Scribd Logo
Unggah

Selamat datang di Scribd!

  • Ben Culkin Info Pol Notes

    Diunggah oleh

    Benjamin Culkin
    10 tayangan2 halaman
    Information Policy Notes

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Information Policy Notes

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    10 tayangan2 halaman

    Ben Culkin Info Pol Notes

    Diunggah oleh

    Benjamin Culkin
    Information Policy Notes

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    Benjamin Culkin

    Dr. Seeman

    ACCT 423: Information Policy Manual

    Slide 1: Title

    This presentation covers an overview of what sorts of security an organization can have
    to worry about, and what sorts of things they can do about that security.

    Slides 2-4: Overview

    In this presentation, we’ll be covering quite a few topics. These slides present an
    overview of what is covered in this manual, and some of the details inherent in those topics

    Slide 5: What is Computer Security?

    Computer security is essentially securing your computer against unwanted intrusions


    and use. While it might seem simple, it is a surprisingly indepth topic, and in and of itself, a
    smaller branch of the field of information security.

    We need it because there are things we want to make sure that don’t get off of our
    computers, and as we store more and more valuable information on them, the need for security
    gets more prominent.

    Slide 6: Attackers

    There are a variety of different groups that may try and attack your computers, for
    varying reasons. Here are some of the more prominent groups

    • Cybercriminals - These guys are in it for the money, and are likely the largest group of
    attackers you will have to deal with.

    • Script Kiddies - While more numerous than many other types of attackers, script kiddies do
    not have much in the way of technical skills and rely upon purchased or free tools and
    exploits to perform attacks against whatever targets earned their ire.

    • Hacktivists - These attackers are motivated not by financial gain, but by an attempt to
    make a point for whatever activist organization or cause they represent.

    • Government - The most fearsome of the attackers, if you have something that a
    government wants, it is quite difficult to dissuade them from getting it.

    Slides 7-9: Malware

    Next, we’ll discuss malware, one of the most prevalent threats that affects computer
    users. There are a variety of malware types, but for simplicity we split them into three main
    groups:

    • Virus/Malware are classified generally as ‘Malware that Spreads’. It’s main purpose is to self
    perpetuate itself, with a virus generally also doing something else, while a worm spreads
    with little other purpose than perpetuating itself.

    • Trojan/Rootkit/Backdoor are generally classified as ‘Malware that Conceals’. It mainly


    functions to infect a device, then fulfill some other purpose. For trojans, that is perform
    some task that the user would not approve of, rootkits serve to conceal the presence of
    other malware, and backdoors suffice to provide access to other pieces of malware.

    • Adware/Spyware/Scareware are the last category and considered ‘Malware that Profits’. As
    the name implies, the purpose of this sort of malware is to make money for its creator.
    Adware does it by either adding additional ads to your machine, or interfering with other
    machines; Spyware does it by collecting your personal information and selling it; and
    Scareware does it by scaring you into directly sending them money.

    To protect against malware, you can follow a simple couple of steps. First, run a reputable anti-
    virus suite. This should pick up the majority of things that might infect you, only leaving the
    new and obscure for it. Next, you should not run executable that didn’t come from somewhere
    you trust, no matter what they claim to be. Finally, don’t plug in random USB devices that you
    find; there have been multiple attacks that used these as a vector to infect the computer.

    Slides 10-11: Passwords

    Passwords are something everyone has to deal with, and not everyone has a good idea
    as to how to make them strong. In general, following the suggestions outlined in the slide of
    using a long, complex, obscure and unrelated password will work well. In certain cases, a
    passphrase, a long string of words together can be used instead. In general, length is the most
    determinant factor, with the others depending on the type of attack you are up against. Against
    a brute-force attack, complexity is the best mitigation. Against rainbow and dictionary attacks,
    obscurity works best. Finally, while it isn’t mentioned, unrelated passwords are best against
    keeping someone who knows you from guessing your password.

    Slide 22: Questions

    Are there any questions?

    Anda mungkin juga menyukai