Scribd Logo
Upload

Welcome to Scribd!

  • Group 6

    Uploaded by

    mahmoud jan
    11 views6 pages

    Original Title

    GROUP 6.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    11 views6 pages

    Group 6

    Uploaded by

    mahmoud jan

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    THE MWALIMU NYERERE MEMORIAL ACADEMY

    KARUME COMPUS ZANZIBAR

    DEPARTMENT OF INFORMATION AND COMMUNICATION TECHNOLOGY (ICT)

    NTA LEVEL 6: ORDINARY DEPLOMA IN INFORMATION AND

    COMMUNICATION TECHNOLOGY (ICT)

    CODE NUMBER: ITT 06104

    SUBJECT NAME: SYSTEM ADMINISTRATION AND SECURITY

    NATURE OF ASSIGNMENT: GROUP ASSIGMENT

    Student Name Registration Number

    ALI ABDILLAH ALI MNMA/ODZ.ICT/0019/19

    MWANAHARUSI BAKAR MNMA/ODZ.ICT/0004/18

    TUENYE
    KHAIRAT ABDULLA ALI MNMA/ODZ.ICT/0013/19

    QUESTION: Explain the various techniques and approaches used to secure computer systems
    (prevention, detection, recovery etc)
    Computer security basically is the protection of computer systems and information from harm,

    theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your

    computer system. The following are  the various techniques and approaches used to secure

    computer systems :-

    Techniquesand approaches in aPrevention:

    Prevention has long been a favored method to stopping cybercriminals from harming

    organizations.

    Duringtheprevention phase,securitypolicies,controlsand processesshouldbedesigned

    andimplemented.Securitypolicies,

    securityawarenessprogramsandaccesscontrolprocedures,are

    allinterrelatedandshouldbedevelopedearlyon.

    Security Policy:The first objective in developing a prevention strategy is to determine “what”

    must be protected and document these “what’s” in a formal policy. The policy must define the

    responsibilities of the organization, the employees and management. It should also fix

    responsibility for implementation, enforcement, audit and review.

    Additionally, the policy must be clear, concise, coherent and consistent in order to be understood.

    Without clear

    understanding, the policy will be poorly implemented and subsequent enforcement, audit and

    review will be ineffective. Once management endorses a completed policy, the organization needs

    to be made aware of its requirements.

    Security Awareness:Security awareness is a process that educates employees on the importance

    of security, the use of security measures, reporting procedures for security violations, and their
    responsibilities as outlined in the information security policy. Security awareness programs should

    be utilized for this purpose. The program should be a continuous process that maintains an

    awareness level for all employees. The program should be designed to address organization wide

    issues as well as more focused specialized training needs. The program should stress teamwork

    and the importance of active participation. To motivate individuals, a recognition process should

    be adopted to give out awards or rewards for employees that perform good security practices.

    Access Controls:Access is the manner by which the user utilizes the information systems to get

    information. Naturally all users should not have the ability to access all systems and its

    information. Access should be restricted and granted on a need to know basis To manage this

    access we establish user accounts by issuing identifiers, authentication methods to verify these

    identifiers and authorization rules that limit access to resources.

    Techniques and approaches in a Detection:

    Detection of a system compromise is extremely critical. With the ever- increasing threat

    environment, no matter what level of protection a system may have, it will get compromised given

    a greater level of motivation and skill. A defense in layers strategy should be deployed so when

    each layer fails, it fails safely to a known state and sounds an alarm. The most important element

    of this strategy is timely detection and notification of a compromise. Intrusion detection systems

    (IDS) are utilized for this purpose.IDS have the capability of monitoring system activity and

    notifies responsibleperson when activities warrant investigation. The systems can detect

    attacksignatures and also changes in files, configurations and activity. To be protected, the entire

    system should be monitored. Intrusion detection tools should be strategically placed at the network

    and application levels. However, monitoring a busy network or host is not asimple task. Intrusion
    detection tools must have the ability to distinguish normal systemactivity from malicious activity.

    This is more of an art than a science. The IDS must be fine-tuned or ‘tweaked” in order for the IDS

    to work in accord with a particular network or host. This tuning process must take into account

    known threats, as well as intruder types, methods and processes.

    As previously indicated, intrusion detection is much more than an alarm. Althoughit is an alarm,

    it’s an alarm with brains. Once your IDS is properly configured and strategically placed, it’s only a

    matter of time before an alert will sound and notifications sent.

    Techniques and approaches in a Recover

    If your computer has been compromised it needs to be returned to a trusted state. The idea of

    "cleaning" a system is not realistic, especially in the case of a system compromise, as there is no

    reliable way to determine if the system has been completely cleaned.  To return a computer to

    a trusted state requires reformatting the hard drive and reinstalling the operating system.  If your

    computer has not already been disconnected from the network then do so before taking any of the

    following steps.

    Backup Data: Before reformatting the hard drive, back up important files. As a rule of thumb,

    only backup data files (word processor documents, pictures, presentations, etc.).  Backing up

    program files and directories is not recommended because applications can be modified to reinfect

    the system.

    Wipe, Reformat and Reinstall: Wiping and reformatting the hard drive is necessary for two

    reasons. First, installing Windows over an existing file system does not overwrite every file which
    can result in the system still being compromised. Second, boot sector viruses are used to reinfect

    systems that have been reinstalled. It is necessary that the boot block and the file system

    are  both  overwritten. A reliable way to ensure this has been done is to wipe the hard drive. An

    example of a hard drive wiping tool is dban.

    Passwords and Financial Information: A compromised system often has a key logger installed.

    Key loggers are usually used to steal passwords and bank account information, but in general can

    be used to let someone else know everything you type. It is highly recommended that you change

    your password, as well as any password used to access sensitive, confidential, or financial

    information. It is also highly recommended to put a credit watch on any financial accounts that

    may have been compromised.


    Reference:

    S. Natarajan and S. Rajarajesware, "Computer Virus: A Major Network Security Threat,"

    International Journal of Innovative Research & Development, vol. 3, no. 7, pp. 229-302, 2014.

    You might also like