CISflashcardslibrecomplete
Topics Covered
Protecting Information Resources; Data Communication; The Internet, Intranets, and Extranets; HTML, E-Commerce
Risks Associated with Information Technologies
Misuses of information technology Preventing and Minimizing Policies and procedures Operating system updates Antivirus and antispyware software E-mail security features Firewalls Intrusion detection systems Vulnerability scanners
Computer Crime and Fraud
Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider� Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider�
Phishing
Phishing
Sending fraudulent e-mails that seem to come from legitimate sources
Direct e-mail recipients to false Web sites
To capture private information
Phishing
Sending fraudulent e-mails that seem to come from legitimate sources
Direct e-mail recipients to false Web sites
To capture private information
Keystroke Loggers
Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses
Sniffing
Capturing and recording network traffic
Often used by hackers to intercept information
Spoofing
Attempt to gain access to a network by posing as an authorized user to find sensitive information
Viruses
Type of malware
Estimating the dollar amount of damage viruses cause can be difficult
Usually given names
I Love You, Michelangelo
Virus: Consists of self-propagating program code that�s triggered by a specified time or event
Worms
Travels from computer to computer in a network
Independent programs that can spread themselves without having to be attached to a host program
Replicates into a full-blown version that eats up computing resources
Well-known worms
Code Red, Melissa, and Sasser
Trojan Programs
Named after the Trojan horse the Greeks used to enter Troy during the Trojan War
Contains code intended to disrupt a computer, network, or Web site
Usually hidden inside a popular program
Logic bomb
Type of Trojan program used to release a virus, worm, or other destructive code
Triggered at a certain time or by an event
Backdoors
Programming routine built into a system by its author
Enables the author to bypass security and sneak back into the system later to access programs or files
Users aren�t aware a backdoor has been activated
Blended threat
Combines the characteristics of several malicious codes with vulnerabilities on public/private networks
Goal is not to just start/transmit an attack, but to spread it
Multi-layer security system can guard from threats
Denial-of-Service Attacks
Floods a network or server with service requests
Prevent legitimate users� access to the system
Targets Internet servers
Distributed denial-of-service (DDoS) attack
Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period
Frequently use Botnets
Social Engineering
Using �people skills� to trick others into revealing private information
Takes advantage of the human element of security systems
Difficult to track
Use the private information they�ve gathered to break into servers and networks and steal data
Commonly used social-engineering techniques
�Dumpster diving� and �shoulder surfing�
Security Concepts The Triad
Confidentiality
System must not allow disclosing information to anyone who isn�t authorized to access it
Integrity
Ensures the accuracy of information resources in an organization
Financial transactions
Availability
Ensures that computers and networks are operating
Authorized users can access the information they need
Plus�
Authentication
Non-repudiation
Security Measures and Enforcement: An Overview
Biometric security measures Nonbiometric security measures Physical security measures Access controls Virtual private networks Data encryption E-commerce transaction security measures Computer Emergency Response Team
Biometric Security Measures
Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Vein analysis Voice recognition
Firewalls
Combination of hardware and software
Acts as a filter or barrier between a private network and external computers or networks
Network administrator defines rules for access
Examine data passing into or out of a private network
Decide whether to allow the transmission based on users� IDs, the transmission�s origin and destination, and the transmission�s contents Possible actions after examining packet
Reject the incoming packet
Send a warning to the network administrator
Send a message to the sender that the attempt failed
Allow the packet to enter (or leave) the private network
Main types of firewalls
Packet-filtering firewalls
Application-filtering firewalls
Proxy servers
Intrusion Detection Systems
Protect against both external and internal access
Usually placed in front of a firewall
Prevent against DoS attacks
Monitor network traffic
�Prevent, detect, and react� approach
Require a lot of processing power and can affect network performance
Passwords
The most common access control
Combination of numbers, characters, and symbols that�s entered to allow access to a system
Length and complexity determines its vulnerability to discovery
Guidelines for effective passwords
Virtual Private Networks
Provides a secure �tunnel� through the Internet
For transmitting messages and data via a private network
Remote users have a secure connection to the organization�s network
Low cost
Slow transmission speeds
Data Encryption
Transforms data, called plaintext or cleartext, into a scrambled form called ciphertext
Rules for encryption determine how simple or complex the transformation process should be
Known as the �encryption algorithm�
Protocols
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Asymmetric
Based on mathematical functions
Public key � published key used to encrypt data
Private key � key known only to individual user used to decrypt data
Symmetric
Based on transformations
Same key used to encrypt and decrypt
Business Continuity Planning
Outlines procedures for keeping an organization operational
Prepare for disaster
Plan steps for resuming normal operations as soon as possible
Data Communication
Electronic transfer of data from one location to another
Enables an information system to deliver information
Improves the flexibility of data collection and transmission
Basis of virtual organizations
Enables e-collaboration
Bandwidth
Amount of data that can be transferred from one point to another in a certain time period
�Attenuation
�Loss of power in a signal as it travels from device to device
�Broadband data transmission
�Data are sent simultaneously to increase the transmission rate
�Protocols
Rules that govern data communication, including error detection, message length, and transmission speed
Help ensure compatibility between different manufacturers� devices
Types of Networks
Three major types of networks:
Local area networks
Wide area networks,
Metropolitan area networks