Security Awareness: - PowerPoint PPT Presentation

About This Presentation
Title:

Security Awareness:

Description:

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 2 Desktop Security Objectives Describe the type of attacks that are launched ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 49
Provided by: pace150
Learn more at: http://csis.pace.edu
Category:

less

Transcript and Presenter's Notes

Title: Security Awareness:


1
Security Awareness Applying Practical Security
in Your World, Second Edition
  • Chapter 2
  • Desktop Security

2
Objectives
  • Describe the type of attacks that are launched
    against a desktop computer
  • List the defenses that can be set up to protect a
    desktop computer
  • Describe the steps for recovering from an attack

3
Attacks on Desktop Security
  • Malicious software (malware)
  • Can break into and create havoc on desktop
    computers
  • Internet service providers (ISPs) in North
    America
  • Spend 245 million annually to combat malware
  • Virus
  • Secretly attaches itself to document or program
    and executes when document or program is opened

4
(No Transcript)
5
Viruses
  • Require a host to carry them from one system to
    another
  • Possible effects
  • Cause a computer to continually crash
  • Erase files from a hard drive
  • Install hidden programs
  • Reduce security settings
  • Reformat the hard disk drive

6
Viruses (continued)
  • Symptoms that indicate virus infection
  • Program suddenly disappears from computer
  • New programs do not install properly
  • Out-of-memory error messages appear
  • Unusual dialog boxes or message boxes appear
  • Computer runs slowly and takes a long time to
    start
  • Significant amount of modem activity

7
Worms
  • Difference between worms and viruses
  • Virus
  • Must attach itself to a computer document
  • Spreads by traveling along with the document
  • Requires action by computer user to begin
    execution
  • Worm
  • Does not attach to a document to spread
  • Can travel by itself
  • Needs user to perform an action

8
Logic Bombs
  • Computer programs that lay dormant until
    triggered by a specific logical event
  • Once triggered
  • Can perform various malicious activities
  • Extremely difficult to detect before triggered

9
Basic Attacks
  • Social engineering
  • Password guessing
  • Physical theft or lost data
  • Improper use of recycled computers

10
Social Engineering
  • Relies on tricking and deceiving someone to
    access a system
  • Dumpster diving
  • Digging through trash receptacles to find
  • Computer manuals
  • Printouts
  • Password lists

11
Password Guessing
  • Password
  • Secret combination of letters and numbers that
    validates or authenticates a user
  • Characteristics of weak passwords
  • Passwords that are short
  • Common word used as a password
  • Using the same password for all accounts
  • Personal information in a password

12
(No Transcript)
13
Password Guessing (continued)
  • Brute force
  • Attacker attempts to create every possible
    password combination
  • Dictionary attack
  • Attacker takes each word from dictionary and
    encodes it
  • Attacker then compares the encoded dictionary
    words against those in the encoded password file

14
(No Transcript)
15
Physical Theft or Lost Data
  • February 2005
  • Bank of America lost computer backup tapes
  • Containing personal information on about 1.2
    million charge card users
  • May 2005
  • AOL reported that information on 600,000 current
    and former employees was missing
  • June 2005
  • Citigroup announced that personal information on
    3.9 million consumer lending customers of its
    CitiFinancial subsidiary was lost or stolen

16
Improperly Recycled Computers
  • Many organizations and individuals recycle older
    computers by giving them to schools, charities,
    or selling them online
  • Deleting files does not remove the information
  • Only deletes filename from hard disk table
  • Even reformatting a drive, or preparing the hard
    drive to store files, may not fully erase data on
    it

17
Desktop Defenses
  • Patch software
  • Software security updates
  • Microsoft Windows operating system
  • Most frequently distributed patch software
  • Microsoft
  • Releases patches on second Tuesday of every month
  • Typically releases 5-15 software patches for
    download and installation

18
Desktop Defenses (continued)
  • Microsoft classifies patches based on level of
    vulnerability that patch fixes
  • Critical
  • Important
  • Moderate
  • Low

19
Desktop Defenses (continued)
  • Update configuration options
  • Automatic
  • Download
  • Notify
  • Turnoff

20
(No Transcript)
21
Antivirus Software
  • Best defense against viruses
  • Generally configured to
  • Constantly monitor for viruses
  • Automatically check for updated signature files
  • Allows for manual signature updates

22
(No Transcript)
23
(No Transcript)
24
Strong Authentication Methods
  • Basic rules for creating strong passwords
  • Passwords must have at least eight characters
  • Passwords must contain a combination of letters,
    numbers, and special characters
  • Passwords should be replaced every 30 days
  • Passwords should not be reused for 12 months
  • Same password should not be used on two or more
    systems or accounts

25
(No Transcript)
26
Strong Authentication Methods (continued)
  • Biometrics
  • Uses unique human characteristics for
    authentication
  • Most common biometric device
  • Fingerprint scanner
  • High-end scanners
  • Relatively expensive
  • Can be difficult to use
  • Can reject authorized users while accepting
    unauthorized users

27
(No Transcript)
28
Protecting Laptop Computers
  • Device lock
  • Consists of a steel cable and a lock
  • Economical, simple and quick to install
  • Very portable
  • Stealth signal transmitter
  • Software installed on laptop that cannot be
    detected

29
(No Transcript)
30
Cryptography
  • Science of transforming information
  • So that it is secure while being transmitted or
    stored
  • Does not attempt to hide the existence of data
  • Scrambles data so that it cannot be viewed by
    unauthorized users

31
Cryptography (continued)
  • Encryption
  • Changing original text to secret message using
    cryptography
  • Decryption
  • Changing secret message back to its original form

32
Public and Private Keys
  • Private key system
  • Same key is used to encrypt and decrypt message
  • Public key system
  • Two mathematically related keys are used
  • Public key and a private key

33
(No Transcript)
34
(No Transcript)
35
Digital Signatures
  • Digital signature
  • Code attached to an electronic message that helps
    to prove that
  • Person sending message with public key is not an
    imposter
  • Message was not altered
  • Message was sent
  • Encrypted hash of a message that is transmitted
    along with message

36
Digital Signatures (continued)
  • Hash
  • Creates encrypted text that is never intended to
    be decrypted
  • Used in a comparison for authentication purposes

37
(No Transcript)
38
(No Transcript)
39
Digital Certificates
  • Link or bind a specific person to a public key
  • Provided by a certification authority (CA)
  • Public key that has been digitally signed by a
    recognized authority (the CA)
  • Attesting that owner of the key is not an imposter

40
Properly Retiring Old Computers
  • Files that should be removed when selling or
    donating an old computer
  • E-mail contacts
  • E-mail messages
  • All personal documents
  • All files in the recycle bin or trash folder
  • Internet files
  • All nontransferable software

41
Recovering from Attacks
  • Major steps to take when preparing for an attack
  • Back up your data
  • Back up system information
  • Creating a data backup involves
  • Copying data onto digital media
  • Storing it in a secure location

42
Recovering from Attacks (continued)
  • Questions when creating a data backup
  • What information should be backed up?
  • How often should it be backed up?
  • What media should be used?
  • Where should the backup be stored?
  • How should the backup be performed?

43
Saving Automated System Recovery (ASR) Data
  • Windows XP Automated System Recovery (ASR)
  • Includes an ASR backup and ASR restore
  • ASR backup records
  • System state
  • System services
  • All disks associated with operating system
    components

44
Restoring the Computer
  • To recover from an attack using ASR
  • Insert original operating system installation CD
    into the CD drive
  • Restart computer
  • Press the F2 key when prompted
  • Insert the ASR floppy disk when prompted
  • Follow remaining directions on the screen

45
Clean up the Attack
  • Microsoft Windows Malicious Software Removal Tool
  • Helps remove infections by specific malware
  • When done, displays a report describing outcome

46
Restore Data from Backups
  • Most vendors
  • Provide an automated wizard that guides user
    through process of restoring files
  • After any successful attack
  • Analyze why attack got through defenses

47
Summary
  • Malicious software
  • Programs designed to break into or create havoc
    on desktop computers
  • Social engineering
  • Relies on trickery and deceit
  • Is considered a basic attack
  • Patch software
  • Describes software security updates

48
Summary (continued)
  • Strong passwords
  • Important defense mechanism against attackers
  • Important to perform regular data backups
  • If a computer becomes infected with malware
  • Remove computer from network
  • Try to reboot computer
Write a Comment
User Comments (0)
About PowerShow.com