Scribd
Upload
30 views

Topic 5.0 Basic Security - Part 2

1. Social engineering, phishing, and vishing are common techniques used to fraudulently acquire sensitive information from targets. Pretexting involves exploiting human weaknesses by lying to get information, while phishing and vishing use impersonation and deception through email and voice calls. 2. Other attack methods include viruses, worms, and Trojan horses, which are types of malicious software. Viruses attach to other programs and spread, worms copy themselves across networks, and Trojan horses masquerade as legitimate programs to gain access to systems. Denial of service attacks aim to deny service to intended users. 3. Network security threats can be mitigated using tools like software updates, virus protection, firewalls

Uploaded by

محمدجوزياي
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
30 views

Topic 5.0 Basic Security - Part 2

1. Social engineering, phishing, and vishing are common techniques used to fraudulently acquire sensitive information from targets. Pretexting involves exploiting human weaknesses by lying to get information, while phishing and vishing use impersonation and deception through email and voice calls. 2. Other attack methods include viruses, worms, and Trojan horses, which are types of malicious software. Viruses attach to other programs and spread, worms copy themselves across networks, and Trojan horses masquerade as legitimate programs to gain access to systems. Denial of service attacks aim to deny service to intended users. 3. Network security threats can be mitigated using tools like software updates, virus protection, firewalls

Uploaded by

محمدجوزياي
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 28

FP303 COMPUTER

NETWORK
TOPIC 5: BASIC SECURITY
PART 2

[email protected]
Learning Outcomes
1. Understand network threat
2. Explain methods of attacks
3. Implement security measures to
protect networks
RECAP!!!!
SOCIAL ENGINEERING???
** exploiting human weaknesses

Three of the most commonly used


techniques in social engineering are:
1) Pretexting
2) Phishing
3) Vishing
PRETEXTING
• Fraudulent acquisition of sensitive information,
primarily over the telephone where an invented
scenario persuades a target of legitimacy
PHISHING
• Fraudulent acquisition of sensitive information,
through the impersonation of a trustworthy source.
• They typically contact the target individual (the
phishee) via email.
• The phisher might ask for verification of information,
such as passwords or usernames in order prevent
some terrible consequence from occurring.
VISHING
• Fraudulent acquisition of sensitive information,
through the Voice over IP (VoIP)
• With vishing, an unsuspecting user is sent a voice
mail instructing them to call a number which appears
to be a legitimate telephone-banking service.
• The call is then intercepted by a thief.
• Bank account numbers or passwords entered over
the phone for verification are then stolen.
Other methods
of attack
Method of Attack
• Social engineering is a common security threat
which preys upon human weakness to obtain
desired results
• Other than SE, there are other types of attacks
which exploit the vulnerabilities in computer
software  Viruses, Worms and Trojan Horses.
• Viruses, Worms and Trojan Horses are types of
malicious software.
Virus
• A virus is a program that runs and spreads by
modifying other programs or files.
• A virus cannot start by itself; it needs to be
activated.
• Viruses can be transmitted via email
attachments, downloaded files, instant messages
or via diskette, CD or USB devices.
• Viruses can quickly use all available memory and
bring a system to a halt or delete or corrupt
specific files before spreading.
Worm
• A worm is similar to a virus, but unlike a
virus does not need to attach itself to an
existing program.
• A worm uses the network to send copies of
itself to any connected hosts.
• Worms can run independently and spread
quickly.
• Worms – copy and use disk space in our
host.
Trojan Horse
• A Trojan horse is a non-self replicating program that
is written to appear like a legitimate program.
• A Trojan horse relies upon its legitimate appearance
to deceive the victim into initiating the program.
• It may be relatively harmless or can contain code
that can damage the contents of the computer's hard
drive.
• Trojans can also create a back door into a system
allowing hackers to gain access.
• Example: Key lodger code.
Denial of Service (DoS)
Distributed Denial of Service (DDoS)
Brute Force
Denial of Service (DoS)
• DoS attacks are aggressive attacks on an individual
computer or groups of computers with the intent to
deny services to intended users.
• DoS attacks can target end user systems, servers,
routers, and network links.
• Two common DoS attacks are:
– SYN (synchronous) Flooding - a flood of packets
are sent to a server requesting a client
connection.
– Ping of death: a packet that is greater in size than
the maximum allowed by IP
Denial of Service (DoS)
• xxxx
Distributed Denial of Service (DDoS)
• DDoS is a more sophisticated and potentially
damaging form of the DoS attack.
Distributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS)
Brute Force
• “Brutal”. Guess every possible password.
• Depending on the length and complexity of your
password, this can take time.
Spyware
Tracking Cookies
Adware
Popups
Spam
Spyware
• Spyware is any program that gathers
personal information from your
computer without your permission or
knowledge.
• Spyware is usually installed
unknowingly when downloading a file,
installing another program or clicking
a popup.
• Spyware can be very difficult to
remove.
Tracking Cookies
• Cookies are a form of spyware but
are not always bad.
• They are used to record information
about an Internet user when they visit
websites.
Adware & Popups
• Adware is a form of spyware used to collect
information about a user based on websites
the user visits.
• Adware is commonly installed by a user in
exchange for a "free" product.
• Pop-ups is additional advertising windows
that display when visiting a web site
• Can be annoying and usually advertise
products or services
Spam
• Another annoying by-product of our increasing
reliance on electronic communications is unwanted
bulk email.
• Spam is a serious network threat that can overload
ISPs, email servers and individual end-user systems.
Spam
Security Measures
Security tools
• Software patches and updates
• Virus protection
• Spyware protection
• Spam blockers
• Pop-up blockers
• Firewalls
I don’t stop when I’m tired.
I only stop when I’m done…

You might also like