Monday, December 6, 2010

IT104JayrDomingo



   Question 1:
 
 Why has there been a dramatic increase in the number of computer related security incidents in recent year?

Answer: 
                
·       Security of information technology is of utmost    importance
      Protect confidential data

·       Safeguard private customer and employee data
      Protect against malicious acts of theft or disruption
      Must be balanced against other business needs and issues
·       Number of IT-related security incidents is increasing around the world.




·       Computing environment is enormously complex
      Continues to increase in complexity
      Number of possible entry points to a network expands continuously
                                            


   Question 2:

What are some characteristics  of common computer criminals including their objectives?

  Answer:

                                                      Types Of Attacks

          Most frequent attack is on a networked computer from an outside source

                              Viruses

                                                                         Pieces of programming code
                                     Usually disguised as something else
                                      Cause unexpected and usually undesirable events
                                      Often attached to files
                                      Deliver a “payload”

  Definition:
         Does not spread itself from computer to computer
       Must be passed on to other users through
         Infected e-mail document attachments
         Programs on diskettes
         Shared files
         Macro viruses
       Most common and easily created viruses
       Created in an application macro language
Infect documents and templates

 
Worms
         Harmful programs
       Reside in active memory of a computer
         Duplicate themselves
       Can propagate without human intervention
         Negative impact of virus or worm attack
       Lost data and programs
       Lost productivity
       Effort for IT workers
 
           Cost Impact of Worms
 
Tbl03-01 
 
 

  Trojan Horses

         Program that a hacker secretly installs
         Users are tricked into installing it
         Logic bomb
       Executes under specific conditions
 
 


             Denial-of-Service (DoS) Attacks

         Malicious hacker takes over computers on the Internet and causes them to flood a target site with demands for data and other small tasks
       The computers that are taken over are called zombies
         Does not involve a break-in at the target computer
       Target machine is busy responding to a stream of automated requests
       Legitimate users cannot get in
         Spoofing generates a false return address on packets


   Denial-of-Service (DoS) Attacks (continued)

         Ingress filtering - When Internet service providers (ISPs) prevent incoming packets with false IP addresses from being passed on
         Egress filtering - Ensuring spoofed packets don’t leave a network
  

    Perpetrators

         Motives are the same as other criminals
         Different objectives and access to varying resources
         Different levels of risk to accomplish an objective

     Denial-of-Service (DoS) Attacks

         Malicious hacker takes over computers on the Internet and causes them to flood a target site with demands for data and other small tasks
       The computers that are taken over are called zombies
         Does not involve a break-in at the target computer
       Target machine is busy responding to a stream of automated requests
       Legitimate users cannot get in
         Spoofing generates a false return address on packets


 Denial-of-Service (DoS) Attacks (continued)

         Ingress filtering - When Internet service providers (ISPs) prevent incoming packets with false IP addresses from being passed on
         Egress filtering - Ensuring spoofed packets don’t leave a network


                        Perpetrators


         Motives are the same as other criminals
         Different objectives and access to varying resources
         Different levels of risk to accomplish an objective


        Denial-of-Service (DoS) Attacks

         Malicious hacker takes over computers on the Internet and causes them to flood a target site with demands for data and other small tasks
       The computers that are taken over are called zombies
         Does not involve a break-in at the target computer
       Target machine is busy responding to a stream of automated requests
       Legitimate users cannot get in
         Spoofing generates a false return address on packets


 Denial-of-Service (DoS) Attacks (continued)

         Ingress filtering - When Internet service providers (ISPs) prevent incoming packets with false IP addresses from being passed on
         Egress filtering - Ensuring spoofed packets don’t leave a network


                        Perpetrators
         Motives are the same as other criminals
         Different objectives and access to varying resources
         Different levels of risk to accomplish an objective


Classifying Perpetrators of Computer Crime

Tbl03-02b 



Hackers and Crackers

         Hackers

       Test limitations of systems out of intellectual curiosity

         Crackers

       Cracking is a form of hacking

       Clearly criminal activity

 

Malicious Insiders

         Top security concern for companies

         Estimated 85 percent of all fraud is committed by employees

         Usually due to weaknesses in internal control procedures

         Collusion is cooperation between an employee and an outsider

         Insiders are not necessarily employees

       Can also be consultants and contractors

         Extremely difficult to detect or stop

       Authorized to access the very systems they abuse

 

Industrial Spies

         Illegally obtain trade secrets from competitors

         Trade secrets are protected by the Economic Espionage Act of 1996

         Competitive intelligence

       Uses legal techniques

       Gathers information available to the public

         Industrial espionage

       Uses illegal means

       Obtains information not available to the public

 

                          Cybercriminals

         Hack into corporate computers and steal

         Engage in all forms of computer fraud

         Chargebacks are disputed transactions

         Loss of customer trust has more impact than fraud

         To reduce the potential for online credit card fraud sites:

       Use encryption technology

       Verify the address submitted online against the issuing bank

       Request a card verification value (CVV)

       Use transaction-risk scoring software


   Question 3:

What actions must be taken in response to a security incidents?

 Answer:

Educate users about the importance of security
Motivate them to understand and follow security policy
Discuss recent security incidents that affected the organization
Help protect information systems by:
Guarding passwords
Not allowing others to use passwords
Applying strict access controls to protect data
Reporting all unusual activity
 
Implement a layered security solution
Make computer break-ins harder
Firewall
Limits network access
Antivirus software
Scans for a specific sequence of bytes
Known as the virus signature
Norton Antivirus
Dr. Solomon’s Antivirus from McAfee 
 
 
 
Sources:   www. google.com.ph
                  www. ask.com

No comments:

Post a Comment