120 likes | 140 Views
This is The Part Of the IA Syllabus 2017.This is a Cover the particular computer Related Topics.
E N D
www.onlinejobstudy.com NETWORK SECURITY IA Preparation 2017 This document covers the network security theory part of IA syllabus. This Document www.onlinejobstudy.com Type your text
Security IA 2017 Malware: What is Malicious Software? Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to :- odisrupt computer operation, ogather sensitive information without the knowledge of the user, o gain access to private computer systems. It can appear in the form of :- o code, o scripts, o Active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. Classification Computer Viruses Ransomware Worms Trojan Horses Rook-kit Key loggers Dialers Spyware Adware Malicious BHO’s Rouge Security Software Backdoors www.onlinejobstudy.com 1 | P a g e
Security IA 2017 Figure: Malware different types Short note on Computer Virus (Virus, Worm and Trojan horse) People often think worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not exactly the same thing. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but knowing differences among can help you better protect your computer from damaging effects. Computer Virus: oA computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can vary in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. oIt is important to note that a virus cannot be spread without a human action, www.onlinejobstudy.com 2 | P a g e
Security IA 2017 (such as running an infected program) to keep it going. Because a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email. Worm (Write once read many) oA worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel without any human action. oThe biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge dangerous effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line. oDue to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely. Trojan horse oA Trojan horse is full of as much deception as the mythological Trojan horse it was named after. The Trojan horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer. Those on the receiving end of a Trojan horse are usually cheated into opening them because they appear to be receiving legitimate software or files from a legitimate source. oWhen a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans www.onlinejobstudy.com 3 | P a g e
Security IA 2017 are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Best Tips to Defend Against Viruses and Worms We must safeguard our PC. Following these basic rules will help us protect from malicious attacks Protect your computer with strong security software and keep it updated oUse of software such as : Anti-Virus, and Anti-Spyware Would keep our pc safe for malicious attacks. oBesides this, we must also update the definitions of our antivirus & anti- spyware, so that it can detect new threats. Use a security-conscious Internet service provider (ISP) that implements strong anti- spam and anti-phishing procedures. Enable automatic Operating System updates or download Microsoft®updates regularly to keep your operating system patched against known vulnerabilities. Install patches from other software manufacturers as soon as they are distributed. A fully patched computer behind a firewall is the best defense against Trojan and spyware installation. Use caution when opening attachments. oConfigure your anti-virus software to automatically scan all email and instant message attachments. oMake sure your email program doesn't automatically open attachments or automatically render graphics, and ensure that the preview pane is turned off. oNever open unsolicited emails, or attachments that you're not expecting— even from people you know. Be careful when engaging in peer-to-peer (P2P) file-sharing. oTrojans hide within file-sharing programs waiting to be downloaded. www.onlinejobstudy.com 4 | P a g e
Security IA 2017 oUse the same precautions when downloading shared files that you do for email and instant messaging. oAvoid downloading files with the extensions .exe, .scr, .lnk, .bat, .vbs, .dll, .bin, and .cmd. Use security precautions for your PDA, cell phone, and Wi-Fi devices. oViruses and Trojans arrive as an email/IM attachment, are downloaded from the Internet, or are uploaded along with other data from a desktop. oCell phone viruses and mobile phishing attacks are in the beginning stages, but will become more common as more people access mobile multimedia services and Internet content directly from their phones. oAlways use a PIN code on your cell phone, and never install or download mobile software from an unknown source. Configure your instant messaging application correctly. oMake sure it does not open automatically when you fire up your computer. Beware of spam-based phishing schemes. oDon't click on links in emails or IM. Back up your files regularly and store the backups somewhere besides your PC. oIf you fall victim to a virus attack, you can recover photos, music, movies, and personal information like tax returns and bank statements. Data communication security: When a computer is connected to a public network, all the data transmitted through the Internet are exposed to the outside world. The issues are : oAuthentication: The process of identifying an individual, usually based on username and password. Ability of each party in a transaction to ascertain identity of other party. Below picture shows the concept : www.onlinejobstudy.com 5 | P a g e
Security IA 2017 oAuthorization: Is the process of giving individuals access to system objects based on their identity. Authorization involves granting or denying access to a network resource. Below picture explains authorization : oSecured data transmission The following technologies support secured data communication oProxy Server oFirewall www.onlinejobstudy.com 6 | P a g e
Security IA 2017 oVirtual Private Network (VPN) Proxy Server: oA Proxy server is a computer that keeps copies of recently accessed web pages. Whenever A Http request is sent by client, the proxy server checks the cache. If the requested page is not available, the proxy server sends the request to the corresponding server. The incoming responses are sent to the proxy server and stored for future requests from other clients.so, the proxy server reduces the network traffic to the server. oProxy server works by intercepting connection between sender and receiver. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network. A proxy server can also be one of the components of a firewall. oProxy servers provide increased performance and security. In some cases, they monitor employees' use of outside resources. Key Points: oMultiplexing outbound requests through a single connection oPrevent access from inside as well outside based on certain policy oIt keeps copies of recently accessed web pages oProxy server sends the request to the web server only if the page is not available in the cache. www.onlinejobstudy.com 7 | P a g e
Security IA 2017 Figure: Proxy server (All the requests from end user will be processed through proxy server) Firewall: oA system designed to prevent unauthorized access to or from a private network. oCan be implemented in both hardware and software. oFrequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially Intranets oAll messages entering or leaving the intranet pass through the firewall oMessages are examined and those that do not meet the specified security criteria are blocked. www.onlinejobstudy.com 8 | P a g e
Security IA 2017 Figure Firewall:Request to WAN and LAN access has to pass through firewall shown above. If it violates the security policy then access is blocked that is shown by dustbin bock in the picture. Type: Based on the function oFilter-based firewall: Based on the IP packet source address, destination address, and port numbers. Only header of IP packet is checked. oProxy-based firewall: Looks at the packet content. Only intended type request will be allowed. Provides finer-level of access Figure: Real life Firewall: VPN (Virtual Private Network) www.onlinejobstudy.com 9 | P a g e
Security IA 2017 oSecure and private communication over public Internet oCompanies use VPN to connect to customer’s network Web Security applications: Encryption: oEncryption is a method by which information is scrambled to make it unreadable to everyone except the desired recipient oThe scrambled data, after encryption is known as cipher text oIt prevents unauthorized users from reading or tampering the data oEncryption uses mathematical algorithms to scramble data. Decryption: oTo read the encrypted file, the recipient must convert the encrypted data back into its original form. This process is known as decryption. Secured Socket Layer: oThe well-known implementation of encryption is Secured Sockets Layer (SSL). oThe combination of SSL at Transport Layer and HTTP at Application layer is called as HTTPS. oSecured Sockets layer is a way of authenticated and encrypted communication between clients and servers. It is a protocol developed by Netscape for transmitting information securely over an insecure network. It is universally accepted and used by web browsers and web servers for transmitting sensitive information. Digital Signature: oBy message authentication we mean that the receiver should be sure about sender’s identity. One approach to provide authentication is with the help of digital signature. The idea is similar to signing a document. Digital Signature www.onlinejobstudy.com 10 | P a g e
Security IA 2017 provides the remaining three security services; Authentication, Integrity and Nonrepudiation. oData integrity is the maintenance of, and the assurance of the accuracy and consistency of, data. oNonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. Thanks & Regards www.onlinejobstudy.com www.onlinejobstudy.com 11 | P a g e