Free Essay

Nt2580 Unit 9 Assignment 1

In:

Submitted By msnatbella
Words 346
Pages 2
What are the phases of a computer attack?
Phase I: Reconnaissance Probing
During the first phase of a computer attack, the attacker will gather as much information as he can to identify the weakest points of entry on a network. It is important that he collects as much information as he can because this will determine how successful the attack will be. An attacker uses various tools found on the internet designed to exploit various targets. He will use those tools accordingly. Some of the tools are:
-DNS and ICMP tools within the TCP/IP protocol suite -Standard and customized SNMP tools -Port scanners and port mappers -Security probes
Attackers will use these tools to view detailed information about the network. By knowing a specific domain name, an attacker can easily find registered addresses, server names, and domain names via ICMP and WHOIS. Reverse DNS lookup and nslookup also provide searches for DNS information.
Phase II: Access and Privilege Escalation
Once the attacker has gathered the information they need to facilitate the attack he must make the connection or access the targeted system and gain administrative access. This can be done via secondary remote gateways and/or unattended modem boxes on the outside of an organizations building. An attacker can use a password cracker or install a Remote Administration Tool (RAT) Trojan on a computer and other various viruses and malicious software. RAT allows a hacker to maintain access to a compromised computer enabling them to corrupt files specifically the startup files.
Phase III: Covering Your Tracks
Avoiding detection is important for a successful attack. All files that may have been created need to be removed, and all changed files must be restored. Remove log file entries as these can and will provide evidence of an attack. Since most systems protect log files from being modified, he may have to attack the log files or auditing files to cover those tracks as well. Covering your tracks will make an attack hard to notice.

References
2012. Fundamentals of Information Systems Security. Sudbury: Jones and Bartlett Learning.

Similar Documents

Premium Essay

Test

...Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications ...

Words: 2305 - Pages: 10

Premium Essay

Nt1230 Syllabus

...network client computers, and related aspects of typical network server functions. Client-Server Networking I Syllabus Where Does This Course Belong? 1st QTR GS1140 NT1110 GS1145 Problem Solving Theory Computer Structure and Logic Strategies for the Technical Professional 2nd QTR NT1210 Introduction to Networking NT1230 Client-Server Networking I MA1210 College Mathematics I 3rd QTR NT1310 NT1330 MA1310 4th QTR PT1420 NT1430 EN1320 5th QTR PT2520 NT2580 EN1420 6th QTR NT2640 NT2670 CO2520 7th QTR NT2799 SP2750 Physical Networking Client-Server Networking II College Mathematics II Introduction to Programming Linux Networking Composition I Database Concepts Introduction to Information Security Composition II IP Networking Email and Web Services Communications Network Systems Administration Capstone Project Group Theory The follow diagram indicates how this course relates to other courses in the NSA program: 1 Date: 8/31/2012 Client-Server Networking I Syllabus NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420...

Words: 1834 - Pages: 8

Premium Essay

Nt2580 Unit 3 Assignment & Lab

...NT2580 Unit 3 Assignment & Lab Unit 3. Assignment 1 - Remote Access Control Policy Definition There are three key parts I will have to take into account while designing a Remote Access Control Policy for Richman Investments. These three parts (Identification, Authentication and Authorization) will not be all for the Remote Access Control Policy, I will need to include the appropriate access controls for systems, applications and data access. I will also need to include my justification for using the selected access controls for systems, applications and data access. The first part I need to implement for this Remote Access Control Policy is Identification, which is defined in this sense as: physical keys or cards, smart cards, and other physical devices that might be used to gain access to something. What needs to be done for the Remote Access Control Policy is a group member policy needs to be setup which uniquely identifies each user. Users should be identified by rank with higher ranking users requiring more authentication. Each individual user should be assigned to a group based on rank with special permissions. Using this system for Identification will make our company more secure in day to day operations. The second part I need to implement for this remote access control policy is Authentication, which is defined as: what you know or passwords, numeric keys, PIN numbers, secret questions and answers. For remote access, there must be...

Words: 477 - Pages: 2

Premium Essay

Nt2640

...examined. IP Networking Syllabus Where Does This Course Belong? This course is required in the associate degree program in Network Systems Administration and associate degree in Mobile Communications Technology. The following diagrams indicate how this course relates to other courses in respective programs: Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1201 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming Technology Courses General Education/ General Studies 1 Date: 7/18/2011 IP Networking Syllabus Mobile Communications Technology MC2799 MCT Capstone Project NT2640 IP Networking MC2560 Mobile Wireless Communication I MC2660 Mobile Wireless Communication II MC2665 Mobile...

Words: 2573 - Pages: 11

Premium Essay

Nt 1210

...switching and packet switching, OSI and TCP/IP models, LAN/WAN protocols, network devices and their functions, topologies and capabilities are discussed. Industry standards and the development of networking technologies are surveyed in conjunction with a basic awareness of software and hardware components used in typical networking and internetworking environments Introduction to Networking Syllabus Where Does This Course Belong? This course is required for the associate program in Network System Administration and the associate program in Electrical Engineering Technology. The following diagrams demonstrate how this course fits in each program. Associate Program in Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1210 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming...

Words: 4400 - Pages: 18

Premium Essay

Nt1210 Introduction to Networking Onsite Course

...switching and packet switching, OSI and TCP/IP models, LAN/WAN protocols, network devices and their functions, topologies and capabilities are discussed. Industry standards and the development of networking technologies are surveyed in conjunction with a basic awareness of software and hardware components used in typical networking and internetworking environments Introduction to Networking Syllabus Where Does This Course Belong? This course is required for the associate program in Network System Administration and the associate program in Electrical Engineering Technology. The following diagrams demonstrate how this course fits in each program. Associate Program in Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1210 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming...

Words: 4400 - Pages: 18

Premium Essay

Nt2580 Unit 1

...NT2580-M1 Introduction to Information Security Unit 1: Information Systems Security Fundamentals 2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm) Student Name ___________________________________ Lesson Plan Theory (in class, Lab #2)……………………………..…………………..……...2 Reading  Kim and Solomon, Chapter 1: Information Systems Security. Objectives……………..………………….……………………………….2 Student Assignments for this Unit Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) Lab #1: Performing Network Reconnaissance using Common Tools Overview and access vLab..............................................................................................3 Part 1: Exploring the Tools used in the Virtual Lab Environment……………16 Unit 1 Assignment Match Risks/Threats to Solutions Part 2: Connecting to a Linux Machine …………………. .........................44 Unit 1 Assignment Impact of a Data Classification Standard Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59 Appendix A. SYLLABUS………………………………………………..……..………….69 B. Forgot your password?………………………………………………..……..73 Instructor: Yingsang “Louis” HO Tel: 425-241-8080 (cell), (206) 244-3300 (school) Email: yho@itt-tech.edu NT2580_2015_Summer_M1_UNIT1.doc Page 1 of 76 Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and availability...

Words: 3379 - Pages: 14

Premium Essay

Nothing

... Bring this document with you each week Students are required to complete each assignment and lab in this course package on time whether or not they are in class. Late penalties will be assessed for any assignments or labs handed in past the due date. The student is responsible for replacement of the package if lost. Table of Contents Syllabus 2 Student Professional Experience 19 Graded Assignments and Exercises 23 Labs 47 Documenting your Student Professional Experience 57 ITT Technical Institute NT1310 Physical Networking Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 56 (34 Theory Hours, 22 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: NT1210 Introduction to Networking or equivalent Course Description: This course examines industry standards and practices involving the physical components of networking technologies (such as wiring standards and practices, various media and interconnection components), networking devices and their specifications and functions. Students will practice designing physical network solutions based on appropriate capacity planning and implementing various installation, testing and troubleshooting techniques for a computer network. Where Does This Course Belong? | | | NT2799 | | | | | | | | NSA Capstone | | | | | | | Project | | | | | NT2580 | | | NT2670 | NT2640 | | PT2520 | | Introduction to | | | | | | | | ...

Words: 10839 - Pages: 44