Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Lecture 2.pptx

Download as PPTX, PDF
M
MuhammadRehan856177

The document discusses components of IT infrastructure, including network components, security terms, and threats and prevention methods. It defines network interface cards, hubs, switches, routers, and their functions. It also explains common security terms like authentication, malware, firewalls, and encryption. Regarding threats, it outlines phishing, ransomware, database exposure, and others. Prevention methods include two-factor authentication, software updates, limited access, and secure connections.

1 of 12
Lecture 2 Components of IT Infrastructure Author: Muhammad Rehan
Objective • Revision of basic security terms, threat, threat agent, vulnerability, Risk etc • Virtual Operating System and Environment, installation • Computer network, Network components, • Protocols, IP Address. Transport Layer, Network Layer • Organizational Infrastructure and loopholes Understanding of common cyber security threats and risks
Security Terms Authentication: The process of identifying a user’s identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, retina scan, or fingerprint scan, sometimes even a combination of the above. Botnet: A combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. Data Breach: The result of a hacker successfully breaking into a system, gaining control of its network and exposing its data. DDoS: The acronym stands for Distributed Denial of Service and is a favorite Black Hat tool. Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down. Domain: A series of computers and associated peripherals (routers, printers, scanners), that are all connected as one entity. Encryption: Coding used to protect your information from hackers. Think of it like the code cipher used to send a top-secret coded spy message. Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data.
Security Terms … Firewall: Any technology, be it software or hardware, used to keep intruders out. Hacker, Black Hat: Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda Hacker, White Hat: A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up. Malware: A portmanteau of “malicious” and “software”, describing a wide variety of bad software used to infect and/or damage a system. Ransomware, worms, viruses, and trojans are all considered malware. It most often delivered via spam emails. Man in the Middle Attack: An attack on the “middleman”, in this case, defined as the Wi-Fi system that connects users to the Internet. Hackers who commit Man in the Middle Attacks can break the Wi-Fi’s encryption and use this as a means of stealing your personal data because they’re now in the system. Phishing: A scam where a hacker poses as a legitimate business or organization (especially credit card companies, banks, charities, Internet providers, other utilities) in order to fool the victim into giving them sensitive personal information or inducing them to click a link or attachment that ends up delivering malware.
Security Terms … Ransomware: A form of malware that hijacks your system and encrypts your files, denying you access to them until you send money to unlock everything. Spoofing: When a hacker changes the IP address of an email so that it seems to come from a trusted source. Spyware: A form of malware used by hackers to spy on you and your computer activities. Trojan Horse: Yet another form of malware, this one a misleading computer program that looks innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer. Virus: Malware which changes, corrupts, or destroys information, and is then passed on to other systems. VPN: An acronym standing for Virtual Private Network, a VPN is a method of connecting a series of computers and devices in a private encrypted network, with each user’s IP address being replaced by the VPN’s IP address. Users get Internet anonymity, making it difficult for hackers to attack. Worm: Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Particularly nasty, worms can either be simply a means of slowing down a system by eating up resources, or by committing exploits such as installing back doors or stealing data.
Security threats for business • Phishing • SMS-Based Phishing • PDF Scams • Malware & Ransomware • Database exposure • Credential Stuffing • Accidental Sharing • Man-In-The-Middle
How to prevent threats Phishing: • First, watch for unusual emails and instant messages. They may start with unusual wording such as “Dear Customer” instead of using your name, have bad grammar, or have a generic signature. • Second, be cautious in clicking links or giving sensitive information, even if it appears legitimate. If in doubt, directly contact the source to make sure they sent the message. • And third, install anti-phishing toolbars on internet browsers. These toolbars alert you to sites containing phishing information. SMS-Based Phishing: • First, never open a link in a text message. Most banks and businesses do not ask for information via SMS message - they call or mail you. • Second, watch for misspellings or generic language. Like email phishing, smishing often contains generic language like “Dear Customer, “Sir,” or “Madam.” • And third, if you think the message is legitimate, call the business directly or go to your online account to give the information. This ensures no valuable data falls into the wrong hands.
How to prevent threats … PDF Scams: • First, train your employees to watch for generic or unusual email addresses. For example, if someone gets bank statements through email, ensure the sender’s email address is from the bank and not a generic address. • Second, watch for unusual and generic headings. Instead of using your name, PDF scams often use generic terms like “Sir” or “Madam.” • And third, make sure you have updated and secure virus protection on your computers and network. If someone happens to open up a PDF scam, having security in place goes a long way in protecting your business and alerting your IT department. Malware & Ransomware: • First, make sure you keep all your computer software and hardware updated. Outdated software, drivers, and other plugins are common security vulnerabilities. If you have an IT service provider, check with them to make sure this is happening on your servers. • Second, enable click-to-play plugins to keep Flash or Java from running unless you click a link. This reduces the risk of running malware programs with Flash or Java. • And third, removing old software, sometimes referred to as Legacy Apps, reduces risk. For example, if your computer has Windows 10, but you run programs designed for Windows 7, these are considered Legacy Apps and may be a security risk. Your software company should be able to give you an updated program designed for Windows 10.
How to prevent threats … Database exposure: • First, if you have a private server, keep the physical hardware in a secure and locked room. This helps prevent theft if your building is robbed, and it keeps unauthorized personnel from accessing it with a portable hard drive. • Second, make sure you have a database firewall and web application firewall. A locked door protects your physical server and hardware, and firewalls protect your server on the internet. • Third, keep access to the server limited. Each person with a login to the server is a potential leak, so the fewer logins, the better. • And fourth, encrypt the data on the server and keep a regular backup. Credential Stuffing: • First, implement 2-Factor Authentication for account logins. This requires an email or phone verification along with the standard username and password. • Second, use different passwords for every account and program your employee’s access. If one account is hacked, the hacker will not have access to more accounts with the same password. • And third, never share passwords with other people. If you have a shared account for some reason, always give the password verbally, never through electronic communication.
How to prevent threats … Accidental Sharing: • First, limit the number of employees who have access to data. The more people who have access to information, the higher the chance for human error in sharing the data. • And second, implement user activity monitoring software. This allows you to track and discover if your data is in danger. It also provides solutions to prevent accidental sharing. Man-In-The-Middle: • First, avoid WiFi connections that are not secure. If you have employees working remotely, don’t allow them to access sensitive company data over public WiFi networks. • Second, make sure your employees do not interact with websites that are not secure. If a URL is not a secure website, it will only show “HTTP” instead of “HTTPS” in front of the URL. The browser should also show an alert that the URL is not secure. If this happens, leave the site immediately. • And third, make sure that your internet connections and internet devices are always updated with the latest security updates. Having outdated software or unsecured internet portals creates potential access points for MITM hackers.
Computer Network Components Computer network components are the major parts which are needed to install the software. Some important network components are NIC, switch, cable, hub, router, and modem. NIC: • NIC stands for network interface card. • NIC is a hardware component used to connect a computer with another computer onto a network • It can support a transfer rate of 10,100 to 1000 Mb/s. • The MAC address or physical address is encoded on the network card chip which is assigned by the IEEE to identify a network card uniquely. The MAC address is stored in the PROM (Programmable read-only memory). Two types of NIC: • Wired NIC • Wireless NIC
Computer Network Components … Hub: A Hub is a hardware device that divides the network connection among multiple devices. When computer requests for some information from a network, it first sends the request to the Hub through cable. Switch: A switch is a hardware device that connects multiple devices on a computer network. A Switch contains more advanced features than Hub. The Switch contains the updated table that decides where the data is transmitted or not. Switch delivers the message to the correct destination based on the physical address present in the incoming message. Router: A router is a hardware device which is used to connect a LAN with an internet connection. It is used to receive, analyze and forward the incoming packets to another network. • A router works in a Layer 3 (Network layer) of the OSI Reference model. • A router forwards the packet based on the information available in the routing table. • It determines the best path from the available paths for the transmission of the packet.

More Related Content

Lecture 2.pptx

  • 1. Lecture 2 Components of IT Infrastructure Author: Muhammad Rehan
  • 2. Objective • Revision of basic security terms, threat, threat agent, vulnerability, Risk etc • Virtual Operating System and Environment, installation • Computer network, Network components, • Protocols, IP Address. Transport Layer, Network Layer • Organizational Infrastructure and loopholes Understanding of common cyber security threats and risks
  • 3. Security Terms Authentication: The process of identifying a user’s identity, making sure that they can have access to the system and/or files. This can be accomplished either by a password, retina scan, or fingerprint scan, sometimes even a combination of the above. Botnet: A combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continuously in order to create security breaches. Data Breach: The result of a hacker successfully breaking into a system, gaining control of its network and exposing its data. DDoS: The acronym stands for Distributed Denial of Service and is a favorite Black Hat tool. Using multiple hosts and users, hackers bombard a website with a tidal wave of requests to such an extent that it locks up the system and forces it to temporarily shut down. Domain: A series of computers and associated peripherals (routers, printers, scanners), that are all connected as one entity. Encryption: Coding used to protect your information from hackers. Think of it like the code cipher used to send a top-secret coded spy message. Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data.
  • 4. Security Terms … Firewall: Any technology, be it software or hardware, used to keep intruders out. Hacker, Black Hat: Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda Hacker, White Hat: A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up. Malware: A portmanteau of “malicious” and “software”, describing a wide variety of bad software used to infect and/or damage a system. Ransomware, worms, viruses, and trojans are all considered malware. It most often delivered via spam emails. Man in the Middle Attack: An attack on the “middleman”, in this case, defined as the Wi-Fi system that connects users to the Internet. Hackers who commit Man in the Middle Attacks can break the Wi-Fi’s encryption and use this as a means of stealing your personal data because they’re now in the system. Phishing: A scam where a hacker poses as a legitimate business or organization (especially credit card companies, banks, charities, Internet providers, other utilities) in order to fool the victim into giving them sensitive personal information or inducing them to click a link or attachment that ends up delivering malware.
  • 5. Security Terms … Ransomware: A form of malware that hijacks your system and encrypts your files, denying you access to them until you send money to unlock everything. Spoofing: When a hacker changes the IP address of an email so that it seems to come from a trusted source. Spyware: A form of malware used by hackers to spy on you and your computer activities. Trojan Horse: Yet another form of malware, this one a misleading computer program that looks innocent, but in fact allows the hacker into your system via a back door, allowing them to control your computer. Virus: Malware which changes, corrupts, or destroys information, and is then passed on to other systems. VPN: An acronym standing for Virtual Private Network, a VPN is a method of connecting a series of computers and devices in a private encrypted network, with each user’s IP address being replaced by the VPN’s IP address. Users get Internet anonymity, making it difficult for hackers to attack. Worm: Malware that can reproduce itself for the purposes of spreading itself to other computers in the network. Particularly nasty, worms can either be simply a means of slowing down a system by eating up resources, or by committing exploits such as installing back doors or stealing data.
  • 6. Security threats for business • Phishing • SMS-Based Phishing • PDF Scams • Malware & Ransomware • Database exposure • Credential Stuffing • Accidental Sharing • Man-In-The-Middle
  • 7. How to prevent threats Phishing: • First, watch for unusual emails and instant messages. They may start with unusual wording such as “Dear Customer” instead of using your name, have bad grammar, or have a generic signature. • Second, be cautious in clicking links or giving sensitive information, even if it appears legitimate. If in doubt, directly contact the source to make sure they sent the message. • And third, install anti-phishing toolbars on internet browsers. These toolbars alert you to sites containing phishing information. SMS-Based Phishing: • First, never open a link in a text message. Most banks and businesses do not ask for information via SMS message - they call or mail you. • Second, watch for misspellings or generic language. Like email phishing, smishing often contains generic language like “Dear Customer, “Sir,” or “Madam.” • And third, if you think the message is legitimate, call the business directly or go to your online account to give the information. This ensures no valuable data falls into the wrong hands.
  • 8. How to prevent threats … PDF Scams: • First, train your employees to watch for generic or unusual email addresses. For example, if someone gets bank statements through email, ensure the sender’s email address is from the bank and not a generic address. • Second, watch for unusual and generic headings. Instead of using your name, PDF scams often use generic terms like “Sir” or “Madam.” • And third, make sure you have updated and secure virus protection on your computers and network. If someone happens to open up a PDF scam, having security in place goes a long way in protecting your business and alerting your IT department. Malware & Ransomware: • First, make sure you keep all your computer software and hardware updated. Outdated software, drivers, and other plugins are common security vulnerabilities. If you have an IT service provider, check with them to make sure this is happening on your servers. • Second, enable click-to-play plugins to keep Flash or Java from running unless you click a link. This reduces the risk of running malware programs with Flash or Java. • And third, removing old software, sometimes referred to as Legacy Apps, reduces risk. For example, if your computer has Windows 10, but you run programs designed for Windows 7, these are considered Legacy Apps and may be a security risk. Your software company should be able to give you an updated program designed for Windows 10.
  • 9. How to prevent threats … Database exposure: • First, if you have a private server, keep the physical hardware in a secure and locked room. This helps prevent theft if your building is robbed, and it keeps unauthorized personnel from accessing it with a portable hard drive. • Second, make sure you have a database firewall and web application firewall. A locked door protects your physical server and hardware, and firewalls protect your server on the internet. • Third, keep access to the server limited. Each person with a login to the server is a potential leak, so the fewer logins, the better. • And fourth, encrypt the data on the server and keep a regular backup. Credential Stuffing: • First, implement 2-Factor Authentication for account logins. This requires an email or phone verification along with the standard username and password. • Second, use different passwords for every account and program your employee’s access. If one account is hacked, the hacker will not have access to more accounts with the same password. • And third, never share passwords with other people. If you have a shared account for some reason, always give the password verbally, never through electronic communication.
  • 10. How to prevent threats … Accidental Sharing: • First, limit the number of employees who have access to data. The more people who have access to information, the higher the chance for human error in sharing the data. • And second, implement user activity monitoring software. This allows you to track and discover if your data is in danger. It also provides solutions to prevent accidental sharing. Man-In-The-Middle: • First, avoid WiFi connections that are not secure. If you have employees working remotely, don’t allow them to access sensitive company data over public WiFi networks. • Second, make sure your employees do not interact with websites that are not secure. If a URL is not a secure website, it will only show “HTTP” instead of “HTTPS” in front of the URL. The browser should also show an alert that the URL is not secure. If this happens, leave the site immediately. • And third, make sure that your internet connections and internet devices are always updated with the latest security updates. Having outdated software or unsecured internet portals creates potential access points for MITM hackers.
  • 11. Computer Network Components Computer network components are the major parts which are needed to install the software. Some important network components are NIC, switch, cable, hub, router, and modem. NIC: • NIC stands for network interface card. • NIC is a hardware component used to connect a computer with another computer onto a network • It can support a transfer rate of 10,100 to 1000 Mb/s. • The MAC address or physical address is encoded on the network card chip which is assigned by the IEEE to identify a network card uniquely. The MAC address is stored in the PROM (Programmable read-only memory). Two types of NIC: • Wired NIC • Wireless NIC
  • 12. Computer Network Components … Hub: A Hub is a hardware device that divides the network connection among multiple devices. When computer requests for some information from a network, it first sends the request to the Hub through cable. Switch: A switch is a hardware device that connects multiple devices on a computer network. A Switch contains more advanced features than Hub. The Switch contains the updated table that decides where the data is transmitted or not. Switch delivers the message to the correct destination based on the physical address present in the incoming message. Router: A router is a hardware device which is used to connect a LAN with an internet connection. It is used to receive, analyze and forward the incoming packets to another network. • A router works in a Layer 3 (Network layer) of the OSI Reference model. • A router forwards the packet based on the information available in the routing table. • It determines the best path from the available paths for the transmission of the packet.