Class 12.docx

6 Pages
122 Views
Unlock Document

Department
Information Technology Management
Course
ITM 100
Professor
Alexander Cram
Semester
Winter

Description
Securing Information Systems – Chapter 8 (Class 12) System Vulnerability and Abuse Why systems are vulnerable? - Network accessibility - Hardware problems (breakdowns, configuration errors, damage from improper use or crime) - Software problems (programming errors, installation errors, unauthorized changes) - Loss and theft of portable devices Internet Vulnerabilities - Network open to anyone - Size of internet means abuses can have a wide impact - Use of fixed internet addresses with cable or DSL modems creates fixed target hackers - Unencrypted VOIP - E-mail, P2P, Instant messaging o Interception o Attachments with malicious software o Transmitting trade secrets Wireless security challenges - Radio frequency bands are easy to scan - SSIDs o Identify access points o Broadcast access points o War driving: eavesdropping drive by buildings and try to detect SSID and gain access to network and resources o WEP  Security standard for 802.11; uses shared password for both users and access point; users often ail to implement WEP or stronger systems Malicious Software - Computer viruses: Rogue software programs that attach to other programs in order to be executed, usually without user knowledge or permission. - Trojan Horse: A software program that appears to be benign, but then does something unexpected; often transports a virus into a computer system. - Worms: Programs that copy themselves from one computer to another over networks. Can destroy data, programs, and halt operation of computer networks. Hackers & Computer Crime - Hackers: individuals who attempt to gain unauthorized access to a computer system. o Cracker: a hacker with a criminal intent - Cyber vandalism: intentional disruption, defacement, or destruction of a website or system System vulnerability and Abuse - Spoofing: pretending to be someone else, or redirecting a web link to an unintended address - Sniffing: eavesdropping program that monitors information travelling over a network - Denial of service (DoS) Attacks: Hackers flood a server with false communications in order to crash the system. Distributed DoS use numerous computers to crash the network. - Computer crime: the commission of illegal acts through the use of a computer or against a computer system o Identity theft: imposter obtains key pieces of personal information o Phishing: setting up fake websites or sending fake emails that look legitimate and using them to
More Less

Related notes for ITM 100

Log In


OR

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


OR

By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.


Submit