Premium Essay

Cyber Security

In: Computers and Technology

Submitted By Ujjwalagrawalco
Words 11999
Pages 48
2011

Ethical Hacking & Penetration Testing
ACC 626: IT Research Paper

Emily Chow 20241123 July 1, 2011

I. Introduction
Due to the increasing vulnerability to hacking in today’s changing security environment, the protection of an organization’s information security system has become a business imperative . With the access to the Internet by anyone, anywhere and anytime, the Internet’s “ubiquitous presence and global accessibility” can become an organization’s weakness because its security controls can become more easily compromised by internal and external threats. Hence, the purpose of the research paper is to strengthen the awareness of ethical hacking in the Chartered Accountants (CA) profession, also known as penetration testing, by evaluating the effectiveness and efficiency of the information security system.
2 1

II. What is Ethical Hacking/Penetration Testing?
Ethical hacking and penetration testing is a preventative measure which consists of a chain of legitimate tools that identify and exploit a company’s security weaknesses . It uses the same or similar techniques of malicious hackers to attack key vulnerabilities in the company’s security system, which then can be mitigated and closed. In other words, penetration testing can be described as not “tapping the door” , but “breaking through the door” . These tests reveal how easy an organization’s security controls can be penetrated, and to obtain access to its confidential and sensitive information asset by hackers. As a result, ethical hacking is an effective tool that can help assist CA professionals to better understand the organization’s information systems and its strategy, as well as to enhance the level of assurance and IS audits if used properly.
4 5 3

III. Basic Characteristics of Penetration Testing
Different Types of “Hat Hackers”
There are different types of “hat hackers” that should be...

Similar Documents

Premium Essay

Cyber Security

...CYBER SECURITY INTRODUCTION It is also known as “Computer Security or IT security”. It is applied to the security of computer, computer network and the data stored and transmitted over them. Today the computer system are used in wide variety of “smart devices, including Smartphone’s,  televisions and tiny devices as part of the Internet of Things, and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other networks. Computer security covers all the processes and mechanisms by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction and the process of applying security measures to ensure confidentiality, integrity, and availability of data both in transit and at rest. There are the various elements of the cyber security which are as: 1. Application Security 2. Information Security 3. Network Security 4. Mobile Security 5. Internet Security 6. Cyberwarfare One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected. "The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk....

Words: 3559 - Pages: 15

Free Essay

Cyber Security

...Research Paper – Cyber Security From the growing use of smart phones to access the Internet to rogue employees in the workplace, the threat of cyber terrorism is increasingly on the minds of C-suite executives. At a recent conference sponsored by the Raritan Valley Community College Foundation, security experts addressed the threats, the exposures and the legal issues and best practices to bolster cyber defenses. Virginia Bauer, CEO of East Rutherford-based security company GTBM, explained that many people, like herself, first became familiar with security threats on 9-11(Bauer's husband was killed in the attacks and she has since been a 9-11 families advocate). "To combat the threat, better private and public partnerships are needed to develop solutions, something the 9-11 Commission recommended," she explained. GTBM's main product is Info-Corp(TM), a system that conducts real-time identification checks, scanning local, state, and federal National Crime Information Center (NCIC) databases, the Federal Terrorist Screening Watch List and all 50 states' motor vehicle databases. The identification checks are important to companies because the biggest cyber threat to businesses can be its employees. "Most cyber attacks happen internally," Bauer said. "The people who can be the most threatening to you are sitting in your offices, or are your consultants and vendors."...

Words: 527 - Pages: 3

Premium Essay

Cyber Security

...INTRODUCTION: This research report conducts analysis on security. Technology these days is going up very fast and technology has been changed the route business administered by giving online services to their customers, to secure data in to “cloud” and allowing them to get their data from smart phones and tablets. This process of securing data has given many benefits to small and large business alike. But where the benefits are there will be some risk present. Risk will be like lost of data or to protect data by any attack of security. According to a survey which took place in 2012 about security, the graph of crimes and security attacks is gradually going up every year. As we talk about security it’s a very huge field to do research on it. Security has many different units in a field. One can’t do a research on this topic. The topic I am going to discuss in my research is cyber security. Cyber security these days is important everywhere. Where ever the data is, we need cyber security to protect and maintain our data according to our requirements Cyber crime is far reaching, general and continually joined with different parts of the criminal natural gathering. It runs from the thievery of a specific's character to the complete interruption of a nation's Internet compromise in light of a huge trap against its masterminding and taking care of assets....

Words: 1426 - Pages: 6

Premium Essay

Cyber Security

...SULLIVAN UNIVERSITY | Cyber Security | | Patrice Brockington | 4/20/2013 | | Cyber Security The security of online files, applications, documents, consumer information, and organization information are just some of the valued items that need to be secure from cyber threats. Companies and organization that utilize the internet to conduct business know all too well the importance of securing the information and any and all information of those that they do business with. Having some general knowledge of what cyber security is and the importance of it is our purpose in this brief. Cyber security is the “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack”, as defined by Merriam-Webster.com (Online, 2013). In general practice cyber security is simply securing online information and service systems. If you ever entered your name, address or any personal information online or into some database to win a prize this information is online or somehow accessible via the Internet. It is this type of information that so many millions of people are concerned about if it is secure or not, since it is out on the Internet. “The nation’s critical infrastructure relies heavily on the Internet for everything from submitting taxes, to applying for student loans, to following traffic signals, to even powering our homes” (Government, 2013)....

Words: 645 - Pages: 3

Premium Essay

Cyber Security

...6 20 Cyber crime:Law Enforcement And E-Government Transnational Issues Individ ual Assignment #1 Leggett,Ronnell 3/3/13 2 Table Of Content Introduction ................................................................. 3-5 Current Government Interventions/ Methods............. 5-7 linpact/Effects .............................................................. 7-8 Private Industry Rcsponsibilit)' ............................... 8-9 Conclusion ........................................................................ 9-10 Reference Page ........................................................... 11 3 Introd uction Over the last several years we have witnessed many changes and transformations occur in tcclmology including advances in phone. television, and compu ter comm unication outlets. Being able to use and ma nipulate technology has now become an essential part of everyday lifo, this is especiall y important with the use of the World Wide Web and the plentiful resources it has to offer. With these new advances of technology we often find an apparent generation gap where more and more Americans arc born into new technology \'1hi lc others arc still trying lo figure it ou t. Most impo11 y. with these tech nological advances. crime has adapted to thi s new age as antl well. Consumers are pu t at new and higher risks when purchasi ng goods (Baker. 2006)....

Words: 2550 - Pages: 11

Premium Essay

Cyber Security

...Cyber security is a critical and growing issue in the world today. President Obama said this issue is, "one of the most serious economic and national security threats our nation faces" (Cybersecurity). The United States is one of the most computer dependent societies and has the most computer dependent military and intelligence agencies. With more and, more of our country being ran by technology we are at a bigger risk of attack. A cyber attack could be the most devastating attack our country has ever faced. An attack on America’s cyber infrastructure could cripple the country and put us at an even greater risk of a normal attack. FBI Director said “Counterterrorism — stopping terrorist attacks — with the FBI is the present number one priority. But down the road, the cyber threat, which cuts across all FBI programs, will be the number one threat to the country” (Paganini). The message is clear the cyber security threat we are facing today is a dangerous and growing threat that has serious offensive potential and is often difficult to detect or prevent. An attack on a nation’s critical infrastructure can be devastating and when you add the fact that cyber attacks often do not make themselves know until it is to late could make for a devastating first strike prior to an invasion. Cyber security is defined as measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack....

Words: 2041 - Pages: 9

Premium Essay

Cyber Security

...Cyber security must also check out the side effects that can be available while using the security program. The security must show greater awareness and understanding of cyber crimes and their implications on the program and information generally. Having this...

Words: 596 - Pages: 3

Premium Essay

Cyber Security

...I know I am not the only person who is distracted with the new technology and forgets to worry about cyber security, but I feel that the best practices has helped me gain better understanding on why it is important to stay current on the latest updates, use passcodes, and the use of emails & social networking. It is comforting to know that there are people such as the Computer Security Division that are working to keep information protected. I plan to share with my co-workers about cyber security, since we are now converting into the cyber...

Words: 303 - Pages: 2

Premium Essay

Cyber Security

...In this age where the use of computers and networks related to them has become commonplace, there has developed problems concerning cyber security. Cyber security is an important factor to be considered if one is to be able to protect oneself from malicious people and software from the internet. Most of the threats to computer networks come from the internet and these are often intentional, having been developed by people with malicious intent. Cyber security is, therefore, an attempt by individuals to protect their personal information and other digital assets from attacks from the internet. Cyber security involves various steps the most important of these being an individual’s understanding of the different forms of attacks that they are likely to encounter. Once one has knowledge of this, then it is his or her responsibility to ensure that they have put in place the best security system they can get their hands on. There exist different types of threats and these can be considered to be of varying levels and risks to an individual’s personal information in their computers. The higher the possibility of an attack, the more advanced the security system that is to be put in place to ensure that the threat is minimized. Cyber security involves dealing with threats that range from malicious codes, which are known as malware and spyware, to computer viruses. Some of these viruses are so serious that they have the ability to erase entire operating systems of computers....

Words: 374 - Pages: 2

Free Essay

Cyber Security

...This may have a toll on security and cyber attackers may exploit the loophole to attack with more precision. Another casing point is the misappropriation of cloud . Firms have resorted in storage of data in the cloud and even run some common software in the cloud (also known as cloud computing). However, rogue members of firms are colluding with partners from other IT...

Words: 590 - Pages: 3

Premium Essay

Cyber Security

...Key stakeholders & Combatant Commanders from Department of Defense (DoD) must come to the table with planning efforts and the way ahead for DoD Cyber Institutional Unity of Effort that will cut down on duplication of efforts by each branch of service. The new Cyber CoE can take the lessons learned from the U.S. Air Force as it incorporate its new Cyber School ensuring that all training is Joint Certified. The approach taken by DoD assisting in this matter will cut down on...

Words: 503 - Pages: 3

Premium Essay

Cyber Security

...Define Cyber Security. Computer security is also known as cyber security or IT security which refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. It is an information security as applied to computers and computer networks. The field covers all the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Computer security also includes protection from unplanned events and natural disasters. Most computer security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system. The following terms are used in the engineering secure systems are explained below.  Authentication techniques can be used to ensure that communication end-points are who they say they are.  Automated theorem proving and other verification tools can enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications.  Capability and access control list techniques can be used to ensure privilege separation and mandatory access control. This section discusses their use....

Words: 519 - Pages: 3

Premium Essay

Cyber Security

...Maintaining the security of e-commerce and business processes is a major concern for system administrators. Protecting the operating systems is the main component when it comes to shielding all the information systems. The software scripts of the OS are what enable network devices, servers and desktops to communicate as a whole. OS is the glue that keeps all the files, hardware, and software together. The OS role includes managing files, processing controls of computer programs, and serving as GUI between the computer and user. With all the responsibility an OS is bound to have weaknesses. Typically, security vulnerabilities are usually rooted from glitches/bugs in the scripts that run beneath the OS. The most commonly used OS are Unix, Mac OS, and Microsoft Windows. With Windows being the leading OS, security patches have to be downloaded constantly. With out identifying a specific OS, there are advantages and disadvantages that can be implemented to protect the OS. Advantages of Securing OS Mitigating internal security threats is a common practice that should have a plan of action to protect business systems as a whole. Securing the physical hardware; servers, consoles routers etc. is essential. The actual system it self should be physically protected and authorized personal should be granted access to the systems. Many OS have back door access to get into the system incase a password is lost or authorized access can not be achieved....

Words: 2482 - Pages: 10

Premium Essay

Cyber Security

...Clear goals and objectives when it comes to protection will lead to a better protection on regards to the information security. 4. What type of security was dominant in the early years of computing? Early security was entirely physical security. - EX: Lock and Key 5. What are the three components of the C.I.A. triangle? What are they used for?...

Words: 894 - Pages: 4

Free Essay

Cyber Security: Cyber Terrorism

...Introduction Cyber security refers to the practices and processes that are used in technologies such as networks, computers, information and programs from damages by unwarranted entities (Ahmad, Yunos & Sahib, 2012). There are different attacks towards technology which may distort information or be used to create tension in an organization. Information stored in computers has some level of privacy and this depends on the level of sensitivity that such information may have towards that organization. Business strategies, political discussions and government documents are some of the documents that require a higher degree of privacy. However, there are individuals who cause deliberate attacks on the information systems of organizations and governments in order to unlawfully access information or distort the meaning of such data. The intention of cyber attacks has led to the classification of these attacks into particular classes. For example, we have cyber bullying and cyber terrorism. Under cyber bullying, the attackers use technology to abuse and intimidate their targets. Cyber bullying has been common through the presence of the social media where an individual will use pseudo-accounts to publish half truths about others with a bid to embarrass them. On the other hand, cyber terrorism involves the use of technology to access vital government sites in order to cause harm and fear in the society through terrorism activities....

Words: 1810 - Pages: 8