123/04/21

Muhammad SalmanUniversity of Indonesia

Web course

Course materials & resources: www.scele.ui.ac.idKeamanan dan Kehandalan Jaringan

Discussion & Sharing knowledge:@FacebookNetwork Security & Reliability

23/04/21

Question

23/04/21

Question

23/04/21

23/04/21

Sample Case: How to secure your house?

23/04/21

Accesability vs Security

23/04/21

23/04/21

“Everything is in harmony.Once we stand above atmosphere…

everything is quite, peace, balance… and in perfect harmonyOnce we sit on the earth, everything might be in chaos..”

- MATRIX REVOLUTION

23/04/21

Question

23/04/21

Assets Identification

• Operating System• Office Automation

• Training Material• Stock Control Records

SoftwareInformation

People

Physical

Paper Document

Services

Image & Reputation

• Finance Manager• Warehouse Operator

• Supplier Contract• Personnel Files

• Storage Cabinet• Laptop Computers

• UPS for Server• Electrical Supply

• Web Site• Brochure

Threat Categorization

• Earthquakes• Floods• Lightning• Storm

• Tornadoes• Deterioration

• Service Failure• Hardware Failure• Human Error• Design Failure

• Misroute Message• Transmission Error

• Traffic Overload• Network Failure• Malicious Software• Illegal Use of Software

• Theft• Infiltration

The Importance of Security

Private information, company secrets, financial data, computer equipment, and items of national security are placed at risk if proper security procedures are not followed.

A technician’s primary responsibilities include data and network security.

23/04/21

Primary Goals of a Good Security System

Protect Confidentiality private information is kept private

Ensure Data Integrity prevent data from from being inappropriately

changed or deleted

Ensure Data Availability services are available and uninterrupted data can be accessed data can be restored quickly

Security is Strengthened in Layers

Network

23/04/21

Privacy

Integrity

Authentication

Nonrepudiation

Interception Spoofing

Modification Proof of parties involved

Multiple Security Issues to be SolvedMultiple Security Issues to be Solved

Discussion

23/04/21

Issue #1: Social Engineering

Never give out a password

Always ask for the ID of the unknown person

Restrict access of unexpected visitors

Escort all visitors through the facility

Issue #2: Computer Disposal and Recycling

Erase all hard drives, then use a third-party tool to fully erase all data.

The only way to fully ensure that data cannot be recovered from a hard drive is to carefully shatter the platters with a hammer and safely dispose of the pieces.

To destroy software media (floppy disks and CDs), use a shredding machine designed for shredding these materials.

Issue #3: 70% Unreported

23/04/21

Issue #4: Attacker

Hacker vs Cracker

White Hat vs Black Hat

Ethical Hacker

Issue #5: Motivations

Political reason

“Robin Hood”

Script kiddies

Insider

Espionage

….

….

Issue #6: Wireless Vulnerability

• Attackers gain access to a network by being within range of an unprotected wireless network.

• When installing wireless services, you should apply wireless security techniques immediately in order to prevent unwanted access to the network.

Issue #7: Cybercrime Police

Issue #8: Copyright

Video and Music illegal distribution

Ownership and Intellectual Property

The music, film and video industries are global creative businesses which depend crucially on protection and enforcement of our intellectual property rights

23/04/21

Last but not least…

23/04/21

Example: Image Manipulation

Can you tell which one is fake?

23/04/21

Another example:

23/04/21

One more example:

23/04/21

Next Week

23/04/21