






































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
this is an exercise on security subject of btec fpt college in hanoi
Typology: Study notes
1 / 46
This page cannot be seen from the preview
Don't miss anything!







































Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5 : Security Presentation Submission date 08 /0 3 /2023 Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name Nguyen Hai Anh Student ID BH Class IT0502^ Assessor name Le Van Thuan Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature Anh Grading grid
Organizational and network security are critically important in today's digital age, where virtually all organizations rely heavily on technology and electronic data to carry out their operations. The consequences of a security breach can be severe, ranging from financial losses, damage to reputation, loss of sensitive data, and even legal liabilities. Therefore, implementing effective security measures is essential for ensuring the safety and continuity of an organization's operations. My report will be focused on network security. In particular, it involves four parts that require you to:
1. Identify types of security threat to organisations (P1) - Definition of Risks, Threats: Security Risks: Security risk is the likelihood that a threat can exploit a vulnerability to cause harm to a system or data of an organization. Security risks are often assessed by calculating factors such as likelihood, impact, severity, and the ability to prevent. Security Threats: Security threat is a potential risk to the system or data of an organization. Security threats can include insider or outsider attacks, vulnerabilities or impersonation actions. These threats can cause serious consequences for an organization, including data loss, monetary loss, reputational damage, or violation of information security regulations. - Security risk groups: 1.1. Malware:
Figure 1 Malware is malicious software that can cause harm or malicious code to your computer. This is software created by hackers and hackers to destroy or steal user information for a certain purpose. In the process of using the Internet, the following actions can expose you to Malware: Accessing malicious websites, downloading Malware-infected games, music files, installing toolbars/software from unknown vendors, opening malicious email attachments or unscanned downloads by security software. Mistakenly downloading malicious apps disguised as legitimate apps, warning messages when installing apps, especially when the app asks for permission to access email or personal information. Download apps from untrusted sources. Accidentally installed additional software that came with the application containing Malware. Not using security programs is also the reason that makes it easier for Malware to penetrate. When your device is infected with Malware, you may notice the following signs: The computer runs slow, the operating system's processing speed decreases whether you are navigating the Internet or just using local applications.
Figure 2 Common types of computer viruses: Computer Virus Hijacker (Specializing in browser attacks): A common type of virus because it is often hidden in data files that are downloaded by users for free. Macro Virus (File Spread): A virus that usually hides in files or files that Macro programs support. Multipartite Virus: Almost all activities of this Virus will depend on the operating system that the user is using and they are capable of spreading in many different ways and facing a lot of difficulties to deal with. reason when encountered. Scripting Virus (Web Virus): A type that appears in the programs used to display any web page that the user uses.
Memory virus: When unfortunately encountering this virus, it will be very difficult to fix, and even if it can be fixed, your data has been relatively affected. There are several ways a virus can attack and spread on a computer: Access a website without a security certificate, less secure. Exchange data through devices such as USB, hard drive. Download software containing viruses. Suspicious emails. The software in use has security holes. There are several ways to prevent viruses from attacking and spreading on your computer: Install anti-virus software. Freeze the system. Set usage rules. Data backup. Some popular computer anti-virus software: ESET Internet Security ESET NOD32 Antivirus Kaspersky Anti-Virus - 3 PC Bitdefender Antivirus Plus McAfee Antivirus Plus Trend Micro Antivirus+ Security Malwarebytes Premium Kaspersky Anti-Virus Webroot Secure Anywhere Antivirus ESET NOD32 Antivirus Norton Antivirus Plus Avast Free Antivirus Emsisoft Anti-Malware Spyware Spyware is a type of malware designed to secretly observe device activity and send those observations to trackers. That data may be used to track your activity online, and that information may be sold to marketers. Spyware can also be used to steal personal
Monitor your browsing habits Email address Spyware can infiltrate a computer through a number of common techniques such as: Exploiting security holes: Spyware often enters through security flaws when downloading, opening strange links or attachments in emails; Malicious access to websites; Open trading software, documents, music files,... that contain Spyware. In scam apps and websites: Hackers often create Spyware as useful tools for download: Internet accelerator, download manager, disk cleaner or solution. Through Trojan, Adware and System monitor: penetrate devices through Trojan malware, sell data or serve to fraudulent advertisers, monitor your web browsing. There are several ways that prevent spyware on the computer: Always install and use a genuine anti-virus software: The appearance of an anti-virus software may cause us very little to see any malicious code detected or removed, but it helps us to avoid malicious code. prevent long-term threats and give us peace of mind when browsing the web or downloading software. Policy development with PnP devices: With devices of this type: USB, CD/DVD, ... viruses can be used to execute without the user's permission. Set rules for treating files: Do not open or download files of unknown origin, especially executable files (files with .exe, .dll, ...). Safe web access: Do not visit the dark web, malicious websites, have unhealthy content, do not conveniently click on URLs from emails or chat content, on websites, etc. Websites and URLs like
these often contain malicious code and just wait for the user to click, it will automatically download, set up the settings for legal execution on the user's computer. Update computers and software: Regularly update patches provided from the operating system, patches for applications in use and especially update anti-virus programs.
Fully update vulnerability patches regularly with Windows computers, to prevent hackers from taking advantage of those vulnerabilities to infiltrate the computer. Do not visit unsafe websites. Do not open a link in an email unless you are confident that it comes from a legitimate source. Do not download or install programs if you do not fully trust the publisher. Never open a link in an email unless you know exactly what it is. Trojan anti-virus software: Kaspersky Anti-virus ESET Nod AVG Avast
Worm Worm is spread without user interaction. All that is needed is for the computer worm to work on the infected system. Before networks became widely used, computer worms spread through infected storage media, such as floppy disks, which, when mounted on a system, would infect other connected storage devices. with system. USB is still a popular vector for computer worms. Figure 5 How to prevent computer worms: Keeping the operating system and all other software updates and patches up to date will help reduce the risk of newly discovered vulnerabilities. Using a firewall will help reduce the possibility of malware entering the system. Using anti-virus software will help prevent malware from running. Be careful not to click on attachments, links in emails or other messaging apps that could expose the system to malware. Encrypt files to protect sensitive data stored on computers, servers and mobile devices
For example, a login form is as follows: Figure7: Login form And your server handler code: if(isset($_POST['username']) && isset($_POST['password'])){ $sql = "SELECT * FROM tbl_user WHERE username='". $_POST['username']. "' AND password = '" .$_POST['password'] ."'"; } If the user doesn't type normally, but for example, they add an apostrophe ' or ", your code will immediately fail. Or they can fix it to a query that is always correct as follows. SELECT * FROM tbl_user WHERE username = '' OR '1' = '1' and password = '' OR '1' = '1' Or insert a query statement after: SELECT * FROM tbl_user WHERE username = 'admin' and password = 'admin'; Drop table users;
b) XSS Cross Site Scripting hacker will insert malicious code through scripts to execute them on Client side, XSS attacks are used to bypass access and impersonate users. The main purpose of this attack is to eat. Steal user's identity data such as: cookies, session tokens and other information. Figure 7 Example 1: a user enters a simple script like this: Figure 8 Then after pressing the “Search” button, the imported script will be executed.
Figure 10 Types of DDoS attacks: A bandwidth attack uses traffic to flood the network layer. This type of attack is the most common form of DDoS attack. An example of a bandwidth attack is DNS amplification, which uses open DNS servers to flood a target with DNS response traffic. The service disruption protocol attack by exploiting a weakness in the Layer 3 and Layer 4 protocol stacks. A SYN attack that consumes all available server resources is an example of this type. this type of attack. Resource cascade attacks target web application packages and disrupt data transfers between servers. How to prevent DDoS attack: Develop a denial-of-service strategy to help detect, prevent, and reduce DDoS attacks. Identify vulnerabilities in security and assess potential threats to your setup. Update any protection software or technology and make sure everything is working properly. Introductory training for your team and assigning them roles in case of an attack.
b) Man-in-the-middle A man-in-the-middle attack occurs when someone is between two computers and has the ability to intercept traffic. This is a type of passive attack because the attacker can only be behind to eavesdrop on the information from the victim, but cannot interact in any way between the people exchanging information. Figure 11 How to prevent man-in-the-middle attack: Install anti-virus software – this way you can avoid man-in-the-middle attacks based on installed malware. Avoid public WiFi hotspots, especially when they are not password protected. Sign out when you're done using a page that asks you to sign in. Use a virtual private network (VPN) to conduct sensitive transactions and communications. Set up your router by changing to static IP