























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An in-depth analysis of various IT security risks, their potential impacts, and methods to assess and treat them. Topics covered include rogue security software, organizational security procedures, firewall policies, VPNs, and network security techniques. The document also includes figures illustrating different types of malware and attacks.
Typology: Lecture notes
1 / 31
This page cannot be seen from the preview
Don't miss anything!
























Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5: Security Submission date 24/08/2021 Date Received 1st submission 24/08/ Re-submission Date 26/08/2021 Date Received 2nd submission 26/08/ Student Name Nguyễn Hoài Nam Student ID GCS 190817 Class GCS 0901 Assessor name Van Ho Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature Nam Grading grid P1 P2 P3 P4 M1 M2 D
an irritating message to eradicating documents from a hard drive or making a computer crash over and again. In some particular cases, viruses will spread from one computer to others. ( Novetta Threat Research Group. (2016, February 24). Operation Blockbuster: Destructive Malware Report.) 1.2. Rogue security software Figure 2 Showing rogue security software Source: www.google.com Rogue security software is vindictive programming that deceives clients to accept there is a computer infection introduced on their PC or that their safety efforts are not cutting-edge. At that point, they offer to introduce or refresh clients' security settings. They'll either request that you download their program to evacuate the claimed infections, or to pay for an instrument. The two cases lead to real malware being installed on the computer. ( securitytrails.com ) 1.3. Trojan horses Figuratively, a "Trojan horse" alludes to fooling somebody into welcoming an assailant into a safely secured zone. In computing, it holds a fundamentally the same as importance — a Trojan horse, or "Trojan," is a malevolent piece of assaulting code or programming fooling clients into running it eagerly, by holing up behind a genuine program. ( securitytrails.com )
Figure 3 Showing symbolic of trojan horse 1.4. Adware and spyware Spyware is a general term used to depict programming that furtively keeps an eye on clients by gathering data without their assent. Figure 4 Showing an example of spyware - keylogger Source: www.google.com
Adware conveys promoting content in a way that is surprising and undesirable by the client. Once the adware malware moves toward becoming installed, it regularly shows promoting pennants, popup advertisements, or opens new internet browser windows aimlessly interims ( searchsecurity.techtarget.com ) 1.5. Computer worm Figure 6 Showing symbolic of computer worm Source: www.google.com Computer worms are bits of malware programs that imitate rapidly and spread starting with one computer then onto the next. A worm spreads from a tainted computer by sending itself to the majority of the computer's contacts, at that point promptly to the contacts of others. Interestingly, they are not constantly intended to cause hurt; there are worms that are made just to spread. Transmission of worms is additionally regularly done by misusing programming vulnerabilities. ( securitytrails.com )
1.6. DOS and DDOS assault A DoS assault is performed by one machine and its web association, by flooding a site with bundles and making it incomprehensible for genuine clients to get to the substance of the overflowed site. Luckily, you can't generally over-burden a server with a solitary other server or a computer any longer. In the previous years, it hasn't been that normal in the event that anything, at that point by blemishes in the convention. Source: www.google.com A DDoS assault, or appropriated forswearing of-administration assault, is like DoS yet is progressively powerful. It's harder to conquer a DDoS assault. It's propelled from a few computers, and the number of computers included can run from only a few them to thousands or significantly more. Since almost certainly, not those machines have a place with the aggressor, they are undermined and added to the assailant's system by malware. These computers can be circulated around the whole globe, and that system of traded off computers is known as a botnet. Figure 7 Showing how DoS and DdoS attacks
1.8. Rootkit A rootkit is a gathering of programming apparatuses that empowers remote control and organization level access over a computer or its systems. When remote access is acquired, the rootkit can play out various malignant activities; they come furnished with keyloggers, secret key stealers and antivirus disablers. Source: www.google.com Rootkits are introduced by stowing away in genuine programming: when people offer authorization to that product to make changes to their OS, the rootkit installs itself in their PC and trusts that the program will actuate it. Different methods for rootkit circulation incorporate phishing messages, malignant connections, documents, and downloading programming from suspicious sites. ( Microsoft. (n.d.). Secure the Windows 8.1 boot process. ) 1.9. SQL Injection attack SQL infusion assaults are intended to target information-driven applications by abusing security vulnerabilities in the application's product. They utilize the pernicious code to get private information, change and even decimate that information and can venture to void exchanges on sites. It has rapidly Figure 9 Details rootkit
turned out to be a standout amongst the most perilous security issues for information privacy. You can peruse more on the historical backdrop of SQL infusion assaults to all the more likely comprehend the danger it postures to cybersecurity. ( securitytrails.com ) Figure 10 Showing attack overview of SQL injection attack 1.10. Man-in-the-middle attacks Man-in-the-middle attacks are cybersecurity assaults that enable the aggressor to listen stealthily on the correspondence between two targets. It can tune in to correspondence which should, in typical settings, be private. ( www.imperva.com ) For instance, a man-in-the-center assault happens when the assailant needs to capture correspondence between individual An an individual B. Individual A sends their open key to individual B, however, the aggressor blocks it and sends a fashioned message to individual B, speaking to themselves as A, yet rather, it has the assailants open key. B trusts that the message originates from individual An and scrambles the message with the assailants open key, sends it back to A, yet aggressor again catches this Source: www.google.com
Figure 12 illutrates that Yahoo! had been hacked Source: www.google.com A few months after the fact, in December, it covered that prior record with the exposure that a rupture in 2013, by an alternate gathering of programmers had bargained 1 billion records. Other than names, dates of birth, email locations, and passwords that were not too ensured as those associated with 2014, security questions and answers were additionally traded off. In October of 2017, Yahoo amended that gauge, saying that, truth be told, every one of the 3 billion client records had been undermined. The ruptures thumped an expected $350 million off Yahoo's deal cost. Verizon, in the end, paid $4. billion for Yahoo's center Internet business. The understanding required the two organizations to share administrative and lawful liabilities from the ruptures. The deal did exclude a revealed interest in Alibaba Group Holding of $41.3 billion and a possession enthusiasm for Yahoo Japan of $9.3 billion. ( www.csoonline.com ) P2. Organisational security procedures. 2.1. Definition Security procedures are nitty gritty step-by-step guidelines on the most proficient method to execute, empower, or authorize security controls as listed from your association's security approaches. Security
procedures should cover the huge number of equipment and programming parts supporting your business forms just as any security-related business forms themselves. ( linfordco.com ) 2.2. The Purpose of Security Procedures The reason for security methods is to guarantee consistency in the usage of security control or execution of a security significant business process. They are to be pursued each time the control should be actualized or the security important business procedure pursued. Here is a similarity. As a feature of each flying machine flight, the pilot will pursue a pre-flight agenda. Basically, they do it to guarantee that the flying machine is prepared to fly and to do everything conceivable to guarantee a sheltered flight. Despite the fact that pilots may have flown a large number of hours, regardless they pursue the agenda. Following the agenda guarantees consistency of conduct every single time. Despite the fact that they may have executed the agenda many occasions, there is a hazard in depending on memory to execute the agenda as there could be some diversion that makes them overlook or disregard a basic advance. Much like pre-flight agendas, security methodology manages the individual executing the technique to a normal result. One model is server solidifying. Despite the fact that a framework head has manufactured and solidified many servers, the method to solidify the server still should be pursued to guarantee the server is solidified effectively and to a dimension that still permits operability with the arrangement of which it is a section. In the event that the solidifying method isn't pursued, the framework manager could forget a stage that outcomes in an inadmissible presentation of the server or information. The best choice is robotized the solidifying system through contents or other computerization devices. This will guarantee the steady execution of the solidifying "procedure." Every company running businesses over the world need to follow these policies and procedures:
LO2. Describe IT security solutions P3. Identify the potential impact to IT security of incorrect configuration of firewall policies and thirdparty VPNs. VPN represents Virtual Private Network which aides in averting the information break. It is a sort of the network which once empowered keeps the information that is shared over the system encoding. This the system builds up a safe association between the gadgets, on which the information is shared. Source: www.google.com A firewall can be characterized as a gadget that is introduced to monitor the traffic visiting or getting to the information, checking if the client is approved to get to the system or not. According to the guidelines set or structured, the firewall can permit or square unapproved clients from getting to the network. If the configuration is not corrected, there could be a security breach that may lead to the case that private file could be stolen. Potential impact to IT security: Figure 13 Showing how VPN works
4.1.1. Definition of DMZ In computer networks, a DMZ (demilitarized zone), is a physical or legitimate subnet that isolates a local area network (LAN) from other untrusted networks, generally the web. Outer confronting servers, assets, and administrations are situated in the DMZ. Along these lines, they are open from the web, yet the remainder of the interior LAN stays inaccessible. This gives an extra layer of security to the LAN as it confines the capacity of programmers to straightforwardly get to interior servers and information through the web. ( searchsecurity.techtarget.com ) 4.1.2. How DMZ works DMZs are planned to work as a kind of cushion zone between the open web and the organizational network. Conveying the DMZ between two firewalls implies that all inbound network parcels are screened utilizing a firewall or other security machine before they touch base at the servers the association has in the DMZ. This ought to be sufficient to hinder the most easygoing of risk on-screen characters. In the event that a superior arranged risk entertainer can get past the primary firewall, they should then increase unapproved access to those administrations before they can do any harm, and those frameworks are probably going to be solidified against such assaults.