13.13 Security Troubleshooting

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Spam

may or may not be malicious in nature. However, it wastes time, network bandwidth, and storage space as many organizations are required by law in the United States to retain all email communications for a period of time.

MAC Spoofing

occurs when an attacking device spoofs the MAC address of a valid host currently in the MAC address table of the switch. The switch then forwards frames destined for that valid host to the attacking device.

Pharming

redirects one website's traffic to another, bogus, website that is designed to look like the real website. Once there, the attacker tricks the user into supplying personal information, such as bank account and PIN numbers.

Botnet

refers to a group of zombie computers that are commanded from a central control infrastructure.

Phishing

scam employs an email pretending to be from a trusted organization, asking to verify personal information or send a credit card number.

Replay Attack

the attacker uses a protocol analyzer or sniffer to capture authentication information going from the client to the server. The attacker then uses this information to connect at a later time and pretend to be the client.

Phishing Emails

the process used by attackers to acquire sensitive information such as passwords, credit card numbers, and usernames by masquerading as a trustworthy entity. Phishing emails are drafted such that they appear to have come from a legitimate organization, such as banking, social media, or e-commerce websites.

ARP Spoofing

uses spoofed ARP messages to associate a different MAC address with an IP address.

Implement Browser Security

Disable pop-ups on all web browsers. Pop-ups can covertly install malware or redirect users to malicious websites. Enable pop-ups only for legitimate sites that require them. Override automatic cookie handling. Configure your browser to prompt you before allowing cookies. Disable third-party browser extensions. Disable sounds in web pages.

Configure Automatic Updates

Enable automatic updates for all operating systems.

Implement Malware Prevention

Install anti-malware on all systems to search for malware, viruses, worms, trojans, and rootkits. Enable automatic definition updates on your anti-malware software. Configure frequent quick malware scans along with less frequent full system scans. Implement anti-spam measures. This can be done using anti-spam software on each individual workstation. However, it's usually advantageous to implement an anti-spam appliance that filters email messages for your entire organization.

Maintain Awareness

Stay current by subscribing to security alerts offered by many security software vendors.

Educate Users

Use strong passwords. This includes email account passwords as well as workstation account passwords. Distrust anything coming from the web: Don't click anything just because the site says you must do so. View email with suspicion. A reputable company in the modern world will not send an email asking users to respond with personal information. Any message that does is using phishing to gather personal information. Recognize social engineering attempts and respond appropriately.

HTTP (session) Hijacking

a real-time attack in which the attacker hijacks a legitimate user's cookies and uses the cookies to take over the HTTP session.

TCP/IP (session) Hijacking

an extension of a man-in-the-middle attack where the attacker steals an open and active communication session from a legitimate user.

Zero Day

attack (also known as a zero hour or day zero attack) is an attack that exploits computer application vulnerabilities before they are known and patched by the application's developer.

Man-in-the-Middle

attack is used to intercept information passing between two communication partners.

Hijacked Emails

attackers use password hints set up by the user to try to gain access to the user's email account. Users should not use personal information such as their birthplace or mother's maiden name. This information is relatively easy to obtain using social media.

IP Spoofing

changes the IP address information within a packet.

Zombie

computer that is infected with malware that allows remote software updates and control by a command and control center called a zombie master.

Browser History

contain information that an attacker can exploit. If an attacker can gain access to the cache or the browser history

Cookies

data files placed on a client system by a web server for retrieval at a later time. Cookies are primarily used to track the client. By default, cookies can be retrieved only by the server that set them. The cookies themselves are fairly benign; however, cookies can be exploited by an attacker to steal a client's session parameters.

Rogue Antivirus

exploits usually employ a pop-up in a browser that tells the user the computer is infected with a virus and that the user must click a link to clean it. Sometimes this exploit is used to trick users into paying for worthless software they don't need.


Kaugnay na mga set ng pag-aaral

EXP PSYCH FINAL 8,9,10,11 TERMS & QUESTIONS & CONCEPTS

View Set

*Chapter 40: Care of Patients with Hematologic Problems

View Set