...Week 8 Checkpoint Threat Categorization Torrey D Boyer IT/240 August 7, 2013 The world of technology is threatened each day by malicious viruses and worms that can cripple an entire company. I will explain how each virus or worm functions and spreads through computer systems. Boot Sector - is a virus that is spread by floppy disk. The disk is left in the drive with the virus and will spread to the C: drive during the next boot sequence. File – is a virus that corrupts the computers executable files on a network. When the file is opened, the virus overwrites it and causes damage to the infected file. Multipartite – is a virus that uses the boot sector to move quickly, infecting both the boot sector and the executable files at the same time. This makes the virus very dangerous because just by turning on the computer, the virus latches onto the hard disk and broadcasts malicious payloads throughout the program files. Macro – is a virus that affects files that contain macro codes in them that is interpreted by an application. They are commonly spread by electronic emails. Trojan horse – is a program that seems to be functioning normally but has a hidden malicious virus in it, and by accessing the system or computer, can corrupt the authorizations. Email worms – is a worm or virus that is spread through email. They are usually sent as an attachment or spread inside the body of an email. Instant...
Words: 420 - Pages: 2
...NT2580 Introduction to Information Security STUDENT COPY: FINAL EXAM 30. What does risk management directly affect? a. Company investments b. Security policy framework c. Security controls d. Number of employees 31. Which of the following is a cipher that shifts each letter in the English alphabet a fixed number of? Positions, with Z wrapping back to A? a. Transposition b. Vigenere c. Caesar d. Vernam 32. Identify a security objective that adds value to a business. a. Revocation b. Authorization c. Anonymity d. Message authentication 33. Which of the following is an asymmetric encryption algorithm? a. AES b. 3DES c. RSA d. RC4 34. Identify a security principle that can be satisfied with an asymmetric digital signature and not by a symmetric signature. a. Nonrepudiation b. Integrity c. Authorization d. Access control 35. Which of the following is a mechanism for accomplishing confidentiality, integrity, authentication, and Nonrepudiation a. Cipher text b. Cryptography c. Access control d. Hashing 36. In which OSI layer do you find FTP, HTTP, and other programs that end users interact with? a. Application b. Network c. Physical d. Data Link 37. Identify the configuration that is best for networks with varying security levels, such general users, a group of users working on a secret research project, and a group of executives. a. Multilayered firewall b. Screened subnet firewall c. Border firewall d. Ordinary firewall 38...
Words: 606 - Pages: 3
...History of the Internet From Wikipedia, the free encyclopedia Jump to: navigation, search Prior to the widespread internetworking that led to the Internet, most communication networks were limited by their nature to only allow communications between the stations on the network, and the prevalent computer networking method was based on the central mainframe method. In the 1960s, computer researchers, Levi C. Finch and Robert W. Taylor pioneered calls for a joined-up global network to address interoperability problems. Concurrently, several research programs began to research principles of networking between separate physical networks, and this led to the development of Packet switching. These included Donald Davies (NPL), Paul Baran (RAND Corporation), and Leonard Kleinrock's MIT and UCLA research programs. This led to the development of several packet switched networking solutions in the late 1960s and 1970s, including ARPANET and X.25. Additionally, public access and hobbyist networking systems grew in popularity, including UUCP and FidoNet. They were however still disjointed separate networks, served only by limited gateways between networks. This led to the application of packet switching to develop a protocol for inter-networking, where multiple different networks could be joined together into a super-framework of networks. By defining a simple common network system, the Internet protocol suite, the concept of the network could be separated from its physical implementation...
Words: 1333 - Pages: 6
...TERMS OF REFERENCE The objective of this research is to assess provision of internet connection to customers living in rural Ireland and to a customer living in central Dublin. This research is also aiming to consider safety and confidentiality on the internet, and to examine various potential external threats. An overview on the ISP services available in Ireland, taking into consideration both home and business users, will also be given. SECURITY AND CONFIDENTIALITY ON THE INTERNET Various types of computer threats have been around since the invention of the internet. The following will explain what they are and how they work. According to the website BusinessDictionary.com a computer virus is a ‘small but insidious piece of programming-code that attacks computers and network systems through 'contaminated' (infected) data files, introduced into a system via disks or internet. As a digital equivalent of biological microorganisms, it attaches itself to the target computer’s operating systems or other programs, and automatically replicates itself to spread to other computers or networks’. (1) Computer viruses are a small piece of software that are able attach to disks or other files (viruses can be created for any operating system including DOS and other programs such as Excel) replicating itself without the users consent or knowledge. Some attach to files so when the infected programme is used the virus also executes, whilst others lie dormant in the memory and infect files when...
Words: 4402 - Pages: 18
...A reasonable approach for an AD password policy, this will a be determined by how, & what your ideas are and what your trying to accomplish. I know that you’d mention that a competitor has recently been hack into and security is the number one thing that should be addressed. But putting too many limitations on yourself and your employee might hinder production or have conflicts within the company. Let’s be honest, passwords are annoying. These days we need a password or PIN’S everywhere for security and protect with a peace of mind. Now days we have so many that we can’t even keep track of them all, I myself have this issue. Here is some issue that might be well in doubt with you and your company. We forget to update them; it’s difficult to come up with effective ones that we can still remember, so we procrastinate changing them for months, even years. We all know that this is bad practice, but the alternative along with the painful, irritating password creation and memorization process, is sometimes more than we can tolerate. Password is simpler and cheaper than others, more secure forms of authentication like special key cards, fingerprint ID machines, and retinal scanners. While passwords are becoming more and more vital component of system security, and with that they can be cracked or broken relatively easily. Password cracking is the process of figuring out or breaking passwords in order to gain unauthorized entrance to a system or accounts. The difference between...
Words: 969 - Pages: 4
...Course Project Parts 1-3 ITT Technical Institute GE 273 Microeconomics How outsourcing affects the US economy and contributes to political stability in developing economies is a matter of great debate. Many people think this practice will have an overall positive effect on the US economy, since it saves money for companies, opens up opportunities for greater entrepreneurship in the US, and leads to more Americans holding higher level jobs. Jobs that companies outsource to save money besides medical and manufacturing include copy writing jobs for publishing companies, administrative jobs, and data entry jobs for insurance companies. Critics suggest hiring foreign workers has an immediate effect on the US economy by stripping many Americans of jobs they would have performed, particularly by semi-skilled or skilled laborers. Further, many argue that giving jobs to workers in less developed countries improves those countries economically and increases trade for US products. It also increases a country’s ability to pay back debts to the US, and may promote better political relationships. Companies economically benefit by selling their products in other countries. This means they can hire more people in the US, lower their prices on products for US consumers. Comparative advantage and efficiency takes place when countries, individuals, and firms have lower opportunity costs in the production of a good or service with comparison to that of their competitors. This creates more...
Words: 1329 - Pages: 6
...Net-Worm.Win32.Kido.ih Detected | Feb 20 2009 07:04 GMT | Released | Apr 02 2009 16:24 GMT | Published | Feb 20 2009 07:04 GMT | Manual description Auto description This description was created by experts at Kaspersky Lab. It contains the most accurate information available about this program. Manual description Auto description This is a description which has been automatically generated following analysis of this program on a test machine. This description may contain incomplete or inaccurate information. Technical Details Payload Removal instructions Technical Details This network worm spreads via local networks and removable storage media. The program itself is a Windows PE DLL file. The worm components vary in size from 155KB to 165KB. It is packed using UPX. Installation The worm copies its executable file with random names as shown below: %System%\<rnd> %Program Files%\Internet Explorer\<rnd>.dll %Program Files%\Movie Maker\<rnd>.dll %All Users Application Data%\<rnd>.dll %Temp%\<rnd>.dll %Temp%\<rnd>.tmp <rnd> is a random string of symbols. In order to ensure that the worm is launched next time the system is started, it creates a system service which launches the worm’s executable file each time Windows is booted. The following registry key will be created: [HKLM\SYSTEM\CurrentControlSet\Services\netsvcs] ...
Words: 1158 - Pages: 5
...A Brief History “In 1949, Von Neumann established the Theory of Self-Reproducing Automata, where he presented for the first time the possibility of developing small replicating programs able to control other programs with a similar structure In 1959, in Bell Computer’s laboratories, three young programmers: Robert Thomas Morris, Douglas Mcllroy and Victor Vysottsky created a game called CoreWar, based on the theory of Von Neumann and in which programs fought between each other, trying to occupy as much memory as possible and eliminating opposing programs. This game is considered the precursor to computer viruses. In 1972, Robert Thomas Morris created the first virus as such: Creeper, which could infect IBM 360 on the ARPANET (the predecessor of the Internet) and show an on-screen message saying “I’m the creeper, catch me if you can”. To eliminate it, a virus called Reaper was created to search for it and destroy it”…………………...PANDA SECURITY ( 2011) Malware Overview Retrieved from http://www.google.com/images?rlz=1T4ADFA_enUS391US392&q=virus+clipart&um=1&ie=UTF-8&source=univ&sa=X&ei=nOx7TfqZEoXorAGvu5zCBQ&ved=0CDMQsAQ&biw=1174&bih=463 Malicious software, better known as Malware, is the most sophisticated type of threat to a computer system. Malware is simply code that is designed with purpose and intent to destroy, steal, disrupt or damage someone’s data, computer system or network. Malware is software that is written...
Words: 3874 - Pages: 16
...Hands-On Ethical Hacking and Network Defense Second Edition Chapter 3 Network and Computer Attacks Objectives • After this lecture and completing the exercises, you will be able to : – Describe the different types of malicious software and what damage they can do – Describe methods of protecting against malware attacks – Describe the types of network attacks – Identify physical security attacks and vulnerabilities Hands-On Ethical Hacking and Network Defense, Second Edition 2 Malicious Software (Malware) • Network attacks prevent a business from operating – Malicious software (malware) • Virus • Worm • Trojan program – Goals • • • • Destroy data Corrupt data Shutdown a network or system Make money 3 Hands-On Ethical Hacking and Network Defense, Second Edition Viruses • Virus attaches itself to a file or program – Needs host to replicate – Does not stand on its own – No foolproof prevention method • Antivirus programs – Detection based on virus signatures • Signatures are kept in virus signature file • Must update periodically • Some offer automatic update feature Hands-On Ethical Hacking and Network Defense, Second Edition 4 Table 3-1 Common computer viruses Hands-On Ethical Hacking and Network Defense, Second Edition 5 Viruses (cont’d.) • Encoding using base 64 – – – – – – – – Typically used to reduce size of e-mail attachments Also, used to encrypt (hide) suspicious code. Represents zero to 63 using six bits A is 000000… Z is 011001 Create groups of four characters...
Words: 1394 - Pages: 6
...Network Security In Business Process Outsourcing Information Technology Essay The issue of information security and data privacy is assuming tremendous importance among global organizations, particularly in an environment marked by computer virus and terrorist attacks, hackings and destruction of vital data owing to natural disasters. The worldwide trend towards offshore outsourcing of processes and IT services to remote destinations, leading to the placing of valuable data and information infrastructure in the hands of the service providers, is also creating the need for information security solutions that will protect customers' information assets. As crucial information of a financial, insurance, medical and personal nature begins to get handled by remotely located offshore outsourcing service providers, there is a growing concern about the manner in which it is being collected, stored and utilized. Components of security The concept of information security is centered around the following components: · Integrity: gathering and maintaining accurate information and avoiding malicious modification · Availability: providing access to the information when and where desired · Confidentiality: avoiding disclosure to unauthorized or unwanted persons. Indian IT and ITES-BPO service providers today have the responsibility of not just protecting their own internal information, but also that of their customers, who trust them with crucial organizational data. A service providers own...
Words: 1616 - Pages: 7
...Electronic Commerce, Seventh Annual Edition 10-1 Chapter 10 Electronic Commerce Security At a Glance Instructor’s Manual Table of Contents • • • • • • • Chapter Overview Chapter Objectives Instructor Notes Quick Quizzes Discussion Questions Additional Resources Key Terms Electronic Commerce, Seventh Annual Edition 10-2 Lecture Notes Chapter Overview In this chapter, you will explore security policy issues with a focus on how they apply to electronic commerce in particular. The electronic commerce security topics in this chapter are organized to follow the transaction processing flow, beginning with the consumer and ending with the Web server (or servers) at the electronic commerce site. Each logical link in the process includes assets that must be protected to ensure security: client computers, the communication channel on which the messages travel, and the Web servers, including any other computers connected to the Web servers. Chapter Objectives In this chapter, you will learn about: • • • • • Online security issues Security for client computers Security for the communication channels between computers Security for server computers Organizations that promote computer, network, and Internet security Instructor Notes Online Security Issues Overview Computer security is the protection of assets from unauthorized access, use, alteration, or destruction. There are two general types of security: physical and logical. Physical security includes tangible...
Words: 5468 - Pages: 22
...Table of Contents What Is Malware? ..………………………………………………………… 3 History of Malware …………………………………………………………. 4 Types of Malware …………………………………………………………… 5 How to Prevent Malware …………………………………………………… 7 Attacks on Mobile Devices …………………………………………………. 9 Conclusion …………………………………………………………………. 11 References ……………………………………………………………………. 14 What is malware Malware, short for malicious software, is any type of software that is used in order to disrupt regular computer operations, gather sensitive information, or gain access to private computer systems. Malware is not something new to computers; it is as old as software itself. Programmers have been creating it for as long as they have been creating legitimate software. There are many different reasons as to why a programmer would create such malware. Some programmers create malware for reasons as simple as pranks and experiments or more serious and organized Internet crime malware. There are many different types of malware that will be explained later but one must know that each type of malware attacks a computer in a different way and causes different levels of damage. (What is Malware, 2014) Creating malware is a very vicious thing to do. It attacks an individual’s computer without the knowledge of the user and before they know it, personal information is stolen and the computer is damaged. What would make someone want to create such a thing? In the earlier stages of software...
Words: 3391 - Pages: 14
...Ethical Hacking 1 Running head: ETHICAL HACKING: Teaching Students to Hack Ethical Hacking: Teaching Students to Hack Regina D. Hartley East Carolina University Ethical Hacking 2 Abstract One of the fastest growing areas in network security, and certainly an area that generates much discussion, is that of ethical hacking. The purpose of this study is to examine the literature regarding how private sectors and educational institutions are addressing the growing demand for ethical hacking instruction. The study will also examine the opportunity for community colleges in providing this type of instruction. The discussion will conclude with a proposed model of ethical hacking instruction that will be used to teach a course in the summer semester of 2006 through the continuing education department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically...
Words: 6103 - Pages: 25
...chapter 2 40 Chapter 2 you. I’ve asked Charlie Moody to come in today to talk about it. He’s waiting to speak with us.” When Charlie joined the meeting Fred said, “Hello, Charlie. As you know, the Board of Directors met today. They received a report on the expenses and lost production from the worm outbreak last month, and they directed us to improve the security of our technology. Gladys says you can help me understand what we need to do about it.” “To start with,” Charlie said, “instead of setting up a computer security solution, we need to develop an information security program. We need a thorough review of our policies and practices, and we need to establish an ongoing risk management program. There are some other things that are part of the process as well, but these would be a good start.” “Sounds expensive,” said Fred. Charlie looked at Gladys, then answered, “Well, there will be some extra expenses for specific controls and software tools, and we may have to slow down our product development projects a bit, but the program will be more of a change in our attitude about security than a spending spree. I don’t have accurate estimates yet, but you can be sure we’ll put cost-benefit worksheets in front of you before we spend any money.” Fred thought about this for a few seconds. “OK. What’s our next step?” Gladys answered, “First, we need to initiate a project plan to develop our new information security program. We’ll use our usual systems development and project...
Words: 24411 - Pages: 98
...Impact of BGP Dynamics on Router CPU Utilization Sharad Agarwal1 , Chen-Nee Chuah2 , Supratik Bhattacharyya3 , and Christophe Diot4 1 University of California, Berkeley, USA, sagarwal@cs.berkeley.edu 2 University of California, Davis, USA, chuah@ece.ucdavis.edu 3 Sprint ATL, Burlingame, USA, supratik@sprintlabs.com 4 Intel Research, Cambridge, UK, christophe.diot@intel.com 1 Introduction The Internet is an interconnection of separately administered networks called Autonomous Systems or ASes. To reach entities outside the AS, the inter-domain routing protocol used today is the Border Gateway Protocol or BGP [1]. It has been approximately 15 years since BGP was deployed on the Internet. The number of ASes participating in BGP has grown to over 16, 000 today. However, this growth has been super-linear during the past few years [2]. With this sudden growth there has been concern in the research community about how well BGP is scaling. In particular, it has been noted that there is significant growth in the volume of BGP route announcements (or route flapping) [3] and in the number of BGP route entries in the routers of various ASes [2]. For every BGP routing update that is received by a router, several tasks need to be performed [4]. First, the appropriate RIB-in (routing information base) needs to be updated. Ingress filtering, as defined in the router’s configuration, has to be applied to the route announcement. If it is not filtered out, the route undergoes the BGP route selection...
Words: 4109 - Pages: 17
