12015/10/20 muhammad salman university of indonesia
TRANSCRIPT
123/04/21
Muhammad SalmanUniversity of Indonesia
Web course
Course materials & resources: www.scele.ui.ac.idKeamanan dan Kehandalan Jaringan
Discussion & Sharing knowledge:@FacebookNetwork Security & Reliability
23/04/21
Question
23/04/21
Question
23/04/21
23/04/21
Sample Case: How to secure your house?
23/04/21
Accesability vs Security
23/04/21
23/04/21
“Everything is in harmony.Once we stand above atmosphere…
everything is quite, peace, balance… and in perfect harmonyOnce we sit on the earth, everything might be in chaos..”
- MATRIX REVOLUTION
23/04/21
Question
23/04/21
Assets Identification
• Operating System• Office Automation
• Training Material• Stock Control Records
SoftwareInformation
People
Physical
Paper Document
Services
Image & Reputation
• Finance Manager• Warehouse Operator
• Supplier Contract• Personnel Files
• Storage Cabinet• Laptop Computers
• UPS for Server• Electrical Supply
• Web Site• Brochure
Threat Categorization
• Earthquakes• Floods• Lightning• Storm
• Tornadoes• Deterioration
• Service Failure• Hardware Failure• Human Error• Design Failure
• Misroute Message• Transmission Error
• Traffic Overload• Network Failure• Malicious Software• Illegal Use of Software
• Theft• Infiltration
The Importance of Security
Private information, company secrets, financial data, computer equipment, and items of national security are placed at risk if proper security procedures are not followed.
A technician’s primary responsibilities include data and network security.
23/04/21
Primary Goals of a Good Security System
Protect Confidentiality private information is kept private
Ensure Data Integrity prevent data from from being inappropriately
changed or deleted
Ensure Data Availability services are available and uninterrupted data can be accessed data can be restored quickly
Security is Strengthened in Layers
Network
23/04/21
Privacy
Integrity
Authentication
Nonrepudiation
Interception Spoofing
Modification Proof of parties involved
Multiple Security Issues to be SolvedMultiple Security Issues to be Solved
Discussion
23/04/21
Issue #1: Social Engineering
Never give out a password
Always ask for the ID of the unknown person
Restrict access of unexpected visitors
Escort all visitors through the facility
Issue #2: Computer Disposal and Recycling
Erase all hard drives, then use a third-party tool to fully erase all data.
The only way to fully ensure that data cannot be recovered from a hard drive is to carefully shatter the platters with a hammer and safely dispose of the pieces.
To destroy software media (floppy disks and CDs), use a shredding machine designed for shredding these materials.
Issue #3: 70% Unreported
23/04/21
Issue #4: Attacker
Hacker vs Cracker
White Hat vs Black Hat
Ethical Hacker
Issue #5: Motivations
Political reason
“Robin Hood”
Script kiddies
Insider
Espionage
….
….
Issue #6: Wireless Vulnerability
• Attackers gain access to a network by being within range of an unprotected wireless network.
• When installing wireless services, you should apply wireless security techniques immediately in order to prevent unwanted access to the network.
Issue #7: Cybercrime Police
Issue #8: Copyright
Video and Music illegal distribution
Ownership and Intellectual Property
The music, film and video industries are global creative businesses which depend crucially on protection and enforcement of our intellectual property rights
23/04/21
Last but not least…
23/04/21
Example: Image Manipulation
Can you tell which one is fake?
23/04/21
Another example:
23/04/21
One more example:
23/04/21
Next Week
23/04/21