1. Types of Security Threats
1.1. A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to a computer system.
1.1.1. A threat is something that may or may not happen, but has the potential to cause serious damage.
1.1.1.1. Threats can lead to attacks on computer systems, networks and more.
1.1.1.1.1. There are four primary classes of threats:
1.2. Unstructured Threats
1.2.1. Consist of mostly inexperienced individuals using easily available hacking tools such as shell scripts and password crackers.
1.2.1.1. Even unstructured threats that are only executed with the intent of testing and challenging a hacker’s skills can still do serious damage to a company.
1.2.1.1.1. Virus: A program capable of replicating with little or no user intervention, and the replicated programs also replicate.
1.3. Structured Threats
1.3.1. Structured threats come from hackers that are more highly motivated
1.3.1.1. These people know system vulnerabilities, and can understand
1.3.1.1.1. They understand, develop, and use sophisticated hacking techniques to penetrate unsuspecting businesses.
1.4. External Threats
1.4.1. can arise from individuals or organizations working outside of a company.
1.4.1.1. They do not have authorized access to the computer systems or network.
1.5. Internal Threats
1.5.1. Internal threats occur when someone has authorized access to the network with either an account on a server
1.5.1.1. This could be a disgruntled employee, an opportunistic employee, or an unhappy past employee whose access is still active.
2. ACCESS TO DATA AND EQUIPMENT
2.1. Social Engineering
2.1.1. To protect against social engineering
2.1.1.1. Never give out a password.
2.1.1.1.1. Always ask for the ID of the unknown person.
2.2. Data Wiping
2.2.1. Hard drives should be fully erased (data wiped) to prevent the possibility of recovery using specialized software
2.2.1.1. Also known as secure erase is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive
2.2.1.1.1. Often performed on hard drives containing sensitive data that are considered confidential such as financial information
2.3. Hard Drive Destruction
2.3.1. Companies with sensitive data should always establish clear policies for hard drive disposal
2.3.1.1. Destroying the hard drive is the best option for companies with sensitive data
2.3.1.1.1. To fully ensure that data cannot be recovered from a hard drive, carefully shatter the platters with a hammer and safely dispose of the pieces
2.4. Hard Drive Recycling
2.4.1. Hard drives that do not contain sensitive data can be reformatted and used in other computers
2.4.1.1. Two types of formatting can be performed: -Standard Format -Low-level Format
3. PROTECTION AGAINST MALICIOUS SOFTWARE
3.1. Malware is malicious software that is installed on a computer without the knowledge or permission of the user
3.1.1. It may take several different anti-malware programs and multiple scans to completely remove all malicious software
3.1.1.1. It may take several different anti-malware programs and multiple scans to completely remove all malicious software
4. Goals of Security: Confidentiality; Integrity; Availability
4.1. Information security is intended to protect information that provides value to people and organizations.
4.1.1. There are three protections that must be extended over information: confidentiality, integrity, and availability or CIA:
4.2. Goal of Security:Confidentiality
4.2.1. Preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information.
4.2.1.1. It is important that only approved individuals are able to access important information.
4.2.1.1.1. For example, the credit card number used to make an online purchase must be kept secure and not made available to other parties.
4.3. Goal of Security:Availability
4.3.1. Keep data and resources available for authorized use, especially during emergencies or disasters
4.3.1.1. Denial of service (DoS) due to intentional attacks or because of undiscovered flaws in implementation
4.3.1.1.1. Loss of information system capabilities because of natural disasters (fires, floods, storms, or earthquakes) or human actions (bombs or strikes)
4.4. Goal of Security:Integrity
4.4.1. Keep data pure and trustworthy by protecting system data from intentional or accidental changes. Integrity models have three goals:
4.4.1.1. i.Prevent unauthorized users from making modifications to data or programs
4.4.1.1.1. ii.Prevent authorized users from making improper or unauthorized modifications
5. Type of attacks to computer security
5.1. Physical – Events or attacks that steal, damage, or destroy equipment, such as servers, switches, and wiring
5.1.1. Data – Events or attacks that remove, corrupt, deny access to authorized users, allow access to unauthorized users
6. PROTECTION PHYSICAL EQUIPMENT
6.1. Physical security is as important as data security. Network infrastructure can be protected by:
6.1.1. i.Secured telecommunications rooms, equipment cabinets, and cages
6.1.1.1. ii.Secured telecommunications rooms, equipment cabinets, and cages
6.1.1.1.1. Wireless detection for unauthorized access points
6.2. Another method of hardware security is to disable the AutoRun feature of the operating system
7. Security Hardware
7.1. There are several methods of physically protecting computer equipment:
7.1.1. Use cable locks with equipment
7.1.1.1. Keep telecommunication rooms locked
7.1.1.1.1. Fit equipment with security screws
7.2. For access to facilities, there are several means of protection:
7.2.1. Card keys that store user data, including level of access
7.2.1.1. Card keys that store user data, including level of access
7.2.1.1.1. Sensors, such as RFID tags, to monitor equipment