Chp 11 Section 1-3 Notes - Auburn City Schools

erosjellyΑσφάλεια

23 Φεβ 2014 (πριν από 3 χρόνια και 8 μήνες)

114 εμφανίσεις

Chapter 11

What is a
computer security risk
?


Any event or action that could cause a loss of or
damage to computer hardware, software, data,
information, or processing capability.



Intentional Breach of Computer Security


Computer Crime
(illegal act involving a computer)


Cybercrime

(Online or Internet
-
based illegal acts)




Hacker



Access a computer illegally


Cracker



Access a computer illegally but has
the intent of destroying


Script

Kiddie



Same intent but not have the
technical skills and knowledge


Corporate

Spies



Hired to break into a
computer, steal data info, to help indentify
security risks


Unethical

employees
-
want to exploit a
security weakness




Cyberextortionist



Use the email as a vehicle
for extortion


Cyberterriorist

-

Destroy or damage for
political reason




Both requires a team of highly skilled
individuals, millions of dollars and years of
planning



Internet and Network Attacks


Unauthorized Access and Use


Hardware theft


Software theft


Information theft


System failure

What are
Computer Viruses
,
worms
,
Trojan

horses

and
Rootkits
?


Computer
Viruses

Potentially
damaging
computer
program

Rootkits

Hides in a
computer and
allows someone
from a remote
location to take
full control

Worm

A program that
copies itself
repeatedly, using
up resources and
possibly shutting
down computer
or network

Trojan Horse

Hides within or
looks likes a
legitimate
program until
triggered

What is
Malware
?


Programs that act without a user’s knowledge and
deliberately alters the computer operation.



Unscrupulous programmer write malware
and then test to ensure it can deliver it
payload

(destructive event or prank the
program is intended to deliver)



When a user:


Opens an infected file


Runs an infected program


Boots the computer with an infected removable
media


Connect to an unprotected computer



Most common way


email attachments



No guarantee methods


Some ways to Prevent Viruses


Do not start computer with removable disks


Never open email attachment unless from trusted
source


Install an Antivirus program


Stay informed about new virus and virus hoax

What is an
Antivirus program
?


Popular Antivirus Programs


AVG Anti
-
Virus

avast
! Antivirus

CA Anti
-
Virus

F
-
Secure Anti
-
Virus

Kaspersky

Anti
-
Virus

McAfee Virus Scan

Norton
AntiVirus

Trend Micro
AntiVirus

Vexira

Antivirus



Identifies and removes
computer viruses



Most also protect against
worms, Trojan horses and
spyware


What is a
virus signature
?



Specific pattern of virus code


Also called virus definition



Antivirus programs look for virus signatures



How does an antivirus program
inoculate

a program file?

Attempts to
remove any
detected
virus

Records
information
about
program such
as file s and
creation date

Uses
information
to detect if
virus
tampers
with file

Quarantines

Infected
files that
cannot
remove


What are a
Botnet
,
denial of service attack
,
back door
and
spoofing
?


A
Botnet

is a group of comprised computers
connected to a network that are used as part of a
network that attack other networks

A denial of service attack

is an assault whose
purpose is to disrupt a computer access to an
Internet data

A

back door
is a program or set of instruction in a
program that allow users to bypass security
controls when accessing a computer resource

Spoofing

is a technique intruders use to make
their network or Internet transmission appear
legitimate to a victim computer or network


Firewalls


Protects a network’s resources from intrusion by user on
another network



Intrusion Detection Software


Automatically analyze all network traffic, assess system
vulnerabilities, identifies any unauthorized intrusion, and
notifies network administration of suspicious behavior
pattern.



Honeypots


A vulnerable computer that is setup to enticed an intruder
to break into it



What is
Unauthorized Access
and
Unauthorized Use
?



Unauthorized Access


use of a computer in a
network without permission


Unauthorized Use


the use of a computer or
its data for unapproved or possibility illegal
activities


Use Written Acceptable Use Policy (AUP)


Disable file and printer sharing on your
Internet connection


Use Firewalls


Use Intrusion detection software


Identify and authenticate users


Access controls
(security measure that
defines who can access a computer)


Maintain an
audit trail
(records in a file both
successful and unsuccessful access attempt)


Two


Phase Process


Identification


verifies individual is a valid user


Authentication


verifies the individual is the
person he/she claims to be


User Names and Passwords


Possessed Objects



Biometrics Devices

What are
User Names
and
Passwords
?


User ID


a unique combination of character that
identifies on specific user


Password


a private combination of character
associated the user name


Longer passwords provides greater security


CAPTCHA (Completely Automated Public
Turing Test to Tell Computer and Humans
Apart)


Display a series of distorted characters


What is a
Possessed Object
?



Any items you must carry to gain access to a
computer or a computer facility


Examples: badges, cards, smart cards and keys


Often used with Personal Identification Number
(PIN)

What is a
Biometric Devices
?


Authenticated a person’s identify by translating a
personal characteristics into digital codes

Examples:
Fingerprint readers,
hand geometry systems, face
recognition system, voice
verification system, signature
verification system, iris
recognition system and retinal
scanner


What is
Digital Forensics
?



Discovery, collection, and analysis of
evidence found on computers and networks


Involves


examination of computer media,
programs, data and log files

What are
hardware theft
and
hardware
vandalism
?



Hardware Theft


act of stealing computer
equipment


Vandalism


act of defacing or destroying a
computer


Physical Access Controls


Locked doors


Install alarms


Use cables that lock the equip


Real time location system


Track and Identify the location of high risk or high value
items)

What is
software theft
?



Occurs when someone


Steals software media


Intentionally erases programs


Illegally copies a program (piracy)


Illegally register and/or activates a program


Keep original software box in a secure
location


Backup files


Protect from software piracy


License agreement (right to use software)


Don’t own the software


Most common type of license


single
-
use license
agreement/end
-
user license agreement (EULA)


Permitted to:


Install the software on
one computer


Make one copy


Backup


Give or sell only if the
software is removed


Not Permitted to:


Install the software on a
network


Gives copies to friends


Export the software


Rent or lease the
software

What are some other safeguards against
software theft?

Business Software Alliance (BSA)
promotes better understanding of
software piracy problems

Product activation
allows user to input product identification number
online or by telephone and receive unique installation identification number


Occurs when someone steals personal or
confidential information



Safeguards


Use user identification and authentication


Use encryption techniques

What is
Encryption
?



Process of converting readable data into
unreadable characters to prevent unauthorized
access


Encryption Process


Readable data


plaintext


Scramble data


ciphertext


Encryption key


use to encrypt the plaintext


Private Key
(symmetric)


Both the originator and recipient use the same
secret key to encrypt and decrypt data


Public Key
(asymmetric)


Two encryption keys (public and private)


A message is encrypted with a public key must be
decrypted along with the corresponding private
key


Popular encryption program


Pretty Good
Privacy (PGP)


Digital Certificates
-

notice that guarantees a
user on a web site is legitimate



Transport Layer Security
-

provides encryption
of all data that pasts between a client and a
Internet server




Secure HTTP


allows users to choose an
encryption scheme for data that passes
between a client and a Internet server


VPN
-
Virtual Private Network


Provide the mobile users with a secure connection
to the company network server



What is a system failure?


Prolonged
malfunction of
computer

Can cause loss of
hardware,
software , or data

Caused by aging
hardware, natural
disaster, or electrical
power disturbances

Noise
-
unwanted
electrical
signal

Undervoltage
-
drop in
electrical
supply

Overvoltage

or
power surge
-
significant power
increase in electrical
power



What is a
surge protectors
?


Absorb small overvoltage


Not 100% effective



Uninterruptible Power
Supply


A device that contains surge
protection circuits and more
batteries that can provide
power during a temporary or
permanent loss of power


What is a
backup
?


Full backup

all files in computer

Selective backup

Select which files to
back up

Three
-
generation
backup

Preserves three copies
of important files

Store in a fireproof and heat proof safe or vault, offsite

Duplicate of file, program, or disk