Security Mechanisms - A brief overview of types of actors and their motives | Coursera

Browse
Top Courses
Log In
Join for Free

Security Mechanisms

Loading...

Introduction to Cybersecurity Tools & Cyber Attacks

4.5 (5,524 ratings) | 120K Students Enrolled

Course 1 of 8 in the IBM Cybersecurity Analyst Specialization

Enroll for Free

This course gives you the background needed to understand basic Cybersecurity. You will learn the history of Cybersecurity, types and motives of cyber attacks to further your knowledge of current threats to organizations and individuals. Key terminology, basic system concepts and tools will be examined as an introduction to the Cybersecurity field. You will learn about critical thinking and its importance to anyone looking to pursue a career in Cybersecurity. Finally, you will begin to learn about organizations and resources to further research cybersecurity issues in the Modern era. This course is intended for anyone who wants to gain a basic understanding of Cybersecurity or as the first course in a series of courses to acquire the skills to work in the Cybersecurity field as a Jr Cybersecurity Analyst. The completion of this course also makes you eligible to earn the Introduction to Cybersecurity Tools & Cyber Attacks IBM digital badge. More information about the badge can be found https://www.youracclaim.com/org/ibm/badge/introduction-to-cybersecurity-tools-cyber-attacks

Skills You'll Learn

Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks

Reviews

4.5 (5,524 ratings)

5 stars
66.31%
4 stars
24.07%
3 stars
6.11%
2 stars
1.79%
1 star
1.70%

SZ

Nov 6, 2019

I appreciate the chance to learn fundamentals of cyber security with you.\n\nThe vast number of topics made it pretty interesting for me and I couldn't wait to learn more.\n\nSincerely, Sadra Zargar

MG

Apr 17, 2020

Very solid course. Quick overview about almost everything you need to know at the beginning. A lot of useful links with additional material to study. Thanks a lot for sharing the knowledge, indeed!

From the lesson

A brief overview of types of actors and their motives

This module will provide you with a brief overview of types of actors and their motives. You will also understand different types of attacks and their impact on an organization and individuals. You will also learn about tools that are available to you to assist in any cybersecurity investigation.

Security Attack Definition7:13

Security services11:57

Security Mechanisms6:41

Network Security Model8:57

Organizational Threats6:14

Security Architecture Attacks3:20

Security Architecture -Attack models8:33

Taught By

IBM Security Learning Services
IBM Global Subject Matter Experts

Try the Course for Free

Transcript

In this video, you will learn to describe security mechanisms and what they include. All right, into security and mechanisms. For enterprise security. So Stalin's tells us that security mechanisms are defined as the combination of hardware software and processes that enhance IP security. Once again. So we talked about the principle of the security enforcement point. This is the technical implementation of a security policy. The security policies derived from the business policy. So the business policy describes, what we're going to do. Not how we're going to do it. This security policy describes how worker wanted to do it and the security enforcement point or the security mechanisms are the technical implementation of that security policy. So that point is taken up with the second bullet point, that it's a security policy implementation mechanism or delivery vehicle. Some examples of those are protocol suppression for example to turn off FTP. That security policy would be no FTPs allow, the business policy. No one authorized large-scale data movements. So the security enforcement point would be to disable FTP, is another example about the identification and authentication we've talked about the three aspects of identification, of access control identification, authentication, authorization. Those were all services that are going to be important. Once again we talked about how security services are the tools for security enforcement. Pulling up of X.800. Starlings gives us a number of examples of security mechanism. So cryptography, digital signatures, access controls. You can read the list. These are actual. Like I said once again security enforcement points and at the top and just above each one of these security mechanisms is a controlling security policy. Once again the security policy is a technical policy that is derived from a logical business policies. So that's the food chain. So business policies, security policies, security enforcement points or security mechanism. So you'll see that list of what goes in. Those are referred to as specific services. There are ones that transcend, specific policies. Those are trusted functionality, how do we trust our internal users, our privileged users, two classes of users. We have general users. Privilege users. General users that's you and me. Privilege users or somebody who can change your security policy. That's the difference between the two and privileged users should have a lot of attention on their good behavior. So security labels those are referred to generally data. We think about security classification within the government or their secret, top secret, sensitive but unclassified in the private side there's confidential, extreme confidential, business centric. All of those are security labels that are applied to date and how do we use those labels? Access Control, data movement there's some models that describe how those are used, the most famous of which is the Bell-LaPadula model. So other pervasive security mechanisms include event detection, that is the core of Qradar and security intelligence that we can detect that something happened. Now, the question is, is that something different? Animal high risk so this is where it moves into the anomalies side. So security audit trails is also pervasive. This is the ability to collect security intelligence data and ensure that security intelligence data is available, is protected from unauthorized chain. I mean change and can be sent to the correct individuals. So there's an analogy for with security audit trails and criminal chain of custody, that you can always prove who's got responsibility for the data, for the security audits and what they've done to that. So it's extremely important in the forensic world.. Then recovery is recovering and backup which affects how we react or our response to a security alert. So once again we'd see some analogies between this, and the nist security model, and the IBM security framework described in Module 1. Here on Slide 15. We see an example of some security mechanisms or some security enforcement points. This is looking primarily at the access control policies. We see those security enforcement mechanisms implemented initially in the DMZ between the two firewalls good design principles they are of different designs so that if an adversary defeats one Firewall does not have to simply reapply that attack against the second. We see credential management in the security domain and within the security management being able to acquire events, manage credentials. Which those credentials consists of roles permissions and identities.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera Footer

Top Online Courses

Finding Purpose & Meaning in Life
Understanding Medical Research
Japanese for Beginners
Introduction to Cloud Computing
Foundations of Mindfulness
Fundamentals of Finance
Machine Learning
Machine Learning Using Sas Viya
The Science of Well Being
Covid-19 Contact Tracing
AI for Everyone
Financial Markets
Introduction to Psychology
Getting Started with AWS
International Marketing
C++
Predictive Analytics & Data Mining
UCSD Learning How to Learn
Michigan Programming for Everybody
JHU R Programming
Google CBRS CPI Training

Top Online Specializations

Natural Language Processing (NLP)
AI for Medicine
Good with Words: Writing & Editing
Infections Disease Modeling
The Pronounciation of American English
Software Testing Automation
Deep Learning
Python for Everybody
Data Science
Business Foundations
Excel Skills for Business
Data Science with Python
Finance for Everyone
Communication Skills for Engineers
Sales Training
Career Brand Management
Wharton Business Analytics
Penn Positive Psychology
Washington Machine Learning
CalArts Graphic Design

Online Certificates

Professional Certificates
MasterTrack Certificates
Google IT Support
IBM Data Science
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI Applied Project Management
Instructional Design Certificate
Construction Engineering and Management Certificate
Big Data Certificate
Machine Learning for Analytics Certificate
Innovation Management & Entrepreneurship Certificate
Sustainabaility and Development Certificate
Social Work Certificate
AI and Machine Learning Certificate
Spatial Data Analysis and Visualization Certificate

Online Degree Programs

Computer Science Degrees
Business Degrees
Public Health Degrees
Data Science Degrees
Bachelor's Degrees
Bachelor of Computer Science
MS Electrical Engineering
Bachelor Completion Degree
MS Management
MS Computer Science
MPH
Accounting Master's Degree
MCIT
MBA Online
Master of Applied Data Science
Global MBA
Master's of Innovation & Entrepreneurship
MCS Data Science
Master's in Computer Science
Master's in Public Health

Coursera

About
What We Offer
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus

Community

Learners
Partners
Developers
Beta Testers
Translators
Blog
Tech Blog
Teaching Center

More

Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates

Learn Anywhere

Get it on Google Play

© 2021 Coursera Inc. All rights reserved.