Академический Документы
Профессиональный Документы
Культура Документы
Countermeasures
Sir. Ahmad Kamalrulzaman Othman
FSKM, UiTM Johor
Objectives
Introduction
The growth of the Internet has brought many
ways in which networks can be compromised
and data stolen.
Legislators are working to prevent identity theft
and ways to reduce the effects of viruses and
worms such as MyDoom, MSBlaster, and
others.
Data Packets
No real threat:
10
11
Classifications of Threats
Intrusion
Blocking
Malware
12
13
Cracking
Social engineering
War-dialing or war-driving
14
Malware
Viruses, worms
Trojan horses
Spyware
Cookies
Key loggers
15
Blocking-type Attacks
Denial-of-Service
Dynamic Denial of Service
16
Likely Attacks
17
Threat Assessment
18
Attractiveness (A): 1 10
Information content (I): 1 10
Security devices (S): 1 10
19
Hacking terminology
Security terminology
20
21
Firewall
Proxy server
Intrusion-detection system
Access control authentication
Non-repudiation
auditing
22
23
24
25
Sarbanes-Oxley (SOX)
Computer Security Act of 1987
Health Insurance Portability and
Accountability Act (HPAA)
26
CERT (www.cert.org/)
Microsoft Security Advisor
(www.microsoft.com/security/default.mspx)
F-Secure Corporation (www.f-secure.com/)
SANS Institute (www.sans.org/)
27
Summary
28
Summary cont.
29
Summary cont.
Legal issues:
SOX
HPAA
State-specific legislation regarding computer
crimes
30
Summary cont.
CERT
Microsoft Security Advisor
F-Secure Corporation
SANS institute
31