Introduction to Security – Chapter 1

This chapter is about computer security and the importance for computer users to be well-informed so that they can protect their computer against attacks. I gained a greater appreciation for the number of attacks that take place as well as the difficulties in stopping them. The following table identifies the reasons as well as brief description of the difficulties in preventing attacks.

The text goes on to define what information security is and associated terminology. In short information security is protection. I found it very helpful as the terminology (first column list below) was covered that it was put into context by using an analogy (middle column).

The significance of information security is to prevent Data Theft, stop Identity Theft, and Avoid Legal Consequences. If any combinations of these issues are compromised it will cause a negative impact on productivity. It has been estimated that U.S. businesses have forfeited 9 billion dollars in lost productivity each year.

The chapter goes on to explain in detail who Hackers, Script Kiddies, Spies, Employees, Cybercriminals, and cyberterrorists are and how they attempt to exploit vulnerabilities in computer or network attacks. Likewise the following steps of an attack are reviewed also:

·        Probe for information.

·        Penetrate any defenses

·        Modify security settings.

·        Circulate to other systems.

·        Paralyze networks and devices.

To combat against attacks a fundamental approach would be to have multiply defenses. They would entail layering, Limiting, Diversity, Obscurity, and Simplicity. In order to put these defenses to work and have a practical security strategy they would need to Block Attacks, Minimize Losses, Update Defenses, and Send Secure Information.

I found this chapter to be a good foundation in understanding security principles and its challenges. The lab assignments results proved to be interesting and showed I needed to tighten up a few items.