Especialización en Seguridad de la Información

URI permanente para esta colección

http://hdl.handle.net/11371/4290

Examinar

Envíos recientes

Mostrando 1 - 5 de 34
  • Miniatura
    Ítem
    Ciberseguridad Inclusiva: Abordando Desafíos en Población con discapacidad Auditiva, Sensibilización en Seguridad de la información en ASORSUB
    (2023-01-21) Sierra Ortiz, Sandra Milena; Muñoz Naranjo, Luis Andrés; Pulido Rivera, Angela Adriana; Herrera, Héctor Manuel
    La presente investigación tiene como objetivo explorar los desafíos específicos que enfrentan las personas con discapacidad auditiva en el ámbito de la ciberseguridad, así como proponer estrategias para garantizar su inclusión digital segura. Se llevó a cabo un primer acercamiento con un reducido grupo de personas sordas utilizando la herramienta de recopilación de datos, el Formulario en línea Google Forms, con el fin de obtener información personal relevante. A través de la implementación de tecnologías de la información y comunicación (TIC), se organizó una video llamada con la asistencia de un intérprete de lenguaje de señas para facilitar la comunicación. Este primer contacto reveló una carencia significativa que afecta a la población con discapacidad, en particular a aquellos con discapacidad auditiva. Con el objetivo de abordar esta problemática, se planteó la creación de un espacio de formación en ASORSUB (Asociación de Sordos de SubaBogotá). Durante esta formación, se discutieron las técnicas a las que estas personas podrían estar expuestas como posibles víctimas, con el propósito de aumentar la conciencia en esta población y, al mismo tiempo, extender esta conciencia a sus familiares. Se enfatizó que, al igual que cualquier otra persona, están en riesgo de caer en manos de individuos malintencionados. Además de la formación presencial, se propuso la creación de un canal en YouTube. A través de este canal, se proporcionará acceso a información sobre seguridad y buenas prácticas adaptadas específicamente a las necesidades de las personas sordas, contribuyendo así a fortalecer su capacidad de protegerse y tomar decisiones informadas en situaciones potencialmente peligrosas.
  • Miniatura
    Ítem
    Seguridad, confidencialidad y confiabilidad de procesos y documentación contable en tiempos de trabajo remoto en la compañía Kluger Tech.
    (2021-11-21) Perez Sequera, Juan Sebastian; Ramirez Galeano, Jose Luis; Sanchez Becerra, Juan Manuel
    This document provides guidelines and recommendations for an SME whose work is carried out in remote and insecure environments. determining the level of maturity of the company in areas of Security of Information and identifying the vulnerabilities classified as critical and high for the critical infrastructure of the accounting process, according to the Security Awareness Maturity Model and the report generated by a vulnerability scan with the Nessus tool.
  • Miniatura
    Ítem
    Propuesta de mejoramiento del sistema de seguridad informática para el Instituto Cristo Rey, ubicado en la ciudad de Fonseca, La Guajira
    (2021-11-15) Corredor Niño, Juan Fernando
    The objective of this project is the creation of a Proposal to improve the system computer security for the Instituto Cristo Rey, located in the city of Fonseca, La Guajira. This objective is developed through a descriptive study, in which the collection information through surveys and secondary, tertiary public and private sources, libraries, ministries and the internet, in order to be analyzed to generate subsequent results and conclusions as observed during the development of the project. within which fits mainly pointing out the deficiency that exists in terms of the problems that the Institute Christ the King. As well as other variables that channel the proposed object of study. Finally It should be noted that the project is made up of five chapters in which everything reference to the proposed topic, in said investigation.
  • Miniatura
    Ítem
    Ingeniería Social: Exponiendo vulnerabilidades en la red con Estudiantes de la Escuela Rural de Niñas en el corregimiento Isla del Rosario del municipio de Pueblo Viejo Magdalena
    (Fundación Universitaria Los Libertadores. Sede Bogotá., ) Carbono Carbono, Emerson; López Bulla, Sandra Patricia; Puentes Sánchez, Constanza; Herrera Herrera, Héctor Manuel
    This article aims to carry out an experiment through the use of social engineering techniques, specifically focused on the students of the Rural Girls' School located in the Isla del Rosario district, belonging to the municipality of Pueblo Viejo in Magdalena. This area is characterized by being a remote rural area in Colombia, with a level of digital culture still developing. The presence of a significant gap in access to training on cybersecurity issues stands out, compared to students from urban areas in the country's main cities. The choice of this specific environment is based on the need to understand and address existing disparities in cybersecurity preparedness and awareness between urban and rural areas. The lack of resources and opportunities in remote regions such as Isla del Rosario can translate into greater vulnerability to digital threats, which is why this experiment seeks to provide valuable data for the formulation of educational strategies adapted to the particular needs of these communities. The goal of this experiment is to expose security vulnerabilities for 8th and 9th grade students at the Rural Girls' School on mobile devices in a rural environment, where cybersecurity awareness and digital protection practices may be less prevalent. or be in a less advanced phase. Young people, as active users of technology, face significant risks in a context where exposure to online threats could lead to more serious consequences due to limited knowledge about cybersecurity. Through detailed analysis of each phase of the experiment, a deeper understanding of security perceptions, the level of exposure to cyber risks, and the effectiveness of current security practices in the specific rural context under study was obtained. The results and conclusions derived from this research offer valuable insight into the relevance of cybersecurity education in environments with less access to digital information, highlighting the critical need to strengthen digital protection in remote rural communities. It is important to highlight that the research was carried out with the utmost respect for the ethical principles and privacy of the participating students. The central objective is to contribute to closing the existing gap in access to essential digital security knowledge, thus promoting a more equitable and inclusive educational environment for all students, regardless of their geographical location.
  • Miniatura
    Ítem
    Análisis de vulnerabilidades en el sistema de inventarios Phoenix en una IPS nivel 1.
    (Fundación Universitaria Los Libertadores. Sede Bogotá., ) Ruíz Cortés, Ricardo Alfonso; Ruíz Cortés, Jhon Carlos; Herrera Herrera, Hector Manuel
    This article summarizes the pentesting techniques used in the Phoenix inventory system of a first-level IPS, which is a company's own development based on PHP and Mysql. For this, 3 stages were contemplated: 1. The analysis and identification of the inventory system was carried out using a penetration testing methodology, which included a review of the system documentation, interviews and visits, to determine the impact that could be generated. If a threat materializes, it is based on the ISO 27001:2022 standard, 2. Pentesting and security testing of the web application. The study was carried out using a risk analysis methodology, which included the identification, evaluation and treatment of the identified vulnerabilities. 3. The results of the study showed that the system presented a series of vulnerabilities that could be exploited by attackers to obtain access to confidential information or cause damage to the system. Subsequently, a proposal is generated in which best practices are suggested to mitigate these risks. . It is concluded that preventive and corrective actions must be applied through policies and procedures that must be constantly verified by those responsible for IT and management, making the pertinent updates in each of them, applying the concepts of the PHVA and good practices of ITIL.