Test 3 review FTP & Cybersecurity CIS 375 Test 3 review FTP & Cybersecurity

Test 3 Review General Terms The File Transfer Protocol (FTP) is the standard network protocol used for the transfer of computer files between a client and server on a computer network. FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server.[1] FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File Transfer Protocol (SFTP) is sometimes also used instead; it is technologically different. FTP typically uses ports 20/21 (*Must be opened on firewall)

Test 3 Review General Terms (continued) The FTP server is the machine that provides the files to the clients and holds the account(s) – settings and permissions FTP Client Software used to connect to an FTP server and access resources/files (add, delete, modify) FTP Clients can be specialized software, or a web browser (windows explorer can upload files through FTP, Browsers are read only)

Test 3 Review General Terms (continued) The FTP Log file stores the information and IP addresses of what IP/users have accessed/currently connected the FTP and what files they have accessed/added Users with the correct username password will be able to access the FTP (according to the account permissions), unless their IP address is added to the ban list on the FTP server (IP filtering).

Test 3 Review General Terms (continued) *It is important for network admins and programmers to understand hacking/cybersecurity in order to protect their code/network Blackhat - is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain".[ Whitehat - hacker who hacks protectively by drawing attention to vulnerabilities in computer systems that require repair. Script Kiddie – A non-elite hacker that uses pre-programmed/configured tools to hack but possesses little detailed knowledge of computer security systems.

Test 3 Review General Terms (continued) Virus - is a specific type of malware by itself. It is a contagious piece of code that infects the other software on the host system and spreads itself once it is run. It is mostly known to spread when software is shared between computers (like a parasite). Malware - is software written specifically to harm and infect the host system. Malware includes viruses along with other types of software such as trojan horses, worms, spyware, and adware. Air Gap - a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network. Backdoor - any method that acts as a way to access a computer system without going through normal authentication.

Test 3 Review General Terms (continued) Bot - compromised computer which is part of a botnet. An individual bot may be used for specific purposes in the botnet, but more than likely will just be an additional muscle in the swarm of a distributed denial of service attack or other illicit activity Algorithm - an unambiguous specification of how to solve a class of problems. Algorithms can perform calculation, dataprocessing and automated reasoning tasks. (MD5) Encryption - the process of encoding a message or information in such a way that only authorized parties can access it. (AES - https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)

Test 3 Review General Terms (continued) Firewalls – a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. Network Segmentation - the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security.

Test 3 Review General Terms (continued) Phishing - a method of social engineering which relies on deception to fool unsuspecting users into giving account information, financial information, and other information which is useful to the attacker. Root Kit - a software suite, most often malicious in nature, which is designed to allow an unauthorized user to have root privileges on a system. Zero-Day - refers to the length of time that a patch has been available, or zero days, in the case of the zero day exploit (usually pretty major security holes).

Test 3 Review Cyber Security best practices Segment Network and use Firewalls (managed network/dc) Educate users, Establish policies & procedures Change passwords often & Backup! Use VPN Update software and anti-virus/malware. Encrypt Sensitive information (at all times) Scan for exploits/weaknesses and keep up with news (https://googleprojectzero.blogspot.com/)

Test 3 Review Good luck on the test!