The Intelligence Of The Cia Triad Network Security

Introduction Over the last few years the amount of security breaches that have been reported have had one factor that has been prevalent in majority of the attacks. That factor is the employee’s and how they are manipulated into giving the intruder/hacker exactly what they needed without realizing it. The use of social engineering in data breaches and fraud has been steadily increasing over the years. Confidentiality, integrity, and availability the three components of the CIA triad in network security can all be compromised by the risk of social engineering. Definition of Social Engineering Social engineering also known as people hacking is the art of utilizing human behavior to breach security without the victim even realizing that they have been manipulated. Social engineering can be further broken down to three methodologies. 1. Phishing - The sending of emails appearing to be from a reputable source with the goal of gaining personal information from the victim(s) 2. Vishing – This is the practice of getting information from the victim or attempting to Influence actions by the use of a telephone. 3. Impersonation – This is the practice of pretending to be another person with the goal of obtaining information or access to a person, company, or computer system. Categories of Social Engineering Social engineering attacks fall under to main categories:Show MoreRelatedEssay about Information and the CIA Triad1319 Words   |  6 PagesCIA Triad? Sounds like a secret organization doesn’t it? It almost feels like people are going to come to a screeching halt in your driveway, jump out and take you away, never to be seen again. Sounds very scary. Good thing for us that is not going to happen. Lets get to the point. Information is defined as raw data, which includes words, numbers, value etc. It includes analytical and Factual information. Security is defined as the prevention of intentional harm. The CIA Triad is structure of policiesRead MoreFice Of Personnel Management Essay1715 Words   |  7 Pagesup to the breach. Explains how adhering to the fundamental principles of security practice: the Confidentiality, Integrity and Availability (CIA triad), combined with risk management policies we have learn in the previous weeks, as well as incorporating the importance of o rganizational culture that could lead to a path of preventative cybersecurity. Later in the paper we will examine further on the fundamentals of security practice that would create strong cyber defense posture. Read MoreCyber Case Study912 Words   |  4 Pagestime, greater connectivity provides more potential attack vectors. Below are some of the cyber threats that educational institutions come across. IT security threats can be classified into mainly 4 categories: Internal External Physical Social engineering and software driven Internal security threats Employees - In the 2016 Cyber Security Intelligence Index, IBM found that 60% of all attacks were carried out by insiders. Employees can be a threat in various different forms such as getting manipulatedRead MoreLaw Enforcement, US Military, and Terrorism923 Words   |  4 Pagessignificant role in preventing terrorism on a state, national, and global scale. Former Vice-President Dick Cheney comments, On the ground, the first responders and local police [are] the first line of defense and intelligence, followed by federal law enforcement, with our foreign intelligence and military forces on call (Melber). Through a collaboration of various agencies, counterterrorism efforts continue to fight terrorist threats on a domestic and international scale. On a national scale, lawRead MoreIdentifying Security Controls For Information Systems Supporting The Department Of Defense1853 Words   |  8 PagesDOD Specific Security Controls The purpose of this document is to provide guidelines for selecting and identifying security controls for information systems supporting the Department of Defense (DoD). These guidelines have been established to help complete a secure system within the agency. Guidelines provided in the NIST Special Publication 800-53 are relevant to all federal information systems and have been mostly established from a technical view to supplement related guidelines for national securityRead MoreGovernment spying on Citizens3257 Words   |  14 Pagesbackdoor into all Windows software. Microsoft has long worked hand-in-hand with the NSA and FBI so that encryption doesn’t block the government’s ability to spy on users of Skype, Outlook, Hotmail and other Microsoft services. And Microsoft informs intelligence agencies of with information about bugs in its popular software before it publicly releases a fix, so that information can be used by the government to access computers. The most under-discussed aspect of the  NSA  story has long been its internationalRead MoreIs3220 Project Part 13363 Words   |  14 PagesIS 3220 IT Infrastructure Security Project Part 1: Network Survey Project Part 2: Network Design Project Part 3: Network Security Plan ITT Technical Institute 8/4/15 Project Part 1: Network Survey Network Design and Plan Executive Summary: We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need toRead MoreCyber Warfare And Security Threats2770 Words   |  12 Pagesedge technologies create opportunities, some have become prey to attackers and has given birth to a new era of Cyber warfare. Consequently, the Internet, computers and networks have become targets and vehicles of cyber attacks and generate challenges to our security privacy. Cyber Warfare presents an ever-increasing amount of security threats, which continue to escalate with increasing harshness, and is now a critical issue in our technology realm and a growing threat to the world. Cyber wars are generallyRead MoreAn Evaluation of Information Security and Risk Management Theories1903 Words   |  8 PagesAn abundance of information security and risk management theori es are prevalent; however, it can be difficult to identify valid and applicable theories. In the reading to follow, several information security and risk management theories are evaluated. These theories are presented and employed via various frameworks, models, and best practice guidelines. An assessment of sufficient research pertaining to these theories is addressed, along with a consideration of the challenges that arise from aRead MoreEthical Hacking8365 Words   |  34 Pagesof Internet, different aspects of it are achieving the highest peak of growth. An example of it is e-commerce. More and more computers get connected to the Internet, wireless devices and networks are booming and sooner or later, nearly every electronic device may have its own IP address. The complexity of networks is increasing, the software on devices gets more sophisticated and user friendly – interacting with other devices and people are a main issues. At the same time, the complexity of the involved