Week 8 - Security Flashcards
- To be able to explain how to protect a network - To be able to explain the need for security assessment
What are the 5 approaches to security
- No Security
- Security through obscurity (only recommend security for a known weakness in the organisation)
- Host Security
- Network Security
- Combination of Host & Network Security (most common)
Also…
Physical Security: access card
Logical Security: PIN number
What security threats does an e-commerce site face?
- Defacing your website (obvious)
- Altering your website, e.g., change selling prices? (not always obvious)
- Stealing customer data
What two factors need to be considered in security?
Cost & performance
What are the 7 characteristics requiring protection?
- Confidentiality
- Integrity (can you trust data is not altered)
- Availability (is it up & running)
- Authentication (are you who you say you are)
- Non-repudiation (evidence that transaction was performed)
- Privacy (who else can see my details)
- Access control (who has access to what?)
What are the two things we are trying to protect?
Our Resources (anything flowing or sitting in org)
o Hardware
o Software
o Storage (Backup & Recovery)
o Bandwidth (Cables/Flow of Data)
Our Reputation
o Corruption of Web Pages
o Forged E-Mail
o Phishing
What type of attacks are there?
- Intrusion
- Denial of Service (DOS or DDOS)
- Information Theft
- Stupidity
Intrusion Detection Systems
When an unauthorised person enters the network.
Network based: monitors traffic on the cables
Host based: software implemented in each host & monitors individual computers.
Denial of Service or DDOS
Objective: to make target systems unavailable to the real users.
o Send excessive pings to a server (flooding) which must be responded to. Server slows and crashes & the real users cannot access it.
Distributed DOS: having multiple people in different locations pinging the server.
Information Theft
The attacker can passively record data communications to gather sensitive information that may be passing between two hosts.
Happneing unknowingly to users.
Stupidity
Unknowingly giving access & information without realising its contents.
What is the goal of security?
To build in layers of security/protection to make it difficult for a hacker to penetrate your network.
Explain the role of a firewall
(1) Allow acceptable traffic to enter (2) Prevent any suspicious external data packets attempting to enter the internal network.
it is a software that needs to be updated & maintained.
Why do firewalls need a security policy?
Firewall rules are dependent on the security policy.
Security Policy will inform the firewall what data to allow & deny. E.g., school servers do not allow YouTube to be accessed.
Where must the firewall be situated?
Must be placed at the boundary between the internal & external network.
All traffic coming from the Internet and going out from the internal network passes through the firewall
What is the most common firewall & what does it do?
screening router/packet filtering router…
The firewall only reads the header as that is where the information about whether to deny or allow the packet is contained.
- Determines if ‘destination address’ is within its network
- Screens the packet based on firewall rules