Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Slides:

Advertisements

Similar presentations

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

Advertisements

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

Chapter 9: Privacy, Crime, and Security

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security Awareness: Applying Practical Security in Your World

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

PC Support & Repair Chapter 9 Fundamental Security.

Nasca Internet Networking and Security viruses.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Definitions  Virus A small piece of software that attaches itself to a program on the computer. It can cause serious damage to your computer.  Worm.

The Impact of Physical Security on Network Security

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

1 Guide to Network Defense and Countermeasures Chapter 2.

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

the protection of computer systerms and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

BUSINESS B1 Information Security.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Connecting Computers and Keeping them safe from Hackers and Viruses Bradie Britzmann and Courtney Hughes Britzmann & Hughes.

Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Company LOGO Malicious Attacks Brian Duff Nidhi Doshi Timmy Choi Dustin Hellstern.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.

Topic 5: Basic Security.

Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.

Malicious Software.

Ingredients of Security

Security fundamentals Topic 1 Addressing security threats and vulnerabilities.

INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY: SECURITY Taylor Moncrief.

Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

Any criminal action perpetrated primarily through the use of a computer.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

Information Systems Design and Development Security Risks Computing Science.

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.

Robert Crawford, MBA West Middle School.  Describe ways criminals obtain passwords  Discuss ways to protect your computer from being accessed by others.

Information Systems Design and Development Security Precautions Computing Science.

Primary/secondary data sources Health and safety Security of Data Data Protection Act.

Security Risks Todays Lesson Security Risks Security Precautions

Chapter 40 Internet Security.

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Operating Systems Services provided on internet

Instructor Materials Chapter 7 Network Security

Security in Networking

Computer Viruses.

Faculty of Science IT Department By Raz Dara MA.

Computer Security By: Muhammed Anwar.

Test 3 review FTP & Cybersecurity

Presentation transcript:

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide

This chapter explains the basics of network security, as well as types of attacks on networks.

Hackers A hacker is someone who has the technical expertise to bypass the security of a network or operating system There are two types of hackers, White-hat Hackers, and Black-hat Hackers. White-hat hackers try to break software or hardware for the purpose of understanding how to protect the environment from Black-hat hackers Black-hat hackers are people who break into a system or network for malicious reasons, or for personal gain. The reasons could be for financial gain, bragging rights, or revenge.

Social Engineering A social engineering attack occurs when a hacker tricks a user into giving up information through social contact with the user.

Network-based attacks Password attacks-dictionary attack – Dictionary Attack- Hackers use a program that uses 2 text files, one file contains the most popular user accounts found on networks, such as administartor, admin, and root – The second text file contains a list of all the words in the dictionary and more. – The program then tries every user account in the user account file with every word in the dictionary file, attempting to determine the password for the user account.

Network-based attacks cont. Denial of service- A DoS attack can come in many forms and is designed to cause a system to be so busy that it cannot service a real request from a client, essentially overloading the system and shutting it down.

Spoofing- a type of attack in which a hacker modifies the source address of a network packet.

Eavesdropping attack- When a hacker uses some sort of packet sniffer program that allows him to see all the traffic on the network.

Man-in-the-Middle- Involves the hacker monitoring network traffic but also intercepting data, modifying the data, and then sending the modified results out.

Session hijacking- Similar to a MiTm attack, but instead of the hacker intercepting data, changing it, and sending it out and sends it to whomever it was destined for, the hacker simply hijacks the session and then impersonates one of the parties.

Software based attacks Trojan horse- A piece of software that a user is typically tricked into running on the system and when the software runs it does something totally different than was the user expected it to do.

Virus- A program that causes harm to your system.

Worm- A virus that does not need to be activated by someone opening the file, the worm is self replicating, meaning it spreads itself from system to system, infecting each computer.

Logic bomb- Malicious software that could run every day, but the software was designed to wreak havoc on you system on a certain date and time.

Physical security Server placement- Lock your servers in a room that only a select few individuals have the key for. Disable boot devices- You can help secure the systems by disabling the ability to boot from a floppy disk or CD-ROM in the CMOS setup on the system Set CMOS password- Because most hackers know how to go to CMOS and enable booting from CD- ROM, you want to make sure that you set a password on CMOS to that a hacker cannot modify your CMOS settings.

Disable network ports- To ensure that a hacker doesn’t enter your office, plug into the network and then start performing a number of network attacks, ensure that network ports in lobbies and front entrances are disabled unless and administrator enables them. Lockdown Cable- A lockdown cable is a cable that you connect to laptops, projectors, and other types of office equipment that locks the device to a table or desk- unless unlocked.

Authentication & Authorization Authentication is the process of proving one’s identity to the network environment.

Types of Authentication Smart Card- A type of logon supported by network environmetns today is the use of a smart card. A smart card is a small ATM card- like device that contains your account information.

Strong Passwords- This should be obvious. A good and strong password should be long, contain mixed cases, numbers, and possibly symbols. Anyone using 1234, 12345, abc, password, or admin, should be beaten about the face with a CRT monitor.

Authorization Authorization is the process of giving a user permission to access a resource