Data Loss/Manipulation
Kodarsyah, CCNA
Identity Theft
Disruption of Service
Kodarsyah, CCNA
External Threats
Internal Threats
hacker may have access to equipment knows what information is valuable or vulnerable
Kodarsyah, CCNA
The ability of someone or something to influence behavior of a group of people Used to deceive internal users to get confidential information Hacker takes advantage of legitimate users
Kodarsyah, CCNA
One of the more common methods of exploiting human weaknesses is called Social Engineering Pretexting
typically accomplished over the phone
Phishing
Vishing/Phone Phising
user sends a voice mail instructing them to call a number which appears to be legitimate call intercepted by thief
Kodarsyah, CCNA
Virus
runs or spreads by modifying other programs or files a virus cannot start by itself; it needs to be activated
viruses can be transmitted via email attachments, downloaded files, instant messages or via diskette, CD or USB devices Worms
a worm is similar to a virus, but unlike a virus does not need to attach itself to an existing program
they do not necessarily require activation or human intervention Trojan Horse a Trojan horse is a non-self replicating program that is written to appear like a legitimate program, when in fact it is an attack tool trojans can also create a back door into a system allowing hackers to gain access.
Kodarsyah, CCNA
Ping of Death
Kodarsyah, CCNA
Spyware Program that gathers personal information from your PC without permission Information sent to advertisers Usually installed unknowingly when downloading a file Can slow down performance of the PC
Kodarsyah, CCNA
Cookies Not always bad . . Used to record information about the user when visiting web sites. Adware
collects information based on sites visited useful for target advertising
Pop- ups
additional ads displayed when visiting a site pop-ups open in front of browser
Kodarsyah, CCNA
Unwanted bulk e-mail Information sent to as many end users as possible Can overload servers, ISPs, etc. Estimated every Internet user receives over 3000 email per year
Kodarsyah, CCNA
only authorized persons should have access to network and its resources (including access to physical devices) must meet minimum requirements change passwords regularly
Password Policies
explanation of how remote users can access the network explanation of update procedures how incidents involving security will be handled
Kodarsyah, CCNA
Use of updates and patches makes it harder for the hacker to gain access. A patch is a small piece of code that fixes a specific problem OS (operating system, such as Linux, Windows, etc.) and application vendors continuously provide updates and security patches that can correct known vulnerabilities in the software In addition, vendors often release collections of patches and updates called service packs
Kodarsyah, CCNA
Automatic updates
Kodarsyah, CCNA
Anti-spam software
deletes the file
identifies the spam and performs an action places it into the junk mail folder
Kodarsyah, CCNA
Kodarsyah, CCNA
determine what part(s) of your network may be vulnerable to attacks helps identify where attack can occur
Kodarsyah, CCNA