CIS-180
Friday, October 21, 2011
Chapter 6
This chapter dealt with internet security over a business or organizational network. The first part of the chapter dealt with keeping operations going in cases where an incident has occurred. This is done through keeping backups current, building in redundancy in a system, installing UPS's in a network and having alternate sites up and ready to go in cases of a serious systemic attack or outage. Disaster recovery plans are needed in order to instruct IT personnel on how to respond to outages. In cases of an attack, a brief discussion of computer forensics and how to interact with forensics individuals was discussed. Developing a strong, clear security policy (use policies, etc.) were covered as well as differentiating what these are based on (ethics, morals, etc.)
Thursday, October 20, 2011
Chapter 5
This chapter dealt with wireless network security. The first part of the chapter explained what a computer network is, what kind of networks there are (LANs, WANs, PANs, etc.) and what devices are usually used in them. Then it went through how a wireless network is often hacked (giving no specific details as to how) and what a compromised network or computer is used for. Various methods of defending a network were discussed next, as well as a short discussion of VPNs, which allow a user to use a public network as a private network by using encryption.
Chapter 4
This chapter dealt with how to protect yourself from identity theft from various devices and software designed to steal personally identifying information. The main methods of doing this are through spyware for software, keyloggers for hardware and research (often through hacked social networking sites and careless handling of personal information, such as mail, etc.) The main defenses against these kinds of attacks and getting your ID stolen are to shred personal mail and materials before they go into the trash, using antiphishing security settings, installing antispyware, using good strong passwords and generally being wise about what one puts online for the world to see. Lastly, the book went through the use of cryptography (scrambling) on internet communications as well as on drives and data storage media to prevent stolen data from being deciphered by ID thieves.
Chapter 3
This chapter dealt with security on the internet. The book went through a basic introduction on what HTML does, what HTTP is and what an email attachment is. Different ways of exploiting a computer were discussed next. Java was then discussed, as well as what an applet is and what they do, that is, load other programs and applications in a browser page. Cookies were discussed, as well as adware and other malware designed to track someone online and display unwanted garbage. Email was also discussed, specifically spam email and various methods of filtering it out. Popup blockers were also brought up to help stop popup ads and windows in a browser session, as well as how to configure a browser's security settings to keep information from being broadcast and from accumulating crap like cookies while on the internet.
Chapter 2
This chapter dealt with security on a desktop computer. The book talked about various software and hardware attacks that are commonly used to breach the security of and gain attackers control over (or shut down, etc.) their computers. Most of these I've already heard of from my CIS-185 class. The book gives a bunch of different methods by which a computer can be hardened to some degree, such as using antivirus software, keeping the programs in the computer up to date, patching the OS, and the like as well as using a device lock to keep it from being stolen. The book also goes through the idea of backing up your data in case something gets through, as well as some steps to follow after an attack in order to minimize the same attack from occurring again.
Chapter 1
This chapter of the book gave a general outline as to what security generally is, specifically as to how it applies to information systems, giving several examples of different attacks that occurred on networks in industry, the government and private individuals that have made news in the last several years. Attacks are so prevalent in modern times because of the spread of the knowledge as well as the lack of preparedness of most who get online. The lack of sophistication in most people online makes them vulnerable to hackers and others. The chapter went through several reasons why it was so difficult to protect against cyber attacks, as well as a few general methods to counter them and laws drafted to punish those who are caught maliciously attacking using them.
Intro
Hello-
My name is Erik Courter. I'm an industrial chemist working in building materials, and am taking CIS-180 because its required for the network security degree here at MCC. I'm hoping to get a job in networking at some point in the near future, as my current area of expertise has been volatile (I've worked for 4 different companies in the last 3 years, to give you an idea).
My name is Erik Courter. I'm an industrial chemist working in building materials, and am taking CIS-180 because its required for the network security degree here at MCC. I'm hoping to get a job in networking at some point in the near future, as my current area of expertise has been volatile (I've worked for 4 different companies in the last 3 years, to give you an idea).
Subscribe to:
Posts (Atom)