Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security+ Guide to Network Security Fundamentals, Third Edition

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Security+ Guide to Network Security Fundamentals, Third Edition"— Presentation transcript:

1 Security+ Guide to Network Security Fundamentals, Third Edition
Chapter 3 Protecting Systems

2 Objectives Explain how to harden operating systems
List ways to prevent attacks through a Web browser Define SQL injection and explain how to protect against it Explain how to protect systems from communications-based attacks Describe various software security applications Security+ Guide to Network Security Fundamentals, Third Edition

3 Hardening the Operating System
Hardening the operating system to resist attacks is often a ________________ approach that involves: ________________ to the operating system Protecting against _______________________ _____________ operating system ___________ Let’s take a look at each of these… Security+ Guide to Network Security Fundamentals, Third Edition

4 Managing Operating System Updates
One of the most important steps in hardening an operating system is to _______________ Due to the increased length and complexity of operating systems ____________________ were introduced Then these vulnerabilities were __________________________________ Software vendors deploy software “fixes” to address vulnerabilities Security+ Guide to Network Security Fundamentals, Third Edition

5 Managing Operating System Updates (continued)
Update terminology Security patch A general software security update ________________ _________________________________________ Hotfix addresses a _______________________ Often may not be distributed outside that customer’s organization Service pack A _______________________________________ _________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

6 Security+ Guide to Network Security Fundamentals, Third Edition

7 Managing Operating System Updates (continued)
Patch management techniques- applies to all modern operating systems… 1. Install updates _________________________ Checks, downloads and installs regularly and automatically 2. Download updates automatically but ___________ ____________________________________ 3. Check for updates but ______________________ _________________________________________ 4. Never check for updates What is an incentive to using approach #2 or #3? Security+ Guide to Network Security Fundamentals, Third Edition

8 Managing Operating System Updates (continued)
Automated patch update service Used to ________________________________ instead of relying upon the vendor’s online update service Advantages to an automated patch update service include: Can ________________________ by downloading locally Computers that do not have Internet access can receive updates _____________________________________________ ______________________________________, and obtain reports on what updates each computer needs Security+ Guide to Network Security Fundamentals, Third Edition

9 Buffer Overflow Protection
What is Buffer overflow? Occurs when a ______________________________ in random access memory (_________) _____________ _____________ ____________________________ Extra data overflows into the adjacent memory locations and under certain conditions may cause the computer to stop functioning or have unpredictable results _____________________________________ in order to compromise a computer And point to a memory area that contains the attacker’s malware code See example to follow… Security+ Guide to Network Security Fundamentals, Third Edition

10 Security+ Guide to Network Security Fundamentals, Third Edition

11 Buffer Overflow Protection (continued)
Basic defenses against buffer overflows ________________________________ that will protect against these attacks Use a _____________________________ that makes these attacks more difficult For Windows-based systems, there are two defenses against buffer overflows Data execution prevention (_________) Address space layout randomization (________) Security+ Guide to Network Security Fundamentals, Third Edition

12 Buffer Overflow Protection (continued)
Data Execution Prevention (DEP) Most modern CPUs support an ___ (No eXecute) bit to designate a ________________________ _________________________________ _________________________________________________________________________ Windows Vista allows software developers to enable NX hardware protection specifically for the application software that they develop Security+ Guide to Network Security Fundamentals, Third Edition

13 Recommended setting Default setting
Security+ Guide to Network Security Fundamentals, Third Edition

14 Buffer Overflow Protection (continued)
Address Space Layout Randomization (ASLR) _________ assigns executable operating system code to ________________________ in memory This makes it ___________________________ and take advantage of any functionality inside these executables Also makes it harder to predict where OS functionality resides in memory ASLR is _______________________________ _____________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

15 Configuring Operating System Protection
Most organizations take a ______________ to configuring operating system protections: ___________________ a document that clearly ___________________________ an organization will employ to keep information secure _______________________ - OS ____________ _____________ used for each computer ______________________ – a way of configuring a group of baseline security settings at once _______________________ of security template Security+ Guide to Network Security Fundamentals, Third Edition

16 Preventing Attacks That Come Through the Web Browser
These attacks involve using: Cookies JavaScript Java ActiveX Cross-site scripting Security+ Guide to Network Security Fundamentals, Third Edition

17 Cookies Cookies are _________________________________ _________________________________________ Info gathered based on shopping cart contents, info entered by user, preferences set etc. Two types of cookies: ____________________________ created by website _____________________________________ ________________________ created by a ________________ than the one which attempts to access the cookie Cookies can pose a _________________ risk Cookies can be used to track the browsing or buying habits of a user Defenses against cookies include ________________ ______________________ them once they are created Security+ Guide to Network Security Fundamentals

18 JavaScript A ___________________________________
A computer programming language ________________ _______________ and __________________________ __________________________________________ When a users access a website, the HTML document and script is downloaded to the user’s computer. Web browser extracts the script from HTML and runs it JavaScript _____________ used to create standalone applications Executes using a Java interpreter Visiting a Web site that ______________________ _________________________ to run on a local computer ___________________________ Security+ Guide to Network Security Fundamentals, Third Edition

19 JavaScript (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

20 JavaScript (continued)
Defense mechanisms in place to prevent JavaScript programs from causing serious harm: JavaScript ____________________ capabilities such as _____________________________________________ But CAN access info available to a browser such as cookies JavaScript has _____________________________ Security concerns remain: JavaScript programs __________________________ _____________________________ or authorization The defense against JavaScript is to ______________ ________________________ Security+ Guide to Network Security Fundamentals, Third Edition

21 Java Java A ___________________________________ ___________________________ _____________ to create standalone applications Java applet A _______________ stored on a Web server and ____________________________________ along with HTML code Can also be made into hostile programs Security+ Guide to Network Security Fundamentals, Third Edition

22 Java (continued) Security+ Guide to Network Security Fundamentals, Third Edition

23 Java (continued) _______________ is a safety mechanism and _______________________________________ Surrounds program and _________________________ __________________________ on a local computer ________________________ allowing hostile applets access to sensitive data on the hard drive Two types of Java applets: _____________ Java applet: program that ___________ _____________________ and by default- run in a sandbox ____________ Java applet: has information proving the program is _________________ and has not been altered Security+ Guide to Network Security Fundamentals, Third Edition

24 Java (continued) Hostile applet of an attacker trying to obtain login info. NOTE: Warning message Security+ Guide to Network Security Fundamentals, Third Edition

25 ActiveX Set of technologies developed by ______________
Not a programming language but a _____________ _______________________________________ ActiveX controls Also called ___________________________ Can perform many of the same functions of a Java applet, ___________________________________ Have __________________________________________ Can be signed or unsigned but signing only verifies the signer, _______________________________________ ActiveX poses a number of __________________ Security+ Guide to Network Security Fundamentals, Third Edition

26 ActiveX (continued) If a computer is shared by multiple users, any user can download an ActiveX control which would be available to all users However, a _________________________ ______________________________________ __________________________ that use ActiveX technology _________________________ mechanisms available in Internet Explorer The defense against ActiveX is to __________ it within the Web browser Security+ Guide to Network Security Fundamentals, Third Edition

27 Cross Site Scripting (XSS)
An attack in which _____________________ into a specific type of dynamic Web page Typically involves using client-side scripts written in JavaScript or ActiveX and social engineering Designed to ____________________________________ ______________________________________________ Targeted to Web sites that dynamically generate Web pages that redisplay (_________) user input that has not been properly validated See next slide for example of username echoed Security+ Guide to Network Security Fundamentals, Third Edition

28 Cross Site Scripting (XSS) (continued)
Echoing used… Security+ Guide to Network Security Fundamentals, Third Edition 28 28

29 Cross Site Scripting (XSS) (continued)
Cross Site Scripting (XSS) attack steps: <while we go over these steps- see the next three slides- and especially the third one …> 1. An attacker searches for a Web site that redisplays a bad login (See Figures 3-8 and 3-9) 2. The attacker then creates an attack URL that contains the embedded JavaScript commands with a link redirecting the user to the attacker’s website 3. A fake is sent to unsuspecting users with the attack URL as a modified embedded link in the 4. The unsuspecting victim clicks on the attack URL and enters his username and password Security+ Guide to Network Security Fundamentals, Third Edition

30 Cross Site Scripting (XSS) (continued)
Good- logon info not redisplayed (echoed) Security+ Guide to Network Security Fundamentals, Third Edition

31 Cross Site Scripting (XSS) (continued)
Echoing used… Security+ Guide to Network Security Fundamentals, Third Edition

32 Security+ Guide to Network Security Fundamentals, Third Edition

33 Cross Site Scripting (XSS) (continued)
Defenses against XSS ________________ _____________________ as well as ______ Webmasters should check that all ___________ _________________________________________________________________________ They also should be sure that all Web services and database software is ____________ to prevent XSS ___________________________________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

34 Hardening Web Servers Because of their open exposure, ________ ________________________ for attackers ________ (structured query language) A language _______________________ that is stored in a relational _________________ SQL injection One of the most _______________________ Uses a form of injection like XSS Hinges on an _________________________ __________________ into a dynamic Web page Security+ Guide to Network Security Fundamentals, Third Edition

35 Hardening Web Servers (continued)
123 or 1=1 In the above SQL injection example, the Password that was entered is a continuation of the SQL statement checking the validity of the information entered. So– with the above “or” addition, the statement to allow Login is: Select ID From User Where UserName = User_Entered_Username and Password = User_Entered_Password or 1 = 1 SQL injection- always makes statement true!! Security+ Guide to Network Security Fundamentals, Third Edition

36 Hardening Web Servers (continued)
Attacks in addition to the SQL injection attack _______________ from the database ____________________________ through function calls _______________ a list of all usernames and passwords Security+ Guide to Network Security Fundamentals, Third Edition

37 Hardening Web Servers (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

38 Protecting Systems from Communications-Based Attacks
Communications protocols and applications can also be vectors for attacks Some of the most common communications-based attacks are: Security+ Guide to Network Security Fundamentals, Third Edition

39 SMTP Open Relays systems often use the following two TCP/IP protocols to send and receive messages Simple Mail Transfer Protocol (________) handles _______________ (sent) mail Post Office Protocol (___________ for the current version) handles _____________ (received) mail IMAP (Internet Mail Access Protocol- _______ is the current version) A more advanced protocol than POP3 for __________________________________ remains on the server Mail can be organized into folders and read from any computer Security+ Guide to Network Security Fundamentals, Third Edition

40 SMTP Open Relays (continued)
SMTP relay SMTP servers can _______________________ ___________________________________ SMTP open relay If SMTP relay is not controlled, an _____________ _______________________________________ The _____________ against SMTP open relay is to _________________________________ So that all users ________________________ ______________________ or limit relays to only local users Security+ Guide to Network Security Fundamentals, Third Edition

41 Instant Messaging _________________________________________
Can also be used to chat between several users simultaneously, to send and receive files etc Basic IM has several ________________________ IM provides a ____________________________________ Bypasses IM server Attackers can use this direct connection to _______________ __________________________ IM is __________________________ by default so attackers could view the content of messages ________________________________ kept on IM server of the correspondence Security+ Guide to Network Security Fundamentals, Third Edition

42 Instant Messaging (continued)
Steps to secure IM include: Keep the IM server within the organization’s firewall and ____________________________ ____________________________________ Enable ________________________________ ____________________________________ ____________________ messages Security+ Guide to Network Security Fundamentals, Third Edition

43 Peer-to-Peer (P2P) Networks
Uses a _____________________________ ___________________________, so each device simultaneously functions as both a client and a server to all other devices connected to the network For ____________ of audio, video, and data, etc Downloads are entire files from one location ___________________________________ ____________________ using P2P Security+ Guide to Network Security Fundamentals, Third Edition

44 Peer-to-Peer (P2P) Networks (continued)
A new type of P2P network has emerged known as ____________________________ Torrents are _______________________ that ________________ available through a _________ _____________ program operated by the person or organization that wants to ________________________ With _________________________________ BitTorrent _______________________________ __________________ like traditional P2P networks Individual BitTorrent users _________________________ so the entire file comes from a ______________________ Security+ Guide to Network Security Fundamentals, Third Edition

45 Applying Software Security Applications
Software security applications that are commonly installed on systems include: Antivirus Anti-spam Popup blockers Personal software firewalls Host intrusion detection systems Security+ Guide to Network Security Fundamentals, Third Edition

46 Antivirus Antivirus (AV) software
____________________________ as well as monitor computer activity and _______________________, such as attachments, that might contain a virus If a virus is detected, options generally include cleaning the file of the virus, quarantining the infected file, or deleting the file Entire hard drive should be ___________________ The _________________ of AV software is that it must be _____________________________ to recognize new viruses AV updates known as ____________________________ Security+ Guide to Network Security Fundamentals, Third Edition

47 Popup Blockers Popup Popup ______________
A _____________________________________ over the Web site that is being viewed Popup ______________ Allows the ________________________________ Can be either a separate program or a feature incorporated within a browser As a separate program, popup blockers are often part of a package known as __________________ ________________________________________ by different types of spyware Updates must be downloaded _________________ Security+ Guide to Network Security Fundamentals, Third Edition

48 Anti-Spam Spam can be annoying but also pose a __________________
Viruses can be spread through s Four different options that corporations can use to prevent (reduce) spam from reaching the user 1. __________________________________________ A. Install the spam filter with the SMTP server See Figure 3-14 on next slide B. Install the spam filter with the POP3 server See Figure 3-15 – two slides down… Security+ Guide to Network Security Fundamentals, Third Edition

49 Anti-Spam (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

50 Anti-Spam (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

51 Anti-Spam (continued)
2. Another way to filter spam is for the organization to __________________________________ All is directed to the third-party’s remote spam filter where it is cleansed before it is redirected back to the organization 3. Third method is to __________________________ Configurations include setting the level of junk protection, specifying blocked or allowed senders etc. 4. A final method of spam filtering is to ____________ ______________________________ that works with the client software Security+ Guide to Network Security Fundamentals, Third Edition

52 Personal Software Firewalls
Firewall, sometimes called a packet filter ________________________________________________________________________________ Can be _________________________________ ______________ software firewall Runs as a ___________________________ to protect it against attacks Many operating systems now come with personal software firewalls Security+ Guide to Network Security Fundamentals, Third Edition

53 Host Intrusion Detection Systems (______________)
Monitors _________________________________ _______________________________________ ____IDS are software-based and _____________ ______________________ These systems can be divided into four groups: ___________ monitors ___________ analyzers _______________ analyzers HIDS work on the ___________________________ ____________________________________- Security+ Guide to Network Security Fundamentals, Third Edition

54 Summary Hardening the operating system is key in resisting attacks
A buffer overflow occurs when a process attempts to store data in random access memory (RAM) beyond the boundaries of a fixed-length storage buffer Most organizations use a four-fold approach to protecting operating systems: security policies, configuration baselines, security templates, and deployment Systems must also be protected from attacks that attempt to enter through a Web browser Security+ Guide to Network Security Fundamentals, Third Edition

55 Summary (continued) Attacks can also be based on communications protocols and applications Additional security-based software, whose sole purpose is to fend off attacks, is another important layer of security A firewall is designed to prevent malicious packets from entering or leaving the computer Security+ Guide to Network Security Fundamentals, Third Edition

Download ppt "Security+ Guide to Network Security Fundamentals, Third Edition"

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Basic Communication on the Internet:

Basic Communication on the Internet:
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Chapter 4 Application Security Knowledge and Test Prep

Chapter 4 Application Security Knowledge and Test Prep
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Chapter 6: Hostile Code Guide to Computer Network Security.

Chapter 6: Hostile Code Guide to Computer Network Security.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.

Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.

Similar presentations

Ads by Google