Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 11. What is a computer security risk?  Any event or action that could cause a loss of or damage to computer hardware, software, data, information,

Similar presentations


Presentation on theme: "Chapter 11. What is a computer security risk?  Any event or action that could cause a loss of or damage to computer hardware, software, data, information,"— Presentation transcript:

1 Chapter 11

2 What is a computer security risk?  Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.  Intentional Breach of Computer Security  Computer Crime (illegal act involving a computer)  Cybercrime (Online or Internet-based illegal acts)

3  Hacker – Access a computer illegally  Cracker – Access a computer illegally but has the intent of destroying  Script Kiddie – Same intent but not have the technical skills and knowledge  Corporate Spies – Hired to break into a computer, steal data info, to help indentify security risks  Unethical employees-want to exploit a security weakness

4  Cyberextortionist – Use the as a vehicle for extortion  Cyberterriorist - Destroy or damage for political reason  Both requires a team of highly skilled individuals, millions of dollars and years of planning

5  Internet and Network Attacks  Unauthorized Access and Use  Hardware theft  Software theft  Information theft  System failure

6 What are Computer Viruses, worms, Trojan horses and Rootkits? Computer Viruses Potentially damaging computer program Rootkits Hides in a computer and allows someone from a remote location to take full control Worm A program that copies itself repeatedly, using up resources and possibly shutting down computer or network Trojan Horse Hides within or looks likes a legitimate program until triggered

7 What is Malware?  Programs that act without a user’s knowledge and deliberately alters the computer operation.  Unscrupulous programmer write malware and then test to ensure it can deliver it payload (destructive event or prank the program is intended to deliver)

8  When a user:  Opens an infected file  Runs an infected program  Boots the computer with an infected removable media  Connect to an unprotected computer  Most common way – attachments

9  No guarantee methods  Some ways to Prevent Viruses  Do not start computer with removable disks  Never open attachment unless from trusted source  Install an Antivirus program  Stay informed about new virus and virus hoax

10 What is an Antivirus program? Popular Antivirus Programs AVG Anti-Virus avast! Antivirus CA Anti-Virus F-Secure Anti-Virus Kaspersky Anti-Virus McAfee Virus Scan Norton AntiVirus Trend Micro AntiVirus Vexira Antivirus Identifies and removes computer viruses Most also protect against worms, Trojan horses and spyware

11 What is a virus signature?  Specific pattern of virus code Also called virus definition  Antivirus programs look for virus signatures

12 How does an antivirus program inoculate a program file? Attempts to remove any detected virus Records information about program such as file s and creation date Uses information to detect if virus tampers with file Quarantines Infected files that cannot remove

13 What are a Botnet, denial of service attack, back door and spoofing? A Botnet is a group of comprised computers connected to a network that are used as part of a network that attack other networks A denial of service attack is an assault whose purpose is to disrupt a computer access to an Internet data A back door is a program or set of instruction in a program that allow users to bypass security controls when accessing a computer resource Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network

14  Firewalls  Protects a network’s resources from intrusion by user on another network  Intrusion Detection Software  Automatically analyze all network traffic, assess system vulnerabilities, identifies any unauthorized intrusion, and notifies network administration of suspicious behavior pattern.  Honeypots  A vulnerable computer that is setup to enticed an intruder to break into it

15 What is Unauthorized Access and Unauthorized Use?  Unauthorized Access – use of a computer in a network without permission  Unauthorized Use – the use of a computer or its data for unapproved or possibility illegal activities

16  Use Written Acceptable Use Policy (AUP)  Disable file and printer sharing on your Internet connection  Use Firewalls  Use Intrusion detection software  Identify and authenticate users

17  Access controls (security measure that defines who can access a computer)  Maintain an audit trail (records in a file both successful and unsuccessful access attempt)  Two – Phase Process  Identification – verifies individual is a valid user  Authentication – verifies the individual is the person he/she claims to be

18  User Names and Passwords  Possessed Objects  Biometrics Devices

19 What are User Names and Passwords?  User ID – a unique combination of character that identifies on specific user  Password – a private combination of character associated the user name  Longer passwords provides greater security  CAPTCHA (Completely Automated Public Turing Test to Tell Computer and Humans Apart)  Display a series of distorted characters

20  What is a Possessed Object?  Any items you must carry to gain access to a computer or a computer facility ▪ Examples: badges, cards, smart cards and keys  Often used with Personal Identification Number (PIN)

21 What is a Biometric Devices?  Authenticated a person’s identify by translating a personal characteristics into digital codes Examples: Fingerprint readers, hand geometry systems, face recognition system, voice verification system, signature verification system, iris recognition system and retinal scanner

22 What is Digital Forensics?  Discovery, collection, and analysis of evidence found on computers and networks  Involves – examination of computer media, programs, data and log files

23 What are hardware theft and hardware vandalism?  Hardware Theft – act of stealing computer equipment  Vandalism – act of defacing or destroying a computer

24  Physical Access Controls  Locked doors  Install alarms  Use cables that lock the equip  Real time location system ▪ Track and Identify the location of high risk or high value items)

25 What is software theft?  Occurs when someone  Steals software media  Intentionally erases programs  Illegally copies a program (piracy)  Illegally register and/or activates a program

26  Keep original software box in a secure location  Backup files  Protect from software piracy  License agreement (right to use software) ▪ Don’t own the software ▪ Most common type of license – single-use license agreement/end-user license agreement (EULA)

27  Permitted to:  Install the software on one computer  Make one copy – Backup  Give or sell only if the software is removed  Not Permitted to:  Install the software on a network  Gives copies to friends  Export the software  Rent or lease the software

28 What are some other safeguards against software theft? Business Software Alliance (BSA) promotes better understanding of software piracy problems Product activation allows user to input product identification number online or by telephone and receive unique installation identification number

29  Occurs when someone steals personal or confidential information  Safeguards  Use user identification and authentication  Use encryption techniques

30 What is Encryption?  Process of converting readable data into unreadable characters to prevent unauthorized access  Encryption Process ▪ Readable data – plaintext ▪ Scramble data – ciphertext ▪ Encryption key – use to encrypt the plaintext

31  Private Key (symmetric)  Both the originator and recipient use the same secret key to encrypt and decrypt data  Public Key (asymmetric)  Two encryption keys (public and private)  A message is encrypted with a public key must be decrypted along with the corresponding private key  Popular encryption program – Pretty Good Privacy (PGP)

32  Digital Certificates- notice that guarantees a user on a web site is legitimate  Transport Layer Security- provides encryption of all data that pasts between a client and a Internet server

33  Secure HTTP – allows users to choose an encryption scheme for data that passes between a client and a Internet server  VPN-Virtual Private Network  Provide the mobile users with a secure connection to the company network server

34 What is a system failure? Prolonged malfunction of computer Can cause loss of hardware, software, or data Caused by aging hardware, natural disaster, or electrical power disturbances Noise- unwanted electrical signal Undervoltage- drop in electrical supply Overvoltage or power surge- significant power increase in electrical power

35  What is a surge protectors?  Absorb small overvoltage  Not 100% effective  Uninterruptible Power Supply  A device that contains surge protection circuits and more batteries that can provide power during a temporary or permanent loss of power

36 What is a backup? Full backup all files in computer Selective backup Select which files to back up Three-generation backup Preserves three copies of important files Store in a fireproof and heat proof safe or vault, offsite Duplicate of file, program, or disk


Download ppt "Chapter 11. What is a computer security risk?  Any event or action that could cause a loss of or damage to computer hardware, software, data, information,"

Similar presentations


Ads by Google