Chapter 1 - Introduction and Security Trends: Learning Objective

Principles of Computer Security: CompTIA Security+ and Beyond, Third Edition, Instructors
anual
Chapter 1 Introduction and Security Trends

Learning Objective
After studying this chapter, the student will have gained the knowledge to: List and discuss recent trends in computer security. Describe simple steps for minimizing the possibility of an attack on a system. Describe various types of threats that exist for computers and networks. Discuss recent computer crimes that have been committed.
Key Slides
Slide 3 Terminology
Key Terms
ritical infrastructure ! ritical infrastructures are those whose loss or impairment would have severe repercussions on society. "lite hackers ! "lite hackers are the best of the best, and are characterized by the skill level necessary to discover and exploit new vulnerabilities. #acking ! $he term used by the media to refer to the process of gaining unauthorized access to computer systems and networks. $he term has also been used to refer to the process of delving deep into the code, and protocols used in computer systems and networks. %ee also cracking. #acktivist ! A hacker who uses their skills for political purposes.
Copyright 2012 by The McGraw-Hill Companie !
anual
#ighly structured threat ! A highly structured threat is one that is backed by time and resources to allow virtually any form of attack. &nformation warfare ! $he use of information security techni'ues, both offensive and defensive, when combating an opponent. (ing sweep ! $he use of a series of & )( ping messages to map out a network. (ort scan ! $he examination of $ ( and *D( ports to determine which are open and the services that are running. %cript kiddies ! #ackers with little true technical skill+ hence they only use scripts that someone else has developed. %tructured threat ! A structured threat is one that has reasonable financial backing and can last for a few days or more. $he organizational elements allows for greater time to penetrate and attack a system.
Teaching Tips
hapter , will likely be taught in your first session. -our first session with your class is perhaps the most important session of the semester. %tudents are making .udgments about the class and you as the instructor and bracing themselves for the expectations of the semester. /ust as the saying goes, 0-ou don1t get a second chance to make a first impression,2 you don1t get a second first class. 3ive consideration to the image you wish to convey and the message you want to impart. #ere are some things to keep in mind for the first session: 4e prepared with handouts, syllabus, slides, and anything else. $his shows the class that you are thinking ahead and will give
anual
them the sense that you care about them, the sub.ect, and your time with them. 3ive consideration to your appearance as it relates to your students. %hould you be casual or formal or somewhere in between5 6hich will fit your teaching style, their learning style, and the environment in which you will teach5 )ake sure the room has enough chairs, the pro.ector is there and works, and you have anything else that will be necessary for a smooth first session. Arrive early. onsider meeting the students at the door to
welcome them in your own way. #ow will you start5 $aking attendance or telling a story5 &s there a story that you can tell that will set the tone for the semester, or that captures the need for learning the sub.ect5 &s it a story that you can return to as the semester progresses5 onsider handing out a survey that gives you some information on the students1 backgrounds and interests. $his information can help you to customize the instruction to the students1 needs. A generic type of survey is in the appendix. onsider giving a pretest. $his will give you a sense of how well each student knows the material as well as how well the class knows the material as a whole. -ou can identify who the advanced students are, so you can use them to help you with the students who are less familiar with the information as well as know who you may want to give more challenging assignments to.
anual
6ill you give the homework to start5 6hat kind of homework and how much5 Again, this day will set the tone. 3enerally, it is easier to be harder and then lighten up rather than start light and then harden up.
#ow will you end the class5 6hat will you say when you are done with this first session5 6hat do you want students to remember5 (eople tend to remember what happened at the beginning and what happened at the end, with the middle being a bit fuzzy.
Lecture Outline
,. $he security problem a. 7rom mainframe to desktop b. 7rom a few scientists to ubi'uity c. 7rom isolation to interconnectedness d. 7rom valuable e'uipment to valuable data 8. %ample of security incidents a. $he )orris worm 9:ovember ,;<<= b. itibank and >ladimir Levin 9/une!?ctober ,;;@=
c. Aevin )itnick 97ebruary ,;;B= d. ?mega "ngineering and $imothy Lloyd 9/uly ,;;C= e. 6orcester Airport and 0/ester2 9)arch ,;;D= f. %olar %unrise 97ebruary ,;;<= g. $he )elissa virus 9)arch ,;;;= h. $he Love Letter virus 9)ay 8EEE=
anual
i. $he
ode Fed worm 98EE,=
.. Adil -ahya Gakaria %hakour 9August 8EE,!)ay 8EE8= k. $he %lammer worm 98EEH= l. *.%. "lectric (ower 3rid 9,;;D!8EE;= m. onficker 98EE<!8EE;= n. 7iber able ut 98EE;=
H. $hreats to security a. &nternal vs. external b. "lite hackers vs. script kiddies c. *nstructured threats to highly structured threats @. >iruses and worms a. &t is important to draw a distinction between the writers of malware and those who release them. b. >iruses have no useful purpose. c. >iruses and worms are the most common problem that an organization faces. d. Antivirus software and system patching can eliminate the largest portion of this threat. e. >iruses and worms generally are nonIdiscriminating threats. f. $hey are easily detected and generally not the tool of choice for highly structured attacks. B. )alware
anual
a. >iruses and worms are .ust two types of malware threats. b. $he term malware comes from 0malicious software.2 c. )alware is software that has a nefarious purpose, designed to cause problems to an individual 9for example, identity theft= or your system. C. &ntruders a. #acking b. #ackers c. *nstructured threat D. $ypes of intruders a. %cript kiddies b. %cript writers c. "lite hackers <. &nsiders a. &nsiders more dangerous than outsiders b. $he disgruntled employee c. $he accidental 0attack2 ;. riminal organizations a. rimes in real world and crimes in cyberspace are the same. b. %tructured threats ,E. $errorists and information warfare
anual
a. &nformation warfare b. #ighly structured threat ,,. ,8. ritical infrastructures %ecurity trends a. $he move from large mainframes to smaller personal computers b. As the sophistication level of attacks has increased, the level of knowledge necessary to exploit vulnerabilities has decreased. ,H. Avenues of attack a. $wo reasons a system is attacked i. &t is specifically targeted. ii. &t is a target of opportunity. b. "'uipment may be targeted because of the organization it belongs to or for political reasons. c. $hese attacks are decided before the software or e'uipment of the target is known d. #acktivist is an hacker who uses their skills for political purposes. ,@. $he steps in an attack a. (rofile b. Determine systems available c. 7ingerprint
anual
d. Discover exploits available e. "xecute exploits ,B. )inimizing possible avenues of attack a. #ardening b. (atching c. Limit information ,C. $ypes of attacks a. Loss of confidentiality b. Loss of integrity c. Loss of availability
anual
Summary Tables
Incidents, elevance, esults
Incident )orris
!ate :ov
elevance 7irst largeIscale attack on
esult CEEE infected, J,EE million years probation. J,E million stolen,;.C million recovered H years .ail. @C months K 88 months for parole violation. <E people laid off. Lloyd gets @, months in prison and a J8 million dollar fine.
Principles of ,;<< Computer Security: CompTIA Security+ and Beyond, Third Edition, Instructors )orris anual gets H 6orm &nternet. in damage,
itibank and >ladimir Levin Aevin )itnick ?mega "ngineerin g and $imothy Lloyd 6orcester 0/ester2 %olar %unrise
/un!?ct ,;;@
4roke into bank by dialing in to cash management system, kept transactions low and during working hours. *sed social engineering and other tools for fraud. Lloyd gets fired and sets a software time bomb deleting design and production programs.
7eb ,;;B /uly ,;;C
)ar
7AA tower and ")% cut off for six hours. #ack conducted by teen. Attacks appearing to be information warfare during tensions with &ra' are actually conducted by two teens being guided by their mentor in &srael. Attacks not related to &ra'. 4estIknown early macro type virus. $ook first BE from address book to propagate. "mail written to trick person into opening attached document. %imilar to )elissa, but used >4%cript programs. Feplaced certain files with copies of itself, then sent itself to all listed in address book. Feceiver, knowing the sender, opened the email with the
aught, ordered to pay restitution and 8BE hours of community service. , year probation.
Airport and ,;;D 7eb ,;;<
)elissa >irus
)ar ,;;;
A million computers infected, J<E million in damages. 7ined JB,EEE, 8E months in .ail. )any variations of the virus resulted. @B million machines infected, J,E billion in damages.
Love Letter >irus
)ay 8EEE
Copyright 2012 by The McGraw-Hill ! sub.ect Companie 0& love you.2
ode Fed
8EE,
&nfection took only ,@ hours to
HBE,EEE computers
anual
Intruders and the Structure o" Threats $ho %cript Aiddie %cript 6riter "lite #acker "mployeeLuser riminal $here "xternalL&ntern al "xternal "xternal &nternal "xternalL&ntern %o& *nstructured *nstructured *nstructured *nstructured %tructuredL#igh ly %tructured #ighly %tructured Intention &ntentional &ntentional &ntentional *nintentional &ntentional &ntentional
?rganization al $erroristL&nfo6a "xternalL&ntern r al
!iscussion #uestions
hapter , starts to get the students familiarized with a history of security incidents, and how they have changed over time. &t also gives the student a sense of the types of threats and where they come from. Discussion 'uestions can help the students make sense of the material. %ince this is also likely the first class, introductory 'uestions may be in order. #ere are some examples: &ntroduce yourselves. Let me know what your ma.or is and your background in information systems and information assurance 9add anything else relevant that will help you assess your students as a class=. #ave any of you worked for a company or been part of an organization that was the victim of a computer security incident5 Do you know anyone that was a victim of identity theft5 6hat computer security incidents have been in the news recently5 6hat or who do you think is the greatest threat to the security of information today5
anual
Class 'ctivities
#ave students work in groups to review the security incidents discussed in the chapter and identify the relevance of each incident, the results of the incident, the type of threat involved, and how structured the attack was. Depending on the time allotted or the activity, you may want to assign only a portion of the incidents to each group and then have them report their findings to the class at the end. An activity sheet is in the Appendix. 6atch the program Cyber War. %ummarize the main points of the video. Discuss if you agree or disagree with the main points. $he link is provided in the video resources section.
Lab (rojects
Lab (roject 1)1 A number of different examples of computer crimes were discussed in this chapter. %imilar activities seem to happen daily. Do a search on the &nternet to see what other examples you can find. $ry and obtain the most recent examples possible. Lab (roject 1)1 'ns&er $his is a simple activity that should be interesting to students. %earches on the 6eb should turn up numerous examples. ?ne particularly good web site for information of this kind is maintained by the *.%. Department of /ustice at www.cybercrime.gov. Lab (roject 1)* Feferences to script kiddies were made fre'uently in this chapter. $he implication was that it is easy today to perform certain types of activities because it is easy to find tools that allow you to perform them. If allowed at your school or by your &%(, perform a search of the &nternet to see how easy it is to locate programs that will perform
anual
activities such as ping sweeps and port scans. 6hat other types of securityIrelated tools can you find5 Lab (roject 1)* 'ns&er $ools for scanning and sweeping are easy to find. Linux distributions come with one of the more famous software programs to accomplish this: nmap. Another program that performs similar functions is %uperscan. $ools for other security purposes can also be easily obtained, such as passwordIcracking tools, 3& or application scanners, and sniffers. All a person has to do to find them is simply use their favorite search engine and conduct a search for 0security tools.2
$eb
esources
Lin+ http:LLwww.caida.orgLresearchLsecurityLcodeI redLcoderedv8Manalysis.xml http:LLen.wikipedia.orgLwikiL:otableMcomputerMvirusesMandMwor ms http:LLsnowplow.orgLtomLwormLworm.html
Topic $he %pread of the odeIFed 6orm $imeline of omputer >iruses and 6orms $he 6hat, 6hy, and #ow of the ,;<< &nternet 6orm 9)orris 6orm= $he &nside %tory of the onficker 6orm 0:o NsorryN from Love 4ug author2
http:LLwww.newscientist.comLarticleLmg8E88D,8,.BEEItheI insideIstoryIofItheIconfickerIworm.html http:LLwww.theregister.co.ukL8EEBLEBL,,LloveMbugMauthorL
,ideo
esources
Lin+ http:LLwww.pbs.orgLwgbhLpagesLfrontlineLshowsLcyberwarL
Topic (4% 0 yber 6ar2
anual
60 Minutes 0 yber 6ar2
http:LLwww.cbsnews.comLstoriesL8EE;L,,LECLCEminutesLmainBBB BBCB.shtml
!iving !eeper
%A:% 9sans.org= provides a list of top cyberIsecurity risks. $hey also explain current trends in security. $ake a look at the current list and prepare a briefing suitable for a boss or employer. $he web link is provided in the 6eb Fesources section.

Chapter 1 - Introduction and Security Trends: Learning Objective

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Chapter 1 - Introduction and Security Trends: Learning Objective

Diunggah oleh

Hak Cipta:

Format Tersedia

Principles of Computer Security: CompTIA Security+ and Beyond, Third Edition, Instructors

Chapter 1 Introduction and Security Trends

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

ode Fed worm 98EE,=

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

elevance 7irst largeIscale attack on

7eb ,;;B /uly ,;;C

Airport and ,;;D 7eb ,;;<

Love Letter >irus

Copyright 2012 by The McGraw-Hill ! sub.ect Companie 0& love you.2

&nfection took only ,@ hours to

?rganization al $erroristL&nfo6a "xternalL&ntern r al

Copyright 2012 by The McGraw-Hill Companie !

Copyright 2012 by The McGraw-Hill Companie !

http:LLwww.newscientist.comLarticleLmg8E88D,8,.BEEItheI insideIstoryIofItheIconfickerIworm.html http:LLwww.theregister.co.ukL8EEBLEBL,,LloveMbugMauthorL

Topic (4% 0 yber 6ar2

Copyright 2012 by The McGraw-Hill Companie !

60 Minutes 0 yber 6ar2

Copyright 2012 by The McGraw-Hill Companie !

Anda mungkin juga menyukai