SlideShare a Scribd company logo

Itt2 its introduction

M
Morten Nielsen

The document discusses an IT security introduction course. It outlines that the course will cover security concepts like risk assessment using the NIST framework, threats, vulnerabilities, and the risk calculation of likelihood times impact. The document provides examples of assignments where students would analyze risks from scenarios like a failed file server backup, stolen CEO credentials, locked out user, internet connection failure, and defaced homepage.

EducationTechnology
Related topics:
IT Security
1 of 12
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
Morten Bo Nielsen – mon@eal.dk 1/12 ITT2 IT security introduction 2014S
Morten Bo Nielsen – mon@eal.dk 2/12 Today 1.Quick introduction • Course and security in general 2.Risk • The NIST way 3.Exercise time
Morten Bo Nielsen – mon@eal.dk 3/12 Course plan It will be on fronter soon (soory about the delay)
Morten Bo Nielsen – mon@eal.dk 4/12 Course What is security? Technical vs. non-technical Risk (both known and unknown)
Morten Bo Nielsen – mon@eal.dk 5/12 Formal stuff NIST 800-30 ISO 27000 family
Morten Bo Nielsen – mon@eal.dk 6/12 Informal stuff Sans 20 critical security controls Blogs, magazines, opinions, articles, FUD and so on
Morten Bo Nielsen – mon@eal.dk 7/12 NIST 800-30 2.3.1 Risk Models (p. 8) Figure 5: RISK ASSESSMENT PROCESS (p. 23) TABLE D-2:TAXONOMY OFTHREAT SOURCES (p. D-2) TABLE F-4:TAXONOMY OF PREDISPOSING CONDITIONS (p. F-4)
Morten Bo Nielsen – mon@eal.dk 8/12 Know this Threat +Vulnerability = Attack Likelihood x Impact = Risk Impact: Confidentiality, Integrity,Availability
Morten Bo Nielsen – mon@eal.dk 9/12 Risk RISK
Morten Bo Nielsen – mon@eal.dk 10/12 Assignment context ● 30 employees ● Architechs ● State any other assumptions
Morten Bo Nielsen – mon@eal.dk 11/12 Assignment ● Consider threats, vulnerabilities, likelihood and impact ● File server backup failed ● CEO login credentials stolen ● User writes bad password three times and is locked out ● Internet connection fails ● Homepage is defaced
Morten Bo Nielsen – mon@eal.dk 12/12 Credits & licences ● Content by Morten Bo Nielsen License: Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. (http://creativecommons.org/licenses/by-nc-sa/3.0/) ● EAL logo might be an issue, please check before you use it

More Related Content

PDF
Itt2 its introduction
Morten Nielsen
 
PPTX
Value
cortneyw
 
PPTX
Ultranet levers
Haileybury
 
PPT
0762219 Bluffed and Stacked
mprimrose
 
PPTX
Big centre tv
Ramin Asgharpour
 
PPT
1950s
Kate Ahern
 
PPT
Levers
Mariam Hantera
 
PPTX
Social mood theory 2017
Roselyn Anderson
 
Itt2 its introduction
Morten Nielsen
 
Value
cortneyw
 
Ultranet levers
Haileybury
 
0762219 Bluffed and Stacked
mprimrose
 
Big centre tv
Ramin Asgharpour
 
1950s
Kate Ahern
 
Levers
Mariam Hantera
 
Social mood theory 2017
Roselyn Anderson
 

Similar to Itt2 its introduction (20)

PDF
Microsoft InfoSec for cloud and mobile
Vijayananda Mohire
 
PDF
Information Security Management 101
Jerod Brennen
 
PPTX
ISMS User_Awareness Training.pptx
Mukesh Pant
 
PDF
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
AT-NET Services, Inc. - Charleston Division
 
PPT
ch01.ppt
samsam693199
 
PPT
educational content, educational contented educational content
Olajide Kuku
 
PPT
information security presentation topics
Olajide Kuku
 
PPT
CISSP Certified Information System Security Professional_009.ppt
careerbdaugx
 
PPT
INFORMATION SECURITY STUDY GUIDE for STUDENTS
henlydailymotion
 
PPTX
Final Presentation
Mackenzie Starcevich
 
PPTX
ISAA PPt
RishabhAgrawal695188
 
PDF
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
IGN MANTRA
 
PPTX
2021 BSides Tampa Cyber Security Careers
Scott Stanton
 
PDF
Sem 001 sem-001
SelectedPresentations
 
PDF
CRISC Certification Course Content.pdf
infosec train
 
PDF
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
PPTX
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
PDF
UNYCC Information Security Discussion
Ben Woelk, CISSP, CPTC
 
PDF
Primer for Information Security Programs
Richard Greenberg, CISSP
 
PPTX
INFRAGARD 2014: Back to basics security
Joel Cardella
 
Microsoft InfoSec for cloud and mobile
Vijayananda Mohire
 
Information Security Management 101
Jerod Brennen
 
ISMS User_Awareness Training.pptx
Mukesh Pant
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
AT-NET Services, Inc. - Charleston Division
 
ch01.ppt
samsam693199
 
educational content, educational contented educational content
Olajide Kuku
 
information security presentation topics
Olajide Kuku
 
CISSP Certified Information System Security Professional_009.ppt
careerbdaugx
 
INFORMATION SECURITY STUDY GUIDE for STUDENTS
henlydailymotion
 
Final Presentation
Mackenzie Starcevich
 
ISAA PPt
RishabhAgrawal695188
 
ISO 27001 Awareness IGN Mantra 2nd Day, 1st Session.
IGN MANTRA
 
2021 BSides Tampa Cyber Security Careers
Scott Stanton
 
Sem 001 sem-001
SelectedPresentations
 
CRISC Certification Course Content.pdf
infosec train
 
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
UNYCC Information Security Discussion
Ben Woelk, CISSP, CPTC
 
Primer for Information Security Programs
Richard Greenberg, CISSP
 
INFRAGARD 2014: Back to basics security
Joel Cardella
 
Ad

More from Morten Nielsen (20)

PDF
Itt1 intro project management
Morten Nielsen
 
PDF
Itt1 intro knowing and doing
Morten Nielsen
 
PDF
Itt2 its pki and certificates
Morten Nielsen
 
PDF
Itt2 its ssl and services
Morten Nielsen
 
ODP
Itt2 its ids
Morten Nielsen
 
ODP
Itt2 its encrypted storage
Morten Nielsen
 
ODP
Itt3 virtual machines
Morten Nielsen
 
ODP
Itt1 sd requirements
Morten Nielsen
 
ODP
Itt1 sd uml and oo
Morten Nielsen
 
ODP
Itt3 its acl
Morten Nielsen
 
ODP
Itt3 its social engineering
Morten Nielsen
 
ODP
Itet3 its forensics
Morten Nielsen
 
ODP
Diagram cookbook
Morten Nielsen
 
ODP
ITET3 Networking P2P
Morten Nielsen
 
ODP
ITET1 Routing Transport layer.odp
Morten Nielsen
 
ODP
ITET1 Routing Application layer.odp
Morten Nielsen
 
ODP
ITET3 ITS governance
Morten Nielsen
 
ODP
Routing vlans
Morten Nielsen
 
ODP
Itet2 its social engineering
Morten Nielsen
 
ODP
Itet2 its counter recon
Morten Nielsen
 
Itt1 intro project management
Morten Nielsen
 
Itt1 intro knowing and doing
Morten Nielsen
 
Itt2 its pki and certificates
Morten Nielsen
 
Itt2 its ssl and services
Morten Nielsen
 
Itt2 its ids
Morten Nielsen
 
Itt2 its encrypted storage
Morten Nielsen
 
Itt3 virtual machines
Morten Nielsen
 
Itt1 sd requirements
Morten Nielsen
 
Itt1 sd uml and oo
Morten Nielsen
 
Itt3 its acl
Morten Nielsen
 
Itt3 its social engineering
Morten Nielsen
 
Itet3 its forensics
Morten Nielsen
 
Diagram cookbook
Morten Nielsen
 
ITET3 Networking P2P
Morten Nielsen
 
ITET1 Routing Transport layer.odp
Morten Nielsen
 
ITET1 Routing Application layer.odp
Morten Nielsen
 
ITET3 ITS governance
Morten Nielsen
 
Routing vlans
Morten Nielsen
 
Itet2 its social engineering
Morten Nielsen
 
Itet2 its counter recon
Morten Nielsen
 
Ad

Recently uploaded (20)

PDF
GENETICS IN BIOLOGY IN SECONDARY LEVEL FORM 3
ElishamichaelSamwel
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PDF
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PDF
A GUIDE TO GENETICS FOR UNDERGRADUATE MEDICAL STUDENTS
DrBincy A. S
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
GENETICS IN BIOLOGY IN SECONDARY LEVEL FORM 3
ElishamichaelSamwel
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Tissue processing ( HISTOPATHOLOGICAL TECHNIQUE
mathiasmelwyn7
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
A GUIDE TO GENETICS FOR UNDERGRADUATE MEDICAL STUDENTS
DrBincy A. S
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Institutional Correction lecture only . . .
limvtheghins
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 

Itt2 its introduction

  • 1. Morten Bo Nielsen – mon@eal.dk 1/12 ITT2 IT security introduction 2014S
  • 2. Morten Bo Nielsen – mon@eal.dk 2/12 Today 1.Quick introduction • Course and security in general 2.Risk • The NIST way 3.Exercise time
  • 3. Morten Bo Nielsen – mon@eal.dk 3/12 Course plan It will be on fronter soon (soory about the delay)
  • 4. Morten Bo Nielsen – mon@eal.dk 4/12 Course What is security? Technical vs. non-technical Risk (both known and unknown)
  • 5. Morten Bo Nielsen – mon@eal.dk 5/12 Formal stuff NIST 800-30 ISO 27000 family
  • 6. Morten Bo Nielsen – mon@eal.dk 6/12 Informal stuff Sans 20 critical security controls Blogs, magazines, opinions, articles, FUD and so on
  • 7. Morten Bo Nielsen – mon@eal.dk 7/12 NIST 800-30 2.3.1 Risk Models (p. 8) Figure 5: RISK ASSESSMENT PROCESS (p. 23) TABLE D-2:TAXONOMY OFTHREAT SOURCES (p. D-2) TABLE F-4:TAXONOMY OF PREDISPOSING CONDITIONS (p. F-4)
  • 8. Morten Bo Nielsen – mon@eal.dk 8/12 Know this Threat +Vulnerability = Attack Likelihood x Impact = Risk Impact: Confidentiality, Integrity,Availability
  • 9. Morten Bo Nielsen – mon@eal.dk 9/12 Risk RISK
  • 10. Morten Bo Nielsen – mon@eal.dk 10/12 Assignment context ● 30 employees ● Architechs ● State any other assumptions
  • 11. Morten Bo Nielsen – mon@eal.dk 11/12 Assignment ● Consider threats, vulnerabilities, likelihood and impact ● File server backup failed ● CEO login credentials stolen ● User writes bad password three times and is locked out ● Internet connection fails ● Homepage is defaced
  • 12. Morten Bo Nielsen – mon@eal.dk 12/12 Credits & licences ● Content by Morten Bo Nielsen License: Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. (http://creativecommons.org/licenses/by-nc-sa/3.0/) ● EAL logo might be an issue, please check before you use it