Enterprise Security – Chapter 6

The first section of the chapter talks about business continuity and what precautions are available to help businesses recover as quick as possible from security disasters. It begins with defining Business Continuity which is ‘the ability of an organization to maintain its operations and services in the face of a disruptive event.’ To help avert a potential outage a comprehensive approach is discussed beginning with Redundancy Planning which covers Servers, Storage, Networks, and Power all key components in maintaining a viable system. Another important aspect is the Site. In the event of a major disaster and the facility is not functional alternative measures must be taken. There are three classifications of sites a Hot site, Cold site, and Warm site. The differences in the three sites are functionality with the hot site being as close to normal, only set up off premise and typical up and running in an hour. The cold site is simply an available space needing all components to be operational and the warm site somewhere in the middle. The text then moves into the Disaster Recovery Procedures and the planning process.

In today's fast pace world businesses need to be aware of unauthorized attacks and respond to these incidents. This leads us into the field of computer forensics. Digital evidence can be retrieved from computers which can help the forensic examiner solve these crimes. The chapter goes on to talk about responding to a computer forensics incident and elaborates on the following topics:

• Securing the Crime Scene
• Preserve the Evidence
• Establish the Chain of Custody
• Examine the Evidence

 Another important part is security in a company.  A security policy is a ‘document that outlines the protections that should be enacted to ensure the organization’s assets face minimal risk.’ This leads us to  ethics which encompasses values, morals, and ethics of the corporation.

This chapter was a great help for me in that it provided insight into how a business plans for disasters and protecting its assets. Not only did it talk about external concerns it also addressed internal from the prospective of security policies and ethics.

Wireless Network Security – Chapter 5

As the title indicates this chapter is all about wireless networks. It begins with the fundamentals by explaining what a computer network is. Very simply it could be one or several computers connected to a server and possible a printer. One of the distinctions in classifying computer networks is the distance between them. The first category is the local area network (LAN), next the wide area network (WAN), and last a personal area network (PAN). A LAN is typically on a floor of an office building, a WAN connects computers over a large geographical area, and a PAN is usually up to ten feet away.

The second means of classification is by type of connection. Typically networks were connected by cable or fiber to each device, however today wireless connections are used to connect computers. One such connection is called a wireless local area network (WLAN).

The text goes on to talk about network interface cards, routers, firewalls, access points and many more important topics as they relate to Wireless networks. It continues by describing the process in which a device connects to the router by knowing the service set identifier (SSID). Once an attacker has this data connecting to the network is not difficult.

I found this chapter to be an excellent resource for wireless network connectivity. It walked you through the various parts of the system, how wireless networks work, and even how to safeguard your system. It was also interesting to note the various potential assaults attackers use to gain access to one’s computer. It provided some great advice regarding virtual private networks and using public wireless networks securely. After going through this chapter I will definitely be making some changes to my system.           

Personal Security – Chapter 4

For me this chapter was all about the potential vulnerabilities to my personal computer and available safeguards that can be utilized to thwart off intruders. However it was pointed out that today’s attacks are not so much for destroying data on the computer but to steal personal information for financial gains. That is pretty scary!!!

The first few sections talk about the methods used to acquire personal information through deceptive tactics. The first is spyware which is defined as a general term to describe software that violates a user’s personal security. The following chart lists some of the effects.

It goes on to talk about Keyloggers which can be either in the form of software or hardware. Both methods collect information by recording the keystrokes in a text format. The information is retrieved by the attacker to a remote location. This is all done without the owner aware of what’s taking place. Browser Hijackers is a program that changes the Web browser’s home page and search engine to another site. This prevents the user from navigating to another site. Weak passwords are a key area for attack by using a method called dictionary attack. A dictionary attack compares a prebuilt file with the words stolen from a password file. This can be successful because users often create passwords that are single word. Phishing is consider sometimes the easiest way to attack a computer system as it requires no technical ability and if is highly successful. It relies on what we know as social engineering which is to deceive someone of some information. The next few sections talk about social networking attacks and identity theft.

The last half of the chapter talks about preventive measures to address the topics discussed above. It explains the importance of antispyware and using strong passwords. The chapter goes into how to recognize phishing attacks, social networking defenses, and how to avoid identity theft. It concludes with explaining cryptography, encrypting files and disks, and digital certificates.

I found the chapter to be enlightening as well as reaffirming the importance of password security and having proper and up to date spyware monitoring one’s computer. I believe an individual has to take all the steps they can to protect their personal information.         

Internet Security – Chapter 3

I found the chapter to very enlightening in that it started out with explaining how the internet works. Proceeding on to cover e-mail and the two protocols in which e-mail sends and receives messages. Outgoing is Simple Mail Transfer Protocol (SMTP) and receiving is Post Office Protocol (POP) more commonly known as POP3. The text reviews potential risks with e-mail attacks and specifically with malicious attachments and embedded hyperlinks.   

We learned about internet attacks and downloaded browser code and the most common examples of this code which are JavaScript, Java, and ActiveX. A defense against a hostile Java applet is a sandbox. There are two types of Java applets unsigned and signed, signed comes from a trusted source and unsigned does not. Unsigned Java applet is restricted to the sand box. All three of these types of download browser code are used with malicious intent by the attacker.

It goes on further to cover privacy attacks which include the two most common threats which are cookies and adware. Cookies are used to track the user’s previous visited sites. Whereas adware is software that delivers advertising content in manner that is unexpected and unwanted by the user.

The last portion of the chapter is all about internet defenses through applications and browser settings. Each section goes into detail explaining what precautions you can take to help secure your computer. 

The following topics relate to applications:

•  Popup Blockers
•  Spam filters
•  E-mail Security Settings

The following topics relate to browser settings:

•  Advanced security settings
•  Restricting cookies
•  E-mail defenses
•  Security zones

The chart below provides a visual to help defend against internet attacks.

I found the chapter to have a lot of good information. It was presented in an organized manner that was understandable. It provided some helpful illustrations and examples throughout the chapter to help clarify different concepts.

Desktop Security – Chapter 2

This chapter was the nuts and bolts for Desktop security. It covered the malicious software attacks of malware. As we learned the two primary types of malware are viruses and Worms. The purpose of these two is to infect one’s computer and/or software. Concealed malware is introduced in many different forms to your computer. The following are explained along with some possible remedies:

• Trojan horse
• Rootkits
• Logic Bombs
• Zombies and Botnets

Another key area of attack is on Hardware. This would include cell phones, USB devices, and theft of computers and information. Some of the basic antidotes against this type of attack are to ensure:

• Proper antivirus and malware software is used.
• Updates and patches are done on regular basis.
• Backups of data and files are done regularly.
• Consider backup to independent drives.
• Locking mechanism for laptop computer.

One must be prepared as best as possible to recovery from an attack. The following list will help you through the process:

• Disconnect
• Identify
• Disinfect
• Recheck
• Reinstall
• Analyze

Finally, I found the chapter to be very informative and helpful. Once again the Lab assignments were beneficial and verified the security integrity of the system.

Introduction to Security – Chapter 1

This chapter is about computer security and the importance for computer users to be well-informed so that they can protect their computer against attacks. I gained a greater appreciation for the number of attacks that take place as well as the difficulties in stopping them. The following table identifies the reasons as well as brief description of the difficulties in preventing attacks.

The text goes on to define what information security is and associated terminology. In short information security is protection. I found it very helpful as the terminology (first column list below) was covered that it was put into context by using an analogy (middle column).

The significance of information security is to prevent Data Theft, stop Identity Theft, and Avoid Legal Consequences. If any combinations of these issues are compromised it will cause a negative impact on productivity. It has been estimated that U.S. businesses have forfeited 9 billion dollars in lost productivity each year.

The chapter goes on to explain in detail who Hackers, Script Kiddies, Spies, Employees, Cybercriminals, and cyberterrorists are and how they attempt to exploit vulnerabilities in computer or network attacks. Likewise the following steps of an attack are reviewed also:

·        Probe for information.

·        Penetrate any defenses

·        Modify security settings.

·        Circulate to other systems.

·        Paralyze networks and devices.

To combat against attacks a fundamental approach would be to have multiply defenses. They would entail layering, Limiting, Diversity, Obscurity, and Simplicity. In order to put these defenses to work and have a practical security strategy they would need to Block Attacks, Minimize Losses, Update Defenses, and Send Secure Information.

I found this chapter to be a good foundation in understanding security principles and its challenges. The lab assignments results proved to be interesting and showed I needed to tighten up a few items.