Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security+ Guide to Network Security Fundamentals, Third Edition

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Security+ Guide to Network Security Fundamentals, Third Edition"— Presentation transcript:

1 Security+ Guide to Network Security Fundamentals, Third Edition
Chapter 2 Systems Threats and Risks

2 Objectives Describe the different types of software-based attacks
List types of hardware attacks Define virtualization and explain how attackers are targeting virtual systems Security+ Guide to Network Security Fundamentals, Third Edition

3 Software-Based Attacks
Malicious software, or _________________ ________________________________________________________________________________ Malware is a general term that refers to a wide variety of ________________________________ The _______ primary objectives of malware To _______________ a computer system ___________ the malware’s ________________ Bring ____________________ that it performs Security+ Guide to Network Security Fundamentals, Third Edition

4 Infecting Malware- ________________
Programs that _______________________________ __________ when that document or program is opened Needs a __________ to perform some action such as opening an to start the infection Once a virus infects a computer, it performs two separate tasks ________________ by spreading to other computers Via USB, an attachment, or via computers connected to a LAN for example _____________________________ Cause problems ranging from displaying an annoying message to erasing files from a hard drive/ reformatting the hard drive or causing a computer to crash repeatedly Security+ Guide to Network Security Fundamentals, Third Edition

5 Types of Computer viruses
File infector virus- ___________________________ Virus is activated when the program is launched Resident virus- ___________________ each time computer is turned on Can _____________________ executed by the OS Boot virus- _____________________ of a hard disk Intended to ____________________________ Companion virus- _________________________ that is a _________ __________________ version to a legitimate program Macro virus- virus ________________________ Often found in ______________ which- when unknowingly opened by user, macro virus is executed and infect the computer Metamorphic viruses Avoid detection by _______________________ Polymorphic viruses ______________________________ and also _________________ differently each time Security+ Guide to Network Security Fundamentals, Third Edition

6 Infecting Malware - ______________
Program designed to take ___________________ _____________________________________________________________ in order to enter a system Worms are different from viruses in two regards: A worm _________________________ A worm _____________________________________ to begin its execution Actions that worms have performed: ___________ on the computer; allowing the _______________ ______________________ by an attacker Newer worms leave behind payload which cause harm (virus like characteristic) Security+ Guide to Network Security Fundamentals, Third Edition

7 Concealing Malware as something else
Trojan Program ___________________________________ __________________________________ Trojan horse programs are typically ___________ programs that contain ___________ that attack the computer system May be installed with user’s full knowledge but the Trojan’s ____________________________________ Rootkit A __________________ used by an intruder to _________ ____________________________________________________________, and then ___________ of its existence Very good at evading detection and removal by hiding or removing log entries etc Security+ Guide to Network Security Fundamentals, Third Edition

8 Concealing Malware (Rootkit continued)
The rootkit’s goal is to _______ the presence of other types of malicious software such as viruses and worms Rootkits function by _____________________ ___________________ with modified versions Modified files specifically designed to ignore malicious activity so it can escape detection Detecting a rootkit can be _______________ Best way to detect is to reboot and from an alternate source then run a rootkit detection program Removing a rootkit from an infected computer is ____________________________ You need to reformat the hard drive and reinstall the operating system Security+ Guide to Network Security Fundamentals, Third Edition

9 Concealing Malware (continued)
Logic bomb A computer program or a part of a program that _____________________________________________ Once triggered, the program can perform any number of _______________________ Logic bombs are ______________________ before they are triggered Privilege escalation ________________________________________ to resources that the user would normally be restricted from obtaining Either higher (more) privileges or someone else’s privilege status Security+ Guide to Network Security Fundamentals, Third Edition

10 Security+ Guide to Network Security Fundamentals, Third Edition

11 Malware for Profit- ___________
_________________________ Reduces productivity of employees who have to waste time deleting them or perhaps responding to them (on company time) Sending spam is a _______________ which is _______________ for spammers to start up Text-based spam messages can easily by trapped by special filters Security+ Guide to Network Security Fundamentals, Third Edition

12 Malware for Profit (Spam continued)
_________________________ in order to circumvent text-based filters Additional image spam techniques: GIF layering Word splitting Geometric variance Image spam ________________________ based on the content of the message To detect image spam, one approach is to examine the context of the message and create a profile Based on certain indicators, software can make an __________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

13 Malware for Profit - ____________
A general term used for describing software that ____________________________________ Technologies that are ___________________ _____________________________ over: Use of their _______________, including what programs are installed on their computers ____________, use, and distribution of their __________ or other sensitive information Material changes that affect their user experience, privacy, or system security Security+ Guide to Network Security Fundamentals, Third Edition

14 Malware for Profit (Spyware continued)
Spyware has two characteristics that make it ___________________________ Spyware creators are _________________ Spyware is often more intrusive than viruses, harder to detect, and more difficult to remove Spyware is ________________________ Some spyware-like software is considered legitimate business Two common spyware tools: _____________ and _________________

15 Effects of Spyware… Security+ Guide to Network Security Fundamentals, Third Edition

16 Spyware tools continued…
Adware A ___________________________________ ________________, in a manner that is unexpected and _____________ by the user Via pop-ups, banners, or opening new browser windows Adware can be a __________________ Some programs perform a _________________ Monitors and tracks a user’s activities then ends a log of these activities without user’s authorization Security+ Guide to Network Security Fundamentals, Third Edition

17 Spyware tools continued…
Keylogger Either a __________________ or a _________ program that _________________________ ______________ on the computer’s keyboard As the user types, the keystrokes are collected and saved as text The small hardware keylogger physically _________ between the ____________________ __________________________________ Software keylogger programs capture all keystrokes and hide themselves so that they _____________________________ Security+ Guide to Network Security Fundamentals, Third Edition

18 Malware for Profit (continued)
Zombie An ______________________________________________ ________________________________________________ Botnets Hundreds, thousands, or even tens of thousands of ___________________________________________ Attackers use Internet Relay Chat (____) to remotely control the zombies within the botnet What is IRC? Infected computer is joined to a specific IRC channel and there- awaits instructions from the attacker ______________ is known as a ________________ Large number of botnets exist Security+ Guide to Network Security Fundamentals, Third Edition

19 What are botnets used for ?
Security+ Guide to Network Security Fundamentals, Third Edition

20 Hardware-Based Attacks
Hardware that often is the target of attacks includes the BIOS, USB devices, network attached storage, and even cell phones Security+ Guide to Network Security Fundamentals, Third Edition

21 BIOS Basic Input/Output System (___________)
A coded ___________________________________ that ________________________________________ on the computer system ________________________________________ and provides low-level access to the hard disk, video, and keyboard On older computer systems the BIOS was a Read Only Memory (ROM) chip Not able to be reprogrammed Today’s computer systems have a _____________ (Programmable Read Only Memory) chip Able to be _________________ AKA ___________ the BIOS- leaving the ____________________________ Security+ Guide to Network Security Fundamentals, Third Edition

22 BIOS (continued) Types of BIOS attacks…
Where a ________________________________ and the first part of the hard disk drive, rendering the computer completely dead A computer cannot boot without the BIOS An attacker could infect a computer with a virus and then flash the BIOS to _________________ ______________ containing malicious code _____________________________ the OS will _____ _______________ of a rootkit stored on the BIOS Security+ Guide to Network Security Fundamentals, Third Edition

23 USB Devices ____________ (Universal Serial Bus) devices use _________________________ Flash memory is a type of EEPROM- ______________ __________________ (chip) that can be electrically _____ ___________________________________________ Robust memory able to withstand temp extremes, immersion in water etc, with fast read access times Could be a ________________________ USB devices are widely ________________________ USB devices allow spies or disgruntled employees to discretely copy and _________________________ USB devices can potentially be lost or fall into the wrong hands- leaving sensitive data at risk Security+ Guide to Network Security Fundamentals, Third Edition

24 USB Devices (continued)
To reduce the risks introduced by USB devices: _______________________________ Disable the USB through the _______________ All USB port drivers located in C:\Windows\Driver Cache\i386 in the DRIVER.CAB file Use ______________________ Security+ Guide to Network Security Fundamentals, Third Edition

25 Storage Area Network (________)
Specialized _______ ___________________________________________________________ Uses “block-based storage” SAN can be shared between servers and can be local or extended over geographical distances Security+ Guide to Network Security Fundamentals, Third Edition

26 Network Attached Storage (______)
Another type of network storage ______________________________________________________________________________________________________________ Available to LAN users through a standard network connection Two main ____________ to using NAS devices on a network Offer the ability to ____________________________ by adding on hard disks Allow for the _________________________ The operating system on NAS devices can be either a standard operating system, a proprietary operating system, or a “stripped-down” operating system NAS ________________________________________________ ___________________________________ Operates at the file system level Vulnerable to viruses, worms etc Security+ Guide to Network Security Fundamentals, Third Edition

27 Security+ Guide to Network Security Fundamentals, Third Edition

28 Cell Phones Portable communication devices that function in a manner that is unlike wired telephones ____________ of cellular telephone networks: _____________ is divided into smaller individual sections called ______________ Center of each cell contains a transmitter All of the transmitters and cell phones __________ ______________________ Allows signal to stay confined within cell so that same frequency can be used in other cells at the same time Security+ Guide to Network Security Fundamentals, Third Edition

29 Cell Phones (continued)
Almost all cell phones today have the ability to send and receive _________________ and __________ to the ___________________ which opens cell phone up to possible attacks Types of attacks Lure users to malicious Web sites ______________ with malicious software ____________________________ or personal data Abuse the cell phone service Spam sent via text messages Security+ Guide to Network Security Fundamentals, Third Edition

30 Attacks on Virtualized Systems
Just as attacks can be software-based or hardware-based, attacks can also target ________________________________ Known as ______________________ Virtualization, is becoming one of the prime targets of attackers Security+ Guide to Network Security Fundamentals, Third Edition

31 What Is Virtualization?
A means of managing and presenting computer resources by function without regard to their physical layout or location Virtualization _________________________________ __________________________________________ Operating system virtualization When an _____________________________________ A virtual machine is __________________________ _______________________ by the host system but appears as a _______________________ Server virtualization ________________________________ operating systems Security+ Guide to Network Security Fundamentals, Third Edition

32 Why Virtualize? One of the factors driving the adoption of virtualization is the ___________________ Currently, a typical server only utilizes about 10% of its capacity Consolidating multiple physical servers via virtualization on a single server maximizes utilization thereby saving the cost of cooling multiple individual servers Virtualization can also provide _____________ _____________ to users by using ______________ The ability to ___________________________________ __________________________________ in order to perform maintenance on hardware or software Security+ Guide to Network Security Fundamentals, Third Edition

33 Security Issues on Virtual Systems
Operating system virtualization is playing an increasingly important role in security Downside: has allowed ___________________ ________________________________ Upside: ___________________________ in a virtualized environment ____________________ _____________________ and simulated attack testing is easily accomplished in a virtualized environment ___________________________ more easily accomplished in virtual environments Security+ Guide to Network Security Fundamentals, Third Edition

34 Attacks on Virtual Systems
Security for virtualized environments can be a concern for two reasons 1. ________________________ antivirus, anti-spam etc- were designed for single physical servers and _______________________________________ 2. Virtual machines not only need to be protected from the outside world, but they also __________ _______________________________________________________________________________ An infected virtual machine could easily infect other virtual machines in the same physical computer Security+ Guide to Network Security Fundamentals, Third Edition

35 Possible ____________ to Security Issues
1. Hypervisor ________ that runs on a physical computer and ____________________________________________________________________ Hypervisor can be used to _______________ to all virtual machines 2. Another option is for security software to function as a ________________________ ____________________ to the hypervisor Can be thought of as a “third party” software plug-in specializing in security protection Security+ Guide to Network Security Fundamentals, Third Edition

36 Security+ Guide to Network Security Fundamentals, Third Edition

37 Possible Solutions to Security Issues (continued)
3. Another approach is to use a _________ ____________________________________ on the physical machine The security virtual machine would run security software: ie. a firewall, intrusion detection system, virus scanning software 4. If #1-3 above not possible- ____________ security defenses should be used on ______ ____________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

38 Summary Malicious software (malware) is software that enters a computer system without the owner’s knowledge or consent Infecting malware includes computer viruses and worms Ways to conceal malware include Trojan horses (Trojans), rootkits, logic bombs, and privilege escalation Malware with a profit motive includes spam, spyware, and botnets Security+ Guide to Network Security Fundamentals, Third Edition

39 Summary (continued) Hardware is also the target of attackers. Frequent hardware targets include the BIOS, USB storage devices, Network Attached Storage (NAS) devices, and cell phones Virtualization is a means of managing and presenting computer resources by function without regard to their physical layout or location Security+ Guide to Network Security Fundamentals, Third Edition

Download ppt "Security+ Guide to Network Security Fundamentals, Third Edition"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.

September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Security Awareness Chapter 2 Desktop Security. Objectives After completing this chapter, you should be able to do the following: Describe the different.

Security Awareness Chapter 2 Desktop Security. Objectives After completing this chapter, you should be able to do the following: Describe the different.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Security Awareness Chapter 2 Desktop Security. After completing this chapter, you should be able to do the following:  Describe the different types of.

Security Awareness Chapter 2 Desktop Security. After completing this chapter, you should be able to do the following:  Describe the different types of.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Nasca 2007 100 200 300 400 500 Internet Networking and Security viruses.

Nasca Internet Networking and Security viruses.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Cambodia-India Entrepreneurship Development Centre - : :.... :-:-

Cambodia-India Entrepreneurship Development Centre - : :.... :-:-
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.

Similar presentations

Ads by Google