1.
Identify the three main items that are utilizedin achieving security objectives in order to protect our systems. Thethree main items that are utilized in achieving security objectives in order toprotect our systems are: 1)Computer Security –Common computersecurity feature include Operating System Level Access control, OperatingSystem Level Authentication, ApplicationSecurity, Hardware and Software monitor logs.2)Network Security – Achieving a reasonably secure network requiresa combination of hardware and software devices that may include Firewalls,Anti-Virus Programs, network monitors, intrusion detection systems, proxyservers and authentication servers.3)Database Security-Database security includedatabase level access control, database-level authentication, and data storageencryption. 2. Identify and define three objectives that arekey to achieving effective security architecture.
Thethree objectives that are key to achieving effective security architecture are: 1. Keep information private from outside view.2. Maintain consistency of Data3. Ensure resources remain at a high degreeof availability.4.
Key to achieving effective data securityarchitecture relies in an organization effort to maintain confidentiality,integrity and availability of its environment. 3. List and define the different classificationscreated to classify between the difference between the hackers and thecrackers. Thedifferent classifications created to clarify the difference between hackers andcrackers are given below: Hacker–Person who has mastered the firmware andsoftware of the modern computer systems.Person who enjoys exploration and analysisof network security with no intent to intrude or cause harm.
Cracker–Person who breaks into our network without authorizationwith the hope of destroying or stealing information. The general conception is that hackersbuild things and crackers break things. 4. List six common errors that users make onnetwork. Give examples of each. Sixcommon errors that users make on a network are: 1. Poor Habits – Leaving computersunattended and unlocked while using restroom, meetings, going to lunch orvisiting colleagues.
2. Password error – choosing easy to guesspasswords, writing passwords on sticky notes or notebooks or storing them inplain sights or under keyboards or on top of monitors.3. Disregard for company policy – visitingunauthorized Websites and downloading unauthorizedsoftware in the process, attachingunauthorized like USB, logging into company using personal laptops andcomputers.4.
Opening unknown emails – viewing riskyattachments containing games, greetings, pictures and macro files.5. Inappropriate disclosure – giving outinformation over the phone and falling prey to socialengineering.6. Procrastination – failing to reportcomputer or network issue in timely manner. 5.
Identify three ways that the internet can beused as a tool to compromise information security. Three ways in which Internet compromisesInformation Security are. Threats to Internet continue to increase. 1. Hijacking– Web Pages rewritten to distribute malicious code or redirect user toattacker’s web site.2.
Malware– Malicious software, Written and used by unauthorized intruders, oftenintended to beharmful, destructive and secretive.3. Spoofing– Fraudulent Web site made to look identical to legitimate Web site.Objective of spoofing – draw in a user togather personal information (like password)Can be easy as registering a domain namethat is a slight misspelling of legitimate site.
(ex. Amazon) 6. List the destructives tactics that uneducatedcomputer users can run into when using e-mail. The common destructive tactics thatuneducated computer users can run into when using email are : 1. Attachments– Though users are trained Users may fall into a trap by opening fakeattachments. Crackers use attachment names and file extensions to gain trust,thus user tend to open these files leading to computer security incident.2. Spoofingemail address – using false email address, using people’s emotions (greed,fear,opportunity)3.
Phishing– An attempt in which attacker tricks victims into sharing sensitiveinformation.The email may include convincing a user toclick a link to a cracker owned Web site.4. SpearPhishing – Aim at stealing sensitive information such as accountcredentials or financialinformation often for malicious reason.5.
Web-EmbeddedEmail – Emails are formatted like word procession application. Users arenot asked to click or download any attachments. They just need to read theemail to be attacked.
7. Define the following: computer viruses, worms,trojans, spyware, adware and bots. ComputerViruses:A computer virus is a type of malicious codewhich is written to change the way a computer operates, and it is designed tospread from one computer to another. A virus is operated by attaching itself toa program or document which support macros for execution. Virus has thepotential to cause unexpected effects by corrupting or destroying data. ComputerWorms:A computer worm is astandalone malware computerprogram which replicates itself in order to spread to othercomputers. It basically uses a computernetwork to spread itself, relying on security failures on thetarget computer to access it. Worms mostly causes at least some harm to the network, byconsuming bandwidth.
ComputerTrojans:Trojan viruses often disguise itself andits harmful code. It generally hides within programs such as software updates,games and movies. Once it is activated in the system, it enables cyber-criminalto spy on user, steal their sensitive data and gain a backdoor access to thesystem.
Computerspyware:Spyware is software whose aim is to gather information about aperson or an organization without their concern, which may send suchinformation to another user without the user’s consent, or that makes control over a device without the consumer’sknowledge. ComputerAdware:This software aims to displayadvertisements on the computer, redirect the search requests to advertisingwebsites. The reason for adware is that it helps in recover programmingdevelopment cost for the software developer and reduces the cost for the user.But if the adware does not notify that it is gathering information, then it isregarded as malicious. ComputerBots:Computer Bots are also known as softwarerobots because of their ability to perform a large array of automated tasks foran intruder at remote location. It is used for spamming, Dos attacks.
Bots canbe hidden in games and other enticing programs downloaded by unsuspectingusers, emailed from one infected machine to another, downloaded from infectedwebsites and can break into person’s computer through vulnerabilities found inthe security architecture. Examples of bots are: web crawlers, chat room botsand malicious bots, spam bots. Botnet is the network made up of many botsworking together, is used to gain unauthorized access to computer systems andinfect computers with viruses. 8. List and define each phase in the process ofcreating and maintaining a security architecture.There are four phases in theprocess of creating and maintaining a security architecture:Phase 1: Assessment and AnalysisBelow steps are followed in thisphase:1.
Find organization data securityneeds – Identify vulnerabilities, threats and assets that exists.2. Determine the cost of breachedor lost asset – Security measures should never exceed the cost of assets theyprotect.3. Risk assessment steps – Afterdetermining the threats, create security measures to counteract the threats.Prioritize the security measures.
4. Determine Assessment Methodology– Determine a systematic approach to be applied. Phase 2: Design and Modeling: This phase involves the creation ofpolicies and procedures, necessary firmware and software changes are defined,and security tools that are used to minimize risks are identified.Below steps are followed in thisphase:1. Define security policies andprocedures as required.2. Identify firmware and softwarechanges required to support the policies.
3. Create an implementation plan.4.
Create baselines to determinesuccess and failure.5. Define a plan for user trainingand awareness. Phase 3: DeploymentIn this phase, security policies,firmware and tools defined in previous phase must be placed. Deployment usuallyoccurs in the test environment. These security measures are deployed using thesteps defined in design and modeling phase. It occurs in a test environmentwhich is created using required firmware and software so that deployment doesnot affect security goals. Changes to the user training and awareness aredeployed as per the deployment plan.
Phase 4: Management and Support: This phase involves ongoingsupport, maintenance and assessment of the security architecture that wasdeployed in the previous phase. During this phase performance of system ismonitored, and any failure would result in the reevaluation of the security architecture. Below steps are followed in thisphase:Monitor security system performanceas well as user security awareness and training.Make minor policy revisions asnecessary.Identify need for a reassessmentand initiate the start of the security life cycle.9. List and describe the information that should beincluded in a security policy. Security policy is a document that statesin writing how a company plans to protect its physical and IT assets.
Securitypolicy objectives are:1. Define the overall goals of thesecurity.2. Identify the scope of what to secure.3. Define roles and responsibilities ofpeople within the organization.4. Identify specific communication process.
5. Discuss policy enforcement.6. Explain how security measurement shouldbe carried out and enforced, and also the procedure for evaluating theeffectiveness of the policy.7.
Define a security plan should beregularly assessed revised based on changes made to the business goals. 10. Explain the differences between an update and anupgrade. UPDATE UPGRADE An update is basically a small change to a system which is added to a software or firmware which is already in a network.
An upgrade is basically a replacement for older versions of software or firmware to newer version. Update are generally a small change made in a software or firmware to improve the functionality of the system. The process is easy to apply and is easy to reverse. Upgrades are a very big change, so it is difficult to apply and even more difficult to reverse. Updates are generally distributed free from the vendor.
Upgrades are purchased from the vendor. Updates may be necessary if they are used to fix the current version of the software or firmware residing in the database. Unless required, an upgrade will not be applied to a database or its environment immediately after their release.
