Presentation is loading. Please wait.

Presentation is loading. Please wait.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Published byMaximillian Clarke Modified over 9 years ago

Similar presentations

Presentation on theme: "This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."— Presentation transcript:

1 This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to accompany the courseware may be copied, photocopied, reproduced, or re-used in any form or by any means without permission in writing from a director of gtslearning International Limited. Violation of these laws will lead to prosecution. All trademarks, service marks, products, or services are trademarks or registered trademarks of their respective holders and are acknowledged by the publisher. All gtslearning products are supplied on the basis of a single copy of a course per student. Additional resources that may be made available from gtslearning may only be used in conjunction with courses sold by gtslearning. No material changes to these resources are permitted without express written permission by a director of gtslearning. These resources may not be used in conjunction with content from any other supplier. If you suspect that this course has been copied or distributed illegally, please telephone or email gtslearning. 1.2 Threats and Attacks CompTIA Security+ Certification Support Skills

2 Objectives Categorize vulnerabilities and threat agents and vectors Understand social engineering and phishing attacks Identify different types of malware and malware protection 1.2 Threats and Attacks 21

3 Vulnerability - a weakness that could be triggered accidentally or exploited intentionally to cause a security breach Threat o The potential for a threat agent or threat actor to "exercise" a vulnerability o The path or tool used by the threat actor can be referred to as the threat vector Risk - the likelihood and impact (or consequence) of a actor exercising a vulnerability Control - a system or procedure put in place to mitigate risk Vulnerability, Threat, Risk 1.2 Threats and Attacks 21

4 Types of Threat Agent (1) Hackers, Crackers, Black Hats, White Hats, and Script Kiddies External threats o Agents / motivations o Accidental / Malicious o Structured / unstructured 1.2 Threats and Attacks 21

5 Types of Threat Agent (2) Malicious insider o Has or has had authorized access o Employees, contractors, partners o Sabotage, financial gain, business advantage Accidental Environmental Legal / commercial 1.2 Threats and Attacks 22

6 Social Engineering (1) Impersonation o Dominate or charm targets into revealing information or providing access o Exploit “weak authentication” over telephone / IM / email Reasons for effectiveness o Familiarity / Liking o Consensus / Social Proof o Authority and Intimidation o Scarcity and Urgency 1.2 Threats and Attacks 24

7 “Dumpster-diving” for information (build trust) “Shoulder-surfing” password observation “Lunchtime Attack” “Tailgating” to gain entry Social Engineering (2) 1.2 Threats and Attacks 26

8 Using spoofed electronic communications to trick a user into providing confidential information Spoof emails or faked / hacked websites Vishing (VoIP or IM) Spear Phishing / Whaling (targeting senior management) Pharming (redirection) Watering Hole Phishing 1.2 Threats and Attacks 27

9 What makes attacks effective? o Authority o Intimidation o Consensus / social proof o Scarcity o Urgency o Familiarity / liking o Trust What makes attacks ineffective? o Policy and standard procedures o Education and training o Accounting (auditing and surveillance) Mitigating Social Engineering 1.2 Threats and Attacks 28

10 Computer viruses o Rely on some sort of host file o Vector (executable, script, macro, boot sector) o Payload Worms o Propagate in memory / over network links o Consume bandwidth o May be able to compromise application or OS to deliver payload Logic bombs / fork bombs Malware (1) 1.2 Threats and Attacks 29

11 Malware (2) Hoaxes o Drive users to fake A-V o Cause unnecessary support calls o Use vendor sites to identify malware Spam / spit o Unsolicited email o Can be vector for malware o Spit delivered over IM / VoIP 1.2 Threats and Attacks 31

12 Trojans and Spyware (1) Trojans and botnets o A malicious program concealed within a benign one o Many are designed to provide covert surveillance or control of infected host Backdoors o Backdoors may be opened by malicious software or from configuration oversight Spyware o Allows attacker to record system configuration and user actions o Key logging, screenshots, remote logging, etc Adware o Records some user activity but to lesser extent than spyware o Uses cookies to deliver targeted adverts (based on user browsing behavior) o Legitimate adware should make privacy policy obvious 1.2 Threats and Attacks 32

13 Rootkits o Replace key system files and utilities o Most powerful operate with system- or kernel-level privileges Ransomware o Nuisance (“lock out” user by replacing shell) o Serious (encrypt data files or drives) Trojans and Spyware (2) 1.2 Threats and Attacks 34

14 Preventing Malware Backups Apply OS / application patches Install malware protection software o Update regularly o Configure to run on-access o Filter email / IM / websites Restrict system privileges Educate users Audit / continuous monitoring Keep up-to-date with threats 1.2 Threats and Attacks 35

15 Anti-Virus Software Database of virus signatures Heuristic scanning Malware removal / quarantine A-V Resistance o Stealth o Modification o Armor o Retrovirus o Slow and sparse infectors o Metamorphic 1.2 Threats and Attacks 36

16 Anti-spyware / Spam / Pop-ups Most “A-V” software protects against a range of malware and other threats Tools may be used against specific web threats o Anti-spyware o Anti-spam / junk mail filter o Pop-up blockers 1.2 Threats and Attacks 37

17 Use A-V software o Automatically clean o Quarantine (prevent user access) o Delete host file and restore from backup Use vendor Knowledge Base Persistent rootkits may require drive format and OS reinstall Removing Malware 1.2 Threats and Attacks 39

18 Review Categorize vulnerabilities and threat agents and vectors Understand social engineering and phishing attacks Identify different types of malware and malware protection 1.2 Threats and Attacks 40

19 Labs Lab 2 / Trojans and Malware Protection 1.2 Threats and Attacks

Download ppt "This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."

Similar presentations

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Intermediate 1 Internet Safety Section 1: Viruses Section 2: Malware Section 3: Other Internet Threats Section 4: Internet Defences Section5: Legal Aspects.

Intermediate 1 Internet Safety Section 1: Viruses Section 2: Malware Section 3: Other Internet Threats Section 4: Internet Defences Section5: Legal Aspects.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Computer Viruses.

Computer Viruses.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Issues Raised by ICT.

Issues Raised by ICT.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Similar presentations

Ads by Google