INTECH-3100-Lesson-23-Reviewer.pdf

Full Transcript

INTECH 3100 Security Coding is the practice of
FUNDAMENTALS OF INFORMATION AND developing computer software to guard
NETWORK SECURITY – Lesson 2 against the introduction of security
vulnerabilities.
Countermeasures
- In Computer security, a countermeasure is Cyberlaw and Computer Security
a technique that reduces a threat, a Incidents
vulnerability, or an attack by eliminating or - Various law enforcement agencies may be
preventing the harm it can cause. involved including local, state, the FBI,
and Interpol.
Authentication - Application of existing laws to cyberspace
- It is the act of verifying a claim of identity has become a major challenge to Law
and is one of the primary techniques of Enforcement Agencies (LEA). Some of the
separation used in computer security. main challenges are the difficulties
Password involved in enforcing cyber laws and
Biometric authentication bringing cybercriminals to justice.

Data and Operating System Backup INTECH 3100
Backups are a way of securing FUNDAMENTALS OF INFORMATION AND
information and as such represent one of NETWORK SECURITY – Lesson 3
the main security mechanisms for
ensuring the availability of data Information Security is the process of
Data Backups are duplicate copies of all securing information data from unauthorized
the important computer files that are kept access, use, modification, tampering, or
in another separate location disclosure.

Firewalls and Intrusion Detection Protecting Network
Systems Security in Network Design
Firewalls shield access to internal - With a properly laid out network, we
network services, and block certain kinds can prevent some attacks entirely,
of attacks through packet filtering. mitigate others, and when we can do
A firewall is a gatekeeper that protects nothing else, fail gracefully.
intranets from intrusion. Network Segmentation
Intrusion Detection Systems are - When we segment a network we
designed to detect network attacks in divide it into multiple smaller
progress and assist in post-attack networks, each acting as its small
forensics. IDS scans a network for those network called a Subnet.
who should not be there or are doing Funnel Network Traffic
things that they should not be doing. - Through certain points where we can
inspect, filter, and control the traffic,
Antivirus and Protection Against often referred to as a choke point.
Malware Redundancy
Antivirus scanners search for virus - Good network design includes planned
signatures or use algorithmic detection redundancy for devices failing,
methods to identify known viruses. connectivity being lost, or coming
under attack.
Program Security and Secure Coding Firewalls
Program Security reflects measures - a firewall is a mechanism for
taken throughout the SDLC to prevent maintaining control over the traffic
flaws in computer code or operating that flows into and out of our
system vulnerabilities introduced during networks.
the design, development, or deployment
of an application.
Firewall Wireless Network Security
Packet Filtering - Wireless networks freely broadcast
- Looks at the contents of each packet in our data for anyone with the
the traffic individually and makes a appropriate technology to hear.
gross determination. Secure Protocol
Stateful Packet Inspection - one of the simplest way and easiest
- Function on the same general principle ways we can protect our data is to use
as packet filtering firewalls, but they our secure protocols.
can keep track of the traffic at a o SSH – is a very handy protocol for
granular level. securing communications as we
Deep Packet Inspection send many types of traffic over it.
- are capable of analyzing the actual
content of the traffic that is flowing Network Security Tools
through them. Wireless
Proxy Server o Kismet – runs on Linux, commonly
- These servers provide security and used to detect wireless access points,
performance features. and can find them even when
DMZ attempts have been made to make
- A DMZ or Demilitarized Zone is doing so difficult.
generally a combination of a network o NetStumbler – exists for Windows,
design feature and a proactive device although it does not have as full a
such as a firewall. feature set as Kismet.
Scanners
Protecting Network o Port Scanners
Network Intrusion Detection a. Nmap–network mappers
- Monitor the networks, hosts, or b. Vulnerability Scanners
applications to which they are Packet Sniffers
connected for unauthorized activity. - Is a tool that can intercept traffic on a
IDS Methods network, commonly referred to as
o Signature-base IDSes – work in a sniffing.
very similar fashion to most antivirus o TCP Dump
systems. o Wireshark
o Anomaly-base IDSes – work by Honeypots
taking a baseline of the normal traffic - a honeypot can detect, monitor, and
and activity taking place on the sometimes tamper with the activities
network. of an attacker.
Intercepting Data o Honeynets – can allow us to set
- When we send data over networks up multiple honeypots with
that are not secure or trusted, an varying configurations and
eavesdropper can glean a large vulnerabilities
amount of information from what we Firewall Tools
send o Hping3 – it can construct specially
Wireless Exposure crafted Internet Control Message
- Wireless networks, in particular, are Protocol (ICMP) packets in such a
one of the major security risks when way as to evade some of the normal
we consider places where our data measures that are put in place to
might be exposed. prevent us from seeing the devices
Virtual Private Network that are behind a firewall.
- A VPN connection, often referred to as
a tunnel, is an encrypted connection
between two points.
I. IDENTIFICATION
1. Information Security
- process of securing information data from unauthorized access, use, modification,
tampering, or disclosure.
2. Firewall
- shield access to internal network services, and block certain kinds of attacks through
packet filtering.
- gatekeeper that protects intranets from intrusion.
- mechanism for maintaining control over the traffic that flows into and out of our
networks.
3. Worm
4. Nmap (network mappers) – Port scanner
5. Vulnerability Scanners – Port scanner
6. Demilitarized Zone
- combination of a network design feature and a proactive device such as a firewall.
7. Security Coding
- the practice of developing computer software to guard against the introduction of
security vulnerabilities.
8. Network Mapping
9. Dr. Evaristo A. Abella – Current CLSU President
10. Dr. Ravelina R. Velasco – VP for Academic Affairs

II. TRUE OR FALSE
1. TRUE 6. FALSE 11. TRUE
2. TRUE / FALSE 7. FALSE / TRUE 12. TRUE
3. FALSE / TRUE 8. FALSE 13. TRUE
4. FALSE / TRUE 9. TRUE 14. TRUE
5. TRUE 10. TRUE 15. TRUE