Operating System the computers control program;
allows users and their applications to share and access
common computer resources, such as processors, main
memory, databases and printer.
3 Main tasks of OS
1.First, to translate high-level languages such as COBOL,
C++, BASIC, and SQL into the machine level language
that the computer can execute.
2.Second, the OS allocates computer resources to users,
workgroups and applications.
3.Third, the OS manages the tasks of job scheduling and
multiprogramming.
3 ways of submitting jobs to the system
1.directly by the system operator
2.from various batch-job queues
3.through telecommunications links from remote
workstations
5 fundamental control objectives of OS
1.The OS must protect itself from users.
2. The OS must protect users from each other.
3.The OS must protect users itself from themselves.
4. The OS must be protected from itself.
5. The OS must be protected from its environment.
OS security involves policies, procedures and controls
that determine who can access the OS, which resources
(files,programs,printers) they can use, and what actions
they can take.
4 security components found to secure OS
1.Log-on procedure OS first line of defense against
unauthorized access; requesting user ID & password
2.Access token contains the key info. about the user,
including user ID, pw, user group and privileges granted
to the user.
3.Access control list assigned to each IT resources
(computer directory,data file,program, or printer)
which controls to the resources.
4.Discretionary access privileges allow them to grant
accesss privieges to the users.
3 exposures from three resources
1.Privileged personnel who abuse their authority.
2.Internal and external individuals of the org. who
browse the OS to identify and exploit security flaws.
3.Individuals who intentionally insert computer viruses
into the OS.
Password is a secret code the user enters to gain
access to systems, applications, data files, or a network
server.
4 most common forms of contra-security behavior:
1.Forgetting passwords and being locked out of the
system.
2.Failing to change passwords on a frequent basis.
3.The Post-it syndrome.
4.Simplistic passwords that a computer criminal easily
anticipates.
Reusable passwords most common method of
password control; it defines the password to the system
once and reuses it to gain future access.
One-time passwords designed to overcome the
aforementioned problem; users password changes
continuously.
System audit trails are logs that record activity at the
system, application and user level.
2 types of audit logs
1.Keystroke monitoring involves recording both the
users keystroke and the systems responses.
2.Event monitoring summarizes key activities related
to system resources.
3 security audit trail objectives
1.Detecting unauthorized access
2.Recontructuring events
3.Personal Accountability
Intranets consist of small LANs and large WANs that
may contain thousands of individual nodes.
3 internet risks
1.IP spoofing a form of masquerading to gain
unauthorized access to a Web server and to perpetrate
an unlawful act without revealing ones identity.
2.Denial of service attacks(Dos) is an assault on a
Web server to prevent it from servicing its legitimate
users.
3 common types of Dos attacks
1.SYN flood is accomplished not by sending
the final acknowledgement to the SYN-ACK
response, which causes the server to keep
signalling for acknowledgement until the server
times out.
2.Smurf attack involves three parties: the
perpetrator, intermediary and the victim. Ping
maintenance tool wherein smurf attack can be
accomplished.
3.Distributed denial of service(DDos) attack
may take form of a SYN flood or smurf attack;
sheer scope of the event. Internet relay chat
(IRC) networks as a source of zombies. Botnets
collections of compromised computers.
3 configurations of network topologies
1.Communication lines
2.Hardware components
3.Software
Network level firewalls provide efficient but low-
security access control. Screening router examines the
source and destination addresses that are attached to
incoming message packets.
Application-level firewalls provide higher level of
customizable network security but they have overhead
to connectivity.
Intrusion prevention system(IPS) that employ deep
packet inspection(DPS) to determine when an attack is
in progress.
Encryption the conversion of data into a secret code
for storage in databases and transmission over
networks.
Cleartext original messafe
Ciphertext coded equivalent
Decrypted ciphertext decoded back into cleartext
Caesar cipher earliest encryption method
2 fundamental components
1.Key
2.Algorithm
Key mathematical value that the sender selects
Algorithm the procdure of shifting each letter in the
cleartext message the number of positions that the key
value indicates.
Public key encryption Advance encryption standard
(AES) is a 128-bit encryption technique that has
become a US government standard to provide key
encryption.
Triple DES encryption is an enhancement to an older
encryption technique called data encryption standard
(DES)
EEE3 uses three different keys to encrypt the message
three times.
EDE3 uses one key to encrypt the message.
Public key encryption uses two different keys: one for
encoding and the other for decoding; each recipient has
a private key that is kept secret and a public key that is
published.
Rivest-Shamir-Adleman (RSI) a highly secure public key
cryptography method.
Digital envelope the term when both DES and RSA are
used together
Digital signature electronic authentication that cannot
be forged.
Digest sender using one-way hashing algorithm to
calculate it.
Digital certificate required to verify the senders
identity
Certification authority (CA) issued by trusted 3rd party
Public key infrastructure (PKI) constitutes the policies
and procedures for administering the activity.
Message sequence numbering a sequence number is
inserted in each message and any attempt will become
apparent at the receiving end.
Message transaction log - device that records all
incoming and outgoing messages as well as attempted
access.
Request-response technique a control message from
the sender and a response from the receiver are sent at
periodic, synchronized intervals.
Call-back device requires the dial-in user to enter a
password and be identified.
6 criteria for assessing the effectiveness of firewall
1.Flexibility
2.Proxy services
3.Filtering
4. Segregation of systems
5.Audit tools
6.Probe for weaknesses
Line error most common problem in data
communications is data loss due
2 techniques used to detect and correct line errors
1.Echo check involves the receiver of the message
returning the message to the sender.
2.Parity check incorporated extra bit into the
structure of a bit string when it is created or
transmitted.
Electronic data interchange (EDI) agreement is the
foundation for fully automated business process.
6 common EDI cost savings approach
1.Data keying reduces or eliminates the need for data
entry.
2.Error reduction reductions in data keying, human
interpretation and classification of errors and filing
errors.
3.Reduction of paper use of electronic envelopes and
documents.
4.Postage mailed docs replaced with cheaper
transmission
5.Automated procedures automates manual activities
associated with purchasing, sales etc
6.Inverntory reduction - ordering directly to vendors to
reduce lag time.
3 tests of controls
1.Test of authorization and validation controls
2.Test of access controls
3.Test of audit trail controls
PC system risks and controls
1.OS weaknesses
2.Weak access control
3.Inadequate segregation of duties
4.Multilevel password control used to restrict
employees who are sharing the same computers to
specific directories, programs and data files.
5.Risk of theft
6.Weak backup procedures
7.Risk of virus infection
Virus infection one of the most common threats to PC
and system availability.
3 principal threats to the OS
1.unauthorized access
2.intentional or unintentional insertion of virues
3.loss of data due to system malfunctions
Packet switching messages are divided into small
packets for transmission; packets of the same message
may take diff.routes to their destinations.
Virtual private networks (VPN) private network
within a pubic network.
Extranet a variant of the Internet technology; that is
password-controlled network for private users rather
than the general public.
World wide web (WWW) an internet facility that links
user sites locally and around the world.
3 types of addresses for communications
1.E-mail addresses
2.Web site URL addresses
3.Internet protocol (IP) addresses
E-mail address format for an e-mail address is
USERNAME@DOMAINNAME.
URL address that defines the path to a facility or file
on the Web.
Internet protocol (IP) address the unique address of
computer node and host attached to the Internet;
represented by 32-bit data packet; separated by
periods,
Protocols the rules and standards governing the
design of hardware and software that permit users of
networks, which diff. vendors have manuftd. to
communicate and share data.
*5 ways that protocols serve network functions
(pg109-110)
Transfer control protocol/Internet protocol (TCP/IP)
the basic protocol that permits communications
between Internet sites.
File transfer protocol (FTP) is used to transfer text
files, programs, spreadsheets and databases across the
Internet.
TELNET a terminal emulation protocol used on TCP/IP-
based networks; allows users to run programs and
review data from computer.
Simple network mail protocols (SNMP) the most
popular protocol for transmitting e-mail messages.
2 other e-mail protocols
1.Post office protocol (POP)
2.Internet message access protocol (IMAP)
Security sockets layer (SSL) - is a low-level encryption
scheme used to secure transmissions in higher-level
HTTP format.
Private communications technology (PCT) is a
security protocol that provides secure transactions over
the Web.
Secure electronic transmission (SEC) is an encryption
scheme developed by a consortium of technology firms
and banks to secure credit card transations.
Network news transfer protocol (NNTP) is used to
connect to Usenet groups on the Internet.
Hypertext transfer protocol (HTTP) controls Web
browsers that access the Web; a connection is
established in web page upon clicking it.
Hypertext transfer protocol network generation
(HTTP-NG) is an enhanced version of HTTP protocol
that maintains the simplicity of HTTP while adding
important features such as security and authentication.
Hypertext markup language (HTML) the document
format used to produce Web pages.
Network topologies physical arrangement of the
components of the network.
Local area network (LAN) confined to a single room in
a bldg. or may link several bldgs. within a close
geographic area.
Nodes computers connected to LAN.
Wide area network (WAN) when the networks exceed
the geographic limitation of LAN; involves distance and
high cost of telecommunication infrastructure,
commercial networks that the org. leases.
Network interface cards (NIC) physical connection of
workstations to the LAN is achieved through this; which
fits into one of the expansion slots in the
microcomputer.
Servers LAN nodes that share common resources as Logic bomb a destructive program; virus, that some
programs, data and printers are managed through predetermined event triggers.
special-purpose computers. Back door (Trap door) software program that allows
Star topology a network of computers with a large unauthorized access to a system w/o going through the
central computer (the host) at the hub that has direct normal (front door) log-on procedure.
connections to a periphery of smaller computers. Trojan horse a program whose purpose is to capture
Hierarchichal topology one in which host computer is IDs and PW from unsuspecting users.
connected to several, smaller computers in a master-
slave relationship.
Ring topology the peer to peer arrangement in which
all nodes are of equal status, thus, responsibility for
managing communcations is distributed among the
nodes.
Bus topology most popular LAN topology it is named
bec. the nodes are all connected to a common table-the
bus.
Client-server topology often misused to describe any
type of network arrangement; has specific
characteristics that distinguish it from other topologies.
4 purpose of network control
1.Establish a communications session between the
sender and the receiver.
2.Manage the flow of data across the network.
3.Detect and resolve data collisions between competing
nodes.
4.Detect errors in data that line failure or signal
degeneration cause.
Data collision destroys both messages with two or
more signals transmitted simultaneously.
Polling - the most popular technique for establishing a
communication session in WANs.
Token passing involves transmitting a special signal-
token- around the network from node to node in a
specific sequence.
Carrier Sensing random access technique that detect
collisions when they occur.
Virus a program (usually destructive) that attaches
itself to a legitimate program to penetrate the
operating system and destroy application programs,
data files and the OS itself.
4 types of files that virus attach themselves
1.An .EXE or .COM program file
2.An .OVL (overlay) program file
3.The boot sector of a disk
4.A device driver program
Worm used interchangeably with virus; software
program that virtually burrows into the computers
memory and replicates itself into areas of idle memory.