Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Computer security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Security measures=== A state of computer security is the conceptual ideal, attained by the use of three processes: threat prevention, detection, and response. These processes are based on various policies and system components, which include the following: * Limiting the access of individuals using [[user account]] [[access control]]s and using [[cryptography]] can protect systems files and data, respectively. * [[Firewall (networking)|Firewalls]] are by far the most common prevention systems from a network security perspective as they can (if properly configured) shield access to internal network services and block certain kinds of attacks through packet filtering. Firewalls can be both hardware and software-based. Firewalls monitor and control incoming and outgoing traffic of a computer network and establish a barrier between a trusted network and an untrusted network.<ref name="Oppliger-1997">{{Cite journal |last=Oppliger |first=Rolf |date=1997-05-01 |title=Internet security: firewalls and beyond |journal=Communications of the ACM |volume=40 |issue=5 |pages=92β102 |doi=10.1145/253769.253802 |issn=0001-0782|doi-access=free }}</ref> * [[Intrusion Detection System]] (IDS) products are designed to detect network attacks in-progress and assist in post-attack [[forensics]], while [[audit trail]]s and [[data logging|logs]] serve a similar function for individual systems. * ''Response'' is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of [[legal]] authorities, counter-attacks, and the like. In some special cases, the complete destruction of the compromised system is favored, as it may happen that not all the compromised resources are detected. * Cyber security awareness training to cope with cyber threats and attacks.<ref>{{Cite web |title=How to Increase Cybersecurity Awareness |url=https://www.isaca.org/resources/isaca-journal/issues/2019/volume-2/how-to-increase-cybersecurity-awareness |access-date=2023-02-25 |website=ISACA}}</ref> * Forward web [[Proxy server|proxy]] solutions can prevent the client to visit malicious web pages and inspect the content before downloading to the client machines. Today, computer security consists mainly of preventive measures, like [[Firewall (computing)|firewalls]] or an [[exit procedure]]. A firewall can be defined as a way of filtering network data between a host or a network and another network, such as the [[Internet]]. They can be implemented as software running on the machine, hooking into the [[network stack]] (or, in the case of most [[UNIX]]-based operating systems such as [[Linux]], built into the operating system [[Kernel (operating system)|kernel]]) to provide real-time filtering and blocking.<ref name="Oppliger-1997" /> Another implementation is a so-called ''physical firewall'', which consists of a separate machine filtering network traffic. Firewalls are common amongst machines that are permanently connected to the Internet. Some organizations are turning to [[big data]] platforms, such as [[Apache Hadoop]], to extend data accessibility and [[machine learning]] to detect [[advanced persistent threat]]s.<ref>{{Cite news |last=Woodie |first=Alex |date=9 May 2016 |title=Why ONI May Be Our Best Hope for Cyber Security Now |url=http://www.datanami.com/2016/05/09/oni-may-best-hope-cyber-security-now/ |url-status=live |access-date=13 July 2016 |archive-url=https://web.archive.org/web/20160820015812/https://www.datanami.com/2016/05/09/oni-may-best-hope-cyber-security-now/ |archive-date=20 August 2016}}</ref> In order to ensure adequate security, the confidentiality, integrity and availability of a network, better known as the CIA triad, must be protected and is considered the foundation to information security.<ref>{{cite web |last=Walkowski |first=Debbie |date=9 July 2019 |title=What Is The CIA Triad? |url=https://www.f5.com/labs/articles/education/what-is-the-cia-triad.html |access-date=25 February 2020 |website=F5 Labs |language=en}}</ref> To achieve those objectives, administrative, physical and technical security measures should be employed. The amount of security afforded to an asset can only be determined when its value is known.<ref>{{cite web |date=3 December 2018 |title=Knowing Value of Data Assets is Crucial to Cybersecurity Risk Management {{!}} SecurityWeek.Com |url=https://www.securityweek.com/knowing-value-data-assets-crucial-cybersecurity-risk-management |access-date=25 February 2020 |website=www.securityweek.com}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)