Академический Документы
Профессиональный Документы
Культура Документы
PRESIDENT’S OFFICE
SEMESTER: I
Consultation hours is from 09:30 - 11:30am, Monday and 08:00 -10:00am, Thursday
What Is Security?
In general, security is “the quality or state of being secure—to be free from
danger.” In other words, protection against adversaries—from those who
would do harm, intentionally or otherwise—is the objective.
National security, for example, is a multilayered system that protects the
sovereignty of a state, its assets, its resources, and its people. Achieving the
appropriate level of security for an organization also requires a multifaceted
system.
A successful organization should have the following multiple layers of
security in place to protect its operations:
● Physical security, to protect physical items, objects, or areas from
unauthorized access and misuse
SECURITY GOALS
There are three primary goals in any security service. These are
confidentially, integrity and availability.
Confidentiality
The principle of confidentiality is that only the sender and the intended
recipient should be able to access the contents of a message. Confidentiality
gets compromised if an unauthorized person is able to access the message.
Example of this could be a confidential email message sent by user A to user
B, which is accessed by user C without the permission or knowledge of A and
B. This type of attack is called interception.
Integrity
When the contents of a message are changed after the sender sends it, but
before it reaches the intended recipient, we say that the integrity of the
message is lost. For example, consider that user A sends message to user B.
User C tampers with a message originally sent by user A, which is actually
destined for user B. User C somehow manages to access it, change its
contents and
send the changed message to user B. User B has no way of knowing that the
contents of the message changed after user A had sent it. User A also does
not know about this change. This type of attack is called modification.
Availability
The principle of availability is that resources should be available to
authorized parties at all times. For example, due to the intentional actions of
an unauthorized user C, an authorized user A may not be able to contact a
server B. This would defeat the principle of availability. Such an attack is
called interruption.
Security attack
Security attack is any action that compromises the security of information
owned by an organization.
Security mechanism
A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service
A processing or communication service that enhances the security of the
data processing systems and the information transfers of an organization.
The services are intended to counter security attacks, and they make use of
one or more security mechanisms to provide the service.
In the literature, the terms threat and attack are commonly used to mean
more or less the same thing.
Threat
Threat is a potential for violation of security, which exists when there is a
circumstance, capability, action, or event that could breach security and
cause harm. That is, a threat is a possible danger that might exploit
vulnerability.
Attack
Attack is an assault on system security that derives from an intelligent
threat; that is, an intelligent act that is a deliberate attempt (especially in
the sense of a method or technique) to evade security services and violate
the security policy of a system.
TYPES OF ATTACKS
Attacks are classified as passive and active. A passive attack is an attempt
to learn or make use of information from the system without affecting
system resources; whereas an active attack is an attempt to alter system
resources or affect their operation.
Passive Attacks
Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions. The goal of the opponent is to obtain information that is being
transmitted.
Two types of passive attacks are release of message contents and traffic
analysis.
The release of message contents is easily understood (Figure 1.3 a). A
telephone conversation, an electronic mail message, and a transferred file
may contain sensitive or confidential information. We would like to prevent
an opponent from learning the contents of these transmissions.
A second type of passive attack, traffic analysis, is subtler (Figure 1.3 b).
Suppose that we had a way of masking the contents of messages or other
information traffic so that opponents, even if they captured the message,
could not extract the information from the message. The common technique
for masking contents is encryption. If we had encryption protection in place,
an opponent might still be able to observe the pattern of these messages.
The opponent could determine the location and identity of communicating
hosts and could observe the frequency and length of messages being
exchanged. This information might be useful in guessing the nature of the
communication that was taking place.
Passive attacks are very difficult to detect because they do not involve any
alteration of the data. Typically, the messages are sent and received in
seemingly normal fashion. Neither the sender nor receiver is aware that a
third party has read the messages or observed the traffic pattern. However,
it is feasible to prevent the success of these attacks. Message encryption is a
simple solution to thwart passive attacks. Thus, the emphasis in dealing with
passive attacks is on prevention rather than detection.
Active Attacks
Active attacks involve some modification of the data stream or the creation
of a false stream and can be subdivided into four categories: masquerade,
replay, modification of messages, and denial of service.
Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect (Figure 1.4 a).
A masquerade takes place when one entity pretends to be a different entity
(Figure 1.4 b). A masquerade attack usually includes one of the other forms
of active attack. For example, authentication sequences can be captured and
replayed after a valid authentication sequence has taken place, thus
enabling an authorized entity with few privileges to obtain extra privileges by
impersonating an entity that has those privileges.
SECURITY SERVICE
a security service as a service that is provided by a protocol layer of
communicating open systems and that ensures adequate security of the
systems that are components of data transfers.
Data Confidentiality
Confidentiality is the protection of transmitted data from passive attacks.
With respect to the content of a data transmission, several levels of
protection can be identified
Data Integrity
Assurance that data is as sent by authorized entity (contains no
modifications, insertion, deletion, or replay) provides protection against
message modification only.
Authentication
The authentication service is concerned with assuring that a communication
is authentic. In the case of a single message, such as a warning or alarm
signal, the function of the authentication service is to assure the recipient
that the message is from the source that it claims to be from.
Access Control
In the context of network security, access control is the ability to limit and
control the access to host systems and applications via communications
links. To achieve this, each entity trying to gain access must first be
identified, or authenticated, so that access rights can be tailored to the
individual.
Non-repudiation
Non-repudiation prevents either sender or receiver from denying message
transmission or receipt of message. Thus, when a message is sent, the
receiver can prove that the alleged sender in fact sent the message.
Similarly, when a message is received, the sender can prove that the alleged
receiver in fact received the message.
TECHNIQUES
Cryptography
1. Symmetric-key cryptography
2. Hash functions.
3. Public-key cryptography
3. Secret key: The secret key is also input to the encryption algorithm.
The key is a value independent of the plaintext and of the algorithm.
The algorithm will produce a different 37 output depending on the
specific key being used at the time. The exact substitutions and
transformations performed by the algorithm depend on the key.
2. Sender and receiver must have obtained copies of the secret key in a
secure fashion and must keep the key secure.
SUBSTITUTION TECHNIQUES
Caesar cipher
This is simple technique, used by Julius Caesar. The Caesar cipher involves
replacing each letter of the alphabet with the letter standing n places further
down the alphabet. For example,
mematrhtgpry
etefeteoaat
SUMMARY
An original message is known as the plaintext, while the coded message is called
the cipher text. The process of converting from plaintext to cipher text is known
as enciphering or encryption; restoring the plaintext from the cipher text is
deciphering or decryption. The many schemes used for encryption constitute the
area of study known as cryptography. Such a scheme is known as a
cryptographic system or a cipher. Techniques used for deciphering a message
without any knowledge of the enciphering details fall into the area of
cryptanalysis. Cryptanalysis is what the layperson calls "breaking the code." The
areas of cryptography and cryptanalysis together are called cryptology.
Cybercrime
Cybercrime can be committed against an individual or a group; it can also be
committed against government and private organizations. It may be
intended to harm someone’s reputation, physical harm, or even mental
harm.
Cybercrime can cause direct harm or indirect harm to whoever the victim is.
However, the largest threat of cybercrime is on the financial security of an
individual as well as the government.
Cybercrime causes loss of billions of USD every year.
ii) Phishing: Phishing means trying to fool people into parting with their
money. Phishing refers to the receipt of unsolicited emails by customers of
financial institutions, requesting them to enter their username, password or
other personal information to access their account. The criminal then has
access to the customer's online bank account and to the funds contained in
that account. The customers click on the links on the email to enter their
information, and so they remain unaware that the fraud has occurred.
iii) Spamming: Spam is the abuse of electronic messaging system to send
unsolicited bulk messages indiscriminately
iv)Cyber defamation: It involves any person with intent to lower down the
dignity/image of the person by hacking his mail account and sending some
mails with using vulgar language to unknown persons mail account.
vi) Computer sabotage: the use of the internet to halt the normal
functioning of a computer system through the introduction of worms,
viruses, or logic bomb is referred to as computer sabotage.
ii) Cyber Squatting: It involves two persons claiming for the same Domain
Name either by claiming that they had registered the name first. For
example two similar names i.e. www.yahoo.com and www.yahhoo.com.
ii) Password sniffing: password sniffers are programs that monitor and
record the name and password of network users as they login, at site.
iii) Denial of service attacks: the criminal floods the bandwidth of the
victim‘s network. The attackers typically target site or service hosted on
high-profile web servers such as bank, credit card payment gateways,
mobile phone networks and even root name servers. Denial of service
attacks are designed to consume resources so that other users are unable to
use the resources and are therefore ―denied service‖ . In a Computer
network environment, the key resources are CPU, memory, and bandwidth
vi) Salami attack: these attacks used for committing financial crimes. The
key here is to make the alteration so insignificant that in a single case it
would go completely unnoticed e.g. a bank employee inserts a program into
bank‘s servers that deducts a small amount from the account of every
customer.
Vii) Logic bomb: A logic bomb is a piece of code intentionally inserted into
a software system that will set off a malicious function when specified
conditions are available. For example, a programmer may hide a piece of
code that starts deleting files should they ever be terminated from the
company.
viii) Trojan horse: Trojan horses are email viruses that can duplicate
themselves, steal information, or harm the computer system.
iii)Use strong passwords with upper case, lower case, number and
special characters and minimum of 6 characters.
vi) Don‘t use sequential passwords for different services i.e. ABC10,
ABC11, ABC12, etc.
ix) Never tell your password to anyone, including people from support,
customer service, helpdesk, etc.
5.4). Install the latest operating system updates: Keep your applications and
operating system (e.g., Windows, Mac, Linux) current with the latest system
updates. Turn on automatic updates to prevent potential attacks on
older software.
5.5). Protect your data: Use encryption for your most sensitive files such as
health records, tax returns, and financial records. Make regular backups of
all of your important data.
5.6). Secure your wireless network: Wi-Fi (wireless) networks are vulnerable
to intrusion if they are not properly secured.
5.8). Avoid being scammed: Never reply to emails that ask you to verify
your information or confirm your user ID or password. Don‘t click on a link
or file of unknown origin. Check the source of the message; when in doubt,
verify the source.
Hacking
It is an illegal practice by which a hacker breaches the computer’s security
system of someone for personal interest.
Unwarranted mass-surveillance
Mass surveillance means surveillance of a substantial fraction of a group of
people by the authority especially for the security purpose, but if someone
does it for personal interest, it is considered as cybercrime.
Child pornography
It is one of the most heinous crimes that is brazenly practiced across the
world. Children are sexually abused and videos are being made and
uploaded on the Internet.
Child grooming
It is the practice of establishing an emotional connection with a child
especially for the purpose of child-trafficking and child prostitution.
Copyright infringement
If someone infringes someone’s protected copyright without permission and
publishes that with his own name, is known as copyright infringement.
Money laundering
Illegal possession of money by an individual or an organization is known as
money laundering. It typically involves transfers of money through foreign
banks and/or legitimate business. In other words, it is the practice of
transforming illegitimately earned money into the legitimate financial
system.
Cyber-extortion
When a hacker hacks someone’s email server, or computer system and
demands money to reinstate the system, it is known as cyber-extortion.
Cyber-terrorism
Normally, when someone hacks government’s security system or intimidates
government or such a big organization to advance his political or social
objectives by invading the security system through computer networks, it is
known as cyber-terrorism.
Cyber Security
Cyber security is a potential activity by which information and other
communication systems are protected from and/or defended against the
unauthorized use or modification or exploitation or even theft.
Likewise, cyber security is a well-designed technique to protect computers,
networks, different programs, personal data, etc., from unauthorized access.
A small network usually has one server set up to handle many different
services. A large network usually has several servers, each providing a
different service or set of services. For example, a large corporation may use
one server to handle e-mail requests and Web hosting, another server to
serve as a domain
Thin Servers
A thin server is a server that has only the hardware and software needed to
support and run a specific function, such as Web services, print services, and
file services.
Do not confuse a thin client with a dumb terminal. A dumb terminal sends
user input to a mainframe. Dumb terminals have absolutely no computing
power, operating system, hard disk drive, BIOS, and RAM. A thin client may
not need a hard disk drive or an operating system; however, it is still a full-fl
edged computer because it has a CPU and processing power.
Windows 2000 Server, Windows Server 2003, and Windows Server 2008
come with Terminal Services software
Case
Server case styles vary greatly. Some are similar to desktop models. Some
are designed to be mounted into a rack.
A blade server derives its name from its size and shape. It is extremely
thin compared to other servers and fits into a rack. Blade servers are
especially designed to allow a large number of servers to be mounted in a
small space. Blade servers are not to be confused with thin servers.
Hot-Swap Components
Servers are generally designed to provide continuous service with minimal
interruptions and data loss. The main feature that most servers use to
provide this continuous service is hot-swap technology. Hot-swap
technology allows a component to be removed or installed while the
system is running
Power Supply
The power supply converts standard 120-volt or 240-volt AC power into
lower DC voltage levels that can be used by the motherboard and other
devices inside the computer case. A typical power supply provides an
assortment of output plugs. The plug style matches the intended piece of
equipment.
Motherboard
Servers generally use a backplane. A backplane is a simple motherboard
designed with minimal components. It typically serves as the interface of all
the major components. It is designed to allow major components to be
added or removed without powering down the system. Removing
components without shutting down the system is call hot swapping.
BIOS
The BIOS contains a small software program that starts the server boot
operation when power is applied to the server. The combination BIOS chip
and the software program are usually referred to as firmware. The BIOS is
responsible for the power-on self-test (POST), which is performed at
startup.
3. What is a thin client server and what applications can it be used for?
1. PROCESSOR
For you to run Windows Server 2016, you need a minimum of AMD64 or
1.4GHz EMT64 Processor.
Your processor must also be compatible with x64 instruction set architecture
and should support security features such as Data Execution
Prevention (DEP) and NX Bit.
It should also support CMPXCHG16b, PrefetchW, and LAHF/SAHF.
As well, it should support Second Level Address Translation: Extended Page
Table (EPT) and Nested Page Tables (NPT).
2. RAM
The following are the minimum RAM requirements for this server:
512 MB and 2 GB for Window Servers that have the Desktop Experience
feature ECC type or a similar technology
If you create a virtual machine (VM) that has the minimum hardware
parameters and then attempt to install WS2016 on the VM, the setup is
likely to fail.
To avoid this, you can allocate 800 MB RAM or more to the VM you intend to
install WS2016 on and run setup. Once the installation is complete, you can
then reduce the VM's RAM to 512 MB.
You can also interrupt the booting process of Windows Server 2016 by
pressing SHIFT+F10. In the CP (command prompt) that will pop up, you can
make use of the Diskpart.exe command-line tool to create the desired
installation partition. Then run the Wpeutil create page file /path=X:\pf.sys
(where X represents the installation partition you created).
After that, close the CP and continue with the installation process.
4. Network Adapter
Microsoft recommends the following minimum Windows Server 2016 system
requirements:
A Gigabit adapter with 1 Gbps throughput
Your network Adapter Should be PCI Express Compliant
Your Ethernet Adapter should also support PXE (Pre-boot Execution
Environment)
If your system meets these requirements, you can consider installing the
revolutionary server.
1. Plug the Windows Server 2016 boot drive (DVD, USB) to the computer
and boot your computer. When the Windows Setup page appears, select
your language, time format and keyboard then click on Next button.
Language, Time, Keyboard
2. Now click on Install now button to start the installation process.
Install now
3. Select the appropriate version of the windows server that meets your
organization’s needs then click Next. Make sure that you’ve chosen an
appropriate edition of Windows server.
Select the operating system you want to istall
4. Put a check mark in the box next to the I accept license terms and click
on the Next button. License term is about the way you want to buy license
for your server from Microsoft.
I accept the license term
5. Select the Custom: Install Windows only (advanced) option for clean
installation. Clean installation is the term used against upgrade. When you
upgrade a Windows server you can have your settings, apps, etc from
previous version of Windows. When you do the clean installation you can’t
have the settings, apps, etc.
Custom installation
6. Select the hard drive that you want to install the windows server on, then
click on the New button to do the partitions.
partition
7. After clicking on the New button, some options appear. Specify the
amount of the drive based on MB and click on the Apply button. A warning
appears which wants you to give the permission to system to create a drive
for system files. Click on ok button, if you want to add more drives do this
process again. When finished hit Next.
Drive size
8. After clicking Next the System starts coping all the files from the external
drive to internal hard drive. It will take a while so be patient. Be aware that
your system will be restarted several times.
Copying files on machine’s hard drive
9. When the system copied all the files and restarted, finalize your task by
entering the required details. Type complex password (composed of
uppercase, lowercase, symbol and numbers) twice in the boxes and click on
the Finish button. User name is Administrator by default.
Enter password
10. Press Ctrl+Alt+Del buttons to jump start the screen to a login page
and inside the box below the administrator user name, enter the password
and press Enter button from the keyboard to sign in the Windows.
Press Ctrl+Alt+Del buttons
11. After you logged in the Windows you see the some thing like the picture
below. Welcome to Windows Server 2016.
Windows Server 2016 Evalution