Chp 11 Section 1-3 Notes

advertisement
Chapter 11
What is a computer security risk?

Any event or action that could cause a loss of or
damage to computer hardware, software, data,
information, or processing capability.

Intentional Breach of Computer Security
 Computer Crime (illegal act involving a computer)
 Cybercrime (Online or Internet-based illegal acts)





Hacker – Access a computer illegally
Cracker – Access a computer illegally but has
the intent of destroying
Script Kiddie – Same intent but not have the
technical skills and knowledge
Corporate Spies – Hired to break into a
computer, steal data info, to help indentify
security risks
Unethical employees-want to exploit a
security weakness



Cyberextortionist – Use the email as a vehicle
for extortion
Cyberterriorist - Destroy or damage for
political reason
Both requires a team of highly skilled
individuals, millions of dollars and years of
planning






Internet and Network Attacks
Unauthorized Access and Use
Hardware theft
Software theft
Information theft
System failure
What are Computer Viruses, worms, Trojan
horses and Rootkits?
Computer
Viruses
Potentially
damaging
computer
program
Worm
A program that
copies itself
repeatedly, using
up resources and
possibly shutting
down computer
or network
Trojan Horse
Hides within or
looks likes a
legitimate
program until
triggered
Rootkits
Hides in a
computer and
allows someone
from a remote
location to take
full control
What is Malware?
 Programs that act without a user’s knowledge and
deliberately alters the computer operation.

Unscrupulous programmer write malware
and then test to ensure it can deliver it
payload (destructive event or prank the
program is intended to deliver)

When a user:
 Opens an infected file
 Runs an infected program
 Boots the computer with an infected removable
media
 Connect to an unprotected computer

Most common way – email attachments


No guarantee methods
Some ways to Prevent Viruses
 Do not start computer with removable disks
 Never open email attachment unless from trusted
source
 Install an Antivirus program
 Stay informed about new virus and virus hoax
What is an Antivirus program?
•Identifies and removes
computer viruses
•Most also protect against
worms, Trojan horses and
spyware
Popular Antivirus Programs
AVG Anti-Virus
avast! Antivirus
CA Anti-Virus
F-Secure Anti-Virus
Kaspersky Anti-Virus
McAfee Virus Scan
Norton AntiVirus
Trend Micro AntiVirus
Vexira Antivirus
What is a virus signature?
Specific pattern of virus code
•Also called virus definition
Antivirus programs look for virus signatures
How does an antivirus program
Records
inoculate a program file?
information
Uses
information
to detect if
virus
tampers
with file
about
program such
as file s and
creation date
Attempts to
remove any
detected
virus
Quarantines
Infected
files that
cannot
remove
What are a Botnet, denial of service attack,
back door and spoofing?
A Botnet is a group of comprised computers
connected to a network that are used as part of a
network that attack other networks
A denial of service attack is an assault whose
purpose is to disrupt a computer access to an
Internet data
A back door is a program or set of instruction in a
program that allow users to bypass security
controls when accessing a computer resource
Spoofing is a technique intruders use to make
their network or Internet transmission appear
legitimate to a victim computer or network

Firewalls
 Protects a network’s resources from intrusion by user on
another network

Intrusion Detection Software
 Automatically analyze all network traffic, assess system
vulnerabilities, identifies any unauthorized intrusion, and
notifies network administration of suspicious behavior
pattern.

Honeypots
 A vulnerable computer that is setup to enticed an intruder
to break into it
What is Unauthorized Access and
Unauthorized Use?


Unauthorized Access – use of a computer in a
network without permission
Unauthorized Use – the use of a computer or
its data for unapproved or possibility illegal
activities





Use Written Acceptable Use Policy (AUP)
Disable file and printer sharing on your
Internet connection
Use Firewalls
Use Intrusion detection software
Identify and authenticate users



Access controls (security measure that
defines who can access a computer)
Maintain an audit trail (records in a file both
successful and unsuccessful access attempt)
Two – Phase Process
 Identification – verifies individual is a valid user
 Authentication – verifies the individual is the
person he/she claims to be



User Names and Passwords
Possessed Objects
Biometrics Devices
What are User Names and Passwords?
 User ID – a unique combination of character that
identifies on specific user
 Password – a private combination of character
associated the user name


Longer passwords provides greater security
CAPTCHA (Completely Automated Public
Turing Test to Tell Computer and Humans
Apart)
 Display a series of distorted characters

What is a Possessed Object?
 Any items you must carry to gain access to a
computer or a computer facility
▪ Examples: badges, cards, smart cards and keys
 Often used with Personal Identification Number
(PIN)
What is a Biometric Devices?
 Authenticated a person’s identify by translating a
personal characteristics into digital codes
Examples: Fingerprint readers,
hand geometry systems, face
recognition system, voice
verification system, signature
verification system, iris
recognition system and retinal
scanner
What is Digital Forensics?


Discovery, collection, and analysis of
evidence found on computers and networks
Involves – examination of computer media,
programs, data and log files
What are hardware theft and hardware
vandalism?


Hardware Theft – act of stealing computer
equipment
Vandalism – act of defacing or destroying a
computer

Physical Access Controls
 Locked doors
 Install alarms
 Use cables that lock the equip
 Real time location system
▪ Track and Identify the location of high risk or high value
items)
What is software theft?

Occurs when someone
 Steals software media
 Intentionally erases programs
 Illegally copies a program (piracy)
 Illegally register and/or activates a program



Keep original software box in a secure
location
Backup files
Protect from software piracy
 License agreement (right to use software)
▪ Don’t own the software
▪ Most common type of license – single-use license
agreement/end-user license agreement (EULA)

Permitted to:

Not Permitted to:
 Install the software on
 Install the software on a
one computer
 Make one copy – Backup
 Give or sell only if the
software is removed
network
 Gives copies to friends
 Export the software
 Rent or lease the
software
What are some other safeguards against
software theft?
Business Software Alliance (BSA) promotes better understanding of
software piracy problems
Product activation allows user to input product identification number
online or by telephone and receive unique installation identification number

Occurs when someone steals personal or
confidential information

Safeguards
 Use user identification and authentication
 Use encryption techniques
What is Encryption?
 Process of converting readable data into
unreadable characters to prevent unauthorized
access
 Encryption Process
▪ Readable data – plaintext
▪ Scramble data – ciphertext
▪ Encryption key – use to encrypt the plaintext

Private Key (symmetric)
 Both the originator and recipient use the same
secret key to encrypt and decrypt data

Public Key (asymmetric)
 Two encryption keys (public and private)
 A message is encrypted with a public key must be
decrypted along with the corresponding private
key
 Popular encryption program – Pretty Good
Privacy (PGP)

Digital Certificates- notice that guarantees a
user on a web site is legitimate

Transport Layer Security- provides encryption
of all data that pasts between a client and a
Internet server


Secure HTTP – allows users to choose an
encryption scheme for data that passes
between a client and a Internet server
VPN-Virtual Private Network
 Provide the mobile users with a secure connection
to the company network server
What is a system failure?
Prolonged
malfunction of
computer
Can cause loss of
hardware,
software , or data
Caused by aging
hardware, natural
disaster, or electrical
power disturbances
Noiseunwanted
electrical
signal
Undervoltagedrop in
electrical
supply
Overvoltage or
power surgesignificant power
increase in electrical
power

What is a surge protectors?
 Absorb small overvoltage
 Not 100% effective

Uninterruptible Power
Supply
 A device that contains surge
protection circuits and more
batteries that can provide
power during a temporary or
permanent loss of power
What is a backup?
Duplicate of file, program, or disk
Full backup
all files in computer
Selective backup
Select which files to
back up
Three-generation
backup
Preserves three copies
of important files
Store in a fireproof and heat proof safe or vault, offsite
Download