CISflashcardslibre
Topics Covered
Protecting Information Resources; Data Communication; The Internet, Intranets, and Extranets; HTML, E-Commerce
Risks Associated with Information Technologies
Misuses of information technology Preventing and Minimizing Policies and procedures Operating system updates Antivirus and antispyware software E-mail security features Firewalls Intrusion detection systems Vulnerability scanners
Computer Crime and Fraud
Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider�
Phishing
Phishing
Sending fraudulent e-mails that seem to come from legitimate sources
Direct e-mail recipients to false Web sites
To capture private information
Phishing
Sending fraudulent e-mails that seem to come from legitimate sources
Direct e-mail recipients to false Web sites
To capture private information
Keystroke Loggers
Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses
Sniffing
Capturing and recording network traffic
Often used by hackers to intercept information
Spoofing
Attempt to gain access to a network by posing as an authorized user to find sensitive information
Viruses
Type of malware
Estimating the dollar amount of damage viruses cause can be difficult
Usually given names
I Love You, Michelangelo
Virus: Consists of self-propagating program code that�s triggered by a specified time or event
Worms
Travels from computer to computer in a network
Independent programs that can spread themselves without having to be attached to a host program
Replicates into a full-blown version that eats up computing resources
Well-known worms
Code Red, Melissa, and Sasser
Trojan Programs
Named after the Trojan horse the Greeks used to enter Troy during the Trojan War
Contains code intended to disrupt a computer, network, or Web site
Usually hidden inside a popular program
Logic bomb
Type of Trojan program used to release a virus, worm, or other destructive code
Triggered at a certain time or by an event
Backdoors
Programming routine built into a system by its author
Enables the author to bypass security and sneak back into the system later to access programs or files
Users aren�t aware a backdoor has been activated
Blended threat
Combines the characteristics of several malicious codes with vulnerabilities on public/private networks
Goal is not to just start/transmit an attack, but to spread it
Multi-layer security system can guard from threats
Denial-of-Service Attacks
Floods a network or server with service requests
Prevent legitimate users� access to the system
Targets Internet servers
Distributed denial-of-service (DDoS) attack
Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period
Frequently use Botnets
Social Engineering
Using �people skills� to trick others into revealing private information
Takes advantage of the human element of security systems
Difficult to track
Use the private information they�ve gathered to break into servers and networks and steal data
Commonly used social-engineering techniques
�Dumpster diving� and �shoulder surfing�
Security Concepts The Triad
Confidentiality
System must not allow disclosing information to anyone who isn�t authorized to access it
Integrity
Ensures the accuracy of information resources in an organization
Financial transactions
Availability
Ensures that computers and networks are operating
Authorized users can access the information they need
Plus�
Authentication
Non-repudiation
Security Measures and Enforcement: An Overview
Biometric security measures Nonbiometric security measures Physical security measures Access controls Virtual private networks Data encryption E-commerce transaction security measures Computer Emergency Response Team
Biometric Security Measures
Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Vein analysis Voice recognition
Firewalls
Combination of hardware and software
Acts as a filter or barrier between a private network and external computers or networks
Network administrator defines rules for access
Examine data passing into or out of a private network
Decide whether to allow the transmission based on users� IDs, the transmission�s origin and destination, and the transmission�s contents Possible actions after examining packet
Reject the incoming packet
Send a warning to the network administrator
Send a message to the sender that the attempt failed
Allow the packet to enter (or leave) the private network
Main types of firewalls
Packet-filtering firewalls
Application-filtering firewalls
Proxy servers
Intrusion Detection Systems
Protect against both external and internal access
Usually placed in front of a firewall
Prevent against DoS attacks
Monitor network traffic
�Prevent, detect, and react� approach
Require a lot of processing power and can affect network performance