Unit 8: Security Risks & Data Protection Kaplan University 1
Unit 8: Computer Security Risks & Data Protection Unit 9: Distributing Computing and Networking Unit 10: Final Project ◦ Due Saturday, December 24 at 11:59 pm Eastern Time Kaplan University2
Readings Discussion Questions Review Unit 8 Assignments (2 this week) Lecture on RAID, Security Continue Final Project Kaplan University3
Textbook Reading ◦ Chapter 11 – RAID (section 11.6 only – pp ) ◦ Chapter 14 – Computer Security Threats ◦ Chapter 15 – Computer Security Authentication Web Articles Reading Discussion Question 3 page essay based on Home Computer Network & Security (due Tuesday) 1 page paper on Security Practices Kaplan University4
Pick three of the questions below and address them. Respond to two students who had at least one different topic from yours and comment on that topic. 1.How do you recognize a secure site? 2.What is data mining, and can your information be mined even in secure sites? 3.Explain what viruses, worms, and bots are. 4.What is a DOS attack? 5.What are ways a hacker can get into a system? 6.What are buffer overflow attacks? Kaplan University5
For this project, describe your home computer and computer network security plan. ◦ How often are software updates installed? ◦ What are you protected against? ◦ What are some vulnerabilities of your home network? ◦ Your network security plan should include information on (but not limited to) passwords, firewalls, anti-virus, anti-spyware, and software updates. ◦ Write 2 pages on this description Kaplan University6
Test your home security settings. ◦ Internet Vulnerability Profiling – ShieldsUp! Take a few minutes and run the file sharing, common ports, and all service ports tests. ◦ Write a summary of your findings. ◦ Was your computer network as secure as you thought? ◦ Were there areas where security could be improved? ◦ Write 1 page on this topic Kaplan University7
Write a 1 page paper on the following topic. Securing a computer network and resources is very important. We all have (or should have!) programs to protect against viruses and spyware. Many companies have strict policies regarding use of company computers and Internet access. Those restrictions are in place for legitimate reasons: security, protection against viruses, network bandwidth, employee protection, and productivity. If you were a security manager, what security policies would you implement? What software would you install to secure a network? Finally, what are your thoughts on the right to privacy at work? Kaplan University8
9
10
Redundant Array of Independent Disks (RAID) Consists of 7 layers (0 through 6) Each level designates a different design architecture All layers share these 3 characteristics: ◦ Set of physical disk drives viewed by the OS as a single logical drive ◦ Data is distributed across physical drives of an array in a scheme known as striping. ◦ Redundant disk capacity is used to store parity information, which guarantees data recoverability in case of a disk failure Kaplan University11
Term coined by researchers at University of California at Berkeley RAID Strategy ◦ Employs multiple disk drives ◦ Distributes data to enable simultaneous access to data from multiple drive ◦ Improves I/O Performance ◦ Allows easier incremental increases in capacity Kaplan University12
Table 11.4 (p. 516) shows 7 RAID Levels What is the advantage of using RAID? Cite an example where RAID is used. Section 11.6 (pp ) Kaplan University13
Striping ◦ Level 0 – Nonredundant Mirroring ◦ Level 1 – Mirrored Parallel Access ◦ Level 2 – Redundant via Hamming code ◦ Level 3 – Bit-interleaved parity Independent Access ◦ Level 4 – Block-interleaved parity ◦ Level 5 – Block-interleaved distributed parity ◦ Level 6 – Block-interleaved dual distribution parity Kaplan University14
Stripe set or volume Splits data evenly across two or more disks Used to increase performance Does NOT provide redundancy of data Kaplan University15 Source: Standard RAID Levels,
Mirroring Creates an exact copy (or mirror) across two or more disks Used to increase reliability or read access Focus is not on data storage capacity Kaplan University16 Source: Standard RAID Levels,
Parallel Access Stripes data at bit level Uses Hammering code for error correction Focus is on high data transfer rates Not currently used Kaplan University17 Source: Standard RAID Levels,
Uses byte level striping with dedicated parity disk Can not service multiple requests simultaneously Rarely used Kaplan University18 Source: Standard RAID Levels,
Independent Access Uses block-level striping with dedicated parity disk Poor performance Rarely used Kaplan University19 Source: Standard RAID Levels,
Independent access Uses Block-level striping with parity data distributed across all disks Poor performance in large multi-user database Parity data has to be written across all disks Requires min of 3 disks Kaplan University20 Source: Standard RAID Levels,
Uses Block-level striping with two parity blocks distributed across all disks Fast read operation, but slower to write Kaplan University21 Source: Standard RAID Levels,
Kaplan University22
NIST Computer Security Handbook definition ◦ The protection afforded to an automated information system in order to attain objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) 3 key objectives of computer security ◦ Confidentiality (data & privacy) ◦ Integrity (data and system) ◦ Availability Kaplan University23
Name as many threats to computer security that you can identify…. Kaplan University24
Unauthorized disclosure entity gains access to information ◦ Exposure ◦ Interception ◦ Interference ◦ Intrusion Deception entity receives false info and believes it to be true ◦ Masquerade ◦ Falsification ◦ Repudiation Disruption event interrupts correct operation of system ◦ Incapacitation ◦ Corruption ◦ Obstruction Usurpation Control of system by unauthorized entity ◦ Misappropriation ◦ Misuse Kaplan University25
Individual accesses system they are not authorized to access Can you name examples of activities for each of the following behaviors? ◦ Hacker ◦ Criminal Enterprise ◦ Internal Threat Kaplan University26
Malware ◦ Exploits vulnerabilities in the system ◦ Software designed to cause damage to or use up the resources of the target computer May or may not need a host program May or may not need trigger to activate Kaplan University27
Backdoor ◦ Secret entry point into a program that allows someone to gain access without going through security procedure Logic Bomb ◦ Code embedded in some legitimate program that is set to “explode” when certain conditions are met. Trojan Horse ◦ Program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function Kaplan University28
Viruses ◦ Piece of software that can “infect” other programs by modifying them ◦ Types include Boot sector virus File infector Macro virus virus Kaplan University29
Worms ◦ A program that can replicate itself and send copies from computer to computer across network connections Bots ◦ A bot (aka zombie, drone) is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to bot’s creator. Distributed denial-of-service attacks (DDoS) Spam Packet sniffer Keylogging Kaplan University30
31
Authentication Access Control Intrusion Detection Malware Defense Dealing with Buffer Overflow Attacks Kaplan University32
Authentication two-step process ◦ Identification Something you know (password) Something you possess (token, biometric, key) ◦ Verification Kaplan University33
An access control policy dictates ◦ What types of access are permitted ◦ Who has that access ◦ Under what circumstances Can you name an example of access control policy at a current or former company? Kaplan University34
Intrusion Detection ◦ A security system that monitors and analyzes system events for the purpose of finding, and providing real-time (or near real-time) warning of attempts to access system resources in an unauthorized manner Intrustion Detection Systems (IDSs) include ◦ Sensors – collect data ◦ Analyzers – receive input from sensors ◦ User Interface – view output Kaplan University35
Antivirus programs ◦ What are the best antivirus programs on the market? Techniques include: ◦ Generic Decryption Enables antivirus program to easily detect even the most polymorphoic viruses while maintaining fast scanning speeds ◦ Digital Immune System Captures viruses, analyzes it, add detection and shielding for it, and passes information back to antivirus software company Kaplan University36
What antivirus are you running on your computer? When was the antivirus last updated? When did you last backup your computer? If your computer was destroyed, do you have a backup of your school papers, photos, and other important documents? Some web sites are safer than others, right? Mac don’t get viruses so why do I need antivirus software? Kaplan University37
38
Due Saturday, December 24 No late assignments accepted!!! Final Project is worth 100 points Write a 5-10 page essay explaining how a mainstream modern (Linux or Windows) Operating System is designed to integrate all components of the operating system. At least 3 outside references Kaplan University
Which operating system are you planning to use for the paper? Why did you select that OS? Kaplan University40
The following list of topics is the MINIMUM starting point for your essay. You may include other topics if you feel they are important. ◦ Processes and threads ◦ Memory management ◦ Scheduling (Including deadlock prevention) ◦ File Management ◦ Input and Output devices ◦ Security Threats ◦ Security Techniques and Defenses ◦ Data protection (RAID & Clusters) Kaplan University
Kaplan University