Information Security
Unit 2
Application of Security Countermeasures to Mitigate Malicious Attacks
© ITT Educational Services, Inc. All rights reserved.
Learning Objective
Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 2
Key Concepts
Attacks, threats, and vulnerabilities in a typical IT infrastructure
Common security countermeasures typically found in an IT infrastructure
Risk assessment approach to securing an
IT infrastructure
Risk mitigation strategies to shrink the information security gap
NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 3
EXPLORE: CONCEPTS
NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 4
Definitions
Risk: Probability that an intentional or unintentional act will harm resources
Threat: Any accidental or intentional event that negatively impacts company resources
Vulnerability: Inherent weakness that may enable threats to harm system or networks
Risks, threats, and vulnerabilities affect confidentiality, integrity, and availability (CIA).
NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 5
Types of Threats
Malicious software
Device failure
Application failure
Natural disaster
Intrusive cracker
NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 6
Types of Vulnerabilities
Insecure servers or services
Exploitable applications and protocols
Unprotected system or network resources
Traffic interception and eavesdropping
Lack of preventive and protective measures against malware or automated attacks NT2580 Introduction to Information Security
© ITT Educational Services, Inc. All rights reserved.
Page 7
Identify