chapter 9 computer security. 9. introduction private information, company secrets, financial data,...
TRANSCRIPT
![Page 1: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/1.jpg)
Chapter 9
Computer Security
![Page 2: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/2.jpg)
9. Introduction• Private information, company secrets, financial data,
computer equipment, and items of national security
are placed at risk if proper security procedures are not
followed.
Objectives
• Explain why security is important.
•Describe security threats.
•Identify security procedures.
•Identify common preventive maintenance techniques.
•Troubleshoot security.
![Page 3: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/3.jpg)
9.1 Why Security is Important?
• Theft, loss, network intrusion, and physical damage are
some of the ways a network or computer can be harmed.
• Damage or loss of equipment can mean a loss of productivity.
• Repairing and replacing equipment can cost the company time and money.
• Unauthorized use of a network can expose confidential information and reduce
network resources.
• Computer and network security help to keep data and
equipment functioning and provide access only to appropriate
people.
• Therefore, primary responsibilities of a technician include data and network security.
![Page 4: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/4.jpg)
9.2 Security Threats
• Physical – Events or attacks that steal, damage, or destroy
equipment, such as servers and switches.
• Data – Events or attacks that remove, corrupt, deny access,
allow access, or steal information
Source of Threats
Internal - Employees have access to data, equipment, and the network
Threats to Computer Security
• Malicious threats are when an employee intends to cause damage.
• Accidental threats are when the user damages data or equipment unintentionally.
![Page 5: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/5.jpg)
9.2 Security Threats
Source of Threats
External - Users outside of an organization that do not have
authorized access to the network
• Unstructured – Attackers use available resources, such as
passwords or scripts, to gain access
• Structured – Attackers use code to access operating systems and software.
• Physical loss or damage to equipment can cost money and reputation of your company.
• Data threats are constantly changing as attackers find new ways to gain entry to your
system.
![Page 6: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/6.jpg)
9.2.1 Viruses, Worms, and Trojans
• A virus is a program written with malicious intent and sent out by attackers.
• It is transferred to another computer through e-mail, file transfers, and instant messaging.
Viruses
• When the file is accessed, the virus executes and infects the computer.
• It has the potential to corrupt or even delete files on your computer.
• Stealth viruses can infect a computer and lay dormant until summoned by the attacker.
• A worm is a self-replicating program that is harmful to networks.
• It duplicates its code over the network to the hosts, often without any user intervention.
Worms
• It doesn't attach itself to a program to infect a host.
• Though worms doesn't damage data or applications, it is harmful to network, as it
consumes bandwidth.
![Page 7: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/7.jpg)
9.2.1 Viruses, Worms, and Trojans
• Trojans are often disguised as useful software.
• It is hidden in software that appears to do one thing, and yet behind the scenes it does
another.
Trojans
• A Trojan is technically a worm that can reproduce like a virus and spread to other
computers.
• An infected computer in a network could be sending critical data to others along with
Trojan horses.
• Anti-virus is software designed specifically to detect, disable, and remove viruses, worms,
and Trojans before they infect a computer.
![Page 8: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/8.jpg)
9.2.2 Web Security
ActiveX – Technology created by Microsoft to control interactivity on web pages.
• Tools that are used to make web pages more powerful and versatile can also make
computers more vulnerable to attacks.
Java – Programming language that allows applets to run within a web browser.
JavaScript – Programming language that interact with HTML source code to allow
interactive websites.
• Attackers might use any of these tools to install
harmful programs on a computer.
• To prevent these attacks, most browsers asks for
user's authority to download or execute the codes.
![Page 9: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/9.jpg)
9.2.3 Adware, Spyware, and Grayware
• Adware is a software program that displays advertising on your computer.
• Usually distributed with downloaded software.
Adware
• Most often, adware is displayed in a popup window.
• Adware popup windows are difficult to control and opens new windows faster than users
can close them.
• Grayware or malware is a file or program that is potentially harmful.
• Many grayware attacks are phishing attacks where users are persuade to provide their
credentials.
Grayware/Malware
• It can be removed using spyware and adware removal tools.
![Page 10: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/10.jpg)
9.2.3 Adware, Spyware, and Grayware
• Spyware, a type of grayware, is similar to adware.
• It is distributed without any user intervention or knowledge.
Spyware
• Once installed, the spyware monitors activity on the computer and sends the information
to the attacker who developed it.
• Phishing is a form of social engineering where the attacker pretends to represent a
legitimate outside organization, such as a bank.
• A potential victim is contacted via e-mail.
Phishing
• For security, use the postal service to share sensitive information.
![Page 11: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/11.jpg)
9.2.4 Denial of Service (DoS)• DoS is a form of attack that prevents users from accessing normal services, such as e-mail
and a web server.
• Here, the system is busy responding to abnormally large amounts of requests.
• Attackers send enough requests for a system resource that the requested service is
overloaded and ceases to operate.
• Distributed DoS (DDoS) is another form of attack that uses many infected computers,
called zombies (Bots), to launch an attack.
• With DDoS, the intent is to obstruct or overwhelm access to the targeted server.
Types: Ping of Death, E-mail Bomb.
• Zombie computers located at different geographical locations make it difficult to trace the
origin of the attack.
![Page 12: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/12.jpg)
9.2.4 Denial of Service (DoS)
![Page 13: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/13.jpg)
9.2.5 Spam and Popup Windows• Spam, also known as junk mail, is unsolicited email,
commonly used as a method of advertising.
• However, it is also used to send harmful links or
deceptive content.
• These links can result in lots of windows designed to grab your attention and lead you to
advert sites.
• These windows are called POPUPS.
• Example: Links to an infected websites or an
attachment that could infect a computer.
• Many anti-virus and e-mail software programs automatically detect and remove spam from
an e-mail inbox.
![Page 14: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/14.jpg)
9.2.5 Spam and Popup Windows
Check following in emails to verify,
• No subject line
• Incomplete return address
• Computer generated e-mail
• Return e-mail not sent by the user
![Page 15: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/15.jpg)
9.2.6 Social Engineering• A social engineer is a person who is able to gain access to equipment or a network by
tricking people into providing the necessary access information.
• They gains confidence of an employee and convinces
them to disclose username and password information.
• When inside, the social engineer might look over shoulders to gather information, seek
out papers on desks with passwords and phone extensions, or obtain a company directory
with e-mail addresses.
• A social engineer might pose as a technician to try to
gain entry into a facility.
![Page 16: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/16.jpg)
9.2.6 Social Engineering
Basic precautions
• Never give out your password.
• Always ask for the ID of unknown persons.
• Restrict access of unexpected visitors.
• Escort all visitors.
• Never post your password in your work area.
• Lock your computer when you leave your desk.
• Do not let anyone follow you through a door that
requires an access card.
![Page 17: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/17.jpg)
9.2.7 TCP/IP Attacks• TCP/IP is the protocol suite that is used to control all of the communications on the
Internet.
Common TCP/IP Attacks:
• DoS – Sends abnormally large amounts of requests to a system preventing access to the
services
• DDoS – Uses "zombies" to make tracing the origin of the DoS attack difficult to locate
• SYN flood – Randomly opens TCP ports, tying up the network equipment or computer
with a large amount of false requests, causing sessions to be denied to others.
• Spoofing – Gains access to resources on devices by pretending to be a trusted computer
• Man-in-the-middle – Intercepts or inserts false information in traffic between two hosts
![Page 18: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/18.jpg)
9.2.7 TCP/IP Attacks
Common TCP/IP Attacks:
• DNS poisoning – Changes the DNS records on a system to point to false servers where the
data is recorded
• Replay – Uses network sniffers to extract usernames and passwords to be used at a later
date to gain access
![Page 19: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/19.jpg)
9.2.8 Data Wiping, Hard Drive Destruction and Recycling
Data Wiping
• It is performed on hard drives containing sensitive data such as financial information.
• It is not enough to delete files or even format the
drive.
• Data wiping, also known as secure erase, is a procedure performed to permanently delete
data from a hard drive.
• Use a third-party tool Darik's Boot and Nuke (DBAN)
to overwrite data multiple times, rendering the data
unusable.
![Page 20: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/20.jpg)
9.2.8 Data Wiping, Hard Drive Destruction and Recycling
Hard Drive Destruction
• Destroying the hard drive is the best option for companies with sensitive data.
• To fully ensure that data cannot be recovered, one should carefully shatter the platters
with a hammer and safely dispose the pieces.
• Companies with sensitive data should always establish clear policies for hard drive
disposal.
• Other storage media, like CDs, must also be destroyed using Shredding Machine.
Hard Drive Recycling
• Hard drives that do not contain sensitive data should be reused in other computers.
• It can be reformatted or reinstalled.
![Page 21: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/21.jpg)
9.3 Identify Security Procedures
9.3.1 Basic Local Security Policy
• Though local security policies may vary between organizations, there are questions all
organizations should ask:
• What assets require protection?
• What are the possible threats?
• What to do in the event of a security breach?
• A security policy should describe how a company addresses security issues.
• Security policies should be reviewed regularly and updated as necessary.
• Password guidelines are an important component of a security policy.
• You should also define employee access to data (Public, Top Secret) in a security policy.
![Page 22: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/22.jpg)
Security Policy Content
![Page 23: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/23.jpg)
9.3.2 Protecting Physical Equipment• Physical security is as important as data security. When a computer is taken, the data is
also stolen.
• Control access to facilities.
• Use cable locks with equipment.
• Keep telecommunication rooms locked.
• Fit equipment with security screws.
• Use security cages around equipment.
• Label and install sensors, such as RFID tags, on
equipment.
• Install physical alarms triggered by motion-
detection sensors.
• Use webcams with motion-detection and
surveillance software.
Methods to physically protect computer equipment:
![Page 24: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/24.jpg)
9.3.2 Protecting Physical Equipment
• Card keys
• Biometric
• Security Guard
• Sensors
Protecting access to the facility
• One form of hardware security is the Trusted Platform Module (TPM).
![Page 25: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/25.jpg)
9.3.3 Ways to Protect Data
Password Protection
• Login – Prevents unauthorized access to the local computer and the network
Data Encryption
• BIOS – Prevents the operating system from booting, and prevents BIOS settings from
being changed.
• Traffic between resources and computers on the network can be protected from attackers
monitoring or recording transactions by implementing encryption.
Software Firewall
• A software firewall is a program that runs on a computer to allow or deny traffic between
the computer and the network to which it is connected.
• Example: VPN.
![Page 26: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/26.jpg)
9.3.3 Ways to Protect Data
Data Backups
• Frequency of backups: daily, weekly, monthly.
• Storage of backups: stored in offsite location.
• Security of backups: protect with passwords.
• Backing up data is one of the most effective ways of protecting against data loss.
Smart Card Security
• A smart card is a small plastic card, about the size of a credit card, with a small chip
embedded in it.
• Smart cards provide authentication and encryption to keep data safe.
![Page 27: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/27.jpg)
9.3.3 Ways to Protect Data
Biometric Security
• Biometric Devices: fingerprint readers,
handprint readers, iris scanners, and face
recognition devices.
• Biometric security compares physical characteristics against stored profiles to
authenticate people.
File System Security - FAT vs NTFS
![Page 28: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/28.jpg)
9.3.4 Wireless Security Techniques
![Page 29: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/29.jpg)
9.4 Preventive Maintenance for Security
9.4.2 Updating OS Service Packs and Security Patches
![Page 30: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/30.jpg)
9.5 Troubleshoot Security
![Page 31: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/31.jpg)
9.5 Troubleshoot Security
9.5.1 Troubleshooting process
![Page 32: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/32.jpg)
9.5 Troubleshoot Security
9.5.2 Common Problems and Solutions
![Page 33: Chapter 9 Computer Security. 9. Introduction Private information, company secrets, financial data, computer equipment, and items of national security](https://reader036.vdocument.in/reader036/viewer/2022070407/56649e175503460f94b028df/html5/thumbnails/33.jpg)
Thank You