Big Picture How many ways can a system be attacked? What can we do about it?

Slides:

Advertisements

Similar presentations

Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.

Advertisements

Web server security Dr Jim Briggs WEBP security1.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

WHAT IS A WEBSITE AND HOW TO GET YOUR BUSINESS ONLINE Anna Gabali – 30/07/ MKLC.

Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,

Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.

Jeopardy Computer Internet Policy & Legal Potpourri Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.

IT tools to communicate By Suleman Kalam. Podcast What is Podcasts? A podcasts is a downloadable media file which can be downloaded into many electronic.

Security Risks Viruses, worms, Trojans Hacking Spyware, phishing Keylogging Online fraud Identity theft DOS (Denial of Service attacks.

Unit 12 – IT Technical Support – Anne Sewell Aims of the lesson: To carry out a back-up of files to a USB or desktop. This is a build-up exercise towards.

Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.

Scientific data storage: How are computers involved in the following?

By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.

Understanding Security Policies Lesson 3. Objectives.

Protection of Data 31 Protection of Data 31. Protection of Data 31 Having looked at threats, we’ll now look at ways to protect data: Physical Barriers.

How To Remove Flooders?-Get Help Website:

Importance of IT security ->protects data ->ensures authentication and confidentiality ->preevents data theft.

VCE IT Theory Slideshows

AP CSP: Cybercrime.

Understanding Security Policies

What they are and how to protect against them

Tonga Institute of Higher Education IT 141: Information Systems

Data security OCR Cambridge Nationals in ICT Level 1/2 © Hodder & Stoughton 2013.

Hotspot Shield Protect Your Online Identity

Section 6.3 Server-side Scripting

Lesson Objectives Aims You should be able to:

1.4 Wired and Wireless Networks

Administrative Practices Outcome 1

Secure Software Confidentiality Integrity Data Security Authentication

Lesson Objectives Aims You should be able to:

Answer the questions to reveal the blocks and guess the picture.

How to Check if a site's connection is secure ?

Network Attacks Dylan Small.

Teaching Computing to GCSE

BP5 – encryption - Fun gym

Internet Protocol Mr. Paulk.

Little work is accurate

Unit 1.6 Systems security Lesson 3

Protecting Your Maps and Data when using ArcGIS Server

Intercept X for Server Early Access Program Sophos Tester

Unit Network Topologies, protocols and layers Lesson 1

Malware, Phishing and Network Policies

LINUX SECURITY Dongmei Wu ID: /25/00.

PHP: Security issues FdSc Module 109 Server side scripting and

Unit 1.6 Systems security Lesson 4

Tonga Institute of Higher Education IT 141: Information Systems

Unit 1.6 Systems security Lesson 2

Monday, 26 November 2018 Systems Security

BP5 – encryption - Fun gym

Brute force attacks, DDOS, Botnet, Exploit, SQL injection

Unit 1.4 Wired and Wireless Networks Lesson 3

Faculty of Science IT Department By Raz Dara MA.

Tonga Institute of Higher Education IT 141: Information Systems

Web Security Advanced Network Security Peter Reiher August, 2014

Web Programming Language

Understanding Security Policies

Exercise: Hashing, Password security, And File Integrity

Computer Security By: Muhammed Anwar.

was not invented by Al Gore…

Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment

1.2.2 Security aspects • Show understanding of the security aspects of using the Internet and understand what methods are available to help minimise the.

Communicating in the IT Industry

Unit 1.6 Systems security Lesson 1

Presentation transcript:

Big Picture How many ways can a system be attacked? What can we do about it?

System Security Part 2

Learning Objectives To understand what is meant by computer system threats To understand how computer systems rely on policies to run safely

Data Interception and Theft Brute Force DoS and DDoS Data Interception and Theft SQL Injection Network Policy

Research ‘brute force attack’ TASK! Research ‘brute force attack’ Create a one page document that acts as an FAQ for brute force providing advice to system managers When a brute force attack is made on a system, the attackers try repeated combinations of passwords and usernames. On many systems and websites there are hidden files and folders. An attacker may attempt to brute force their way to these.

Denial of Service & Distributed Denial of Service TASK! Answer the following questions: 1 What is the difference between DoS and DDoS? 2 Who might launch a DoS or DDoS attack 3 Why? A system that is subject to a DoS or DDoS attack has mssive amounts of server calls made to the system website or other servers. At best they slow down the system. At worst they close the system down. Gaming website hit with a massive DNS flood, peaking at over 25 million packets per second

Data Interception and Theft 1 Theft of data eg personal information and bank details is a big problem. This can happen in a number of ways: breaking into and stealing data from a system and intercepting data are 2 ways. Ways that a site tells you is is secure is through the use of https and the lock icon. This tells you that the site is using hypertext transfer protocol secure. Clicking on the lock will show a security certificate Question in exercise books How does https protect data

Data Interception and Theft 2 Even if data is sent securely packet sniffers could capture data. On a secure network it would be encrypted (that doesn’t mean it cannot be decypted!)

SQL Injection SQL injection is normally used on database information (most data is kept in a database!). The attacker will force, ‘inject’, code into the database that will either return data eg a list of user names and passwords or ‘crack’ the access credentials so that data can be searched.

Network Policy Using the image to the right as your starting point, create a podcast that provides advice and guidance on what network policies are required and why