Documente Academic
Documente Profesional
Documente Cultură
Information Security
McGraw-Hill/Irwin
INTRODUCTION
Information security a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization This plug-in discusses how organizations can implement information security lines of defense through people first and technology second
B6-2
B6-3
B6-5
B6-6
B6-7
Identity theft the forging of someones identity for the purpose of fraud Phishing a technique to gain personal information for the purpose of identity theft
B6-9
B6-11
B6-12
Content Filtering
Organizations can use content filtering technologies to filter e-mail and prevent e-mails containing sensitive information from transmitting and stop spam and viruses from spreading Content filtering occurs when organizations use software that filters content to prevent the transmission of unauthorized information Spam a form of unsolicited e-mail
B6-13
ENCRYPTION
If there is an information security breach and the information was encrypted, the person stealing the information would be unable to read it
Encryption scrambles information into an alternative form that requires a key or password to decrypt the information Public key encryption uses two keys: a public key that everyone can have and a private key for only the recipient
B6-14
ENCRYPTION
B6-15
FIREWALLS
One of the most common defenses for preventing a security breach is a firewall
Firewall hardware and/or software that guards a private network by analyzing the information leaving and entering the network
B6-16
FIREWALLS
Sample firewall architecture connecting systems located in Chicago, New York, and Boston
B6-17
B6-18
5. Cracker : A hacker with criminal intent 6. Cyberterrorist : seek to cause harm to people or to destroy critical system or information and use internet as a weapon of mass destruction
B6-20