Security+ Guide to Network Security Fundamentals, 2e

1-1

Chapter 1 Information Security Fundamentals

At a Glance Instructors Notes
Chapter Overview Chapter Objectives Technical Notes Lecture Notes Quick Quizzes Discussion Questions Additional Activities

Security+ Guide to Network Security Fundamentals, 2e

1-2

Instructors Notes Chapter Overview

This chapter introduces the fundamentals of Security+ network security. It begins by examining the current challenges in network security. Students will see why network security is important and learn to define information security and its associated terminology. Students will also explore the CompTIA Security+ certification for IT professionals and survey the types of careers open in the information security field.

Chapter Objectives
After reading this chapter, students will be able to: Identify the challenges for information security Define information security Explain the importance of information security List and define information security terminology Describe the CompTIA Security+ certification exam Describe information security careers

Technical Notes
HANDS-ON PROJECTS Project 1-1 Project 1-2 Project 1-3 Project 1-4 HARDWARE DEVICES REQUIRED Computer PC Computer PC Computer PC Computer PC OPERATING SYSTEM REQUIRED Windows XP Windows XP Windows XP Windows XP OTHER RESOURCES Internet connectivity and installation permissions set Microsoft Baseline Security Analyzer and Internet connectivity Internet connectivity and Gibson Researchs ShieldsUp! ShieldsUp! Program

This chapter should not be completed in one class session. It is recommended that you split the chapter into at least two class sessions, if possible. The amount of subject matter to be covered can be covered in anywhere between a 2to 4-hour period, plus any at-home exercises you wish to assign.

Lecture Notes Identifying the Challenges for Information Security

The challenge of keeping networks and computers secure has never been greater. A number of trends illustrate why security is becoming increasingly difficult. These include: Speed of attacks Faster detection of weaknesses Difficulties in patching Sophistication of attacks Distributed attacks

Security+ Guide to Network Security Fundamentals, 2e

1-3

Quick Reference

Discuss the different delays between patches and attacks as illustrated in Table 1-1 on page 4 of the text.

Certain trends have resulted in security attacks growing at an alarming rate. The Computer Emergency Response Team (CERT) security organization compiles statistics regarding the number of reported incidents of attacks. Table 1-2 on pages 4 and 5 of the text shows the explosive growth of these incidences.

Quick Reference

To apply the concepts in this topic, see Hands-On Projects 1-2, 1-3, and 1-4 at the end of this chapter.

Defining Information Security

The term information security describes the tasks of guarding digital information, which is typically processed by a computer (such as a personal computer), stored on a magnetic or optical storage device (such as a hard drive or DVD), and transmitted over a network. Information security ensures that protective measures are properly implemented. Information security is intended to protect information. Three of the characteristics of information that must be protected by information security are: Integrity Confidentiality Availability

Information security involves more than protecting the information itself. The third objective of information security is illustrated in Figure 1-1 on page 7 of the text. The center of the diagram shows what needs to be protected, which is information.

Understanding the Importance of Information Security

Information security is important to businesses and individuals because it can prevent data theft, avoid the legal consequences of not securing information, maintain productivity, foil cyberterrorism, and thwart identity theft.

Preventing Data Theft

Security is often associated with theft prevention. Drivers install security systems on their cars to prevent the cars from being stolen. The same is true with information securitybusinesses often cite preventing data theft as the primary goal of information security. The theft of data is the single largest cause of financial loss due to a security breach. One of the most important objectives of information security is to protect important business and personal data from theft.

Security+ Guide to Network Security Fundamentals, 2e

1-4

Quick Quiz
1. 2. 3. 4. 5. One of the looming fears is the increasing number of ____________ attacks. ANSWER: day zero One of the primary defenses against attacks is applying _____________, software that repairs security flaws and other problems in an application or operating system. ANSWER: patches _____________ ensures that only authorized parties can view information. ANSWER: Integrity _____________ is often associated with theft prevention. ANSWER: Security One of the most important objectives of information security is to protect important __________ and __________ data from theft. ANSWER: business; personal

Avoiding Legal Consequences

Businesses that fail to protect data may face serious penalties. Some federal and state laws that have been enacted to protect the privacy of electronic data include the following: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) The Sarbanes-Oxley Act of 2002 (Sarbox) The Gramm-Leach-Bliley Act (GLBA) USA PATRIOT Act 2001

Quick Reference

Discuss the different laws that have been enacted as listed on pages 8 and 9 of the text in more detail.

Maintaining Productivity
After an attack on information security, clean-up efforts divert resources, such as time and money, away from normal activities. According to a Corporate IT Forum survey of major corporations, each attack costs a company an average of $213,000 in lost man-hours and related costs, while one-third of the corporations reported an average of more than 3,000 man-hours lost. Table 1-3 on page 10 of the text provides an estimate of lost salary and productivity during a virus attack and cleanup for businesses with 100, 250, 500, and 1000 employees.

Foiling Cyberterrorism
An area of growing concern among many defense experts is surprise attacks by terrorist groups using computer technology and the Internet. These attacks could cripple a nations electronic and commercial infrastructure. Such an attack is called cyberterrorism. One challenge in combating cyberterrorism is that many prime targets are not owned and managed by the federal government.

Thwarting Identity Theft

Identity theft involves using someones personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating. National, state, and local legislation continues to be enacted to deal with the growing problem of identity theft. For example, the Fair and Accurate Credit Transactions Act of 2003 is a federal law that addresses identity theft.

Security+ Guide to Network Security Fundamentals, 2e

1-5

Understanding Information Security Terminology

As with many advanced subjects, information security has its own terminology. The scenario in the text helps to illustrate information security terms and how they are used.

Quick Reference

Discuss the scenario on pages 11 through 13 of the text that helps illustrate information security terms and how they are used. Also, examine Table 1-4 on page 13, which lists information security terminology.

Exploring the CompTIA Security+ Certification Exam

Since 1982, the Computing Technology Industry Association (CompTIA) has been working to advance the growth of the IT industry and those people working within it. CompTIA is also the worlds largest developer of vendorneutral IT certification exams. The CompTIA Security+ certification tests for mastery in security concepts and practices. The exam was designed with input from security industry leaders, such as VeriSign, Symantec, RSA Security, Microsoft, Sun, IBM, Novell, and Motorola. The Security+ exam is designed to cover a broad range of security topics. The topics are categorized into five areas or domains. Table 1-5 on page 14 of the text lists the domains and the percentage of questions from each domain.

Surveying Information Security Careers

One of the fastest growing career fields is information security. As information attacks increase, companies are becoming more aware of their vulnerabilities and are looking for ways to reduce their risks and liabilities. Information security jobs are sometimes divided into three general roles: security management, security engineering, and security administration. A security manager focuses on developing corporate security plans and policies, providing education and awareness, and communicating with executive management about security issues. Security engineers design, build, and test security solutions to meet the policies while still addressing business needs. Security administrators configure and maintain security solutions to ensure proper service levels and availability.

Quick Quiz
1. 2. 3. 4. 5. The ___________ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information. ANSWER: Gramm-Leach-Bliley Act or GLBA One challenge in combating __________ is that many prime targets are not owned and managed by the federal government. ANSWER: cyberterrorism A(n) ____________ is a person or thing that has the power to carry out a threat. ANSWER: threat agent A(n) ___________ is the likelihood that something will happen. ANSWER: risk ___________ help employers determine who has the skills and knowledge necessary to secure their systems and data. ANSWER: Certifications

Security+ Guide to Network Security Fundamentals, 2e

1-6

Discussion Questions
1. 2. Discuss the different methods used to steal data. Discuss several different strategies that can be used to pass the CompTIA Security+ exam.

Additional Activities
1. 2. Have students conduct research looking for software and hardware that can prevent data theft. Have students take a CompTIA Security exam and discuss the results.