Premium Essay

Vulnerability in Information

In: Computers and Technology

Submitted By lmoloi277
Words 13317
Pages 54
CHAPTER 1

Vulnerabilities, Threats, and Attacks

Upon completion of this chapter, you should be able to answer the following questions:
■ ■

What are the basics concepts of network security? What are some common network security vulnerabilities and threats?

■ ■

What are security attacks? What is the process of vulnerability analysis?

Key Terms
This chapter uses the following key terms. You can find the definitions in the glossary at the end of the book. Unstructured threats Structured threats External threats Internal threats Hacker Cracker Phreaker Spammer Phisher page 21 page 21 page 21 page 21 page 21 page 20 page 20 page 20 page 21 White hat Black hat page 21 page 21 page 28 page 28

Dictionary cracking

Brute-force computation Trust exploitation Port redirection

page 28 page 29 page 30

Man-in-the-middle attack Social engineering Phishing page 30

page 30

2

Network Security 1 and 2 Companion Guide

The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset. Network security is the process by which digital information assets are protected. The goals of network security are as follows:
■ ■ ■

Protect confidentiality Maintain integrity Ensure availability

With this in mind, it is imperative that all networks be protected from threats and vulnerabilities for a business to achieve its fullest potential. Typically, these threats are persistent because of vulnerabilities, which can arise from the following:
Note...

Similar Documents

Premium Essay

Information Security Policy for E-Government in Saudi Arabia: Effectiveness, Vulnerabilities

...Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities and Threats [Name of the Writer] [Name of the Institute] Executive Summary Introduction: In many countries, the implementation of the E-Government has proved to be useful in providing efficient services to the consumers. This increases the speed of the work and does not cause any unnecessary delays. All these aspects matters for the efficient service of the Government work. In the end, it proves to be beneficial for both Government and the citizens living in Saudi Arabia. Therefore, in this study, all the issues related to the Information Security Policy will be discussed in detail. The research study is worth for a number of reasons. Firstly, it will help in assessing the degree of effectiveness of the present security policy, security holes in the policy, and threats not addressed by the policy. It, in turn, would help in coming up with measures of ensuring that the policy is security-oriented, which increases citizens’ confidence in using e-government services. Literature Review: The primary purpose of producing literature review is to support the findings of this study via the theoretical justifications obtained from literature. The review revealed that in Saudi Arabia, there is the absence of agencies to monitor the accountability of e-government services. Most of the workers of offices in Saudi Arabia lack professionalism, and this is a great weakness in the......

Words: 10327 - Pages: 42

Premium Essay

Chapter 8 Review

...What is the relationship between risks threats and vulnerabilities ... wiki.answers.com › Categories › Uncategorized Answers.com > Wiki Answers > Categories > Uncategorized > What is the relationship between risks threats and vulnerabilities as it pertains to information system ... it 255 lab 2 solution - StudentOfFortune.com www.studentoffortune.com/question/2289555/it-255-lab-2-solution What is the relationship between risks, threats, and vulnerabilities as it pertains to information systems ... vulnerability, exploits, and the risk ... Understanding risk, threat, and vulnerability | TechRepublic www.techrepublic.com/blog/...risk-threat-and-vulnerability/1897 The three security terms “risk”, “threat”, and “vulnerability” will be defined and differentiated here: Risk. SANS Institute InfoSec Reading Room - SANS Information, … www.sans.org/.../introduction-information-system-risk-management_1204 · PDF file 4.2.3 Relating Threats to Vulnerabilities ... Once again, NIST SP 800-30 provides an excellent de finition of vulnerability as it pertains to information systems. Difference Between Threat & Vulnerability | eHow.com www.ehow.com › … › Operating Systems › Other Operating Systems A vulnerability is a weakness or flaw found in software and operating systems that threats try to exploit. Threats are malicious files or programs that attack an ... Securing Windows 2000 Server - Resources and Tools......

Words: 527 - Pages: 3

Premium Essay

Vulnerability Management Policy

...Vulnerability Management Policy Purpose The purpose of this policy is to increase the security posture of IHS systems and mitigate threats posed by vulnerabilities within all IHS-owned or leased systems and applications. Scope This policy applies to all IHS employees, contractors, vendors and agents with access to any part of IHS networks and systems. This policy applies to remote access connections used to do work from a remote location, including reading or sending email and viewing intranet web resources. Policy 1. Approved Scanning Tools 1.1 There are numerous, tools that can provide insight into the vulnerabilities on a system. Not all scanning tools have the same set of features. The CSO shall be the sole entity to implement an enterprise...

Words: 1400 - Pages: 6

Premium Essay

Abcd

...net/risk/ Abstract. We measure and compare the performance of the vulnerability handling and patch development process of Microsoft and Apple to better understand the security ecosystem. We introduce the 0-day patch rate as a new metric; being the number of patches a vendor is able to release at the day of the public disclosure of a new vulnerability. Using this measure we can directly compare the security performance of Microsoft and Apple over the last 6 years. We find global and vendor specific trends and measure the effectiveness of the patch development process of two major software vendors over a long period. For both vendors we find that major software development projects (such as a new OS release or Service Pack) consumes resources at the cost of patch development. Our data does not support the common belief that software from Apple is inherently more secure than software from Microsoft. While the average number of unpatched vulnerabilities has stabilized for Microsoft, Apple has bypassed Microsoft and shows an increasing trend. We provided an insight into the vulnerability lifecycle and trends in the insecurity scene based on empirical data and analysis. To properly plan, assess, and justify vulnerability management knowledge of the vulnerability ecosystem is important. Keywords: security, 0-day patch, vulnerability lifecycle, vulnerability ecosystem 1 Introduction The constant discovery of new vulnerabilities and exploits drives the security risks we are......

Words: 6101 - Pages: 25

Premium Essay

Vulnerability Mangement

...QUALYSGUARD® ROLLOUT GUIDE July 12, 2012 Copyright 2011-2012 by Qualys, Inc. All Rights Reserved. Qualys, the Qualys logo and QualysGuard are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.  Qualys, Inc. 1600 Bridge Parkway Redwood Shores, CA 94065 1 (650) 801 6100 Preface Chapter 1 Introduction Operationalizing Security and Policy Compliance..................................................... 10 QualysGuard Best Practices ........................................................................................... 11 Chapter 2 Rollout First Steps First Login......................................................................................................................... Complete the User Registration.......................................................................... Your Home Page................................................................................................... View Host Assets .................................................................................................. Add Hosts .............................................................................................................. Remove IPs from the Subscription..................................................................... Add Virtual Hosts ................................................................................................ Check Network Access to Scanners .....................................

Words: 38236 - Pages: 153

Premium Essay

Perfume

...Information Security Journal: A Global Perspective, 19:61–73, 2010 Copyright © Taylor & Francis Group, LLC ISSN: 1939-3555 print / 1939-3547 online DOI: 10.1080/19393550903404902 Information 1939-3547 1939-3555 Security Journal: A Global Perspective, Vol. 19, No. 2, Mar 2010: pp. 0–0 UISS Perspective An Ontological Approach to Computer System Security ABSTRACT Computer system security relies on different aspects of a computer system such as security policies, security mechanisms, threat analysis, and countermeasures. This paper provides an ontological approach to capturing and utilizing the fundamental attributes of those key components to determine the effects of vulnerabilities on a system’s security. Our ontology for vulnerability management (OVM) has been populated with all vulnerabilities in NVD (see http://nvd.nist.gov/scap.cfm) with additional inference rules and knowledge discovery mechanisms so that it may provide a promising pathway to make security automation program (NIST Version 1.0, 2007) more effective and reliable. KEYWORDS analysis system security, common vulnerability exposures, ontology, vulnerability Ju An Wang, Michael M. Guo, and Jairo Camargo School of Computing and Software Engineering, Southern Polytechnic State University, Marietta, Georgia, USA J. A. Wang, M. Approach to Computer An Ontological M. Guo, and J. Camargo System Security 1. INTRODUCTION Secure computer systems ensure that confidentiality, integrity, and availability are......

Words: 6084 - Pages: 25

Premium Essay

Seurity Assessment Report

...5 1. Information Security Policy 5 2. {Security Issue #2} 5 3. {Security Issue #3} 5 4. {Security Issue #4} 5 5. {Security Issue #5} 5 6. {Security Issue #6} 6 7. {Security Issue #7} 6 8. {Security Issue #8} 6 9. {Security Issue #9} 6 10. {Security Issue #10} 6 Introduction 7 Scope 7 Project Scope 7 In Scope 7 Out of Scope 7 Site Activities Schedule 7 First Day 7 Second Day 7 Third Day 7 Background Information 8 {CLIENT ORGANIZATION} 8 Asset Identification 9 Assets of the {CLIENT ORGANIZATION} 9 Threat Assessment 9 Threats to the {CLIENT ORGANIZATION} 9 Laws, Regulations and Policy 10 Federal Law and Regulation 10 {CLIENT ORGANIZATION} Policy 10 Vulnerabilities 10 The {CLIENT ORGANIZATION} has no information security policy 10 {State the Vulnerability} 10 Personnel 11 Management 11 Operations 11 Development 11 Vulnerabilities 11 There is no information security officer 11 {State the Vulnerability} 11 Network Security 12 Vulnerabilities 12 The {CLIENT ORGANIZATION} systems are not protected by a network firewall 12 {State the Vulnerability} 13 System Security 13 Vulnerabilities 13 Users can install unsafe software 13 {State the Vulnerability} 14 Application Security 14 Vulnerabilities 14 Sensitive information within the database is not encrypted 14 {State the Vulnerability} 14 Operational Security 15 Vulnerabilities 15 ......

Words: 3242 - Pages: 13

Premium Essay

Calculate Wov

...Unit 2 Assignment 1 Calculate the Window of Vulnerability There are four parts to be considered when calculating the WoV. These four parts are the Discovery-Time, Exploit-Time, Disclosure-Time, and Patch-Time. All four of these must be looked at and evaluated as a part of calculating the amount of time that the server will be vulnerable for. Discovery Time is the earliest date that vulnerability is discovered and recognized to pose a security risk. The discovery date is not publicly known until the public disclosure of the respective vulnerability. Exploit Time is the earliest date an exploit for vulnerability is available. We qualify any hacker-tool, virus, data, or sequence of commands that take advantage of vulnerability as an exploit. Disclosure Time is the first date vulnerability is described on a channel where the disclosed information on the vulnerability is freely available to the public, or is published by trusted and independent channel and has undergone analysis by experts such that risk rating information is included. Patch Time is the earliest date the vendor or the originator of the software releases a fix, workaround, or a patch that provides protection against the exploitation of the vulnerability. Fixes and patches offered by third parties are not considered as a patch. A patch can be as simple as the instruction from the vendor for certain configuration changes. Note that the availability of other security mechanisms such as signatures for intrusion......

Words: 828 - Pages: 4

Premium Essay

Lab 2

...Worksheet Align Risk, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls Student Name: _____________________________________________________________ 1. From the identified threats & vulnerabilities from Lab #1 – (List At Least 3 and No More than 5), High/Medium/Low Nessus Risk Factor Definitions for Vulnerabilities) a. b. c. d. e. 2. For the above identified threats and vulnerabilities, which of the following COBIT P09 Risk Management control objectives are affected? • PO9.1 IT Risk Management Framework • PO9.2 Establishment of Risk Context • PO9.3 Event Identification • PO9.4 Risk Assessment • PO9.5 Risk Response • PO9.6 Maintenance and Monitoring of a Risk Action Plan 3. From the identified threats & vulnerabilities from Lab #1 – (List At Least 3 and No More than 5), specify whether the threat or vulnerability impacts confidentiality – integrity – availability: Confidentiality Integrity Availability a. b. c. d. e. 4. For each of the threats and vulnerabilities from Lab #1 (List at Least 3 and No More than 5) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure? 5. For each of the threats and vulnerabilities from Lab #1 – (List at Least 3 – No More than 5), assess the risk impact or risk factor that it has on your organization in the following areas: a. Threat or Vulnerability #1: o Information – o Applications – o......

Words: 469 - Pages: 2

Premium Essay

Vulnerability Management Plan

...Date: 06/12/2012 Student Name: Michael Paul Douglas Student ID Number: 150777 Student Degree Program: Bachelor of Science Information Technology Security Student Email: douglasm@my.wgu.edu Four Digit Assessment/Project Code: CAPW4 Mentor Name: Martin Palma For Revisions Only Indicate Previous Grader: Submissions received with an altered, incomplete or missing cover sheet will be returned for resubmission. Submit to: Western Governors University Attn.: Assessment Delivery Department 4001 South 700 East, Suite 700 Salt Lake City, Utah 84107-2533 wgusubmittals@wgu.edu Capstone Project Cover Sheet Capstone Project Title: Vulnerability Management Plan Student Name: Mike Douglas Degree Program: Bachelor of Science Information Technology Security Mentor Name: Martin Palma Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Report Summary (Introduction) 1 Review of Other Work 3 Rationale and Systems Analysis 8 Goals and Objectives 13 Project Timeline 22 Project Development 24 References 28 Appendix 1: Competency Matrix 29 Appendix 2: CVSS GUIDE 32 Appendix 3: DICES IV vulnerability management plan 33 Capstone Report Summary (Introduction) Digital Integrated Communications Electronic System version IV (DICES IV) is......

Words: 6924 - Pages: 28

Premium Essay

Calculate the Window of Vulnerability

...Calculate the Window of Vulnerability The four parts would be the Discovery-Time, Exploit-Time, Disclosure-Time, and Patch-Time. All four of these must be looked at and evaluated. Discovery Time –is the earliest date that a vulnerability is discovered and recognized to pose a security risk. The discovery date is not publicly known until the public disclosure of the respective vulnerability. Exploit Time -is the earliest date an exploit for a vulnerability is available. We qualify any hacker-tool, virus, data, or sequence of commands that take advantage of a vulnerability as an exploit. Disclosure Time –is the first date a vulnerability is described on a channel where the disclosed information on the vulnerability is (a) freely available to the public, (b) published by trusted and independent channel and (c) has undergone analysis by experts such that risk rating information is included. Patch Time - is the earliest date the vendor or the originator of the software releases a fix, workaround, or a patch that provides protection against the exploitation of the vulnerability. Fixes and patches offered by third parties are not considered as a patch. A patch can be as simple as the instruction from the vendor for certain configuration changes. Note that the availability of other security mechanisms such as signatures for intrusion prevention systems or anti-virus tools are not considered as a patch in this analysis. Unfortunately, the availability of patches usually lags...

Words: 603 - Pages: 3

Premium Essay

Mr Security

...VULNERABILITY ASSESSMENT WHITEPAPER Automating Vulnerability Assessment This paper describes how enterprises can more effectively assess and manage network vulnerabilities and reduce costs related to meeting regulatory requirements. Automated Vulnerability Assessment / Vulnerability Management (VA/VM) solutions are supplementing and in some cases replacing manual penetration testing with an overall improvement in network security without increasing costs. New advances have eliminated the high management overhead and false positive rate issues that plagued open source and early market VA/VM entries. This whitepaper discusses: Speed of change in networks, equipment and applications plus the speed of exploit deployment is revealing weakness in corporate policies specifying relatively infrequent manual penetration testing. Perimeter defences (anti-virus, firewall and IPS/IDS) are vital, but can be bypassed by determined effort to reach and exploit known vulnerabilities that reside just inside the fence. The introduction of an automated network scanning mechanism and consolidated reporting to identify and track mitigation of known vulnerabilities is establishing a higher overall security level often using already existing budget and manpower. Table of Contents Introduction................................................................................................................................................... 3 The Challenges of Network Security Assessments .......

Words: 3435 - Pages: 14

Premium Essay

Is3110T Lab 2 Assessment Worksheet

...Lab #2 Assessment Worksheet Align Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects. b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods. c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels. 3. a. Unauthorized access from public internet - AVAILABILITY b. User destroys data in application and deletes all files - INTEGRITY c. Workstation OS has a known software vulnerability – CONFIDENTIALITY d. Communication circuit outages - AVAILABILITY e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - INTEGRITY 4. a. Unauthorized access from public internet...

Words: 934 - Pages: 4

Premium Essay

Nothing Yet

...to conduct a penetration test. Copyright SANS Institute Author Retains Full Rights AD Conducting a Penetration Test on an Organization TABLE OF CONTENTS PAGE Abstract 2 Bibliography ut ho Conclusion rr Limitation of Penetration Testing eta ins The Process and Methodology Planning and Preparation Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Information Gathering and Analysis Vulnerability Detection Penetration Attempt Analysis and Reporting Cleaning Up fu ll r igh ts. What is a Penetration Test? 2 3 3 4 6 7 9 9 10 10 11 12 14 Appendix A: Netcraft (www.netcraft.com) results on www.sans.org Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Chan Tuck Wai (twchan001) © SA Full name: Chan Tuck Wai GIAC userID: twchan001 Course: Security Essentials Version: First (Original Submission) Conference Location: Malaysia NS In sti DETAILS tu te 20 Appendix B: Penetration Testing Tools 02 ,A Page 1 © SANS Institute 2002, As part of the Information Security Reading Room. Author retains full rights. Conducting a Penetration Test on an Organization Abstract This document is decided to give readers an outlook on how a penetration test can be successfully done on an organization. A methodology has been drawn out in this...

Words: 5729 - Pages: 23

Premium Essay

Risk Assessment in Information Technology

...Risk Assessment in Information Technology Risk Assessment in Information Technology This paper will address risk assessment in Information Technology and discuss factors used to identify all kinds of risks in company network diagram. It will also assess the risk factors that are inclusive for the Company and give the assumptions related to the security data as well as regulatory issues surrounding risk assessment. In addressing the global implications, the paper will propose network security vulnerabilities and recommend the mitigation measures for the vulnerabilities. Cryptography recommendations based on data driven decision-making will be assessed, and develop risk assessment methodologies. Risk assessment in Information Technology Risk assessment is one of the mitigation methods for the Networks design. The scanners or vulnerability tools are used to identify the risks or vulnerabilities within the network design. The risks can be identified by these tools as they extend beyond software detects to incorporate other easily vulnerabilities including mis-configurations (Rouse, 2010). The shareware assessment tools are accessible online and can be used to supplement commercial scanners. Framework of risk assessment * Step 1 – categorizing information and information systems. Here unique department traits are highlighted and assigned impact levels (high, medium or low) in line with the security FISMA’s security objectives (confidentiality, integrity and......

Words: 3240 - Pages: 13