1. Trang chủ
  2. » Luận Văn - Báo Cáo

btec level 5 hnd diploma in computing unit 5 security

68 0 0
Tài liệu đã được kiểm tra trùng lặp

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 68
Dung lượng 4,13 MB

Nội dung

Organizations are at risk from some cyber security attacks that aim to severely harm systems or obtain unauthorized access to a computer.HOW DOES MALWARE ATTACK?Malware can infect a devi

Trang 1

ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date 12/8/2022 Date Received 1st submission

Trang 3

❒ Summative Feedback: ❒ Resubmission Feedback:

Lecturer Signature:

Trang 5

Table of Contents

Table Of Figures 4

P1 Identify types of security threat to organisations Give an example of a recently publicized security breach and discuss its consequences 5

1.IT threats 5

1.1 Malware Attacks 5

1.2 social engineering 9

1.3 network attack 12

1.4 Application attack 13

1.5 internal attack 14

P2 Describe at least 3 organisational security procedures 15

1.Acceptable Use (AUP) 15

2.Access Control (ACP) 15

3 Change Management 16

4 Information Security 16

5 Incident Response (IR) 16

6 Remote Access 16

7 Email/Communication 17

P3 Identify the potential impact to IT security of incorrect configuration of firewall policies and IDS 21

1.Firewall defined: 21

2.Intrusion Detection System (IDS) 22

3.Firewall threat-risk 24

Trang 6

1) Insider Attacks 24

2) Missed Security Patches 25

3) Configuration Mistakes 25

4) A Lack of Deep Packet Inspection 25

5)DDoS Attacks 26

4.IDS threat-risk 26

P4 Show, using an example for each, how implementing a DMZ, static IP and NAT in a network can improve Network Security 27

Trang 7

1.DMZ(demilitarized zone) 27

2.Static IP 29

3.NAT(Network Address Translation) 30

References 32

Trang 8

Table Of Figures

Trang 9

Figure 1 Computer virus 6

Figure 2 Trojans Horse 7

Figure 3 Computer Worm 8

Figure 4 Firewall 21

Figure 5 Firewall Diagram 22

Figure 6 IDS 24

Figure 7 DMZ Diagram 28

Figure 8 Static IP 30

Figure 9 NAT diagram 31

Trang 11

P1 Identify types of security threat to organisations Give an example of a recently publicized security breach and discuss its consequences.

1.IT threats

A threat is an occurrence that has the potential to take advantage of a vulnerability (an attack just waiting

to happen) and harm the network Those in the digital sphere frequently resemble threats in the real sphere Threats including theft, vandalism, and eavesdropping have all spread from the physical world intocyberspace, usually through the Internet However, there are some notable distinctions in terms of the range of these attacks' applicability, the degree of automation required, and the spread (or propagation) of attack methods

1.1 Malware Attacks

Malware is computer malware that is created by online attackers and typically consists of a program or code Organizations are at risk from some cyber security attacks that aim to severely harm systems or obtain unauthorized access to a computer

HOW DOES MALWARE ATTACK?

Malware can infect a device in a variety of ways, including through email attachments that contain links or files that must be opened by the user in order for the malware to run

This category of assault includes: computer viruses,Trojan horses, worms and spyware

1.1.1 Computer viruses

A malicious software program that secretly loads into a user's computer and carries out malicious deeds is known as a computer virus

Trang 12

Figure 1 Computer virus

Trang 13

They are usually brought on by humans However, since they are produced and dispersed, no one has direct control over how they diffuse A virus that has infected a computer attaches itself to another software so that when the host program runs, the virus's actions are also activated It has the ability to replicate itself, attaching to other files or programs and infect them in the process However, not all computer infections are harmful However, the majority of them carry out malicious acts, like erasing data.Some viruses wreak remain dormant until a specific event (as intended) is started, which triggers their code to run in the computer Some viruses cause havoc as soon as their code is executed, while others waittill that event is initiated When software or documents with viruses are moved from one computer to another over a network, a disk, file-sharing protocols, or through contaminated email attachments, viruses are disseminated Different stealth techniques are employed by some infections to evade detection by anti-virus software Some viruses, for instance, can infect files without making them larger, while others attempt to avoid detection by terminating the processes connected to antivirus software before they are discovered When they infect a host file, some vintage viruses make certain that the "last changed" date stays the same.

There are different ways that a virus can be spread or attack, such as:

Downloading free games, toolbars, media players and other software.

Visiting an infected and unsecured website

Clicking on advertisement

Clicking on an executable file

Using of infected removable storage devices, such USB drives

Opening spam email or clicking on URL link

Installing free software and apps

Trang 14

1.1.2 Trojans Horse

The term "trojan" or "trojan horse" refers to a computer virus It is a sort of computer program that conceals itself as common applications like utilities, games, and occasionally even antivirus software Once it has been installed on the computer, it can damage file allocation systems, delete data from the hard disk, and kill background system operations

Figure 2 Trojans Horse

Trang 15

Trojans are typically introduced through email attachments These emails have been altered to make them appear genuine As soon as the user opens the connected file and downloads it, the system is harmed A Trojan can also be included as part of online shareware and freeware downloads Even though not all freeware contains Trojans, only downloading software and freeware from reliable sources is advised Additionally, it is essential that you choose carefully while having the installation done Trojans can be used in a variety of ways, depending on the attacker's goals Identity theft, data theft, computer crashes, espionage, and user activity monitoring are a few examples Trojans are typically recognized by the majority of anti-virus programs and do not affect the computer unless they are executed Additionally, theyare not self-replicating but can join a virus that spreads to other machines on the network One may maintain a computer safe and secure by installing reputable anti-virus software, updating computer virus definitions, being cautious when opening email attachments, even if they appear to be legitimate, and paying attention to system security popup notifications.

HOW DOES TROJANS HORSE ATTACK?

The victim gets an email with a file attachment that appears to be an authentic official email When

Trang 16

the victim clicks on the attachment file, any malicious code contained in it could begin to run immediately.

In that situation, the victim is not aware of or suspects that the attachment is a Trojan horse

Trang 17

In many aspects, it satisfies the definition of a computer virus It can, for instance, duplicate itself and propagate throughout networks For this reason, worms are frequently referred to as viruses as well Computer worms, however, vary from computer viruses in a few ways First, worms exist as distinct entities or freestanding software, in contrast to viruses, which must latch onto files (host files) before they can spread inside a computer They don't require host applications or files Second, unlike viruses, worms only live in active memory and replicate themselves rather than altering files Worms make use of automatic and frequently unnoticeable operating system components Only when their unchecked replication uses up system resources and slows down or stops other tasks does their presence in the systembecome obvious Worms employ one of two methods to spread: they either take advantage of the target system's vulnerability or deceive people into running them Once they are within a system, they use its file-transport or information-transport capabilities to move around on their own Recently, a computer virus known as the "Stuxnet worm" made headlines around the globe when it attacked Iran's nuclear facilities.

HOW DOES WORM SPREADS?

It can propagate automatically, take advantage of software security flaws, and attempt to get access in order to steal confidential data, corrupt files, and install a back door allowing remote access to the system

1.1.4 Spyware

The term "spyware" refers to a class of software that seeks to steal confidential or organizational data It is accomplished by carrying out a series of activities without the necessary user permissions, occasionally

Trang 18

even discreetly Advertising, gathering personal data, and altering user configuration settings of the computer are all common activities of spyware.

Adware, tracking cookies, system monitors, and Trojans are the most common categories for spyware Freeware and shareware bundles with hidden components are the most popular ways for spyware to enter

a computer A spyware program that has been installed successfully begins sending data from that machine

in the background to a different location

Trang 19

Spyware is frequently used today to serve pop-up ads depending on user behavior and search history However, spyware that is employed maliciously is hard to distinguish since it is buried in the computer's system files.

Keyloggers are one of the easiest and most common but harmful It is used to capture keystrokes that might be fatal because it can capture passwords, credit card numbers, and other sensitive data It is also purposefully installed on some business computers and shared networks to monitor user activity.When spyware is present on a computer, it can change user settings, permissions, and administrative rights This can lock users out of their own computers and, in rare situations, result in complete data loss Spyware is designed to monitor a computer Background-running spyware can also lead to an increase in processes and more frequent crashes A computer is frequently slowed down as well

The best method to stay safe is to use reliable antivirus and antispyware programs More importantly, exercise caution when installing freeware programs by properly eliminating the pre-checked settings

HOW DOES SPYWARE ATTACK?

It may automatically set up shop on your computer, be a secret component of software packages, or be installed as regular malware like misleading advertisements, emails, and instant messaging

1.2 social engineering

The term "social engineering" is used to describe a wide range of malevolent behaviors carried out through interactions with other people Users are duped into divulging critical information or committing security blunders via psychological manipulation

Attacks by social engineers may involve one or more steps To prepare for an assault, a perpetrator first

Trang 20

looks into the target in order to learn background details like probable points of entry and lax security measures The attacker next makes an effort to win over the victim's trust and offer incentives for later security-breaking activities, such disclosing confidential information or allowing access to vital resources.Attacks using social engineering can be carried out anywhere there is a chance of human interaction The five most typical types of digital social engineering attacks are listed below.

1.2.1 Phishing

Phishing is a type of network assault where the attacker poses as a trustworthy organization in order to deceive users into providing them with personal information

Trang 21

In order to deceive customers into disclosing sensitive information including login credentials, transaction passwords, credit card numbers, and other important details, hackers frequently pose as banks, online transaction websites, e-wallets, and credit card firms.

Hackers typically use email and text messaging for this attack technique Users will be prompted to check

in if they open an email and click on a fraudulent link If "hooked," the hacker will obtain the data right away

In 1987, phishing first came to light The term "phishing" is a mix of the phrases "fishing for information" and "phreaking," which refers to a free phone-using fraud The term "phishing" was created as a result of the similarities between "fishing" and "fishing for user information."

HOW DOES PHISHING ATTACK?

In a phishing email assault, an attacker sends phishing emails to the victim's email address that appear to have come from their bank and requests personal data from them

The message includes a link that takes you to another vulnerable website in order to steal your personal data

Therefore, it is best to avoid clicking on or opening such emails and to refrain from giving out important information

1.2.2 Baiting

As the term suggests, baiting attacks use a fictitious promise to spark a victim's curiosity or sense of avarice In order to steal their personal information or infect their systems with malware, they trick users into falling for a trap

The most despised type of baiting spreads malware using tangible media Infected flash drives are frequently used as bait by attackers, who place them in plain sight where potential victims are sure to see them (e.g., bathrooms, elevators, the parking lot of a targeted company) The lure has a legitimate appearance, including a label that presents it as the business's payroll list

Trang 22

Out of curiosity, the victims pick up the bait and place it into their home or office computer, which causes the system to automatically download malware.

Baiting con games don't always have to be played out in the real world Online baiting takes the form of attractive advertisements that direct visitors to harmful websites or prod them to download malware-laden software

1.2.3 Scareware

Scareware bombards victims with bogus threats and misleading alarms Users are tricked into believing their computer is infected with malware, which leads them to install software that either serves only to

Trang 23

profit the perpetrator or is malware in and of itself Other names for scareware include fraudware, deception software, and rogue scanner software.

The legitimate-appearing popup ads that show in your browser as you browse the internet and contain language such as "Your computer may be infected with harmful spyware applications" are a frequent type

of scareware Either it offers to install the malicious tool for you or it directs you to a malicious website where your machine is infected

Additionally, spam emails that issue false warnings or urge recipients to purchase useless or hazardous services are another way that scareware is disseminated

1.2.4 Pretexting

Here, an attacker gathers data by telling a string of deftly constructed lies The con is frequently started by

a perpetrator who poses as someone who needs the victim's private information to complete a crucial task.The assailant typically begins by gaining the victim's trust by posing as a coworker, police officer, bank or tax official, or any person with the authority to know something Through queries that are allegedly necessary to verify the victim's identification, the pretexter collects crucial personal information.This fraud is used to obtain all kinds of important data and records, including social security numbers, individual addresses and phone numbers, phone records, dates of staff vacation, bank records, and even security data pertaining to a physical plant

1.2.5 Spear phishing

In this more focused variation of the phishing scam, the attacker picks certain people or companies to target Then, in order to make their attack less obvious, they modify their communications based on the traits, positions held, and contacts of their victims Spear phishing is far more difficult to pull off and might take weeks or even months to complete If done expertly, they're significantly more difficult to detect and have higher success rates

Trang 24

An attacker could send an email to one or more employees while posing as an organization's IT consultant

in a spear phishing scenario It is written and signed exactly like the consultant would, leading recipients

to believe it is an actual message Recipients of the mail are urged to update their passwords, and a link in the message sends them to a fraudulent page where the attacker can now steal their credentials

1.3 network attack

A network attack is an effort to enter a company's network without authorization with the intent of stealinginformation or carrying out other destructive behavior Network attacks generally fall into two categories:

Ngày đăng: 08/05/2024, 12:45