Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 8: Security Risks & Data Protection Kaplan University 1.

Published byArline Bonnie Wade Modified over 8 years ago

Similar presentations

Presentation on theme: "Unit 8: Security Risks & Data Protection Kaplan University 1."— Presentation transcript:

1 Unit 8: Security Risks & Data Protection Kaplan University 1

2  Unit 8: Computer Security Risks & Data Protection  Unit 9: Distributing Computing and Networking  Unit 10: Final Project ◦ Due Saturday, December 24 at 11:59 pm Eastern Time Kaplan University2

3  Readings  Discussion Questions  Review Unit 8 Assignments (2 this week)  Lecture on RAID, Security  Continue Final Project Kaplan University3

4  Textbook Reading ◦ Chapter 11 – RAID (section 11.6 only – pp. 514-523) ◦ Chapter 14 – Computer Security Threats ◦ Chapter 15 – Computer Security Authentication  Web Articles Reading  Discussion Question  3 page essay based on Home Computer Network & Security (due Tuesday)  1 page paper on Security Practices Kaplan University4

5  Pick three of the questions below and address them. Respond to two students who had at least one different topic from yours and comment on that topic. 1.How do you recognize a secure site? 2.What is data mining, and can your information be mined even in secure sites? 3.Explain what viruses, worms, and bots are. 4.What is a DOS attack? 5.What are ways a hacker can get into a system? 6.What are buffer overflow attacks? Kaplan University5

6  For this project, describe your home computer and computer network security plan. ◦ How often are software updates installed? ◦ What are you protected against? ◦ What are some vulnerabilities of your home network? ◦ Your network security plan should include information on (but not limited to) passwords, firewalls, anti-virus, anti-spyware, and software updates. ◦ Write 2 pages on this description Kaplan University6

7  Test your home security settings. ◦ Internet Vulnerability Profiling – ShieldsUp! https://www.grc.com/x/ne.dll?bh0bkyd2 https://www.grc.com/x/ne.dll?bh0bkyd2  Take a few minutes and run the file sharing, common ports, and all service ports tests. ◦ Write a summary of your findings. ◦ Was your computer network as secure as you thought? ◦ Were there areas where security could be improved? ◦ Write 1 page on this topic Kaplan University7

8  Write a 1 page paper on the following topic.  Securing a computer network and resources is very important. We all have (or should have!) programs to protect against viruses and spyware. Many companies have strict policies regarding use of company computers and Internet access. Those restrictions are in place for legitimate reasons: security, protection against viruses, network bandwidth, employee protection, and productivity.  If you were a security manager, what security policies would you implement?  What software would you install to secure a network?  Finally, what are your thoughts on the right to privacy at work? Kaplan University8

9 9

10 10

11  Redundant Array of Independent Disks (RAID)  Consists of 7 layers (0 through 6)  Each level designates a different design architecture  All layers share these 3 characteristics: ◦ Set of physical disk drives viewed by the OS as a single logical drive ◦ Data is distributed across physical drives of an array in a scheme known as striping. ◦ Redundant disk capacity is used to store parity information, which guarantees data recoverability in case of a disk failure Kaplan University11

12  Term coined by researchers at University of California at Berkeley  RAID Strategy ◦ Employs multiple disk drives ◦ Distributes data to enable simultaneous access to data from multiple drive ◦ Improves I/O Performance ◦ Allows easier incremental increases in capacity Kaplan University12

13  Table 11.4 (p. 516) shows 7 RAID Levels  What is the advantage of using RAID?  Cite an example where RAID is used.  Section 11.6 (pp. 514 -523) Kaplan University13

14  Striping ◦ Level 0 – Nonredundant  Mirroring ◦ Level 1 – Mirrored  Parallel Access ◦ Level 2 – Redundant via Hamming code ◦ Level 3 – Bit-interleaved parity  Independent Access ◦ Level 4 – Block-interleaved parity ◦ Level 5 – Block-interleaved distributed parity ◦ Level 6 – Block-interleaved dual distribution parity Kaplan University14

15  Stripe set or volume  Splits data evenly across two or more disks  Used to increase performance  Does NOT provide redundancy of data Kaplan University15 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

16  Mirroring  Creates an exact copy (or mirror) across two or more disks  Used to increase reliability or read access  Focus is not on data storage capacity Kaplan University16 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

17  Parallel Access  Stripes data at bit level  Uses Hammering code for error correction  Focus is on high data transfer rates  Not currently used Kaplan University17 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

18  Uses byte level striping with dedicated parity disk  Can not service multiple requests simultaneously  Rarely used Kaplan University18 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

19  Independent Access  Uses block-level striping with dedicated parity disk  Poor performance  Rarely used Kaplan University19 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

20  Independent access  Uses Block-level striping with parity data distributed across all disks  Poor performance in large multi-user database  Parity data has to be written across all disks  Requires min of 3 disks Kaplan University20 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

21  Uses Block-level striping with two parity blocks distributed across all disks  Fast read operation, but slower to write Kaplan University21 Source: Standard RAID Levels, http://en.wikipedia.org/wiki/Standard_RAID_levels

22 Kaplan University22

23  NIST Computer Security Handbook definition ◦ The protection afforded to an automated information system in order to attain objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)  3 key objectives of computer security ◦ Confidentiality (data & privacy) ◦ Integrity (data and system) ◦ Availability Kaplan University23

24  Name as many threats to computer security that you can identify…. Kaplan University24

25  Unauthorized disclosure entity gains access to information ◦ Exposure ◦ Interception ◦ Interference ◦ Intrusion  Deception entity receives false info and believes it to be true ◦ Masquerade ◦ Falsification ◦ Repudiation  Disruption event interrupts correct operation of system ◦ Incapacitation ◦ Corruption ◦ Obstruction  Usurpation Control of system by unauthorized entity ◦ Misappropriation ◦ Misuse Kaplan University25

26  Individual accesses system they are not authorized to access  Can you name examples of activities for each of the following behaviors? ◦ Hacker ◦ Criminal Enterprise ◦ Internal Threat Kaplan University26

27  Malware ◦ Exploits vulnerabilities in the system ◦ Software designed to cause damage to or use up the resources of the target computer  May or may not need a host program  May or may not need trigger to activate Kaplan University27

28  Backdoor ◦ Secret entry point into a program that allows someone to gain access without going through security procedure  Logic Bomb ◦ Code embedded in some legitimate program that is set to “explode” when certain conditions are met.  Trojan Horse ◦ Program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function Kaplan University28

29  Viruses ◦ Piece of software that can “infect” other programs by modifying them ◦ Types include  Boot sector virus  File infector  Macro virus  Email virus Kaplan University29

30  Worms ◦ A program that can replicate itself and send copies from computer to computer across network connections  Bots ◦ A bot (aka zombie, drone) is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to bot’s creator.  Distributed denial-of-service attacks (DDoS)  Spam  Packet sniffer  Keylogging Kaplan University30

31 31

32  Authentication  Access Control  Intrusion Detection  Malware Defense  Dealing with Buffer Overflow Attacks Kaplan University32

33  Authentication two-step process ◦ Identification  Something you know (password)  Something you possess (token, biometric, key) ◦ Verification Kaplan University33

34  An access control policy dictates ◦ What types of access are permitted ◦ Who has that access ◦ Under what circumstances  Can you name an example of access control policy at a current or former company? Kaplan University34

35  Intrusion Detection ◦ A security system that monitors and analyzes system events for the purpose of finding, and providing real-time (or near real-time) warning of attempts to access system resources in an unauthorized manner  Intrustion Detection Systems (IDSs) include ◦ Sensors – collect data ◦ Analyzers – receive input from sensors ◦ User Interface – view output Kaplan University35

36  Antivirus programs ◦ What are the best antivirus programs on the market?  Techniques include: ◦ Generic Decryption  Enables antivirus program to easily detect even the most polymorphoic viruses while maintaining fast scanning speeds ◦ Digital Immune System  Captures viruses, analyzes it, add detection and shielding for it, and passes information back to antivirus software company Kaplan University36

37  What antivirus are you running on your computer?  When was the antivirus last updated?  When did you last backup your computer?  If your computer was destroyed, do you have a backup of your school papers, photos, and other important documents?  Some web sites are safer than others, right?  Mac don’t get viruses so why do I need antivirus software? Kaplan University37

38 38

39  Due Saturday, December 24  No late assignments accepted!!!  Final Project is worth 100 points  Write a 5-10 page essay explaining how a mainstream modern (Linux or Windows) Operating System is designed to integrate all components of the operating system.  At least 3 outside references Kaplan University

40 Which operating system are you planning to use for the paper? Why did you select that OS? Kaplan University40

41  The following list of topics is the MINIMUM starting point for your essay. You may include other topics if you feel they are important. ◦ Processes and threads ◦ Memory management ◦ Scheduling (Including deadlock prevention) ◦ File Management ◦ Input and Output devices ◦ Security Threats ◦ Security Techniques and Defenses ◦ Data protection (RAID & Clusters) Kaplan University

42

43  pvanhook@kaplan.edu pvanhook@kaplan.edu  pvanhook@gmail.com pvanhook@gmail.com Kaplan University

Download ppt "Unit 8: Security Risks & Data Protection Kaplan University 1."

Similar presentations

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
Chapter 18: Computer and Network Security Threats

Chapter 18: Computer and Network Security Threats
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Chapter 14 Computer Security Threats

Chapter 14 Computer Security Threats
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
RAID Ref: Stallings. Introduction The rate in improvement in secondary storage performance has been considerably less than the rate for processors and.

RAID Ref: Stallings. Introduction The rate in improvement in secondary storage performance has been considerably less than the rate for processors and.
Redundant Array of Independent Disks

Redundant Array of Independent Disks

Similar presentations

Ads by Google