Information Security Objectives

1567 Words7 Pages
3.1 Information Security So many cybercrime that could happen in every company or organization by cyber criminals. They could do anything to our important information like manipulate our system and important informaton, steal sensitive information to get their own profit or steal our identity to get bank account if our security isn’t strong enough. So information security is a thing that must be considered. Information security system has three fundamental objectives that is :
- Availability To ensure the valid user always have an access to the important information and it’s own resource and ensure the unauthorized user cannot get the access to own information. Lets take an example : give a password to your own personal computer so people
…show more content…
ID theft and fraud levels are now quite high in Canada, Australia, and Britain, and are developing even more rapidly in south east Asia, China, India and Japan, with quite similar costs to victims. Businesses can almost triple the cost per individual. The difference between identity theft and identity fraud are quite simple identity fraud is basically someone charging goods to your credit card, whilst identity theft involves someone acting as you (driver’s licence, credit cards and more). A test conducted recently by an American newspaper and IT security consultants showed that a PC connected to the Internet without adequate protection was hijacked in around 4 minutes. Windows PCs make up roughly 80% of the computers connected to the Internet, and the vast majority of automated attacks are designed to locate and exploit known security weaknesses. However, users of other operating systems should not be lulled into a false sense of security. Mac and linux/unix attacks are increasing with more specialised attacks. A hijacked PC will give the attacker full access to everything on your computer as well as the use of your computer to achieve other objectives such as attacking companies and websites. If like most people you store your passwords in a file on your computer, you may have already been…show more content…
Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. Following a successful exploit, the attacker can disable the target application (resulting in a denial-of-service state), or can potentially access to all the rights and permissions available to the compromised application.
a. Prevention
The IPS often sits directly behind the firewall and is provides a complementary layer of analysis that negatively selects for dangerous content. Unlike its predecessor the Intrusion Detection System (IDS), which is a passive system that scans traffic and reports back on threats—the IPS is placed inline (in the direct communication path between source and destination), actively analyzing and taking automated actions on all traffic flows that enter the network. Specifically, these actions include:
- Sending an alarm to the administrator (as would be seen in an IDS)
- Dropping the malicious packets
- Blocking traffic from the source address
- Resetting the

More about Information Security Objectives

Open Document