Network Security Revision

Published on February 2017 | Categories: Documents | Downloads: 26 | Comments: 0 | Views: 117
of 7
Download PDF   Embed   Report

Comments

Content

NETWORK SECURITY REVISION Social Engineering
This is a common form of cracking. It can be used both by outsiders and by people within an organization. Social engineering is a hacker term for tricking people into revealing their password or some form of security information.
E-mail - A common example of social engineering would be where a hacker sends e-mail to an employee, claiming to be an administrator who needs the employee's password to do some administrative work. Phishing - is a form of social engineering. Phishing attacks use email or malicious web sites to ask for personal, often financial, information. Attackers may send email apparently from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts. …….

Solution to social engineering
1. Be suspicious of unwanted phone calls, visits, or email messages from individuals asking about employees or other internal information. 2. Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information. 3. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email. 4. Pay attention to the URL of a web site. Malicious web sites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain. 5. Don't send sensitive information over the Internet before checking a web site's security.

Malware types
Virus - A computer virus is a piece of self-replicating code attached to some other piece of code. This code can
be harmless for example; it might display a message or play a tune. Or it might be harmful and proceed to delete and modify files. The virus code searches users' files for an uninfected executable program for which the user has security write privileges. The virus infects the file by putting a piece of code in the selected program file. When a program that is infected with a virus is executed, the virus immediately takes command, finding and infecting other programs and files.

Worm- A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms
spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided. The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect.

Trojan horse - A Trojan horse is code hidden in a program such as a game or spreadsheet that
looks safe to run but has hidden side effects. When the program is run, it seems to function as the user expects, but in actuality it is destroying, damaging, or altering information in the background. It is a program on its own and does not require a host program in which to embed itself. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised.

Biometric System
Voice Recognition technology is a biometric security technology used to uniquely identify individuals based on the different characteristics in their voice such as tone, pitch, cadence, etc. The system captures samples of the individual's speech and then converts them to an electronic format to create a biometric template. Iris Recognition is the process of recognizing a person by analyzing the distinctly colored ring that surrounds the pupil of the eye. With more than 250 unique characteristics, the iris is believed to go

unchanged throughout a person's lifespan. This technology is typically used for access control into a facility. Fingerprint Recognition is the most widely used method of biometric authentication. Fingerprint recognition is based on features found in the impressions made by unique ridges and valleys on the surface of a human's fingertips.

Physical security
The four classes of physical threats are: Hardware threats-Physical damage to servers, routers, switches, cabling plant, and workstations Environmental threats-Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) Electrical threats-Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss Maintenance threats-Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling

Disaster recovery
From the technical perspective, most organizations rely on some form of redundancy to make possible the recovery of data and systems. Redundancy allows secondary data or system resources to be pressed into service on short notice should primary resources fail or otherwise become unavailable. Traditional backup strategies, for example, archive copies of critical data at a given point in time so that they can be restored later if needed. Organizations may also choose to replicate servers and other critical hardware at multiple locations to guard against any single point of failure.

Of sites backups, Have back ups in Different locations, Cloud backup, Read configuration.

Computer misuse act
The Computer Misuse Act is split into three sections and makes the following acts illegal:


Unauthorized Access to Computer Material

The first section in the Computer Misuse Act forbids a person to use someone else’s identification to access a computer, run a program or obtain any data, even if no personal gain is involved in such access. You also cannot change, copy, delete or move a program.


Unauthorized Access to Computer systems with intent to commit another offense

The second provision in the Computer Misuse Act is gaining access to a computer system in order to commit or facilitate a crime. You can’t use someone else’s system to send material that might be offensive or to start worms or viruses. You also can’t give someone your identification so they can use your system for this purpose.


Unauthorized Modification of Computer Material

Unauthorized Modification in the Computer Misuse Act means you can’t delete, change or corrupt data. Again, if you put a virus into someone else’s system you would be violating the act. Usually committing Unauthorized Access only is thought a crime punishable by fine.

What is VPN?
A VPN (Virtual Private Network) is a way of creating a secure connection to and from a network or computer. They are more affordable and also much faster. There are many different types of VPNs available. Let's take a look at most common types.

Protocols which are used in VPN?
PPTP VPN (Dial-up VPN)
A simple method for VPN is PPTP. It is a software based VPN system that uses your existing Internet connection. By using your existing Internet connection, a secure "tunnel" is created between two points allowing a remote user to connect to a remote network.

Site-to-Site VPN
Site-to-site is the same much the same thing as point-to-point except there is no "dedicated" line in use. Each site has its own internet connection which may not be from the same ISP or even the same type. Site-to-site VPNs can work with hardware or software-based firewall devices.

Point-to-Point VPN
A traditional VPN can also come as a point-to-point. These are also referred to as "leased-line VPNs." Simply put, two or more networks are connected using a dedicated line from an ISP. These lines can be packet or circuit switched.

Different types of backups
Full backup Full backup is the starting point for all other types of backup and contains all the data in the folders

and files that are selected to be backed up. Because full backup stores all files and folders, frequent full backups result in faster and simpler restore operations.

Differential backup
Differential backup contains all files that have changed since the last FULL backup. The advantage of a differential backup is that it shortens restore time compared to a full backup or an incremental backup.

Incremental backup
Incremental backup stores all files that have changed since the last Backup. The advantage of an incremental backup is that it takes the least time to complete.

Certificates and what are they used for?
Certificates are used for encryption/decryption and authentication between two servers.

Confidentiality – Integrity – Availability (CIA)
Confidentiality means of ensuring that information is accessible only to those authorized

to have access. People who have information should only be allowed to access it Most privet letters come with the heading in bold and red saying private and confidential showing that letter is only accessible to those whose name is on it.
Integrity means that when data is travelling from one point to another (A to B) it

should not be changed it should be the same.
Availability means that any servers or data should be available most of the time or

99% to access them.

What is implicitly deny in ACLs? Implicitly deny by default all the data is denied at the end of the access list. What is cryptography?

Cryptography means to secure data or information by changing the way it looks so that it becomes difficult or probably impossible for someone to read. What are the differences between FTP and FTPS? File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. It is often used to upload web pages and other documents from a private development machine to a public web-hosting server.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close