CSF_Week_2_Assignment

profileavani1992
easttom_ppt_01_final.ppt

Computer Security Fundamentals

Chuck Easttom

Chapter 1 Introduction to to Computer Security

*

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Chapter 1 Objectives

  • Identify top threats to a computer network
  • Assess the likelihood of an attack
  • Define key terms like cracker, sneaker, firewall, and authentication
  • Compare and contrast perimeter and layered approaches to network security
  • Use online resources

*

Identify the top threats to a computer network: malware, intrusion, Denial of service attacks

Assess the likelihood of an attack on your personal computer and network

Define key terms such as cracker, sneaker, firewall and authentication

Compare and contrast perimeter and layered approaches to network security

Use online resources to secure your network

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Introduction

  • Computer systems and networks are all around us.
  • Online banking
  • Automated supermarket checkouts
  • Online classes
  • Online shopping
  • Online travel resources

*

Computer systems are everywhere.

  • Online banking, ATMs, debit cards
  • E-Bay, Amazon, Half.com for textbooks
  • Expedia, Travelocity, airplane e-tickets

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Introduction (cont.)

  • How is personal information safeguarded?
  • What are the vulnerabilities?
  • What secures these systems?

*

How is my online personal information safeguarded?

Passwords, account numbers, etc.

What are the vulnerabilities to these systems?

Web site security

What steps are taken to ensure that these systems and data are safe?

SSL, Encryption, etc.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

How Seriously Should You Take Threats to Network Security?

  • Which group do you belong to?
  • “No one is coming after my computer.”
  • “The sky is falling!”
  • Middle ground.

*

Which group do you belong to?:

“No one is coming after me/my computer.”

Prove to me that I am at risk

Ostrich Theory

“The sky is falling!!”

Prove to me that I am not at risk

Paranoia

Middle Ground

An educated awareness of true risk

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Identifying Types of Threats

  • Malware: MALicious softWARE
  • Security Breaches
  • DoS: Denial of Service attacks
  • Web Attacks
  • Session Hijacking
  • DNS Poisoning
  • Insider Threats

*

Malware – MALicious softWARE, the most common threat to your system

Intrusions – an attempt to gain unauthorized access to your system

DoS – Denial of Service attacks, attempts to deny authorized users access to the system

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Malware

  • Software with a malicious purpose
  • Virus
  • Trojan horse
  • Spyware
  • Logic Bomb

*

Virus – “a small program that replicates itself and hides itself inside other programs, usually without your knowledge” (Symantec, 2003)

Trojan horse - a malicious program disguised as something desirable or harmless

Spyware – the fastest-growing category of malware

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Malware (cont.)

Virus

  • One of the two most common types
  • Usually spreads through e-mail
  • Uses system resources, causing slowdown or stoppage

*

One of the two most common types of malware

Usually spreads itself through unsuspecting user’s e-mail

Even without malicious payload, rapid replication uses system resources, causing slow down or stoppage

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Malware (cont.)

Trojan Horse

  • The other most common kind of malware
  • Named after the wooden horse of ancient history

*

The other most common kind of malware

Named after the famous wooden horse of ancient history

It disguises itself as something benign, something you need or want, i.e. a game, screen saver, account logon, etc

It captures your information and returns it to the intruder

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Malware (cont.)

Spyware

  • The most rapidly growing types of malware
  • Cookies
  • Key logger

*

Spyware is the most rapidly growing type of malware.

Cookies: initially a good idea to help users surf the Web, now misused to spy on users

Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Malware (cont.)

Logic Bomb

  • Lays dormant until some logical condition is met, often a specific date.

*

Spyware is the most rapidly growing type of malware.

Cookies: initially a good idea to help users surf the Web, now misused to spy on users

Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Compromising System Security

Intrusions

  • Attacks that break through system resources
  • Hackers
  • Crackers
  • Social engineering
  • War-driving

*

Intrusions are attacks that break through your system’s resources without authorization

Hackers – early internet joy riders, by intent not malevolent

Crackers – system intruders, with malevolent intent

Social Engineering – intruding into a system using human nature, not technology

War driving – driving around looking for unprotected wireless networks

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Denial of Service Attacks

  • The attacker does not intrude into the system but just blocks access by authorized users.

*

The attacker does not actually intrude into the system, just blocks access from authorized users

Keeps your customers from purchasing on your Web site, denying you sales

Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned

Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Web Attacks

  • The attacker attempts to breach a web application. Common attacks of this type are SQL injection and Cross Site Scripting.

*

The attacker does not actually intrude into the system, just blocks access from authorized users

Keeps your customers from purchasing on your Web site, denying you sales

Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned

Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Session Hijacking

  • This is a complex attack that involves actually taking over an authenticated session.

*

The attacker does not actually intrude into the system, just blocks access from authorized users

Keeps your customers from purchasing on your Web site, denying you sales

Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned

Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

DNS Poisoning

  • This involves altering DNS records on a DNS server to redirect client traffic to malicious websites, usually for identity theft.

*

The attacker does not actually intrude into the system, just blocks access from authorized users

Keeps your customers from purchasing on your Web site, denying you sales

Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned

Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Assessing the Likelihood of an Attack on Your Network

  • Viruses
  • Catch up on new and refurbished viruses
  • Unauthorized use of systems
  • DoS attacks
  • Intrusions
  • Employee misuse

*

Viruses are most common network attacks

Check any AV vendor Web site to catch up on new and refurbished viruses

Unauthorized use of systems is the next most common attack

DoS attacks

Intrusions

Employee misuse, either deliberate or accidental

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Basic Security Terminology

People:

  • Hackers
  • White hats
  • Black hats
  • Gray hats
  • Script kiddies
  • Sneakers
  • Ethical hackers

*

People

Hackers – anyone who studies a system through analyzing its flaws

White hats – Consider themselves the “good guys”

Black hats – Or “crackers” are definitely the “bad guys”

Gray hats – Not a common term; refers to individuals who operate out side of the law on occasion

Script kiddies – Inexperienced; consider themselves hackers, but only copy the work of others

Ethical hackers – Consultants who are hired to do vulnerability assessments on company systems

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Basic Security Terminology (cont.)

Devices

  • Firewall
  • Filters network traffic
  • Proxy server
  • Disguises IP address of internal host
  • Intrusion Detection System
  • Monitors traffic, looking for attempted attacks

*

Firewalls – Found in a router or a server or as a stand-alone device, it filters ingress and egress network traffic.

Proxy server – This sits between a client and an application, acting as the host on your network, disguising the IP address of your internal host.

Intrusion Detection System – IDS monitors traffic, looking for attempted attacks.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Basic Security Terminology (cont.)

Activities

  • Authentication
  • Auditing

*

Phreaking – A subspecialty of hacking, breaking into telephone systems, it gave Kevin Mitnick his start down the road to prison.

Authentication – Process todetermine if the credentials given by a user are authorized to access system resources.

Auditing – Process of reviewing logs, records, and procedures to ensure established standards are being met; tedious but critical.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Network Security Paradigms

  • How will youprotect your network?
  • CIA Triangle
  • Least Privileges
  • Perimeter security approach
  • Layered security approach
  • Proactive versus reactive
  • Hybrid security method

*

How will youprotect our network?

Perimeter security approach

Perimeter Defense is the most popular because it used to be clearly defined, but as companies hire mobile workers, home workers, and contract workers, the perimeter is becoming less and less clearly defined.

Layered security approach

Not only the perimeter but separate sections of the network are protected to the security level assigned to them.

Proactive Versus Reactive

Are your security measures active or passive?

Do you have a security plan, or are you part of someone else’s plan to intrude on you?

Hybrid Security Method

Only a thorough and ongoing risk assessment and vulnerability can keep you informed about what combination of postures will benefit your network the most.

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

How Do Legal Issues Impact Network Security?

*

The Computer Security Act of 1987, the first piece of U.S. legislation to affect computer systems

OMB Circular A-130, a more specific federal law that addresses the idea of security standards

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Online Security Resources

*

CERT

Computer Emergency Response Team, sponsored by Carnegie-Mellon University, the first computer incident response team

Microsoft Security Advisor

Microsoft security information, tools, and updates

F-Secure

Information on virus outbreaks

SANS

Documentation on computer security issues

© 2016 by Pearson Education, Inc. Chapter 1 Introduction to Computer Security

*

Summary

  • Network security is a constantly changing field.
  • You need three levels of knowledge.
  • Take the courses necessary to learn the basic techniques.
  • Learn your enterprise system intimately, with all its strengths and vulnerabilities.
  • Keep current in the ever-changing world of threats and exploits.

*