Unit 8: Security Risks & Data Protection Kaplan University 1.

Slides:



Advertisements
Similar presentations
Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
Advertisements

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
Chapter 18: Computer and Network Security Threats
Database Administration and Security Transparencies 1.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Lecture 1: Overview modified from slides of Lawrie Brown.
Chapter 14 Computer Security Threats
Security+ Guide to Network Security Fundamentals
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
RAID Ref: Stallings. Introduction The rate in improvement in secondary storage performance has been considerably less than the rate for processors and.
Redundant Array of Independent Disks
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
BUSINESS B1 Information Security.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
CS 1308 Computer Literacy and the Internet. Introduction  Von Neumann computer  “Naked machine”  Hardware without any helpful user-oriented features.
Computer & Network Security
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.
For any query mail to or BITS Pilani Lecture # 1.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 5: Basic Security.
BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.
IT320 OPERATING SYSTEM CONCEPTS Unit 7: File Management May 2012 Kaplan University 1.
Chap1: Is there a Security Problem in Computing?.
Unit 9: Distributing Computing & Networking Kaplan University 1.
Malicious Software.
IT320 OPERATING SYSTEM CONCEPTS Unit 7: File Management July 2011 Kaplan University 1.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Copyright © 2013 – Curt Hill Computer Security An Overview.
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
Unit 4: Processes, Threads & Deadlocks June 2012 Kaplan University 1.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Hands-On Microsoft Windows Server 2008 Chapter 7 Configuring and Managing Data Storage.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Unit 8: Security Risks & Data Protection Kaplan University 1.
GCSE Computing: A451 Computer Systems & Programming Topic 3 Software System Software (2) Utility Software.
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Network System Security - Task 2. Russell Johnston.
Operating Systems Services provided on internet
Instructor Materials Chapter 7 Network Security
Secure Software Confidentiality Integrity Data Security Authentication
Security in Networking
– Communication Technology in a Changing World
ISNE101 Dr. Ken Cosh Week 13.
Presentation transcript:

Unit 8: Security Risks & Data Protection Kaplan University 1

 Unit 8: Computer Security Risks & Data Protection  Unit 9: Distributing Computing and Networking  Unit 10: Final Project ◦ Due Tuesday, October 11 at 11:59 pm Eastern Time Kaplan University2

 Readings  Discussion Questions  Review Unit 8 Assignment  Lecture on RAID, Security  Continue Final Project Kaplan University3

 Textbook Reading ◦ Chapter 11 – RAID (section 11.6 only – pp ) ◦ Chapter 14 – Computer Security Threats ◦ Chapter 15 – Computer Security Authentication  Web Articles Reading  2 Discussion Questions  3 page essay based on Home Computer Network & Security (due Tuesday) Kaplan University4

 DQ1: Security Pick three of the questions below and address them. Respond to two students who had at least one different topic from yours and comment on that topic.How do you recognize a secure site? 1.How do you recognize a secure site? 2.What is data mining, and can your information be mined even in secure sites? 3.Explain what viruses, worms, and bots are. 4.What is a DOS attack? 5.What are ways a hacker can get into a system? 6.What are buffer overflow attacks? Kaplan University5

 DQ2: Working Policies Securing a computer network and resources is very important. We all have (or should have!) programs to protect against viruses and spyware. Many companies have strict policies regarding use of company computers and Internet access. Those restrictions are in place for legitimate reasons: security, protection against viruses, network bandwidth, employee protection, and productivity.  If you were a security manager, what security policies would you implement?  What software would you install to secure a network?  Finally, what are your thoughts on the right to privacy at work? Kaplan University6

 For this project, describe your home computer and computer network security plan. ◦ How often are software updates installed? ◦ What are you protected against? ◦ What are some vulnerabilities of your home network? ◦ Your network security plan should include information on (but not limited to) passwords, firewalls, anti-virus, anti-spyware, and software updates. ◦ Write 2 pages on this description Kaplan University7

 Test your home security settings. ◦ Internet Vulnerability Profiling – ShieldsUp!  Take a few minutes and run the file sharing, common ports, and all service ports tests. ◦ Write a summary of your findings. ◦ Was your computer network as secure as you thought? ◦ Were there areas where security could be improved? ◦ Write 1 page on this topic Kaplan University8

 Your paper should include at least 3 pages of content (including required content, intro & conclusion)  Note that your paper will be longer than 3 pages as it will have a title page and a reference page in addition to the actual content pages required.  Be to include an introduction and conclusion (5 pts each)  Use APA format Kaplan University9

10

Kaplan University11

 Redundant Array of Independent Disks (RAID)  Consists of 7 layers (0 through 6)  Each level designates a different design architecture  All layers share these 3 characteristics: ◦ Set of physical disk drives viewed by the OS as a single logical drive ◦ Data is distributed across physical drives of an array in a scheme known as striping. ◦ Redundant disk capacity is used to store parity information, which guarantees data recoverability in case of a disk failure Kaplan University12

 Term coined by researchers at University of California at Berkeley  RAID Strategy ◦ Employs multiple disk drives ◦ Distributes data to enable simultaneous access to data from multiple drive ◦ Improves I/O Performance ◦ Allows easier incremental increases in capacity Kaplan University13

 Table 11.4 (p. 516) shows 7 RAID Levels  What is the advantage of using RAID?  Cite an example where RAID is used.  Section 11.6 (pp ) Kaplan University14

 Striping ◦ Level 0 – Nonredundant  Mirroring ◦ Level 1 – Mirrored  Parallel Access ◦ Level 2 – Redundant via Hamming code ◦ Level 3 – Bit-interleaved parity  Independent Access ◦ Level 4 – Block-interleaved parity ◦ Level 5 – Block-interleaved distributed parity ◦ Level 6 – Block-interleaved dual distribution parity Kaplan University15

 Stripe set or volume  Splits data evenly across two or more disks  Used to increase performance  Does NOT provide redundancy of data Kaplan University16 Source: Standard RAID Levels,

 Mirroring  Creates an exact copy (or mirror) across two or more disks  Used to increase reliability or read access  Focus is not on data storage capacity Kaplan University17 Source: Standard RAID Levels,

 Parallel Access  Stripes data at bit level  Uses Hammering code for error correction  Focus is on high data transfer rates  Not currently used Kaplan University18 Source: Standard RAID Levels,

 Uses byte level striping with dedicated parity disk  Can not service multiple requests simultaneously  Rarely used Kaplan University19 Source: Standard RAID Levels,

 Independent Access  Uses block-level striping with dedicated parity disk  Poor performance  Rarely used Kaplan University20 Source: Standard RAID Levels,

 Independent access  Uses Block-level striping with parity data distributed across all disks  Poor performance in large multi-user database  Parity data has to be written across all disks  Requires min of 3 disks Kaplan University21 Source: Standard RAID Levels,

 Uses Block-level striping with two parity blocks distributed across all disks  Fast read operation, but slower to write Kaplan University22 Source: Standard RAID Levels,

Kaplan University23

 NIST Computer Security Handbook definition ◦ The protection afforded to an automated information system in order to attain objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)  3 key objectives of computer security ◦ Confidentiality (data & privacy) ◦ Integrity (data and system) ◦ Availability Kaplan University24

 Name as many threats to computer security that you can identify…. Kaplan University25

 Unauthorized disclosure entity gains access to information ◦ Exposure ◦ Interception ◦ Interference ◦ Intrusion  Deception entity receives false info and believes it to be true ◦ Masquerade ◦ Falsification ◦ Repudiation  Disruption event interrupts correct operation of system ◦ Incapacitation ◦ Corruption ◦ Obstruction  Usurpation Control of system by unauthorized entity ◦ Misappropriation ◦ Misuse Kaplan University26

 Individual accesses system they are not authorized to access  Can you name examples of activities for each of the following behaviors? ◦ Hacker ◦ Criminal Enterprise ◦ Internal Threat Kaplan University27

 Malware ◦ Exploits vulnerabilities in the system ◦ Software designed to cause damage to or use up the resources of the target computer  May or may not need a host program  May or may not need trigger to activate Kaplan University28

 Backdoor ◦ Secret entry point into a program that allows someone to gain access without going through security procedure  Logic Bomb ◦ Code embedded in some legitimate program that is set to “explode” when certain conditions are met.  Trojan Horse ◦ Program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function Kaplan University29

 Viruses ◦ Piece of software that can “infect” other programs by modifying them ◦ Types include  Boot sector virus  File infector  Macro virus  virus Kaplan University30

 Worms ◦ A program that can replicate itself and send copies from computer to computer across network connections  Bots ◦ A bot (aka zombie, drone) is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to bot’s creator.  Distributed denial-of-service attacks (DDoS)  Spam  Packet sniffer  Keylogging Kaplan University31

32

 Authentication  Access Control  Intrusion Detection  Malware Defense  Dealing with Buffer Overflow Attacks Kaplan University33

 Authentication two-step process ◦ Identification  Something you know (password)  Something you possess (token, biometric, key) ◦ Verification Kaplan University34

 An access control policy dictates ◦ What types of access are permitted ◦ Who has that access ◦ Under what circumstances  Can you name an example of access control policy at a current or former company? Kaplan University35

 Intrusion Detection ◦ A security system that monitors and analyzes system events for the purpose of finding, and providing real-time (or near real-time) warning of attempts to access system resources in an unauthorized manner  Intrustion Detection Systems (IDSs) include ◦ Sensors – collect data ◦ Analyzers – receive input from sensors ◦ User Interface – view output Kaplan University36

 Antivirus programs ◦ What are the best antivirus programs on the market?  Techniques include: ◦ Generic Decryption  Enables antivirus program to easily detect even the most polymorphoic viruses while maintaining fast scanning speeds ◦ Digital Immune System  Captures viruses, analyzes it, add detection and shielding for it, and passes information back to antivirus software company Kaplan University37

38

 Due Tuesday, October 11  No late assignments accepted!!!  Final Project is worth 200 points  Write a 5 page (minimum) essay explaining how a mainstream modern (Linux or Windows) Operating System is designed to integrate all components of the operating system.  At least 3 outside references  Include topics on the next page Kaplan University

Which operating system are you planning to use for the paper? Kaplan University40

 The following list of topics is the MINIMUM starting point for your essay. You may include other topics if you feel they are important. ◦ Processes and threads ◦ Memory management ◦ Scheduling (Including deadlock prevention) ◦ File Management ◦ Input and Output devices ◦ Security Threats ◦ Security Techniques and Defenses ◦ Data protection (RAID & Clusters) Kaplan University

 Paper Length (5 pages), APA Style10 pts  Content of paper shows understanding20 pts  Introduction & Conclusion included10 pts  Processes & Threads20 pts  Deadlock (avoidance, prevention, detection)20 pts  I/O for chosen OS20 pts  Scheduling20 pts  Data Protection (RAID, backups)20 pts  File Management20 pts  Security Techniques & Defenses20 pts  Security Threats20 pts Kaplan University

  Kaplan University

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.