Scribd
Upload
68 views

Isaa Assignment 1

The document discusses various types of system vulnerabilities including hardware, software, network, and procedural vulnerabilities. It then covers network security topics such as firewalls, network segmentation, access control, and remote access VPNs. Finally, it discusses system security goals of integrity, secrecy, and availability and security tools used to test and improve system security.

Uploaded by

SANKALP MUKIM 20BDS0128
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
68 views

Isaa Assignment 1

The document discusses various types of system vulnerabilities including hardware, software, network, and procedural vulnerabilities. It then covers network security topics such as firewalls, network segmentation, access control, and remote access VPNs. Finally, it discusses system security goals of integrity, secrecy, and availability and security tools used to test and improve system security.

Uploaded by

SANKALP MUKIM 20BDS0128
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

ISAA DA-1

Name: Sankalp Mukim


Registration number: 20BDS0128

System Vulnerabilities
Vulnerabilities are weaknesses in a system that gives threats the opportunity to compromise assets.
All systems have vulnerabilities. Even though the technologies are improving but the number of
vulnerabilities are increasing such as tens of millions of lines of code, many developers, human
weaknesses, etc. Vulnerabilities mostly happened because of Hardware, Software, Network and
Procedural vulnerabilities.

1. Hardware Vulnerability
A hardware vulnerability is a weakness which can used to attack the system hardware through
physically or remotely.
For examples:
1. Old version of systems or devices
2. Unprotected storage
3. Unencrypted devices, etc.

2. Software Vulnerability
A software error happen in development or configuration such as the execution of it can violate the
security policy. For examples:
1. Lack of input validation
2. Unverified uploads
3. Cross-site scripting
4. Unencrypted data, etc.

3. Network Vulnerability
A weakness happen in network which can be hardware or software.
For examples:
1. Unprotected communication
2. Malware or malicious software (e.g.:Viruses, Keyloggers, Worms, etc)
3. Social engineering attacks
4. Misconfigured firewalls

4. Procedural Vulnerability
A weakness happen in an organization operational methods.
For examples:
1. Password procedure – Password should follow the standard password policy.
2. Training procedure – Employees must know which actions should be taken and what to do
to handle the security. Employees must never be asked for user credentials online. Make the
employees know social engineering and phishing threats.

Network Security
Network Security is vital in protecting client data and information, keeping shared data secure and
ensuring reliable access and network performance as well as protection from cyber threats. A well
designed network security solution reduces overhead expenses and safeguards organizations from
costly losses that occur from a data breach or other security incident. Ensuring legitimate access to
systems, applications and data enables business operations and delivery of services and products to
customers.

Types of Network Security Protections


1. Firewall
Firewalls control incoming and outgoing traffic on networks, with predetermined security rules.
Firewalls keep out unfriendly traffic and is a necessary part of daily computing. Network Security
relies heavily on Firewalls, and especially Next Generation Firewalls, which focus on blocking
malware and application-layer attacks.

2. Network Segmentation
Network segmentation defines boundaries between network segments where assets within the group
have a common function, risk or role within an organization. For instance, the perimeter gateway
segments a company network from the Internet. Potential threats outside the network are prevented,
ensuring that an organization’s sensitive data remains inside. Organizations can go further by
defining additional internal boundaries within their network, which can provide improved security
and access control.

3. What is Access Control?


Access control defines the people or groups and the devices that have access to network
applications and systems thereby denying unsanctioned access, and maybe threats. Integrations with
Identity and Access Management (IAM) products can strongly identify the user and Role-based
Access Control (RBAC) policies ensure the person and device are authorized access to the asset.

4. Remote Access VPN


Remote access VPN provides remote and secure access to a company network to individual hosts or
clients, such as telecommuters, mobile users, and extranet consumers. Each host typically has VPN
client software loaded or uses a web-based client. Privacy and integrity of sensitive information is
ensured through multi-factor authentication, endpoint compliance scanning, and encryption of all
transmitted data.

System Security
The security of a computer system is a crucial task. It is a process of ensuring the confidentiality
and integrity of the OS. Security is one of most important as well as the major task in order to keep
all the threats or other malicious tasks or attacks or program away from the computer’s software
system.
A system is said to be secure if its resources are used and accessed as intended under all the
circumstances, but no system can guarantee absolute security from several of various malicious
threats and unauthorized access.
The security of a system can be threatened via two violations:
• Threat: A program that has the potential to cause serious damage to the system.
• Attack: An attempt to break security and make unauthorized use of an asset.
Security violations affecting the system can be categorized as malicious and accidental threats.
Malicious threats, as the name suggests are a kind of harmful computer code or web script designed
to create system vulnerabilities leading to back doors and security breaches. Accidental Threats, on
the other hand, are comparatively easier to be protected against.
Security can be compromised via any of the breaches mentioned:
• Breach of confidentiality: This type of violation involves the unauthorized reading of data.
• Breach of integrity: This violation involves unauthorized modification of data.
• Breach of availability: It involves unauthorized destruction of data.
• Theft of service: It involves the unauthorized use of resources.
• Denial of service: It involves preventing legitimate use of the system. As mentioned before,
such attacks can be accidental in nature.

Security System Goal


Henceforth, based on the above breaches, the following security goals are aimed:
1. Integrity
The objects in the system mustn’t be accessed by any unauthorized user & any user not having
sufficient rights should not be allowed to modify the important system files and resources.
2. Secrecy
The objects of the system must be accessible only to a limited number of authorized users. Not
everyone should be able to view the system files.
3. Availability
All the resources of the system must be accessible to all the authorized users i.e. only one
user/process should not have the right to hog all the system resources. If such kind of situation
occurs, denial of service could happen. In this kind of situation, malware might hog the resources
for itself & thus preventing the legitimate processes from accessing the system resources.
Threats can be classified into the following two categories:
1. Program Threats:
A program was written by a cracker to hijack the security or to change the behavior of a normal
process. In other words, if a user program is altered and further made to perform some malicious
unwanted tasks, then it is known as Program Threats.
2. System Threats:
These threats involve the abuse of system services. They strive to create a situation in which
operating-system resources and user files are misused. They are also used as a medium to launch
program threats.

System Security tools


• John the ripper
• Nmap
• Kali Linux
• Net Sparker
• Retina
• Social Engineering Toolkit
• Nessus
• Metasploit
• Whitehat
• AirCrack-ng

You might also like