Nothing going on here, move along…

Network Security

Security

Keeping info in the network

Physical security

theft, corruption, unauthorised access

Data security

Removal of, theft of info, unauthorised access

Internal threat

Employees can cause a malicious or accidental threat

External threat

Outside users can attack in an unstructured or structured way

Viruses, worms and trojan horses

A virus is a code written by an attacker, they may collect info and alter or destroy info

A worm is self-replicating program that uses a network to duplicate its code, at minimum it consumes bandwidth

A trojan horse is technically a worm that pretends to be something useful to get past defences

Anti-virus software picks up, disables and remove viruses where it can before it harms the computer

How they get in

ActiveX controls interactivity on the web

Java  allows applets to run within a browser eg calculator, counter

JavaScript Interacts with HTML in code to allow interactivity in websites eg banner or pop up windows

Denial of service (dos)

Stops users accessing normal services, overloads a resource by sending too many requests sometimes stopping its operation

Ping of death

A series of repeated larger than normal pings intended to crash the receiving computer

E-mail bomb

A large quality of bulk email that overwhelms the email server, prevent people accessing email

Distributed DoS is an attack launched from many computers called zombies.

SPAM

unsolicited emails that can send harmful links or deceptive content

Popups

Windows that automatically open and are designed to capture your attention and lead you to advertising sites

Social engineering

  • Never give out a password
  • Always ask for ID of the unknown person
  • Restrict access of unexpected visitors
  • Escort all visitors through the facility (building)

 

Types of attacks

TCP/IP attacks

DoS attacks

SYN flood attacks

DDoS

Spoofing

Man in the middle attacks

Replay attacks

DNS poisoning

Computer disposal and recycling

Erase all data an d use a third-party to fully erase the data

To fully ensure that data is destroyed you must smash the platters with a hammer

Use a shredding machine for floppies and CDs

Security is strengthened in layers

top to bottom

Wireless security

Data protection

Physical equipment

Local security policy

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Tag Cloud

%d bloggers like this: