Professional Documents
Culture Documents
Reading
Reading
1. Administration Control
The administrative controls are defined by the top management in an organization.
3. Personnel Controls
(i) Personnel controls indicate how employees are expected to interact with security
mechanisms, and address noncompliance issues pertaining to these expectations.
(ii) Change of Status: These controls indicate what security actions should be taken when an
employee is hired, terminated, suspended, moved into another department, or promoted.
(iii) Separation of duties: The separation of duties should be enforced so that no one
individual can carry out a critical task alone that could prove to be detrimental to the
company.
Supervisory Structure
4. Security-Awareness Training
This control helps users/employees understand how to properly access resources, why
access controls are in place and the ramification for not using the access controls
properly.
5. Testing
This control states that all security controls, mechanisms, and procedures are tested on a
periodic basis to ensure that they properly support the security policy, goals, and objectives
set for them.
The testing can be a drill to test reactions to a physical attack or disruption of the network, a
penetration test of the firewalls and perimeter network to uncover vulnerabilities, a query to
employees to gauge their knowledge, or a review of the procedures and standards to make sure
they still align with business or technology changes that have been implemented.
INTERNET SECURITY
Internet security is a branch of computer security specifically related to the Internet, often
involving browser security but also a part of network security on a more general level as it
applies to other applications or operating systems.
Its objective is to establish rules and measures to use against attacks over the Internet.
The Internet represents an insecure channel for exchanging information leading to a high risk of
intrusion or fraud, such as phishing. Different methods have been used to protect the transfer of
data over the internet, including encryption. Some of the Common IT security measures used
includes:
Modern operating systems and network software have the ability to achieve most of this, but you
still need to manage the registration of users and user authentication systems – e.g. passwords.
Data encryption
Encryption scrambles data, and is used to protect information that is being held on a computer,
stored on external media such as DVDs or transmitted over a network.
Firewall
A firewall is a hardware or software security device that filters information passing between
internal and external networks. It controls access to the internet by internal users, and prevents
outside parties from gaining access to your network.
Intrusion detection
These products monitor system and network activity to spot potential security breaches. If a
detection system suspects an attack, it can generate an alarm, such as an email alert, based upon
the type of activity it has identified.
THREATS IN NETWORK
Main aims of threats are to compromise confidentiality, integrity applied against data, software,
hardware by nature accidents, non-malicious humans and malicious attackers.
What Makes A Network Vulnerable?
(i) Anonymity – leaving no trace for identification
(ii) Many Points Of Attack
(iii) Sharing
(iv) Complexity Of System
Threat originate mainly from :
(i) Port scan - is a common technique hackers use to discover open doors or weak points in
a network. A port scan attack helps cyber criminals find open ports and figure out
whether they are receiving or sending data. It can also reveal whether active security
devices like firewalls are being used by an organization
(ii) Social Engineering - getting favour from employee and getting info from network
(iii) Reconnaissance - investigations by hackers
(iv) Operating System and Application fingerprinting
(v) Bulletin Boards and chats
(vi) Availability of Documentation
Protocol Flaws:
Each protocol is identified by its Request For Comment (RFC) number. In TCP, the sequence
number of the client increments regularly which can be easily guessed and also which will be
the next number.
Impersonation:
In many instances, there is an easier way than wiretapping for obtaining information on a
network: impersonate another person or process.
In impersonation, an attacker has several choices:
i. Guess the identity and authentication details of the target
ii. Disable authentication mechanism at the target computer
iii. Use a target that will not be authenticated
iv. Use a target whose authentication data are known
Spoofing:
Obtaining the network authentication credentials of an entity(a user, an account, a process, a
node, a device) permits an attacker to create a full communication under the entity’s identity.
Examples of spoofing are masquerading, session hijacking, and man-in-the-middle attacks.
i. In a masquerade one host pretends to be another.
ii. Session hijacking is intercepting and carrying on a session begun by another entity.
iii. Man-in-the-middle attack is a similar form of attack, in which one entity intrudes
between two others.