Class Notes (839,194)
Canada (511,223)
MGAD30H3 (1)
Peter (1)
Lecture

Chapter 3 _ Security Part I _ Auditing Operating Systems and Networks.docx

4 Pages
374 Views

Department
Financial Accounting
Course Code
MGAD30H3
Professor
Peter

This preview shows page 1. Sign up to view the full 4 pages of the document.
Description
Chapter 3 – Security Part I – Auditing Operating Systems and Networks Overview  Principal threats to the OS and control techniques  Risks over intranet and internet  Risks associated with personal computing systems  Risks that arise in connection with EDI Auditing Operating systems  Computer’s control program  Allows users to share and access common computer resources (i.e. processors, databases) Operating system objectives  3 main tasks: translate computer language, allocate computer resources, manages tasks of scheduling  Jobs are sent to computer through: system operator, batch-job queues, and telecommunications  5 control objectives: protect from users, users to each other, users to themselves, itself, and environment Operating system security  Log-on procedure: requests for user ID and password  Access Token: contains information about user, user ID, password, and access privileges  Access Control list: database of who has access to what  Central system admin determines who has access. In distributed systems, end users manage themselves Threats to operating system integrity  3 threats: privileged personnel who abuse their authority, those who seek to exploit security flaws, those who intentionally insert destructive programs into operating systems Operating System controls and audit tests o Audit objectives: verify that access privileges are granted in a manner that is consistent with separating incompatible functions and in accordance with organization’s policy o Audit procedures: review org policies for separation, match job descriptions to access, review if there was a security check on employees, permitted log- on times  Contra security to passwords: forgetting, failing to change, post-it syndrome, simple passwords  Two way password: pin + keypad (physical) o Audit objectives re passwords: adequate and effective password policy o Audit procedures: verify if policies are being followed o Audit objectives re virus: strict policies and procedures against virus infections o Audit procedures: observe that operations personnel have been educated about computer viruses, verify that current antiviral software, new software is tested on isolated workstations first  System audit trails are logs that record activity  Keystroke monitoring: recording user’s keystrokes and the system’s responses  Event monitoring: summarizes key activities related to system resources (i.e. who accessed the system and when) o Audit objectives: detecting authorized access, facilitating reconstruction of events, and promoting accountability o Audit procedures: ensure audit trail is active, scan log for unusual activity and look into follow-up activity Intranet risks  Consists of small LANs and large WANs  Used to connect employees  Reasons to be a threat: vengeance, desire for a challenge, profit from selling secrets  Sniffing: unauthorized interception of information by a node on a network  Reluctance to prosecute: too embarrassed to admit breach of security but new legal obligation to disclose for negligent hiring liability Internet risks  IP spoofing: masquerading IP to gain unauthorized access  Denial of service attack (DOS): attacking a website so it does not have capacity to service others o SYN flood: 3- way handshake. Attacker sends syn, victim responds with ack, but attacker doesn’t complete with the syn-ack  How to protect? Use a firewall if IP can be traced o Smurf attack: perpetrator sends a request to an intermediary that sends multiple attacks to the victim o Distributed denial of service (DDos): similar to syn flood or smurf but uses a IRC (internet relay chat) to source for zombies and increase the attack Controlling risks from subversive threats  Firewalls: a system that prevents access between two networks o Network-level: examines source and its destination o Application-level: run proxies o Most have dual-home systems: one to screen incoming requests from the internet and other to provide access to the intranet
More Less
Unlock Document

Only page 1 are available for preview. Some parts have been intentionally blurred.

Unlock Document
You're Reading a Preview

Unlock to view full version

Unlock Document

Log In


OR

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


OR

By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.


Submit