Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Published byTaylor Lewey Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide."— Presentation transcript:

1 Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide

2 This chapter explains the basics of network security, as well as types of attacks on networks.

3 Hackers A hacker is someone who has the technical expertise to bypass the security of a network or operating system There are two types of hackers, White-hat Hackers, and Black-hat Hackers. White-hat hackers try to break software or hardware for the purpose of understanding how to protect the environment from Black-hat hackers Black-hat hackers are people who break into a system or network for malicious reasons, or for personal gain. The reasons could be for financial gain, bragging rights, or revenge.

4 Social Engineering A social engineering attack occurs when a hacker tricks a user into giving up information through social contact with the user.

5 Network-based attacks Password attacks-dictionary attack – Dictionary Attack- Hackers use a program that uses 2 text files, one file contains the most popular user accounts found on networks, such as administartor, admin, and root – The second text file contains a list of all the words in the dictionary and more. – The program then tries every user account in the user account file with every word in the dictionary file, attempting to determine the password for the user account.

6 Network-based attacks cont. Denial of service- A DoS attack can come in many forms and is designed to cause a system to be so busy that it cannot service a real request from a client, essentially overloading the system and shutting it down.

7 Spoofing- a type of attack in which a hacker modifies the source address of a network packet.

8 Eavesdropping attack- When a hacker uses some sort of packet sniffer program that allows him to see all the traffic on the network.

9 Man-in-the-Middle- Involves the hacker monitoring network traffic but also intercepting data, modifying the data, and then sending the modified results out.

10 Session hijacking- Similar to a MiTm attack, but instead of the hacker intercepting data, changing it, and sending it out and sends it to whomever it was destined for, the hacker simply hijacks the session and then impersonates one of the parties.

11 Software based attacks Trojan horse- A piece of software that a user is typically tricked into running on the system and when the software runs it does something totally different than was the user expected it to do.

12 Virus- A program that causes harm to your system.

13 Worm- A virus that does not need to be activated by someone opening the file, the worm is self replicating, meaning it spreads itself from system to system, infecting each computer.

14 Logic bomb- Malicious software that could run every day, but the software was designed to wreak havoc on you system on a certain date and time.

15 Physical security Server placement- Lock your servers in a room that only a select few individuals have the key for. Disable boot devices- You can help secure the systems by disabling the ability to boot from a floppy disk or CD-ROM in the CMOS setup on the system Set CMOS password- Because most hackers know how to go to CMOS and enable booting from CD- ROM, you want to make sure that you set a password on CMOS to that a hacker cannot modify your CMOS settings.

16 Disable network ports- To ensure that a hacker doesn’t enter your office, plug into the network and then start performing a number of network attacks, ensure that network ports in lobbies and front entrances are disabled unless and administrator enables them. Lockdown Cable- A lockdown cable is a cable that you connect to laptops, projectors, and other types of office equipment that locks the device to a table or desk- unless unlocked.

17 Authentication & Authorization Authentication is the process of proving one’s identity to the network environment.

18 Types of Authentication Smart Card- A type of logon supported by network environmetns today is the use of a smart card. A smart card is a small ATM card- like device that contains your account information.

19 Strong Passwords- This should be obvious. A good and strong password should be long, contain mixed cases, numbers, and possibly symbols. Anyone using 1234, 12345, abc, password, or admin, should be beaten about the face with a CRT monitor.

20 Authorization Authorization is the process of giving a user permission to access a resource

Download ppt "Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide."

Similar presentations

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
PC Support & Repair Chapter 9 Fundamental Security.

PC Support & Repair Chapter 9 Fundamental Security.
Nasca 2007 100 200 300 400 500 Internet Networking and Security viruses.

Nasca Internet Networking and Security viruses.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

Similar presentations

Ads by Google