Please enable JavaScript.
Coggle requires JavaScript to display documents.
Computer Security (40% (Knock Kock Who's There (Authentication/Identfi…
Computer Security
40%
Knock Kock Who's There
(Authentication/Identfication)
vulnerability
Faulty of incomplete authentication
countermeasure
Strong Authentication
Something you
are
Something you
know
Something you
have
A Horse of A Different Color
(Malware)
vulnerability
Voluntary introduction
Unlimited Privilege
countermeasure
The Keys to The Kingdom
(Keylogging)
vulnerability
Physical access
Misplaced Trust
Insiders
System subversion
countermeasure
My Cup Runneth Over
(Buffer Overflow)
vulnerability
Off-By-One Error
Integer Overflow
Unterminated Null-terminated String
Parameter Length and Number
Unsafe Utility Programs/Functions
countermeasure
Bounds-checking
Language Support
Safe Languages
Safe Compilers
Security Blanket or Security Theater?
(Introduction)
countermeasure
vulnerability
2+2 = 5
(Program Security)
vulnerability
Incomplete mediation
Race condition
Time-of-check to time-of-use
Undocumented access-point
countermeasure
60%
The Root of All Evil
(Rootkits)
vulnerability
software complexity
Difficulty of detection and eradication
countermeasure
trusted systems
simplicity of design
Scanning the Horizon
(Port Scanning)
vulnerability
Revealing too much
Allowing internal access
countermeasure
System architecture
Firewall
Network Address Translation (NAT)
Security Perimeter
Do You Hear What I Hear?
(Wireless Communications)
vulnerability
Protocol Weakness
countermeasure
WEP (failed)
WPA+WPA2 (not perfect)
I Hear You Loud and Clear
(Interception)
vulnerability
wiretapping/evesdropping
countermeasure
Encryption
VPN
He Who Steals My Purse
(Data Loss)
countermeasure
Encryption
Policy
Physical Security
Data Redundancy
Cold site
Hot site
Backups
Offsite
On-site
Cloud
Network Storage
vulnerability
Unprotected availability of data
Unprotected confidentiality of data
Physical access