Security Mechanisms - A brief overview of types of actors and their motives | Coursera

Explore all of Coursera

For EnterpriseFor Students

Browse
Top Courses
Log In
Join for Free

Security Mechanisms

Loading...

Introduction to Cybersecurity Tools & Cyber Attacks

4.5 (2,731 ratings) | 61K Students Enrolled

Course 1 of 8 in the IBM Cybersecurity Analyst Specialization

Enroll for Free

This course gives you the background needed to understand basic Cybersecurity. You will learn the history of Cybersecurity, types and motives of cyber attacks to further your knowledge of current threats to organizations and individuals. Key terminology, basic system concepts and tools will be examined as an introduction to the Cybersecurity field. You will learn about critical thinking and its importance to anyone looking to pursue a career in Cybersecurity. Finally, you will begin to learn about organizations and resources to further research cybersecurity issues in the Modern era. This course is intended for anyone who wants to gain a basic understanding of Cybersecurity or as the first course in a series of courses to acquire the skills to work in the Cybersecurity field as a Jr Cybersecurity Analyst. The completion of this course also makes you eligible to earn the Introduction to Cybersecurity Tools & Cyber Attacks IBM digital badge. More information about the badge can be found https://www.youracclaim.com/org/ibm/badge/introduction-to-cybersecurity-tools-cyber-attacks Want to see if this is a good career fit for you? IBM is collaborating with MyInnerGenius, one of the world's leading assessment companies, to help you find out which careers in IT you will love -- careers that are a great match for you -- regardless of your education or experience -- even if you’ve never considered a role in IT. In less than an hour, you will receive targeted recommendations for hot roles where you will excel and everything you need to get started. You can even earn IBM Digital Badges to show the world your skills! Find out more http://ibm.myinnergenius.com/

Skills You'll Learn

Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks

Reviews

4.5 (2,731 ratings)

5 stars
65%
4 stars
25%
3 stars
6%
2 stars
2%
1 star
2%

SD

May 18, 2020

Surely it was a great experience and learning opportunity with IBM about the cybersecurity world. Appreciate!!! and eagerly wait for the future cybersecurity program.\n\n-----Subarnadip Debnath

S

Jun 25, 2020

Learned to combine knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

From the lesson

A brief overview of types of actors and their motives

This module will provide you with a brief overview of types of actors and their motives. You will also understand different types of attacks and their impact on an organization and individuals. You will also learn about tools that are available to you to assist in any cybersecurity investigation.

Security Attack Definition7:13

Security services11:57

Security Mechanisms6:41

Network Security Model8:57

Organizational Threats6:14

Security Architecture Attacks3:20

Security Architecture -Attack models8:33

Taught By

IBM Security Learning Services
IBM Global Subject Matter Experts

Try the Course for Free

Transcript

In this video, you will learn to describe security mechanisms and what they include. All right, into security and mechanisms. For enterprise security. So Stalin's tells us that security mechanisms are defined as the combination of hardware software and processes that enhance IP security. Once again. So we talked about the principle of the security enforcement point. This is the technical implementation of a security policy. The security policies derived from the business policy. So the business policy describes, what we're going to do. Not how we're going to do it. This security policy describes how worker wanted to do it and the security enforcement point or the security mechanisms are the technical implementation of that security policy. So that point is taken up with the second bullet point, that it's a security policy implementation mechanism or delivery vehicle. Some examples of those are protocol suppression for example to turn off FTP. That security policy would be no FTPs allow, the business policy. No one authorized large-scale data movements. So the security enforcement point would be to disable FTP, is another example about the identification and authentication we've talked about the three aspects of identification, of access control identification, authentication, authorization. Those were all services that are going to be important. Once again we talked about how security services are the tools for security enforcement. Pulling up of X.800. Starlings gives us a number of examples of security mechanism. So cryptography, digital signatures, access controls. You can read the list. These are actual. Like I said once again security enforcement points and at the top and just above each one of these security mechanisms is a controlling security policy. Once again the security policy is a technical policy that is derived from a logical business policies. So that's the food chain. So business policies, security policies, security enforcement points or security mechanism. So you'll see that list of what goes in. Those are referred to as specific services. There are ones that transcend, specific policies. Those are trusted functionality, how do we trust our internal users, our privileged users, two classes of users. We have general users. Privilege users. General users that's you and me. Privilege users or somebody who can change your security policy. That's the difference between the two and privileged users should have a lot of attention on their good behavior. So security labels those are referred to generally data. We think about security classification within the government or their secret, top secret, sensitive but unclassified in the private side there's confidential, extreme confidential, business centric. All of those are security labels that are applied to date and how do we use those labels? Access Control, data movement there's some models that describe how those are used, the most famous of which is the Bell-LaPadula model. So other pervasive security mechanisms include event detection, that is the core of Qradar and security intelligence that we can detect that something happened. Now, the question is, is that something different? Animal high risk so this is where it moves into the anomalies side. So security audit trails is also pervasive. This is the ability to collect security intelligence data and ensure that security intelligence data is available, is protected from unauthorized chain. I mean change and can be sent to the correct individuals. So there's an analogy for with security audit trails and criminal chain of custody, that you can always prove who's got responsibility for the data, for the security audits and what they've done to that. So it's extremely important in the forensic world.. Then recovery is recovering and backup which affects how we react or our response to a security alert. So once again we'd see some analogies between this, and the nist security model, and the IBM security framework described in Module 1. Here on Slide 15. We see an example of some security mechanisms or some security enforcement points. This is looking primarily at the access control policies. We see those security enforcement mechanisms implemented initially in the DMZ between the two firewalls good design principles they are of different designs so that if an adversary defeats one Firewall does not have to simply reapply that attack against the second. We see credential management in the security domain and within the security management being able to acquire events, manage credentials. Which those credentials consists of roles permissions and identities.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Top Online Courses

AI for Everyone
Introduction to TensorFlow
Neural Networks and Deep Learning
Algorithms, Part 1
Algorithms, Part 2
Machine Learning
Machine Learning with Python
Machine Learning Using Sas Viya
R Programming
Intro to Programming with Matlab
Data Analysis with Python
AWS Fundamentals: Going Cloud Native
Google Cloud Platform Fundamentals
Site Reliability Engineering
Speak English Professionally
The Science of Well Being
Learning How to Learn
Financial Markets
Hypothesis Testing in Public Health
Foundations of Everyday Leadership

Top Online Specializations

Deep Learning
Python for Everybody
Data Science
Applied Data Science with Python
Business Foundations
Architecting with Google Cloud Platform
Data Engineering on Google Cloud Platform
Excel to MySQL
Advanced Machine Learning
Mathematics for Machine Learning
Self-Driving Cars
Blockchain Revolution for the Enterprise
Business Analytics
Excel Skills for Business
Digital Marketing
Statistical Analysis with R for Public Health
Fundamentals of Immunology
Anatomy
Managing Innovation and Design Thinking
Foundations of Positive Psychology

Online Certificates

Google IT Support
IBM Customer Engagement Specialist
IBM Data Science
Applied Project Management
IBM Applied AI Professional Certificate
Machine Learning for Analytics
Spatial Data Analysis and Visualization
Construction Engineering and Management
Instructional Design

Online Degree Programs

Master's in Data Science
Bachelors Degree in Computer Science
Computer Science and Engineering Degrees
Master's in Machine Learning
MBA and Business Degrees
Master's in Electrical Engineering
Master's in Public Health
Master's in Information Technology

Coursera

About
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus
Coronavirus Response

Community

Learners
Partners
Developers
Beta Testers
Translators
Blog
Tech Blog

More

Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates

Get it on Google Play

© 2020 Coursera Inc. All rights reserved.