Please enable JavaScript.
Coggle requires JavaScript to display documents.
Threats, Detection system, Prevention tools, Types of cyber criminal,…
Threats
-
-
Botnet: a network infected with malicious software and controlled without the owners knowledge. To spend spam or hoax emails.
-
Phishing: Attempting to acquire personal information for malicious reasons such as fraud or pretending to be a known and trusted individual
Detection system
Intrusion detection systems will identify the incidents and potential threats. While a firewall is there to keep out the malicious attacks an IDS is there to detect whether someone is up to suspicious activity.
-
An IPS is there to block potential threats because they monitor, log and report the activities. IDS will detect what attacks are happening and then the network manager will be able to act on it.
-
Network sensors have a quick response than host sensors and they are easier to implement. A NIDS can detect attacks than an HIDS will miss because it looks at a packet header in real time. But HIDS will also be able to pick up some things that NIDS wont such as unauthorized users making changes to a system file.
-
Firewalls may be able to show you the ports and the IP addresses that are used between the hosts. NIDS can be tuned to show content within packets.
-
Analyzes the amounts and types of attack which can be used to change your security systems or implement new controls that are more effective.
-
Gives a greater visibility across the network which will make it easier to meet security regulations
-
Sensors can detect network devices and hosts; they can inspect the data within the network packets and identify the service or operating systems that are being utilized.
-
-
-
-
Information from an IP packet is read by a IDS but the network address can be spoofed I an attacker is using a fake address.
Prevention tools
-
Anomaly based: software designed to detect computer intrusions by monitoring system activity and classifying if its normal or anomalous
-
Encryption: an attempt to ensure data security by the use of encrypted code. In order to read the message of a encrypted you need a key then you will be able to decrypt the message.
Intrusion prevention system: Examines network traffic flows to prevent and detect vulnerability exploits.
-
Penetration testing: A software tool that tests a computer for its vulnerabilities that could be exploited by an attacker.
Account lockout: A security method that locks any account when the password has been entered wrong multiple times
Types of cyber criminal
social engineer: hackers use this method to access computers without authorization. Fools people into breaking into normal security procedures such as guarding their password.
Phisher: Attempting to acquire personal information for malicious reasons such as fraud or pretending to be a known and trusted individual.
-
-
-
-