The main things I've learned.
The history of Information security.
The history of Information security; earlier versions of the German code machine Enigma were first broken by the Poles in 1930; in 1960s, Advanced Research Procurement Agency (ARPA) was testing networks supports for military to exchange information and communication. In December 1973, discovered problems of ARPANET, included no safety procedures for dial-up connections to ARPANET and non-existent user identification and authorization to system, which had security threats in late 1970s; in 1990s, networks of computers became more common; now a day, internet brings millions of computer networks into communication with each other, each connected computer needs to be secure.
After the introduction of Information security, I also learned the definition of security and types of information security. How to develop an information security. The system development life cycle is designed for implementation of information security within an organization.
Information secure project team is to design to update and protect the organization’s information security.
What I find difficult to understand.
There are few keywords I found hard to understand such as, security blueprint, security model, security model and security posture.
What interests or doesn't interest me.
Information secure project team is the one thing really interests me, because it also related to management and team development.
Didn't get too interest of the history of the information security.
Recent news article (on the Internet)
http://www.securityfocus.com/brief/1014
Social-networking sites short on securityPublished: 2009-09-18
Web 2.0 sites that allow user-generated content make up the majority of top distributors of malicious software, stated a report that security firm Websense published this week.
The report, which covers Internet security trends for the first half of 2009, found that a stunning 95 percent of user-generated comments to blogs, chat rooms and message boards are either spam or contain links to malicious programs. In all, the number of malicious sites detected by Websense more than tripled in the last six months, growing almost eight-fold in the last year. The report also found that more than three-quarters of the Web sites hosting some malicious code are legitimate sites that have been compromised.
"The very aspects of Web 2.0 sites that have made them so revolutionary -- the dynamic nature of the content on the the sites, the ability for anyone to easily create and post content, and the trust that users have for others in their online networks -- are the same characteristics that radically raise the potential for abuse," the company stated in the report.
The report echoed a recent survey by researchers from TippingPoint and Qualys, who found that legitimate Web sites are failing to patch significant vulnerabilities, leaving themselves open to compromise.
The Websense report found that 61 of the Top 100 Web sites "either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious content."
Websites we use everyday including facebook, myspace, msn, emails or other comment board are either spam or contain links to malicious programs, which related to information security system, non-existent user identification and authorization to system.
No comments:
Post a Comment