Foundations of Security
Module 1
Simplifying Security.
1 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Scenario
Franklin, an employee working for an Copyright © by EC-Council
organization, downloads free software All Rights Reserved. Reproduction is Strictly Prohibited.
from a website. After installing the
software, however, Franklin's system
reboots and starts to malfunction.
What might have gone
wrong with Franklin’s system?
What would you have done in
Franklin’s place?
2
May 23, 2011
Home‐computer Users at Risk Due to Use of ‘Folk Model’ Security
EAST LANSING, Mich. — Most home computers are vulnerable to hacker attacks because the users either mistakenly think they have
enough security in place or they don’t believe they have enough valuable information that would be of interest to a hacker.
That’s the point of a paper published this month by Michigan State University’s Rick Wash, who says that most home‐computer users rely
on what are known as “folk models.” Those are beliefs about what hackers or viruses are that people use to make decisions about security
– to keep their information safe.
Unfortunately, they don’t often work the way they should.
“Home security is hard because people are untrained in security,” said Wash, an assistant professor in the Department of
Telecommunication, Information Studies and Media. “But it isn’t because people are idiots. Rather they try their best to make sense of
what’s going on and frequently make choices that leave them vulnerable.”
http://news.msu.edu
3 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
May 23, 2011 8:21:51 PM ET
'Fakefrag' Trojan Scares You into Paying Up
A devious new Trojan is putting the fear of hard drive failure
into computer owners, and then rushing in to "save" the day —
at your expense.
Once the "Fakefrag" Trojan finds its way onto your system via
specially crafted malicious Web pages, it gets to work on the
task of making you believe all your files have been erased from
your hard drive, the security firm Symantec reported.
Scareware scams, which try to convince users they have a
computer virus, and then trick them into purchasing fake
antivirus software, are nothing new. However, Fakefrag takes
the crime a step further: it actually moves your files from the
"All Users" folder to a temporary location, and hides files in the
"Current User" folder, Symantec said.
http://www.msnbc.msn.com
4 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Objectives
Security Incidents Layers of Security
Essential Terminologies
Computer Security Security Risks to Home Users
Why Security?
Potential Losses Due to Security What to Secure?
Attacks
Elements of Security What Makes a Home Computer
Fundamental Concepts of Security Vulnerable?
What Makes a System Secure?
Benefits of Computer Security
Awareness
Basic Computer Security Mechanisms
5 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Essential Computer Potential
Losses Due
Terminologies Security to Security
Attacks
Elements of Layers of Security What to
Security Security Risks to Secure?
Home Users
What Makes Benefits of Basic
a Home Computer Computer
Computer Security Security
Awareness Mechanisms
Vulnerable?
6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Security Incident Occurrences Over Time
Report on January, 2011
Security Incident Occurrences Over Time 900 14 23 537 787 604 409
511
800 2003 2004 141 2009 10
2007 2008
700 2005 2006 2010 2011
http://datalossdb.org
600
500
400
300
200
100
6
0
2002
Years
7 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Security Incidents by Breach Type - 2011
A security incident is “Any real or suspected adverse event in relation to the
security of computer systems or computer networks.”
http://www.cert.org
40%
10% 10% 10% 10% 10% 10%
Stolen Stolen Lost Hack Web Disposal Unknown
Document
Laptop Document Laptop
http://datalossdb.org
8 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Essential Terminologies
Threat Exploit Vulnerability
An action or event that A defined way to breach Existence of a weakness,
has the potential to the security of an IT design, or implementation
compromise and/or system through error that can lead to an
violate security vulnerability unexpected, undesirable
event compromising the
Cracker, Attacker, Attack security of the system
or Intruder
Any action derived from Data Theft
An individual who breaks intelligent threats to
into computer systems in violate the security of the Any action of stealing
order to steal, change, or system the information from the
destroy information users’ system
9 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Computer Security
Security is a state of well‐ Computer security refers to Users should focus on
being of information and the protection of computer various security threats and
infrastructure systems and the countermeasures in order to
information a user stores or protect their information
processes assets
123
10 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Why Security?
Computer security is Computer administration
important for protecting the and management have
confidentiality, integrity, and become more complex
availability of computer which produces more attack
systems and their resources avenues
Evolution of technology has Network environments and
focused on the ease of use network‐based applications
while the skill level needed provide more attack paths
for exploits has decreased
11 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Potential Losses Due to
Security Attacks
Misuse of computer Financial loss
resources
Data loss/theft Unavailability of
resources
Loss of trust Identity theft
12 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Essential Computer Potential
Losses Due
Terminologies Security to Security
Attacks
Elements of Layers of Security What to
Security Security Risks to Secure?
Home Users
What Makes Benefits of Basic
a Home Computer Computer
Computer Security Security
Awareness Mechanisms
Vulnerable?
13 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Elements of Security
Confidentiality is “ensuring Integrity is “ensuring that the Non‐repudiation is “ensuring that a
that information is accessible information is accurate, party to a contract or a communication
only to those authorized to complete, reliable, and is in its cannot deny the authenticity of their
have access” (ISO‐17799) original form” signature on a document”
Confidentiality Authenticity Integrity Availability Non‐
Repudiation
Authenticity is “the Availability is “ensuring that the
identification and assurance information is accessible to
of the origin of information” authorized persons when
required without delay”
14 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
The Security, Functionality, and Ease
of Use Triangle
Applications/software products by default are preconfigured for ease of use, which makes the
user vulnerable to various security flaws
Similarly, increased functionality (features) in an application make it difficult to use in addition
to being less secure
Moving the ball toward Security
security means moving
away from the (Restrictions)
functionality and ease of
use
Ease of Functionality
Use
(Features)
15 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Fundamental Concepts of Security
Precaution Adhering to the preventative measures while
using computer system and applications
Maintenance Managing all the changes in the computer
applications and keeping them up to date
Reaction
Acting timely when security incidents occur
16 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Layers of Security Layer 5
Layer 4
Layer 2 Layer 3 User
Security
Layer 1 System Application
Security Security Ensures that a valid
Network user is logged in
Protects the system Covers the use of and that the
Physical Security and its information software, logged‐in user is
from theft, hardware, and allowed to use an
Security Protects the corruption, procedural application/
networks and unauthorized methods to protect program
access, or misuse applications from
Safeguards the their services from external threats
personnel, unauthorized
hardware, programs, modification,
networks, and data destruction, or
from physical
disclosure
threats
17 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Security Risks to Home Users
Home computers are prone to various cyber attacks as they provide attackers easy
targets due to a low level of security awareness
Security risk to home users arise from various computer attacks and accidents
causing physical damage to computer systems
Computer Attacks Computer Accidents
Malware attacks Hard disk or other component failures
Email attacks Power failure and surges
Mobile code (Java/JavaScript/ActiveX) attacks Theft of a computing device
Denial of service and cross‐site scripting attacks
Identity theft and computer frauds
Packet sniffing
Being an intermediary for another attack
(zombies)
Note: These threats and their countermeasures will be discussed in detail in the later modules
18 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
What to Secure?
Hardware Software
Laptops, Desktop PCs, CPU, Operating system and software
hard disk, storage devices, applications
cables, etc.
Information Communications
Personal identification such as Emails, instant messengers, and
Social Security Number (SSN), browsing activites
passwords, credit card numbers,
etc.
19 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Essential Computer Potential
Losses Due
Terminologies Security to Security
Attacks
Elements of Layers of Security What to
Security Security Risks to Secure?
Home Users
What Makes Benefits of Basic
a Home Computer Computer
Computer Security Security
Awareness Mechanisms
Vulnerable?
20 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
What Makes a Home Computer
Vulnerable?
Low level of Default computer and Increasing online
security awareness application settings activities
None or very little Not following any
investment in standard security
security systems policies or guidelines
21 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
What Makes a System Secure?
System security measures help protect computers and information stored in the systems
from accidental loss, malicious threats, unauthorized access, etc.
System Access Controls Data Access Controls
Ensure that unauthorized users do not Monitor system activities such as who is
get into the system accessing the data and for what purpose
Force legal users to be conscious about Define access rules based on the system
security security levels
System and Security System Design
Administration
Deploy various security characteristics in
Perform regular system and security system hardware and software design
administration tasks such as configuring such as memory segmentation, privilege
system settings, implementing security isolation, etc.
policies, monitoring system state, etc.
Copyright © by EC-Council
22 All Rights Reserved. Reproduction is Strictly Prohibited.
Benefits of Computer Security
Awareness
Computer security awareness helps minimize the chances of computer attacks
It helps prevent the loss of information stored on the systems
It helps users to prevent cybercriminals from using their systems in order to
launch attacks on the other computer systems
It helps users minimize losses in case of an accident that causes physical damage
to computer systems
It enables users to protect sensitive information and computing resources from
unauthorized access
23 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Summary
Security is a state of well‐being of information and infrastructures
Computer security is the protection of computing systems and the data that they
store or access
Confidentiality, integrity, non‐repudiation, authenticity, and availability are the
elements of security
Security risk to home users arise from various computer attacks and accidents
causing physical damage to computer systems
Computer security awareness helps minimize the chances of computer attacks and
prevent the loss of information stored on the systems
24 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Basic Computer Security Checklist
Use of strong passwords
Use of anti‐virus systems
Regular update of operating system and other installed applications
Regular backup of important files
Use of encryption techniques and digital signatures
Use of firewall and intrusion detection systems
Following standard guidelines for Internet activities
Physical security of computing infrastructure
Awareness of current security scenario and attack techniques
25 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.