By: John Philip N.

Diamat
 ICT Security
Information and
communication
technology (ICT)
security measures are
necessary to protect
confidential information `

from unauthorized use,

modification, loss or
release.
The three key elements of an effective ICT
security system include:

• Monitoring and
controlling access
to confidential
information
• Safe transmission `

of data
• Secure storage and
disposal of data
We're going to discuss following
topics:

 Authentication
 One Time
passwords
 Program Threats
 System Threats `

 Viruses
 Security
Fundamentals
 1. Authentication

Authentication
refers to identifying
each user of the
system and
associating the `

executing programs
with those users.
Operating Systems generally identifies/authenticates users
using following three ways

A. Username /
Password − User
need to enter a
registered username
and password with `

Operating system to
login into the
system.
Operating Systems generally identifies/authenticates users
using following three ways

B. User card/key −
User need to punch
card in card slot, or
enter key generated
by key generator in
`
option provided by
operating system to
login into the system.
Operating Systems generally identifies/authenticates users
using following three ways

C. User attribute -
fingerprint/ eye retina
pattern/ signature −
User need to pass
his/her attribute via
designated input device `

used by operating
system to login into the
system.
 2. One-Time Passwords
In One-Time Password
system, a unique
password is required
every time user tries
to login into the
system. Once a one- `

time password is used,

then it cannot be used
again.
 3. Random Numbers
Random Numbers -
Users are provided
cards having numbers
printed along with
corresponding
alphabets. System asks
for numbers `

corresponding to few
alphabets randomly
chosen.
 4. Secret Key
4. Secret key − User are
provided a hardware
device which can create
a secret id mapped with
user id. System asks for
such secret id which is
to be generated every `

time prior to login.

 5. System Threats
System threats
refer to misuse of
system services
and network
connections to `

put user in
trouble.
 6. Program Threats
If a user program
made a program
to do malicious
tasks, then it is
known `

as Program
Threats
`
Computer Abuse
"The unauthorized use of,
or access to, a computer
for purposes contrary to
the wishes of the owner of
the computer or the data
held thereon.”
Such as:
`

⮚Hacking
⮚Pornography
⮚Viruses
Computer Viruses
To be defined as a
virus, a program must:
⮚Replicate itself in
order to carry out a
mission.
⮚Create damage to the
`

computer system
"infected".
Virus Components
The
Replication
mechanism
⮚allows virus
`

to copy
itself
Virus Components
The
Protection
mechanism
⮚Hides
`

virus from
detection
Virus Components
The Trigger
⮚Mechanism
which will set
off the
`

payload
Virus Components
The
Payload
⮚Effect of
the virus
`
What is Worm?
- Is a self-replicating program that is
harmful to networks.

- Worm uses the network to duplicate

its code to the hosts on a network,
often without any user intervention.

- Different from the virus because the

worm does not need to attach to a
program to infect the host.
Worms don’t even have to be delivered
via conventional programs; so-called
“fileless” worms are recent additions to
the virus scene.

- It harms networks because it

consumes bandwidth.
 What is Trojan Horse?
- Technically is a worm.
- Does not need to attached to other
software instead Trojan threat is hidden in
software that appears to do one thing, and
yet behind the scenes it does another.
A Trojan horse is a program that claims to
do one thing but then does something
totally different. A typical Trojan horse has a
filename that makes you think it’s a
harmless type of file; it looks innocuous
enough to be safe to open. But when you
run the file, it’s actually a virus program that
proceeds to inflict its damage on your
system.
Trojan horses are becoming more common, primarily through the spread of
Internet-based e-mail. These e-mail Trojans spread as innocent-looking
attachments to e-mail messages; when you click to open the attachment, you
launch the virus.
Viruses?
⮚ Why are there so many
new viruses? Is it because
some troll is making it for
fun? Or is it…
⮚ Because antivirus
companies are creating
new ones so we are bound
to buy their products?
Virus Protection Software
• Known as Antivirus
Software
• Antivirus software designed
to detect, disable, and
remove viruses, worms, and
Trojans before they infect a
computer.
• Becomes outdated quickly,
the technician is
responsible for applying the
most recent updates.
Most commonly known
anti-virus
software
 Security
Fundamentals

By: John Philip Diamat

Security
Security is about finding
a balance, as all
systems have limits. No
one person or company
has unlimited funds to
secure everything, and
we cannot always take
the most secure
approach.
Stand alone
One way to secure
a system from
network attack is
to unplug it and
make it a
standalone
system.
Plugged in
The opposite approach
of plugging it in
directly to the
Internet without any
firewall, antivirus, or
security patches
would make it
extremely vulnerable,
yet highly accessible.
Goals of Security
There are many ways in
which security can be
achieved, but it’s
universally agreed that
the security triad of
confidentiality, integrity,
and availability (CIA)
form the basic building
blocks of any good
security initiative.
Confidentiality
Confidentiality
addresses the
secrecy and privacy
of information.
Physical examples
of confidentiality
include locked
doors, armed
guards, and fences.
Integrity
Integrity is the
second piece of the
CIA security triad.
Integrity provides for
the correctness of
information. It allows
users of information
to have confidence
in its correctness
Availability
Availability is the
third leg of the CIA
triad. Availability
simply means that
when a legitimate
user needs the
information, it should
be available.
Risks, Assets, Threats
and Vulnerabilities
Risk
Risk is the probability
or likelihood of the
occurrence or
realization of a threat.
There are three basic
elements of risk:
assets, threats, and
vulnerabilities.
Asset
An asset is any item of
economic value owned by
an individual or
corporation.
Assets can be real—such as
routers, servers, hard drives,
and laptops—or assets can
be virtual, such as formulas,
databases, spreadsheets,
trade secrets, and
processing time.
Vulnerability
A vulnerability is a
weakness that can
be exploited by
cybercriminals to
gain unauthorized
access to a
computer system.
Threat
A threat sets the stage for risk
and is any agent, condition, or
circumstance that could
potentially cause harm, loss, or
damage, or compromise an IT
asset or data asset. From a
security professional’s
perspective, threats can be
categorized as events that
can affect the
confidentiality, integrity, or
availability of the
organization’s assets.
Examples of the types of threats an organization
can face
Natural disasters,
weather, and
catastrophic
damage: Hurricanes,
storms, weather
outages, fire, flood,
earthquakes, and
other natural events
compose an ongoing
threat.
Examples of the types of threats an organization
can face
Hacker attacks: An
insider or outsider
who is unauthorized
and purposely
attacks an
organization’s
components,
systems, or data.
Examples of the types of threats an organization
can face
Viruses and
malware: An entire
category of software
tools that are
malicious and are
designed to damage
or destroy a system
or data.
Examples of the types of threats an organization
can face
Disclosure of confidential
information: Anytime a
disclosure of confidential
information occurs, it can
be a critical threat to an
organization if that
disclosure causes loss of
revenue, causes potential
liabilities, or provides a
competitive advantage to
an adversary.
Examples of the types of threats an organization
can face
Denial of service (DoS)
or distributed DoS
(DDoS) attacks: An
attack against availability
that is designed to bring
the network or access to
a particular TCP/IP
host/server to its knees
by flooding it with
useless traffic.
Risk Assessment
A risk assessment is a
process to identify
potential security hazards
and evaluate what would
happen if a hazard or
unwanted event were to
occur.
There are two approaches
to risk assessment:
qualitative and
quantitative.
Two approaches in risk assessment
Qualitative Risk
Assessment - methods
use scenarios to drive a
prioritized list of
critical concerns and
do not focus on dollar
amounts. Example
impacts might be
identified as critical,
high, medium, or low.
Two approaches in risk assessment

Quantitative Risk
Assessment assigns a
monetary value to the
asset. It then uses
the
anticipated exposure
to calculate a dollar
cost.
Steps in quantitative risk assessment.
Step 1. Determine the
single loss expectancy
(SLE): This step involves
determining the single
amount of loss you could
incur on an asset if a threat
becomes realized or the
amount of loss you expect
to incur if the asset is
exposed to the threat one
time.
SLE is calculated as follows:
SLE = asset value ×
exposure factor. The
exposure factor (EF) is
the subjective,
potential portion of
the loss to a specific
asset if a specific
threat were to occur
Steps in quantitative risk assessment.

Step 2. Evaluate the

annual rate of
occurrence (ARO): The
purpose of evaluating
the ARO is to
determine how often
an unwanted event is
likely to occur on an
annualized basis.
Steps in quantitative risk assessment.
Step 3. Calculate the
annual loss expectancy
(ALE): This final step of
the quantitative
assessment seeks to
combine the potential
loss and rate per year to
determine the
magnitude of the risk.
ALE is calculated as follows:

ALE = SLE × ARO.

EXAMPLES OF

COMPUTATION
EXAMPLES:
If you have data worth $500 that has an
exposure factor of 50 percent due to lack of
countermeasures such as antivirus, what
would the SLE be?” You would use the
following formula to calculate the answer:
AV × EF = SLE

$500 × .50 = $250

EXAMPLES:
As part of a follow-up test question, could you
calculate the annualized loss expectance (ALE) if you
knew that this type of event typically happened four
times a year? Yes, as this would mean the ARO is 4.
Therefore:
ALE = SLE × ARO

$250 × 4 = $1,000
This means that, on average,
the loss is $1,000 per year.