Intro to Information Computer Seccurity
CSE 3482
Introduction to Computer Security
Introduction to Information/Computer
Security
Instructor: N. Vlajic, Winter 2014
Learning Objectives
Upon completion of this material, you should be able to:
• Describe the key security requirements of confidentiality, integrity and availability (CIA).
• Describe the CNSS security model (McCumber Cube).
• Identify today’s most common threats and attacks against information.
• Distinguish between different main categories of malware. Required Reading
Computer Security, Stallings: Chapter 1
Computer Security, Stallings: Chapter 6
Introduction
• Information Technology – technology involving development & use of computer systems & networks for the purpose of processing & distribution of data
in many organizations, information/data is seen as the most valuable asset categories of IT jobs:
IT administrator - installs, maintains, repairs IT equipment
IT architect - draws up plans for IT systems and how they will be implemented
IT engineer - develops new or upgrades existing IT equipment
(software or hardware)
IT manager - oversees other IT employees, has authority to buy technology and plan budgets
Introduction (cont.)
• Information System – entire set of data, software, hardware, networks, people, procedures and policies that deal with processing & distribution of information in an organization
each component has its own strengths, weaknesses, and its own security requirements
information is
- stored on computer hardware,
- manipulated by software,
- transmitted by communication,
- used by people
- controlled by policies
Introduction (cont.)
• Computer Security vs. Information Security
terms are often used interchangeably, but … computer security (aka IT security) is mostly concerned with information in ‘digital form’ information security is concerned with information in any form it may take: electronic, print, etc.
Introduction to Computer Security
Introduction to Information/Computer
Security
Instructor: N. Vlajic, Winter 2014
Learning Objectives
Upon completion of this material, you should be able to:
• Describe the key security requirements of confidentiality, integrity and availability (CIA).
• Describe the CNSS security model (McCumber Cube).
• Identify today’s most common threats and attacks against information.
• Distinguish between different main categories of malware. Required Reading
Computer Security, Stallings: Chapter 1
Computer Security, Stallings: Chapter 6
Introduction
• Information Technology – technology involving development & use of computer systems & networks for the purpose of processing & distribution of data
in many organizations, information/data is seen as the most valuable asset categories of IT jobs:
IT administrator - installs, maintains, repairs IT equipment
IT architect - draws up plans for IT systems and how they will be implemented
IT engineer - develops new or upgrades existing IT equipment
(software or hardware)
IT manager - oversees other IT employees, has authority to buy technology and plan budgets
Introduction (cont.)
• Information System – entire set of data, software, hardware, networks, people, procedures and policies that deal with processing & distribution of information in an organization
each component has its own strengths, weaknesses, and its own security requirements
information is
- stored on computer hardware,
- manipulated by software,
- transmitted by communication,
- used by people
- controlled by policies
Introduction (cont.)
• Computer Security vs. Information Security
terms are often used interchangeably, but … computer security (aka IT security) is mostly concerned with information in ‘digital form’ information security is concerned with information in any form it may take: electronic, print, etc.