5 c It w Security Issues
description
Transcript of 5 c It w Security Issues
Computing and IT in the WorkplaceCT006-1
Security Issues
CT024 PDT Introduction 2
Learning Outcomes
At the end of this section, YOU should be able to:
• To explain and describe the security risks arises in the use of IT at work
• To describe measures that can be taken to counteract the threats
CT024 PDT Introduction 3
Topics we will cover
• Types of Computer Security Risks• Computer viruses, Worms and Trojan Horses• System Failure• Backups• Internet Security Risks
CT024 PDT Introduction 4
Computer Security Risks
• What is a computer security risk? Action that causes loss of or damage to
computer system
CT024 PDT Introduction 5
Computer Viruses, Worms and Trojan Horses
VirusVirus is a potentially damaging computer program
WormWorm copies itself
repeatedly, using up resources
and possibly shutting
down computer
or network
Trojan horse Trojan horse hides within or looks like
legitimate program
until triggered
PayloadPayload (destructive event) that is
delivered when
you open file, run infected program, or
boot computer with infected
disk in disk drive
Can spread and damage
files
Does not replicate
itself on other computers
CT024 PDT Introduction 6
How can a virus spread through an e-mail message?
Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.
Step 2. They use the Internet to send the e-mail message to thousands of users around the world.
Step 3b. Users who do not recognize the name of the sender of the e-mail message do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.
Step 3a. Some users open the attachment and their computers become infected with the virus.
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 7
• How can you protect your system from a macro virus? Set macro security level in applications that allow
you to write macros At medium security
level, warning displays that document contains macro Macros are
instructions saved in an application, such as word processing or spreadsheet program
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 8
• What is an antivirus program?
Identifies and removes computer viruses
Most also protect against worms and Trojan horses
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 9
• What is a virus signature? Specific pattern of virus code
Also called virus definition Antivirus programs
look for virus signatures
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 10
Keeps file in separate area of hard disk
•How does an antivirus program inoculate a program file?
Records Records information information
about program such about program such as file size and as file size and
creation creation datedate Attempts Attempts
to remove to remove any detected any detected
virusvirus
Uses Uses information information to detect if to detect if
virus tampers virus tampers with filewith file
QuarantinesQuarantines infected infected
files that it files that it cannot cannot removeremove
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 11
• What is a recovery disk?
Removable disk that contains uninfected copy of key operating system commands
that enables computer to restart Also called rescue disk
Once computer restarts, antivirus program can attempt to repair damaged files
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 12
•What are some tips for preventing virus, worm, and Trojan horse infections?
1.Install a personalfirewall program
2. Scan all removable media
If the antivirus program flags an
e-mail attachment as infected, delete
the attachment immediately
1. Never start a computer with a removable media.2. Set the macro security in programs so you can
enable or disable macros
Never open an e-mail attachment
unless you are expecting it and
it is from a trusted source
1. Install an antivirus program on all of your
computers2. Set the macro security to
enable or disable macros
Check all downloaded
programs for viruses, worms, or Trojan horses
Computer Viruses, Worms and Trojan Horses
CT024 PDT Introduction 13
Undervoltage—drop in electrical supply
System Failure
• What is a system failure?
Overvoltage or power surge—
significant increase in electrical power
Noise—unwanted electrical signal
Caused by aging hardware, Caused by aging hardware, natural disasters, or electrical natural disasters, or electrical
power disturbancespower disturbances
Can cause loss of hardware, Can cause loss of hardware, software, or datasoftware, or data
Prolonged malfunction Prolonged malfunction of computerof computer
CT024 PDT Introduction 14
System Failure
• What is a surge protector? Protects computer and equipment
from electrical power disturbances
Uninterruptible power supply (UPS) is surge protector that provides power during power loss
CT024 PDT Introduction 15
Internet Security RisksWhat is a Denial of Service attack (DoS)?
p. 587
Computer Emergency Response Team Coordination
Center (CERT/CC) assists with DDoS attacks
Hacker uses unsuspecting computer, called zombie, to send
an influx of confusing data messages to execute attack on
other systems
Distributed DoS (DDoS) attack is more devastating, extensive in
which multiple computers attack multiple networks. Websites that have been affected: Yahoo! eBay,
Amazon.com, CNN.com
Also called DoS attackAn assault to disrupt computer access to the Internet e.g. Web
or email
CT024 PDT Introduction 16
Internet Security Risks
Secure siteSecure site is Web site that uses encryption to secure
data
• How do Web browsers provide secure data transmission?
Digital certificateDigital certificate is notice that guarantees Web site is
legitimate
Many Web browsers
use encryption
CT024 PDT Introduction 17
Internet Security Risks
• What is a Certificate Authority (CA)?
Authorized person or company that issues and verifies digital certificates
Users apply for digital certificate from CA
Has info such as user’s name, the issuing CA’s name/signature, serial no of the certificate
Digital certificate is encrypted
CT024 PDT Introduction 18
Internet Security Risks• What is Secure Sockets Layer (SSL)? Provides encryption of all data that passes between
client and Internet server Web addresses beginning with
“https” indicate secure connections TLS – Transport Layer Security, a
successor to SSL Provides encryption and requires
the client to have a digital cert. Prevents illegal tampering of data
CT024 PDT Introduction 19
Internet Security Risks
Digital signature is encrypted
code attached to e-mail message
to verify identity of sender
Freeware for personal, non-commercial use
• What are methods for securing e-mail messages?
Pretty Good Privacy (PGP)
is popular e-mail encryption program
CT024 PDT Introduction
Secure HTTP (S-HTTP)
• Allows users to choose an encryption scheme for data transfer between client & Internet server
• Client & server must have digital certs• S-HTTP is more difficult to use than TLS but more
secure. Typical use: Online Banking• VPN – Mobile users can connect to their company
networks through VPN• VPN provides a secure connection as if the user has
a private line
20
CT024 PDT Introduction 21
Backing Up – The Ultimate Safeguard• What is a backup?
Duplicate of file, program, or disk
Full backupFull backupall files in computer
Selective Selective backupbackup
select which files
to back up
Three-generation backupThree-generation backuppreserves
three copies of important filesThe grandparent is the oldest copy, the parent is the second oldest and the child is the most
recent copy
In case of system failure or corrupted files, restore files by copying to original location
CT024 PDT Introduction 22
Backup Procedures and Security
• What are the four types of backups?
CT024 PDT Introduction 23
• What is a backup procedure? Regular plan of copying and
storing data and program files Can use combination of
full backups and differential or incremental backups
Differential backups - backs up only files that changed since the last full back up
Incremental - backs up the changed data, but only backs up the data that has changed since the last backup
Backup Procedures and Security
CT024 PDT Introduction 24
Backup Procedures and Security• What is a disaster recovery plan? Written plan for restoring computer operations in
event of disaster
Recovery planactions to be taken
to restore full information processing operations
Test plansimulates various levels of
disasters and records ability
to recover
Emergency plansteps to be taken
immediately after disaster
Backup planhow backup files
and equipment would be used to resume information
processing
CT024 PDT Introduction 25
Backup Procedures and Security
• What is a computer security plan? Summarizes in writing all safeguards in place to
protect company’s information International Computer Security Association
(ICSA) provides assistance with computer security plans
CT024 PDT Introduction
Other Terms• Botnet – group of compromised computers
attached to a network e.g. Internet used to attack other networks for nefarious reasons
• Bot – a program that performs repetitive tasks on the network. Cybercriminals install malicious bots on unprotected computers to create a zombie army and uses a botnet to send spam via email, virus, malware, DoS
• Zombie - a compromised computer whose owner is unaware the computer is remotely controlled by another illegal user
• Back Door – bypass security control 26
CT024 PDT Introduction 27
Review Questions
What would be the various mode to backup the system?
Explain the techniques to secure the internet risks.
CT024 PDT Introduction 28
Q & A
Question and Answer Session
CT024 PDT Introduction 29
Topic and Structure of next session
What we will cover next
Topic and Structure of next session
Enterprise Computing