Please enable JavaScript.
Coggle requires JavaScript to display documents.
Key Objectives in COMPUTER SECURITY, Authentication, VPN, Crypotology,…
-
Authentication
-
Means of Authentication
Something Knows
(EX - PIN, Password)
Something Possesses
(EX - smart cards, physical keys)
Something Is (static biometrics)
(EX - Fingerprint, Retina)
Something Does (dynamic biometrics)
(EX - recognition by voice pattern, handwriting characteristics)
-
SSO
Advantage
reduce admin workload
admin can easily manage accounts
Disadvantage
single point of failure
hard to implement
-
VPN
Disadvantages
chance of fragmentation
Slow
Advantage
Hides source address
Bypass restrictions
-
Crypotology
Cryptography
Asymmetric Ciphers
Slower, Solve Key Distribution Problem
Uses Oneway Functions
Factoring integers (2^16)
Example - [Diffie-Hellman, Elgamal, DSA]
Diffie-Hellman used in SSH, TLS, IPSec
Elliptic Curves
Example - [ECDH, ECDSA]
-
Symmetric Ciphers
Block Ciphers
-
-
Types -
DES [DES,3DES]
AES(world standard for block encryption)
IDEA
RC [RC1 RC2 RC4 RC5 RC6]l
-
-
-
Access Control
-
Access Control Policies
Discretionary Access Control
First level of quoting
User can give his/her access rights to others
ACL Best Pracices
Stealth Rule on Top
Deny Rule at Bottom
Define both Inbound and Outbound
Reject,
Internal Packest with external IP
External Packest with Internal IP
-
Mandatory Access Control
Control using Label given to each resource
Can not give access rights to other users
Role Based Access Control
Gave Access rights to roles and that roles assign to users
Business Continuity
Continue Operations if Disaster Happen
-
-
BC/DR Coordinator maintaining BCP
Nested quote
Different methods of BCs
Mirrored Site
Backup Data Periodically for reduce recover time
Remote Journaling
Data Backup Instantly and Same as Original Site
Mutual Backup
Same kind of 2 organizations agree to give part of their facilities for other if Disaster Happen
Hot Site
Only Hardware Implemented same as Original Site
Cold Site
Only Infrastructures are Implemented
Disaster Recovery
Recover from Disaster
Security Monitoring
Functions
Packet Filtering
Limitations
Cannot,
keep track of sessions
prevent IP Spoofing attacks
allow dynamic port mapping
-
Advantages
Prevent from internal & external attacks
Blacklist maintenance
DoS attack protection
-
-
-