyber Security?0What is C. I. A.?0Ten Major Modules of Cyber Security0Topics for June 25, 2010-Introduction to Cyber Security-Information Security and Risk Management13-301/14/19 07:29 Cyber Security0Security traditionally has been about CIA (Confidentiality, Integrity, Availability)0Security now also includes areas like Trustworthiness, Quality, Privacy0Dependability includes Security, Reliability and Fault Tolerance0Initially the term used was Computer Security (Compusec); it then evolved into Infosec – Information security – to include data and networks – now with web its called Cyber Security13-401/14/19 07:29 C. I.A.0Confidentiality: Preventing from unauthorized disclosure0Integrity: Preventing from unauthorized modification0Availability: Preventing denial of service13-501/14/19 07:29 Ten Major Modules of Cyber Security0Information Security and Risk Management0Access Control0Security Architecture and Design0Physical and Environmental Security0Telecommunications Security0Cryptography0Business Continuity Planning0Legal Regulations, Compliance and Investigations0Applications Security0Operations Security13-601/14/19 07:29 Information Security and Risk Management0Security Management0Security Administration0Organizational Security Model0Information Risk Management0Risk Analysis0Policies, Standards, Guidelines, Procedures0Information Classification0Layers of Responsibility0Security Awareness Training13-701/14/19 07:29 Access Control0Security Principles0Identification, Authentication, Authorization, Accountability0Access Control Models0Access Control techniques0Access Control Administration0Access Control Methods0Access Control Types0Accountability0Access Control practices0Access Control Monitoring0Threats to Access Control13-801/14/19 07:29 Security Architecture and Design0Computer Architecture0Systems Architecture0Security Models0Security Modes of Operation0Systems Evaluation Methods0Open vs. Closed Systems0Enterprise Architecture0Security Threats13-901/14/19 07:29 Physical and Environmental Security0What is Physical Security0Planning Process0Protecting assets0Internal Support Systems0Perimeter Security0Other aspects13-1001/14/19 07:29 Telecommunications and Network Security0Open Systems Interconnection Reference Model0TCP/IP0Types of Transmission0LAN Networking0Routing Protocols0Networking Devices0Networking services and protocols0Intranets and Extranets0Metropolitan Area networks0Remote access0Wireless technologies0Rootkits13-1101/14/19 07:29 Cryptography0History, Definitions and Concepts0Types of Ciphers0Methods of Encryption0Type of Asymmetric Systems0Message Integrity0PKI0Key Management0Link / End-to-end Encryption0Email standards0Internet security0Attacks13-1201/14/19 07:29 Legal Regulation and Compliance Investigation0Cyber law and Cyber crime0Intellectual property law0Privacy0Liability and Ramifications0Digital Forensics and Investigations0Ethics13-1301/14/19 07:29 Applications Security0Software and applications security issues0Database Security0Secu4e systems development0Application development and security0Object-oriented systems and security0Distributed computing and security0Expert systems and security0Web security0Mobile code0Patch management13-1401/14/19 07:29 Operations Security0Role of the Operations Department0Administrative Management0Assurance Levels0Configuration management0Media Controls0Data Leakage0Network and Resource Availability0Mainframes0Email Security0Vulnerability
View Full Document