Security Awareness Chapter 3 Internet Security. Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the.

Slides:



Advertisements
Similar presentations
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
Advertisements

4.01 How Web Pages Work.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
1 Chapter 12 Working With Access 2000 on the Internet.
XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
CIS101 Introduction to Computing Week 05. Agenda Your questions Exam next week - Excel Introduction to the Internet & HTML Online HTML Resources Using.
The Internet Useful Definitions and Concepts About the Internet.
INTERNET DATABASE Chapter 9. u Basics of Internet, Web, HTTP, HTML, URLs. u Advantages and disadvantages of Web as a database platform. u Approaches for.
CIS101 Introduction to Computing Week 05. Agenda Your questions CIS101 Survey Introduction to the Internet & HTML Online HTML Resources Using the HTML.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Introduction to HTML 2004 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Computer Security and Penetration Testing
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
CIS101 Introduction to Computing Week 06. Agenda Your questions Excel Exam during second hour Our status after the snow day Introduction to the Internet.
WEB DESIGNING Prof. Jesse A. Role Ph. D TM UEAB 2010.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Internet Services -World Wide Web - -Conferencing and Newsgroups -File Transfer & Updating -Chat/Instant Messaging.
INTRODUCTION TO WEB DATABASE PROGRAMMING
Computer Concepts 2014 Chapter 7 The Web and .
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Chapter 6: Web Security Security+ Guide to Network Security Fundamentals Second Edition.
A form of communication in which electronic messages are created and transferred between two or more devices connected to a network.
Chapter 16 The World Wide Web Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.
DATA COMMUNICATION DONE BY: ALVIN SAMPATH CARLVIN SAMPATH.
Lesson 2 — The Internet and the World Wide Web
The Internet in Education Objectives Introduction Overview –The World Wide Web –Web Page v. Web Site v. Portal Unique and Compelling Characteristics Navigation.
Lecture#2 on Internet and World Wide Web. Internet Applications Electronic Mail ( ) Electronic Mail ( ) Domain mail server collects incoming mail.
1 Chapter 2 & Chapter 4 §Browsers. 2 Terms §Software §Program §Application.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Web Security Chapter 6. Learning Objectives Understand SSL/TLS protocols and their implementation on the Internet Understand HTTPS protocol as it relates.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
HTML, XHTML, and CSS Sixth Edition Chapter 1 Introduction to HTML, XHTML, and CSS.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Chapter 4 Networking and the Internet. © 2005 Pearson Addison-Wesley. All rights reserved 4-2 Chapter 4: Networking and the Internet 4.1 Network Fundamentals.
Security Awareness: Applying Practical Security in Your World Chapter 4: Chapter 4: Internet Security.
Microsoft Internet Explorer and the Internet Using Microsoft Explorer 5.
Web Programming : Building Internet Applications Chris Bates CSE :
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 1 1 Browser Basics Introduction to the Web and Web Browser Software Tutorial.
Chapter 8 Browsing and Searching the Web. Browsing and Searching the Web FAQs: – What’s a Web page? – What’s a URL? – How does a browser work? – How do.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
.  At least one in ten web pages are booby-trapped with malware  Just viewing an infected Web page installs malware on your computer, if your operating.
Chapter 8 Browsing and Searching the Web. 2Practical PC 5 th Edition Chapter 8 Getting Started In this Chapter, you will learn: − What is a Web page −
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Chapter 9 Sending and Attachments. 2Practical PC 5 th Edition Chapter 9 Getting Started In this Chapter, you will learn: − How works − How.
ECEN “Internet Protocols and Modeling”, Spring 2012 Course Materials: Papers, Reference Texts: Bertsekas/Gallager, Stuber, Stallings, etc Class.
How the Web Works Building a Website – Lesson 1. How People Access the Web Browsers People access websites using software called a web browser. To view.
CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.
Chapter 29 World Wide Web & Browsing World Wide Web (WWW) is a distributed hypermedia (hypertext & graphics) on-line repository of information that users.
Security Awareness Chapter 3 Internet Security. O BJECTIVES After completing this chapter, you should be able to do the following:  Explain how the World.
27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Internet Applications (Cont’d) Basic Internet Applications – World Wide Web (WWW) Browser Architecture Static Documents Dynamic Documents Active Documents.
HTML Concepts and Techniques Fifth Edition Chapter 1 Introduction to HTML.
The Internet, Fourth Edition-- Illustrated 1 The Internet – Illustrated Introductory, Fourth Edition Unit B Understanding Browser Basics.
Lesson 10—Networking BASICS1 Networking BASICS The Internet and Its Tools Unit 3 Lesson 10.
Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.
The Internet Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Tutorial 1 Getting Started with Adobe Dreamweaver CS5.
(class #2) CLICK TO CONTINUE done by T Batchelor.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
Section A: Web Technology
SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.
Instructor Materials Chapter 5 Providing Network Services
Chapter 8 Browsing and Searching the Web
WWW and HTTP King Fahd University of Petroleum & Minerals
Chapter 1 Introduction to HTML.
SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.
Browsing and Searching the Web
Chapter 27 WWW and HTTP.
Protocols 2 Key Revision Points.
Presentation transcript:

Security Awareness Chapter 3 Internet Security

Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the following: Explain how the World Wide Web and work List the different types of Internet attacks Explain the defenses used to repel Internet attacks

How the Internet Works Internet –Worldwide set of interconnected computers, servers, and networks –Not owned or regulated by any organization or government entity –Computers loosely cooperate to make the Internet a global information resource Security Awareness, 3 rd Edition3

The World Wide Web World Wide Web (WWW) –Better known as the Web –Internet server computers that provide online information in a specific format Hypertext Markup Language (HTML) –Allows Web authors to combine text, graphic images, audio, video, and hyperlinks Web browser –Displays the words, pictures, and other elements on a user’s screen Security Awareness, 3 rd Edition4

The World Wide Web (cont’d.) Figure 3-1 How a browser displays HTML code Security Awareness, 3 rd Edition5 Course Technology/Cengage Learning

The World Wide Web (cont’d.) Hypertext Transport Protocol (HTTP) –Standards or protocols used by Web servers to distribute HTML documents –Transmission Control Protocol/Internet Protocol (TCP/IP) Port number –Identifies the program or service that is being requested –Port 80 Standard port for HTTP transmissions Security Awareness, 3 rd Edition6

The World Wide Web (cont’d.) Transfer-and-store process –Entire document is transferred and then stored on the local computer before the browser displays it –Creates opportunities for sending different types of malicious code to the user’s computer Security Awareness, 3 rd Edition7

The World Wide Web (cont’d.) Figure 3-2 HTML document sent to browser Security Awareness, 3 rd Edition8 Course Technology/Cengage Learning

Number of messages sent each day to be over 210 billion –More than 2 million every second Simple Mail Transfer Protocol (SMTP) –Handles outgoing mail Post Office Protocol (POP or POP3) –Responsible for incoming mail Example of how works Security Awareness, 3 rd Edition9

(cont’d.) Figure 3-3 transport Security Awareness, 3 rd Edition10 Course Technology/Cengage Learning

(cont’d.) IMAP (Internet Mail Access Protocol, or IMAP4) –More advanced mail protocol attachments –Documents that are connected to an message –Encoded in a special format –Sent as a single transmission along with the message itself Security Awareness, 3 rd Edition11

Internet Attacks Variety of different attacks –Downloaded browser code –Privacy attacks –Attacks initiated while surfing to Web sites –Attacks through Security Awareness, 3 rd Edition12

Downloaded Browser Code JavaScript –Scripting language Similar to a computer programming language that is typically ‘‘interpreted’’ into a language the computer can understand –Embedded in HTML document –Executed by browser –Defense mechanisms are intended to prevent JavaScript programs from causing serious harm –Can capture and send user information without the user’s knowledge or authorization Security Awareness, 3 rd Edition13

Downloaded Browser Code (cont’d.) Figure 3-4 JavaScript Security Awareness, 3 rd Edition14 Course Technology/Cengage Learning

Downloaded Browser Code (cont’d.) Java –complete programming language Java applet –Can perform interactive animations, immediate calculations, or other simple tasks very quickly –Sandbox –Unsigned or signed Security Awareness, 3 rd Edition15

Downloaded Browser Code (cont’d.) Figure 3-5 Java applet Security Awareness, 3 rd Edition16 Course Technology/Cengage Learning

Downloaded Browser Code (cont’d.) ActiveX –Set of rules for how applications under the Windows operating system should share information –Do not run in a sandbox –Microsoft developed a registration system poses a number of security concerns –Not all ActiveX programs run in browser Security Awareness, 3 rd Edition17

Privacy Attacks Cookies –User-specific information file created by server –Stored on local computer –First-party cookie –Third-party cookie –Cannot contain a virus or steal personal information stored on a hard drive –Can pose a privacy risk Security Awareness, 3 rd Edition18

Privacy Attacks (cont’d.) Adware –Software that delivers advertising content –Unexpected and unwanted by the user –Can be a privacy risk Tracking function Popup –Small Web browser window –Appears over the Web site that is being viewed Security Awareness, 3 rd Edition19

Attacks while Surfing Attacks on users can occur while pointing the browser to a site or just viewing a site Redirecting Web traffic –Mistake when typing Web address –Attackers can exploit a misaddressed Web name by registering the names of similar-sounding Web sites Security Awareness, 3 rd Edition20

Attacks while Surfing (cont’d.) Table 3-1 Typical errors in entering Web addresses Security Awareness, 3 rd Edition21 Course Technology/Cengage Learning

Attacks while Surfing (cont’d.) Drive-by downloads –Can be initiated by simply visiting a Web site –Spreading at an alarming pace –Attackers identify well-known Web site –Inject malicious content –Zero-pixel IFrame Virtually invisible to the naked eye Security Awareness, 3 rd Edition22

Attacks Spam –Unsolicited –90 percent of all s sent can be defined as spam –Lucrative business Spam filters –Look for specific words and block the Image spam –Uses graphical images of text in order to circumvent text-based filters Security Awareness, 3 rd Edition23

Attacks (cont’d.) Other techniques to circumvent spam filters –GIF layering –Word splitting –Geometric variance Malicious attachments – -distributed viruses –Replicate by sending themselves in an message to all of the contacts in an address book Security Awareness, 3 rd Edition24

Attacks (cont’d.) Embedded hyperlinks –Clicking on the link will open the Web browser and take the user to a specific Web site –Trick users to be directed to the attacker’s “look alike” Web site Security Awareness, 3 rd Edition25

Figure 3-12 Embedded hyperlink Security Awareness, 3 rd Edition26 Course Technology/Cengage Learning

Internet Defenses Several types –Security application programs –Configuring browser settings –Using general good practices Security Awareness, 3 rd Edition27

Defenses Through Applications Popup blocker –Separate program or a feature incorporated within a browser –Users can select the level of blocking Spam filter –Can be implemented on the user’s local computer and at corporate or Internet Service Provider level Security Awareness, 3 rd Edition28

Defenses Through Applications (cont’d.) Spam filter (cont’d.) – client spam blocking features Level of spam protection Blocked senders (blacklist) Allowed senders (whitelist) Blocked top level domain list –Bayesian filtering User divides messages into spam or not-spam Assigns each word a probability of being spam –Corporate spam filter Works with the receiving server Security Awareness, 3 rd Edition29

Defenses Through Applications (cont’d.) Figure 3-16 Spam filter on SMTP server Security Awareness, 3 rd Edition30 Course Technology/Cengage Learning

Defenses Through Applications (cont’d.) security settings –Configured through the client application Read messages using a reading pane Block external content Preview attachments Use an postmark Security Awareness, 3 rd Edition31

Defenses Through Browser Settings Browsers allow the user to customize security and privacy settings IE Web browser defense categories: –Advanced security settings Do not save encrypted pages to disk Empty Temporary Internet Files folder when browser is closed Warn if changing between secure and not secure mode Security Awareness, 3 rd Edition32

Defenses Through Browser Settings (cont’d.) IE Web browser defense categories (cont’d.): –Security zones Set customized security for these zones Assign specific Web sites to a zone –Restricting cookies Use privacy levels in IE Security Awareness, 3 rd Edition33

Defenses Through Browser Settings (cont’d.) Table 3-3 IE Web security zones Security Awareness, 3 rd Edition34 Course Technology/Cengage Learning

Defenses Through Good Practices Use common-sense procedures to protect against harmful Never click an embedded hyperlink in an Be aware that is a common method for infecting computers Never automatically open an unexpected attachment Use reading panes and preview attachments Never answer an request for personal information Security Awareness, 3 rd Edition35

Internet Defense Summary Table 3-4 Internet defense summary Security Awareness, 3 rd Edition36 Course Technology/Cengage Learning

Summary Internet composition –Web servers –Web browsers Internet technologies –HTML –JavaScript –Java –ActiveX Security Awareness, 3 rd Edition37

Summary (cont’d.) Privacy risk –Cookies –Adware Security risk –Mistyped Web address –Drive-by downloads security –Spam –Attachments Security applications Security Awareness, 3 rd Edition38

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.