Issc342 Assignment 1

In: Computers and Technology

Submitted By mjlippold
Words 496
Pages 2
1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.
When considering the security of a system you will need to determine all the possible threats, vulnerabilities, and attacks. You will also need to consider the appropriate tradeoffs between security on one hand, and usability and cost on the other. A threat is the possibility of system compromise. For example, a threat could be the potential for unauthorized people to gain access to sensitive information, such as credit card information or health records. Microsoft (2005) Threats usually involve confidential information. An attack takes advantage of an existing vulnerability. For example, suppose a malicious user knows that some users have weak passwords and tries guessing them until gaining access to restricted resources. It is important to realize the different types of security attacks you might encounter. Once you understand these, you will learn the appropriate countermeasures to take. Microsoft (2005) The three main types of attacks are: Disclosure of data, Corruption of data, and Denial of service. Disclosure refers to unauthorized or inappropriate access to sensitive data. This is probably the most common form of attack. An example of disclosure is a file that holds confidential payroll information. If this file finds its way into the hands of someone who should not be privy to the data, then the data has been disclosed. Data corruption is mainly the realm of a computer virus, rather than that of intruders. Very few intruders actually wish to destroy data; most attack computer systems for entertainment and for the intellectual challenge. If data is corrupted, the only real remedy is restoration from a previous backup. Denial-of-service attacks have become one of the most common forms of attack on the Internet today because many can be…...