CPT 246 COMPUTER SECURITY
TOPICS AND ADDITIONAL INFORMATION
Revised
April 2007
Information
Security Fundamentals
Challenges
for information security
-speed
and sophistication of attacks
-day
zero attacks
-distributed
attacks
-patches
Computer
Emergency Response Team
Protection
of integrity, confidentiality, availability of information
-Data
theft
-Legal
consequences: HIPAA, Sarbanes-Oxley Act
of 2002, GLBA, USA Patriot Act, California Database Security Breach
Act, COPPA
-Cost
of security attacks
-Foiling
Cyberterrorism
-Thwarting
identity theft
Assets,
threat, threat agent, vulnerability, exploitation
Information
security careers
Attackers
and their attacks
Attacker
profiles:
-Hackers
-Crackers
-Script
kiddie
-Spy
-Employee
-Cyberterrorist
Methods
of attack
-social
engineering
-dumpster
diving
-phishing
-password
guessing
-brute
force
-dictionary
attack
-hashing
-software
exploitation
-buffer
overflow
-weak
keys
-cryptography
-encryption
-decryption
-algorithm
-key
-mathematical
attacks
-cryptanalysis
-birthday
attacks
-man
in the middle attacks
-replay
attack
-TCP/IP
hijacking
-Address
Resolution Protocol spoofing
-media
access control address
-denial
of service attack
-SYN
attack
-ping
-Smurf
attack
-distributed
denial-of-service attack
-handler
-zombie
Understanding
malicious code (malware)
virus
antivirus
software
definition/signature
files
worms
logic
bombs
Trojan
horses
back
door
Security
Basics
Responsibility
for information security
-bottom-up
approach
-top-down
approach
-chief
information security officer
-human
firewall
Security
principles
antivirus
software
layering
firewall
limiting
access
subject
vs. object
level
of access
diversity
obscurity
simplicity
Effective
authentication methods
what
you know
what
you have
what
you are
user
name
password
ID
management
tokens,
proximity
card
Biometrics
fingerprint
face
hand
iris
retina
voice
Certificates
digital
certificate
certification
authority
Kerbero
ticket
authentication
server
Challenge
Handshake Authentication Protocol (CHAP)
mutual
authentication
multifactor
authentication, PIN
Controlling
access to computer systems
access
control, access control list (ACL)
access
control entries (ACEs)
inherited
rights
folder
and file permissions
mandatory
access control
role
based access control (RBAC)
discretionary
access control (DAC)
Auditing
information security systems
logging
records
system
scanning
Security
baselines
Disabling
nonessential systems
hot
key
terminate-and-stay-resident
(TSR) programs
service
name
display
name
Service
modes
automatic
manual
disable
port
numbers
Windows
XP services and recommended settings
Hardening
operating systems
hardening,
network operating system,
-applying
updates,
-service
pack,
-hotfix,
-patch
management,
securing
the file system,
Microsoft
Management Console (MMC),
snap-ins,
Group
Policy object,
Group
Policy settings,
domain-based
setting,
registry,
keys
Hardening
applications
hardening
servers
-Web
server
-mail
server
-open
mail relay
-File
Transfer Protocol (FTP) server
-Domain
Name Service (DNS) server
-zone
transfer
-USENET
-Network
News Transfer Protocol (NNTP)
-print/file
servers
-Dynamic
Host Configuration Protocol (DHCP)
hardening
data repositories
-active
directory
-security
accounts manager
-primary
domain controller
-backup
domain controllers
Hardening
networks
firmware
updates
read-only
memory (ROM)
Erasable
Programmable Read-Only Memory (EPROM)
Electrically
Erasable Programmable Read-Only Memory (EEPROM)
network
configuration
rule
based scanning
access
control list
Securing
network infrastructure
Working
with network cable plant
cable
plant
thick
and thin coaxial cable
-BNC
connectors
twisted-pair
cable
-shielded
and unshielded twisted-pair cable
fiber-optic
cable
-single
and multimode fiber cables
attenuation
securing
the cable plant
sniffing
/ sniffer
physical
security
Securing
removable media
magnetic
media
-floppy
disks
-hard
drives
-magnetic
tape drives
optical
media
-compact
discs
-recordable
-disc-rewritable
-read-only
digital
versatile discs
-recordable
-rewritable
electronic
media
-flash
memory
-SmartMedia
card
-CompactFlash
card
-USB
memory stick
game
packs
ROM
BIOS
keeping
removable media secure
Hardening
network devices
workstations
clients
terminals
servers
hubs
switches
routers
collision
domain
Simple
Network Management Protocol (SNMP)
-software
agents
-management
information base
-SNMP
management station
defensive
controls to set for switchers and routers
hardening
communication devices
-modems
-broadband
--digital
Subscriber Line (DSL
--cable
mode,
--Remote
Access Servers (RAS)
universal
naming convention
Telecom/PBX
systems
-Private
Branch Exchange
-toll
fraud
mobile
devices
hardening
network security device
firewalls
-personal
firewall
-enterprise
firewalls
-stateless
packet filtering
-statefull
packet filtering
-content
filtering
-application
layer firewall
intrusion-detection
system (IDS)
-passive
IDS
-host-based
IDS
-network-based
IDS
-anomaly
IDS systems
network
monitoring and diagnostic devices
managed
device
Designing
network topologies
Topology
security
zone
-demilitarized
zone
-intranet
-extranet
Network
Address Translation (NAT)
-private
addresses
-port
address translation
honeypots
virtual
LANs
core
switches
workgroup
switches
Web
security
Why
software is prone to attack:
-large
number of tasks,
-extensibility,
-connectivity
Protecting
E-mail systems
how
email works
Simple
Mail Transfer Protocol (SMTP)
Post
Office Protocol
sendmail
queue
delivery
agent
Internet
Mail Access Protocol (IMAP)
email
attachment
E-mail
vulnerabilities
malware
macrovirus
spam
Controlling
the Assault of Non-Solicited Pornography and Marketing Act of 2003
(CAN-SPAM)
blacklist
Bayesian
filtering
hoaxes
E-mail
encryption
Secure/Multipurpose
Internet Mail Extensions (S/MIME)
digital
signatures
message
privacy
tamper
detection
Pretty
Good Privacy (PGP)
session
key
passphrase
Examining
World Wide Web vulnerabilities
repurposed
programming
JavaScript
virtual
machine
Java
applet
-sandbox
-unsigned
and signed Java applets
ActiveX
controls
cookie
-
first-party cookie
-third-party
cookie
Common
Gateway Interface
naming
conventions
Securing
Web Communications
Secure
Sockets Layer
Personal
Communications Technology
Transport
Layer Security
FORTEZZA
Secure
Hypertext Transport Protocol (HTTPS)
Securing
instant messaging
Protecting
Advanced Communications
Hardening
File Transfer Protocol
anonymous
FTP
secure
FTP
packet
filters
FTP
active and passive modes
Securing
remote access
tunneling
point-to-point
tunneling protocol
network
access server
link
control protocol
Layer
2 Tunneling Protocol
Authentication
Technologies
IEEE
802.1x,
port-based
authentication
supplicant
authenticator
authentication
server
Extensible
Authentication Protocol
WAP-Transport
Layer Security
Lightweight
EAP
EAP-Tunneled
TLS
protected
EAP
Flexible
Authentication via Secure Tunneling
Remote
Authentication Dial-in User Service
Terminal
Access Control Systems
Secure
transmission protocols
Secure
shell
IP
spoofing
DNS
spoofing
interception
IP
Security
OSI
model
Authentication
Header
authentication
confidentiality
key
management
transport
mode
tunnel
mode
Virtual
private networks
trunk-based
leased lines
public
switches data network
remote-access
VPN
virtual
private dial-up network
site-to-site
VPN, endpoints
VPN
concentrator
Protecting
Directory Services
white-page
service
yellow-pages
service
directory
information base
directory
information tree
Directory
Access Protocol
Lightweight
Directory Access Protocol
Securing
Digital cellular telephony
circuit
switching
analog
and digital transmissions
Wireless
Application Protocol
microbrowser
Wireless
Markup Language
WAP
Gateway
Wireless
Transport Layer Security
Hardening
Wireless Local Area Networks
wireless
network interface card
site
survey
access
point
basic
WLAN security
service
set identifier beaconing
Independent
Basic Service Set
Basic
Service Set
Extended
Service Set
Service
Set Identifier (SSID)
SSID
beaconing
MAC
address filtering
disassociation
packet
Wired
Equivalent Privacy
shared
keys
initialization
vector
Pseudo-Random
Number Generator
cyclic
redundancy check
exclusive
OR
enterprise
WLAN security
entrusted
and trusted networks
Wife
Protected Access
Temporal
Key Integrity Protocol
Scrambling
through cryptography
Cryptography
steganography
encryption
decryption
algorithm
key
weak
key
plaintext
cipher
ciphertext
confidentiality
authentication
integrity
nonrepudiation
access
control
Securing
cryptography hashing algorithms
hashing
one-way
hash
man-in-the-middle
collision
message-digest
padding
secure
hash algorithm
Protecting
with symmetric encryption algorithms
private
key cryptography
substitution
cipher
transposition
cipher
data
encryption standard (DES)
triple
data encryption standard (3DES)
advanced
encryption standard (AES)
Rivest
Cipher
International
Data Encryption Algorithm
blowfish
Hardening
with asymmetric encryption algorithms
key
management
asymmetric
encryption
public
key cryptography
private
key
RSA
Diffie-Hellman
algorithm
elliptic
curve cryptography
How
to use cryptography
digital
signatures
Pretty
Good Privacy
GNU
Privacy Guard
Encrypting
File System
UNIX
pluggable authentication modules
cryptographic
file system
Using
and Managing Keys
Cryptography
strengths and vulnerabilities
symmetric
and asymmetric cryptography strengths and weaknesses
digital
signatures
digital
certificates
public
key storage
certification
authority
certificate
revocation list
certificate
repository
registration
authority
Public
key infrastructure
Public
Key Cryptography Standards
direct
trust
third-party
trust
web
of trust model
single-point
trust model
hierarchical
trust model
Managing
digital certificates
CA
certificates
server
certificates
software
publisher certificates
certificate
policy
certificate
practice statement
certificate
life cycle: creation, revocation, expiration, suspension
Key
storage
centralized
and decentralized key management
key
storage
key
usage
key
handling procedures
key
escrow
keyrenewal
key
revocation
key
recovery
N-of-N
control
key
suspension
key
destruction
Operational
security
Hardening
physical security with access controls
physical
security
physical
barriers
rack-mounted
servers
keyboard
video
mouse
preset
lock
key-in-knob
lock
deadbolt
lock
cipher
lock
shoulder
surfing
suspended
ceiling
biometrics
false
positives and negatives
minimizing
social engineering
Securing
physical environment
limiting
wireless signal range
-omnidirectional
and directional antenna
-covering
devices
-building
modifications
shielding
a wired signal
noise
radio
frequency interference
electromagnetic
interference
near
end crosstalk
attenuation
Telecommunications
Electronics Material Protected from Emanating Spurious Transmissions
(TEMPEST)
Faraday
cage
reducing
risk of fires
water
sprinkler system
dry
chemical system
clean
agent systems
Business
Continuity
business
continuity plan,
maintaining
facilities,
uninterruptible
power supply,
fault
tolerance,
Redundant
Array of Independent Drives (RAID):
-striping,
-disk
mirroring,
-disk
duplexing,
-dual-level
RAID,
data
backups,
archive
bit,
grandfather-father-son
backup system,
Disaster
recovery
disaster
recovery plan
purpose
and scope
recovery
team
preparing
for a disaster
emergency
procedures
recovery
procedures
identifying
secure recovery
hot
site
cold
site
warm
site
protecting
backups
Policies
and Procedures
Security
Policy Definition
Security
Policy Cycle
-risk
identification
-asset
identification
--server
farm
-threat
identification
--threat
modeling
--attack
tree
-vulnerability
appraisal
---vulnerability
scanners
-risk
assessment
--Single
Loss Expectance
--Exposure
Factor
--Annualized
Loss Expectancy,
--Annualized
Rate of Occurance
Designing
Security Policy
policy
defined
standard
guideline
balancing
control and trust
designing
a security policy
Elements
of a security policy
compliance
monitoring and evaluation
risk
analysis
security
policy
due
care
separation
of duties
need
to know
Types
of Security Policies
Acceptable
encryption policy
analog
line policy
antivirus
policy
audit
vulnerability scanning policy
automatically
forwarded e-mail policy
dial-in
access policy
human
resource policy
password
management policy
privacy
policy
disposal
and destruction policy
service-level
agreement policy
Compliance
monitoring and evaluation
incidence
response policy
incidence
response team
Computer
Emergency Readiness Team (CERT)
ethics
policy
Erasing
data from floppy disk
Security
Management
Identity
Management
weak
password creation
HIPAA
Gramm-Leach-Bliley
Act
Sarbanes-Oxley
Act
e-commerce
bottlenecks
authentication
single
sign-on
password
synchronization
password
resets
access
management
Hardening
systems through privilege management
privilege
management
responsibility
assigning
privileges
user
privileges
superuser
or root
user-ID
group
privileges
role
privileges
auditing
privileges
usage
audits
privilege
audit
escalation
audits
privilege
escalation attack
environment
variable
Planning
for change management
change
management procedures
documenting
changes in systems architecture and classification of documents
new
equipment attributes
changes
in user privileges
configuration
and deactivation of network devices
client
computer configurations
changes
in security personnel
log
files
Digital
rights management
intellectual
property
digital
watermark
physical
copy protection
software
keys
activation
code
enterprise
document protection
metadata
audit
controls
Acquiring
effective training and education
how
learners learn
pedagogical
and andragogical traits
File
permissions
Return
of investment on identity management systems
Advanced
Security and beyond
Computer
Forensics
-forensic
science
-digital
evidence
-distribution
of evidence
-dynamic
content
-encrypted
evidence
-hidden
evidence
Responding
to computer forensics incident
-Federal
Information Security Management Act (FISMA)
-securing
the crime scene
-preserving
the data
-mirror
image backu
-bit-stream
backup
-establishing
chain of custody
-examining
data for evidence
-windows
page file
-RAM
and file slack
Hardening
security though new solutions
more
complex, widespread, and vicious attacks
Trusted
Platform Model
behavior
blocking
host
intrusion prevention
sandboxing
Information
security jobs and skills