Security+ Guide to Network Security Fundamentals, Third Edition

Slides:



Advertisements
Similar presentations
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Advertisements

Basic Communication on the Internet:
Thank you to IT Training at Indiana University Computer Malware.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security+ Guide to Network Security Fundamentals, Third Edition
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Computer Security and Penetration Testing
Chapter 4 Application Security Knowledge and Test Prep
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Chapter 6: Hostile Code Guide to Computer Network Security.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
INTRODUCTION TO WEB DATABASE PROGRAMMING
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.
Data Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Security Awareness Chapter 3 Internet Security. Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
Staying Safe Online Keep your Information Secure.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
JavaScript, Fourth Edition
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Security Awareness: Applying Practical Security in Your World Chapter 4: Chapter 4: Internet Security.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
.  At least one in ten web pages are booby-trapped with malware  Just viewing an infected Web page installs malware on your computer, if your operating.
Protecting Students on the School Computer Network Enfield High School.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
NetTech Solutions Protecting the Computer Lesson 10.
WEB SERVER SOFTWARE FEATURE SETS
Understand Malware LESSON Security Fundamentals.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Introduction to Network Security. Acknowledgements.
Bay Ridge Security Consulting (BRSC). Importance in Securing System  If don’t keep up with security issues or fixes Exploitation of root access Installation.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Protecting the Server and Client Lesson 5. Objectives.
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Windows Vista Configuration MCTS : Network Security.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
TMG Client Protection 6NPS – Session 7.
Instructor Materials Chapter 5 Providing Network Services
Chapter 4: Security Baselines
Security+ Guide to Network Security Fundamentals, Third Edition
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Computer Security.
Implementing Client Security on Windows 2000 and Windows XP Level 150
6. Application Software Security
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems

Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define SQL injection and explain how to protect against it Explain how to protect systems from communications-based attacks Describe various software security applications Security+ Guide to Network Security Fundamentals, Third Edition

Hardening the Operating System Hardening the operating system to resist attacks is often a ________________ approach that involves: ________________ to the operating system Protecting against _______________________ _____________ operating system ___________ Let’s take a look at each of these… Security+ Guide to Network Security Fundamentals, Third Edition

Managing Operating System Updates One of the most important steps in hardening an operating system is to _______________ Due to the increased length and complexity of operating systems ____________________ were introduced Then these vulnerabilities were __________________________________ Software vendors deploy software “fixes” to address vulnerabilities Security+ Guide to Network Security Fundamentals, Third Edition

Managing Operating System Updates (continued) Update terminology Security patch A general software security update ________________ _________________________________________ Hotfix addresses a _______________________ Often may not be distributed outside that customer’s organization Service pack A _______________________________________ _________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition

Managing Operating System Updates (continued) Patch management techniques- applies to all modern operating systems… 1. Install updates _________________________ Checks, downloads and installs regularly and automatically 2. Download updates automatically but ___________ ____________________________________ 3. Check for updates but ______________________ _________________________________________ 4. Never check for updates What is an incentive to using approach #2 or #3? Security+ Guide to Network Security Fundamentals, Third Edition

Managing Operating System Updates (continued) Automated patch update service Used to ________________________________ instead of relying upon the vendor’s online update service Advantages to an automated patch update service include: Can ________________________ by downloading locally Computers that do not have Internet access can receive updates _____________________________________________ ______________________________________, and obtain reports on what updates each computer needs Security+ Guide to Network Security Fundamentals, Third Edition

Buffer Overflow Protection What is Buffer overflow? Occurs when a ______________________________ in random access memory (_________) _____________ _____________ ____________________________ Extra data overflows into the adjacent memory locations and under certain conditions may cause the computer to stop functioning or have unpredictable results _____________________________________ in order to compromise a computer And point to a memory area that contains the attacker’s malware code See example to follow… Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition

Buffer Overflow Protection (continued) Basic defenses against buffer overflows ________________________________ that will protect against these attacks Use a _____________________________ that makes these attacks more difficult For Windows-based systems, there are two defenses against buffer overflows Data execution prevention (_________) Address space layout randomization (________) Security+ Guide to Network Security Fundamentals, Third Edition

Buffer Overflow Protection (continued) Data Execution Prevention (DEP) Most modern CPUs support an ___ (No eXecute) bit to designate a ________________________ _________________________________ _________________________________________________________________________ Windows Vista allows software developers to enable NX hardware protection specifically for the application software that they develop Security+ Guide to Network Security Fundamentals, Third Edition

Recommended setting Default setting Security+ Guide to Network Security Fundamentals, Third Edition

Buffer Overflow Protection (continued) Address Space Layout Randomization (ASLR) _________ assigns executable operating system code to ________________________ in memory This makes it ___________________________ and take advantage of any functionality inside these executables Also makes it harder to predict where OS functionality resides in memory ASLR is _______________________________ _____________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

Configuring Operating System Protection Most organizations take a ______________ to configuring operating system protections: ___________________ a document that clearly ___________________________ an organization will employ to keep information secure _______________________ - OS ____________ _____________ used for each computer ______________________ – a way of configuring a group of baseline security settings at once _______________________ of security template Security+ Guide to Network Security Fundamentals, Third Edition

Preventing Attacks That Come Through the Web Browser These attacks involve using: Cookies JavaScript Java ActiveX Cross-site scripting Security+ Guide to Network Security Fundamentals, Third Edition

Cookies Cookies are _________________________________ _________________________________________ Info gathered based on shopping cart contents, info entered by user, preferences set etc. Two types of cookies: ____________________________ created by website _____________________________________ ________________________ created by a ________________ than the one which attempts to access the cookie Cookies can pose a _________________ risk Cookies can be used to track the browsing or buying habits of a user Defenses against cookies include ________________ ______________________ them once they are created Security+ Guide to Network Security Fundamentals

JavaScript A ___________________________________ A computer programming language ________________ _______________ and __________________________ __________________________________________ When a users access a website, the HTML document and script is downloaded to the user’s computer. Web browser extracts the script from HTML and runs it JavaScript _____________ used to create standalone applications Executes using a Java interpreter Visiting a Web site that ______________________ _________________________ to run on a local computer ___________________________ Security+ Guide to Network Security Fundamentals, Third Edition

JavaScript (continued) Security+ Guide to Network Security Fundamentals, Third Edition

JavaScript (continued) Defense mechanisms in place to prevent JavaScript programs from causing serious harm: JavaScript ____________________ capabilities such as _____________________________________________ But CAN access info available to a browser such as cookies JavaScript has _____________________________ Security concerns remain: JavaScript programs __________________________ _____________________________ or authorization The defense against JavaScript is to ______________ ________________________ Security+ Guide to Network Security Fundamentals, Third Edition

Java Java A ___________________________________ ___________________________ _____________ to create standalone applications Java applet A _______________ stored on a Web server and ____________________________________ along with HTML code Can also be made into hostile programs Security+ Guide to Network Security Fundamentals, Third Edition

Java (continued) Security+ Guide to Network Security Fundamentals, Third Edition

Java (continued) _______________ is a safety mechanism and _______________________________________ Surrounds program and _________________________ __________________________ on a local computer ________________________ allowing hostile applets access to sensitive data on the hard drive Two types of Java applets: _____________ Java applet: program that ___________ _____________________ and by default- run in a sandbox ____________ Java applet: has information proving the program is _________________ and has not been altered Security+ Guide to Network Security Fundamentals, Third Edition

Java (continued) Hostile applet of an attacker trying to obtain login info. NOTE: Warning message Security+ Guide to Network Security Fundamentals, Third Edition

ActiveX Set of technologies developed by ______________ Not a programming language but a _____________ _______________________________________ ActiveX controls Also called ___________________________ Can perform many of the same functions of a Java applet, ___________________________________ Have __________________________________________ Can be signed or unsigned but signing only verifies the signer, _______________________________________ ActiveX poses a number of __________________ Security+ Guide to Network Security Fundamentals, Third Edition

ActiveX (continued) If a computer is shared by multiple users, any user can download an ActiveX control which would be available to all users However, a _________________________ ______________________________________ __________________________ that use ActiveX technology _________________________ mechanisms available in Internet Explorer The defense against ActiveX is to __________ it within the Web browser Security+ Guide to Network Security Fundamentals, Third Edition

Cross Site Scripting (XSS) An attack in which _____________________ into a specific type of dynamic Web page Typically involves using client-side scripts written in JavaScript or ActiveX and social engineering Designed to ____________________________________ ______________________________________________ Targeted to Web sites that dynamically generate Web pages that redisplay (_________) user input that has not been properly validated See next slide for example of username echoed Security+ Guide to Network Security Fundamentals, Third Edition

Cross Site Scripting (XSS) (continued) Echoing used… Security+ Guide to Network Security Fundamentals, Third Edition 28 28

Cross Site Scripting (XSS) (continued) Cross Site Scripting (XSS) attack steps: <while we go over these steps- see the next three slides- and especially the third one …> 1. An attacker searches for a Web site that redisplays a bad login (See Figures 3-8 and 3-9) 2. The attacker then creates an attack URL that contains the embedded JavaScript commands with a link redirecting the user to the attacker’s website 3. A fake e-mail is sent to unsuspecting users with the attack URL as a modified embedded link in the e-mail 4. The unsuspecting victim clicks on the attack URL and enters his username and password Security+ Guide to Network Security Fundamentals, Third Edition

Cross Site Scripting (XSS) (continued) Good- logon info not redisplayed (echoed) Security+ Guide to Network Security Fundamentals, Third Edition

Cross Site Scripting (XSS) (continued) Echoing used… Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition

Cross Site Scripting (XSS) (continued) Defenses against XSS ________________ _____________________ as well as ______ Webmasters should check that all ___________ _________________________________________________________________________ They also should be sure that all Web services and database software is ____________ to prevent XSS ___________________________________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

Hardening Web Servers Because of their open exposure, ________ ________________________ for attackers ________ (structured query language) A language _______________________ that is stored in a relational _________________ SQL injection One of the most _______________________ Uses a form of injection like XSS Hinges on an _________________________ __________________ into a dynamic Web page Security+ Guide to Network Security Fundamentals, Third Edition

Hardening Web Servers (continued) 123 or 1=1 In the above SQL injection example, the Password that was entered is a continuation of the SQL statement checking the validity of the information entered. So– with the above “or” addition, the statement to allow Login is: Select ID From User Where UserName = User_Entered_Username and Password = User_Entered_Password or 1 = 1 SQL injection- always makes statement true!! Security+ Guide to Network Security Fundamentals, Third Edition

Hardening Web Servers (continued) Attacks in addition to the SQL injection attack _______________ from the database ____________________________ through function calls _______________ a list of all usernames and passwords Security+ Guide to Network Security Fundamentals, Third Edition

Hardening Web Servers (continued) Security+ Guide to Network Security Fundamentals, Third Edition

Protecting Systems from Communications-Based Attacks Communications protocols and applications can also be vectors for attacks Some of the most common communications-based attacks are: Security+ Guide to Network Security Fundamentals, Third Edition

SMTP Open Relays E-mail systems often use the following two TCP/IP protocols to send and receive messages Simple Mail Transfer Protocol (________) handles _______________ (sent) mail Post Office Protocol (___________ for the current version) handles _____________ (received) mail IMAP (Internet Mail Access Protocol- _______ is the current version) A more advanced protocol than POP3 for __________________________________ E-mail remains on the e-mail server Mail can be organized into folders and read from any computer Security+ Guide to Network Security Fundamentals, Third Edition

SMTP Open Relays (continued) SMTP relay SMTP servers can _______________________ ___________________________________ SMTP open relay If SMTP relay is not controlled, an _____________ _______________________________________ The _____________ against SMTP open relay is to _________________________________ So that all users ________________________ ______________________ or limit relays to only local users Security+ Guide to Network Security Fundamentals, Third Edition

Instant Messaging _________________________________________ Can also be used to chat between several users simultaneously, to send and receive files etc Basic IM has several ________________________ IM provides a ____________________________________ Bypasses IM server Attackers can use this direct connection to _______________ __________________________ IM is __________________________ by default so attackers could view the content of messages ________________________________ kept on IM server of the correspondence Security+ Guide to Network Security Fundamentals, Third Edition

Instant Messaging (continued) Steps to secure IM include: Keep the IM server within the organization’s firewall and ____________________________ ____________________________________ Enable ________________________________ ____________________________________ ____________________ messages Security+ Guide to Network Security Fundamentals, Third Edition

Peer-to-Peer (P2P) Networks Uses a _____________________________ ___________________________, so each device simultaneously functions as both a client and a server to all other devices connected to the network For ____________ of audio, video, and data, etc Downloads are entire files from one location ___________________________________ ____________________ using P2P Security+ Guide to Network Security Fundamentals, Third Edition

Peer-to-Peer (P2P) Networks (continued) A new type of P2P network has emerged known as ____________________________ Torrents are _______________________ that ________________ available through a _________ _____________ program operated by the person or organization that wants to ________________________ With _________________________________ BitTorrent _______________________________ __________________ like traditional P2P networks Individual BitTorrent users _________________________ so the entire file comes from a ______________________ Security+ Guide to Network Security Fundamentals, Third Edition

Applying Software Security Applications Software security applications that are commonly installed on systems include: Antivirus Anti-spam Popup blockers Personal software firewalls Host intrusion detection systems Security+ Guide to Network Security Fundamentals, Third Edition

Antivirus Antivirus (AV) software ____________________________ as well as monitor computer activity and _______________________, such as e-mail attachments, that might contain a virus If a virus is detected, options generally include cleaning the file of the virus, quarantining the infected file, or deleting the file Entire hard drive should be ___________________ The _________________ of AV software is that it must be _____________________________ to recognize new viruses AV updates known as ____________________________ Security+ Guide to Network Security Fundamentals, Third Edition

Popup Blockers Popup Popup ______________ A _____________________________________ over the Web site that is being viewed Popup ______________ Allows the ________________________________ Can be either a separate program or a feature incorporated within a browser As a separate program, popup blockers are often part of a package known as __________________ ________________________________________ by different types of spyware Updates must be downloaded _________________ Security+ Guide to Network Security Fundamentals, Third Edition

Anti-Spam Spam can be annoying but also pose a __________________ Viruses can be spread through e-mails Four different options that corporations can use to prevent (reduce) spam from reaching the user 1. __________________________________________ A. Install the spam filter with the SMTP server See Figure 3-14 on next slide B. Install the spam filter with the POP3 server See Figure 3-15 – two slides down… Security+ Guide to Network Security Fundamentals, Third Edition

Anti-Spam (continued) Security+ Guide to Network Security Fundamentals, Third Edition

Anti-Spam (continued) Security+ Guide to Network Security Fundamentals, Third Edition

Anti-Spam (continued) 2. Another way to filter spam is for the organization to __________________________________ All e-mail is directed to the third-party’s remote spam filter where it is cleansed before it is redirected back to the organization 3. Third method is to __________________________ Configurations include setting the level of junk e-mail protection, specifying blocked or allowed senders etc. 4. A final method of spam filtering is to ____________ ______________________________ that works with the e-mail client software Security+ Guide to Network Security Fundamentals, Third Edition

Personal Software Firewalls Firewall, sometimes called a packet filter ________________________________________________________________________________ Can be _________________________________ ______________ software firewall Runs as a ___________________________ to protect it against attacks Many operating systems now come with personal software firewalls Security+ Guide to Network Security Fundamentals, Third Edition

Host Intrusion Detection Systems (______________) Monitors _________________________________ _______________________________________ ____IDS are software-based and _____________ ______________________ These systems can be divided into four groups: ___________ monitors ___________ analyzers _______________ analyzers HIDS work on the ___________________________ ____________________________________- Security+ Guide to Network Security Fundamentals, Third Edition

Summary Hardening the operating system is key in resisting attacks A buffer overflow occurs when a process attempts to store data in random access memory (RAM) beyond the boundaries of a fixed-length storage buffer Most organizations use a four-fold approach to protecting operating systems: security policies, configuration baselines, security templates, and deployment Systems must also be protected from attacks that attempt to enter through a Web browser Security+ Guide to Network Security Fundamentals, Third Edition

Summary (continued) Attacks can also be based on communications protocols and applications Additional security-based software, whose sole purpose is to fend off attacks, is another important layer of security A firewall is designed to prevent malicious packets from entering or leaving the computer Security+ Guide to Network Security Fundamentals, Third Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.