Computer Security

and Assurance
(COMP471– 2CrHr)

Sem. I - 2014

Department of Computer Science

College of Informatics
KIOT
Wollo University
 Network Security/ More on Web
Security

Web
Web (WWW)
(WWW) is is aa client/server
client/server application
application
running
running over
over the
the Internet
Internet or
or TCP/IP
TCP/IP intranet
intranet
Web
Web presents
presents newnew challenges
challenges notnot well
well
appreciated
appreciated inin the
the context
context ofof the
the main
main
stream
stream computer/network
computer/network security
security

 It
It is
is aa very
very visible
visible outlet
outlet for
for corporate
corporate and
and
business
business transactions
transactions thatthat may
may leadlead toto
damages
damages and
and loses
loses

 Web
Web servers
servers are
are easy
easy to
to configure
configure and
and web
web
content
content is
is easy
easy to
to develop
develop and
and manage,
manage, butbut
the
the underlying
underlying software
software is
is getting
getting
extraordinarily
extraordinarily complex
complex thatthat may
may hide
hide many
many
potential
potential security
security flaws
flaws

 Web
Web server
server can
can be
be exploited
exploited as
as aa launching
launching
Network Security/ More on Web Security
Types
Types of
of Web
Web threats
threats and
and counter
counter measures:
measures:

 Integrity
Integrity -- Cryptographic
Cryptographic checksums
checksums
 Data,
Data,memory
memoryand/or
and/ormessage
messagemodification
modification
 Trojan
Trojanhorse
horsebrowser
browser

 Confidentiality - Encryption
Confidentiality - Encryption

 Eavesdropping
Eavesdropping
 Theft
 Theft of
ofdata
datafrom
fromclient
client&
&information
informationfrom
fromServer
Server
 Access
 Accesstotoinformation
informationabout
aboutnetwork
networkconfiguration
configuration
 Access
 Access to to information
information about
about which
which client
client is
is
communicating
communicating

 Denial
Denial of
of Service
Service –– Detection
Detection and
and action
action (suspicious
(suspicious
pattern)
pattern)
 Killing
 Killingof
ofuser
userthread
thread
 Machine
 Machineflooding
flooding
 Filling
 Fillingup
updisk/memory
disk/memory
 Isolating
 Isolatingmachine
machineby byDNS
DNSattacks
attacks

 Authentication
Authentication –– Cryptographic
Cryptographic techniques
techniques
 Network Security/ More on Web
Security

Types
Types ofof threats
threats faced
faced in
in using
using the
the
Web
Web can
can also
also be
be classified
classified in
in terms
terms of
of
the
the location
location of
of the
the threat:
threat:

 Web
Web server
server (computer
(computer system
system security)
security)

 Web browser (computer system security)
Web browser (computer system security)

 Network traffic between browser and server
WebNetwork
securitytraffic
(Web between
trafficbrowser and
security) server
mainly
Web security
(network
(network (Web traffic security) mainly
security)
security)
falls
falls into
into the
the category
category of of Network
Network traffic
traffic
security
security
Different
Different Web
Web security
security approaches
approaches provide
provide
similar
similar services
services but
but differ
differ with
with respect
respect toto
their
their scope
scope ofof applicability
applicability and
and their
their
relative
relative location
location in
in the
the TCP/IP
TCP/IP protocol
protocol
 Network Security/ More on Web
Security

Security
Security facilities
facilities in
in the
the TCP/IP
TCP/IP protocol
protocol
stack
stack
 Network Security/ More on Web
Security
Use
Use of
of IP
IP Security
Security (IPSec)
(IPSec) (Figure
(Figure a)
a)

 Transparent
Transparent to to applications
applications

 Provide
Provide general
general purpose
purpose solution
solution

 Provides
Provides filtering
filtering capability
capability
Security
Security just
just above
above TCP
TCP (Figure
(Figure b)
b)

 SSL:
SSL: Secure
Secure Socket
Socket Layer
Layer

 TLS: Transport Layer Security
TLS: Transport Layer Security
 SSL/TLS
 SSL/TLS could
could be
be provided
provided as
as part
part of
of the
the underlying
underlying
protocol
protocol suite
suite =>
=> Transparent
Transparent toto applications
applications
 Alternatively,
 Alternatively, can
can be
be embedded
embedded into
into applications
applications
 Example:
 Example: Netscape
Netscape and
and Microsoft
Microsoft Explorer
Explorer browsers
browsers
are
areequipped
equippedwith
withSSL
SSL
Application
Application specific
specific security
security services
services (Figure
(Figure
c)
c)

 Embedded
Embedded within
within specific
specific application
application

 Network Security/ More on Web
Network Security
Security
Web Security: Secure
WebSecurity: Secure Electronic
Electronic Transactions
Transactions
(SET)
(SET)
An
An open
open encryption
encryption and
and security
security
specification.
specification.
Protect
Protect credit
credit card
card transaction
transaction on
on
the
the Internet.
Internet.
Companies
Companies involved:
involved:

 MasterCard,
MasterCard, Visa,
Visa, IBM,
IBM, Microsoft,
Microsoft,
Netscape,
Netscape, RSA,
RSA, Terisa
Terisa and
and Verisign
Verisign
Not
Not aa payment
payment system
system but
but enables
enables
users
users to
to employ
employ the
the existing
existing credit
credit
credit
credit card
card payment
payment infrastructure
infrastructure
 Network Security/ More on Web
Network Security
Security
Web
Web Security:
Security: SET
SET Services
Services

Provides
Provides aa secure
secure communication
communication
channel
channel inin aa transaction.
transaction.
Provides
Provides trust
trust byby the
the use
use of
of X.509v3
X.509v3
digital
digital certificates.
certificates.
Key
Key Features
Features of
of SET:
SET:

 Confidentiality
Confidentiality of
of information
information

 Integrity
Integrity of
of data
data

 Cardholder
Cardholder account
account authentication
authentication

 Merchant
Merchant authentication
authentication
 Network Security/ More on Web
Network Security
Security
Web
Web Security:
Security: SET
SET Participants
Participants

Cardholder:
Cardholder: Authorized
Authorized holder
holder of of Payment
Payment
Card
Card
Merchant:
Merchant: Has Has goods
goods to to sell
sell to to the
the
Cardholder.
Cardholder.
Issuer:
Issuer: Financial
Financial institution
institution (such
(such asas bank)
bank) ––
connected
connected with
with the
the Cardholder.
Cardholder.
Acquirer:
Acquirer: Verifies
Verifies that
that aa card
card account
account is is
active
active and
and the
the proposed
proposed purchase
purchase does
does not
not
exceed
exceed the
the credit
credit limit
limit –– Connected
Connected withwith the
the
Merchant.
Merchant.
Payment
Payment gateway:
gateway: Operated
Operated by by the
the acquirer
acquirer
or
or aa designated
designated third
third party
party that
that processes
processes
 Network Security/ More on Web
Network Security
Security
Web
Web Security:
Security: SET
SET Participants
Participants
 Network Security/ More on Web
Network Security
Security
Web
Web Security:
Security: SET
SET ((Sequence
Sequence of
of events
events for
for
transactions)
transactions)
1.
1. The
The customer
customer opens
opens anan account.
account.
2.
2. The
The customer
customer receives
receives aa certificate.
certificate.
3.
3. Merchants
Merchants have
have their
their own
own certificates.
certificates.
4.
4. The
The customer
customer places
places anan order.
order.
5.
5. The
The merchant
merchant isis verified.
verified.
6.
6. The
The order
order and
and payment
payment are are sent.
sent.
7.
7. The
The merchant
merchant request
request payment
payment
authorization.
authorization.
8.
8. The
The merchant
merchant confirm
confirm thethe order.
order.
9.
9. The
The merchant
merchant provides
provides the the goods
goods or
or
service.
service.
Software
Software Security
Security
Information
Information Security
Security
Legal
Legal Issues
Issues
 Software Security
Majority
Majority ofof security
security incidents
incidents result
result
from
from defects
defects in
in software
software design
design oror
code
code
Attackers
Attackers exploit
exploit the
the security
security holes
holes
left
left out
out by
by software
software developers
developers
Post-deployment
Post-deployment security
security is
is more
more
popular
popular than
than pre-deployment
pre-deployment
because:
because:

 Easily
Easily understood
understood by
by administrators
administrators

 Difficult
Difficult to
to get
get security
security “assurance”
“assurance”
from
from vendor
vendor
 Vendors
 Vendors are
are obsessed
obsessed by
by “time-to-market”
“time-to-market”

 Difficult to know/tailor security requirements
 Software Security
Risk
Risk Management
Management

Software
Software security
security as
as risk
risk
management!
management!
Risk:
Risk: “The
“The possibility
possibility of
of suffering
suffering
harm
harm oror loss”
loss”
Management:
Management: “The “The act
act or
or art
art ofof
treating,
treating, directing,
directing, carrying
carrying on,
on, or
or
using
using for
for aa purpose”
purpose”
Risk
Risk Management
Management is is the
the process
process
concerned
concerned withwith

 identification,
identification, measurement,
measurement, control
control
 Software Security
Risk
Risk Management
Management …
…
Methods
Methods of
of risk
risk treatment:
treatment:

 Mitigate
Mitigate or
or suppress
suppress

 Accept
Accept
 Transfer
 Transfer (insurance)
(insurance)
 Ignore
 Ignore (poor
(poor –– often
often used)
used)
Types
Types of
of countermeasures
countermeasures

 Preventive
Preventive

 Detective
Detective

 Corrective
Corrective
In
In case
case of
of risk
risk acceptance
acceptance

 Request
Request documented
documented justification
justification

 Get formal approbation (sign-off) by senior
Get formal approbation (sign-off) by senior
management
management
 Have the decision reviewed after a year
 Software Security
Software
Software Risk
Risk Management
Management

Use
Use aa high
high quality
quality software
software
engineering
engineering methodology
methodology
Risk
Risk analysis
analysis should
should be
be performed
performed at
at
every
every stage
stage of
of the
the development
development

 Requirement
Requirement analysis
analysis

 Design
Design

 Coding
Coding

 Testing,
Testing, etc
etc
 Software Security
Selecting
Selecting Technologies
Technologies
Languages
Languages

 The
The choice
choice of of aa programming
programming
language
language hashas anan impact
impact onon how
how
secure
secure the
the software
software will
will be
be

 Security
Security problems
problems are
are common
common for
for
some
some languages
languages

 C,
C, C++
C++ =>
=> Buffer
Buffer overflow
overflow

 Java
Java =>
=> Exception
Exception handling,
handling, etc
etc

 High
High level
level languages
languages hide
hide what
what they
they
are
are doing
doing (ex.
(ex. Swapping
Swapping to
to disk)
disk)

 The
The programmer
programmer doesn’t
doesn’t know
know that
that
 Software Security
Selecting
Selecting Technologies…
Technologies…
Operating
Operating systems
systems

Typical
Typical Operating
Operating Systems
Systems
(Windows,
(Windows, Linux,
Linux, etc)
etc) have
have

 Authentication
Authentication of
of users
users

 Resource access
Resource access control
control (authorization
(authorization
&& limitation)
limitation)
Memory,
Memory, Files,
Files, etc.
etc.

 Integrity
Integrity of
of shared
shared resources
resources

Operating
Operating systems
systems have
have different
different
levels
levels of
of security
security
 Software Security
Selecting
Selecting Technologies…
Technologies…

Authentication
Authentication technologies
technologies

Password
Password

Host-Based
Host-Based (ex.
(ex. IP)
IP)

Physical
Physical token
token (ex.
(ex. Smartcard)
Smartcard)

Biometrics
Biometrics
 Information Security
Policies,
Policies, Standards
Standards and
and Procedures
Procedures
Security
Security attacks
attacks come
come fromfrom the
the various
various
security
security threats
threats and
and vulnerabilities
vulnerabilities
Security
Security techniques/solutions
techniques/solutions are
are
available
available to
to minimize
minimize thethe risks
risks
The
The human
human factor
factor is
is aa major
major concern
concern in
in
security
security
Organizations
Organizations need
need to to ensure
ensure that
that the
the
security
security of of their
their information
information is is
protected
protected irrespective
irrespective of of the
the employees
employees
they
they may
may have
have
Information Security: Policies
and Procedures
A
A policy
policy is
is aa high-level
high-level
statement
statement of
of enterprise’s
enterprise’s
beliefs,
beliefs, goals,
goals, and
and procedures;
procedures;
and
and the
the
Standardsgeneral
generalaremeans
means for
for their
their
mandatory
Standards are mandatory
attainment
attainment
requirements that support
requirements that support
individual
individual
Procedures policies
policies
Procedures areare mandatory
mandatory step-
step-
by-step,
by-step, detailed
detailed actions
actions
required
required to to complete
complete aa task task
successfully
successfully are
Guidelines similar to
Guidelines are similar to
standards
standards but
but are
are not
not
Information Security: Policies
and Procedures

The
The objective
objective ofof anan information
information
security
security is
is to
to protect
protect the
the integrity,
integrity,
confidentiality
confidentiality and
and availability
availability of
of the
the
information
information
An
An information
information protection
protection program
program
should
should bebe part
part of
of an
an overall
overall asset
asset
Information
protection
Information
protection programsecurity
security
program policies,
policies,
standards
standards andand procedures
procedures enable
enable
organizations
organizations to
to

 Ensure
Ensure that
that their
their security
security policies
policies are
are
properly
properly addressed
addressed

 Every
Every employee
employee knows
knows what
what he/she
he/she needs
needs
to
to do
do to
to ensure
ensure the
the information
information security
security of
of
 Information Security: Policies and
Procedures

Developing
Developing policies:
policies: A
A good
good policy
policy should
should
Be
Be easy
easy to
to understand
understand (By (By all
all people
people whowho will
will have
have
to
to read
read the
the policy)
policy)
Be
Be applicable
applicable (Don’t
(Don’t copy
copy others’
others’ policy
policy word
word by
by
word
word since
since it
it may
may not
not bebe applicable
applicable to to you)
you)
Be
Be doable
doable (The
(The restrictions
restrictions should
should notnot stop
stop work!)
work!)
Be
Be enforceable
enforceable (If(If it
it cannot
cannot be be enforced,
enforced, it it will
will
probably
probably remain
remain onon paper)
paper)
Be
Be phased
phased inin (Organizations
(Organizations need need time
time to
to digest
digest
policy)
policy)
Be
Be proactive
proactive (Say
(Say what
what needs
needs toto be
be done
done rather
rather than
than
what
what isis not
not allowed)
allowed)
Avoid
Avoid absolute
absolute (Be
(Be diplomatic)
diplomatic)
Meet
Meet business
business objectives
objectives ((Should
Should lower
lower the
the security
security
risks
risks to
to aa level
level acceptable
acceptable by
by the
the organization
organization without
without
 Information Security: Policies
and Procedures

Developing policies: There

Developing policies: There are
are three
three types
types (Tiers)
(Tiers)
of
of policies
policies
Global
Global policies
policies (Tier
(Tier 1)
1)
 Used
 Used to
to create
create the
the organization’s
organization’s overall
overall vision
vision
and
and direction
direction
Topic
Topic specific
specific policies
policies (Tier
(Tier 2)
2)

 Address
Address particular
particular subject
subject of
of concern
concern
 Ex.
 Ex. Antivirus,
Antivirus, E-mail
E-mail
Application-specific
Application-specific policies
policies (Tier
(Tier 3)
3)

 Decisions
Decisions taken
taken byby management
management to
to
control
control particular
particular applications
applications
 Ex.
 Ex. Accounting
Accounting system
system
 Information Security: Policies
and Procedures
Developing policies: Global
Developingpolicies: Global policy
policy
The
The components
components ofof aa global
global policy
policy
typically
typically include
include

 Scope
Scope

 Responsibilities
Responsibilities
Who
Who is
is responsible
responsible for
for what
what

 Compliance
Compliance or or consequences
consequences
What
What will
will happen
happen if
if you
you are
are not
not compliant
compliant
Writing
Writing aa policy
policy requires
requires aa lot
lot of
of
(multiple)
(multiple) skills
skills and
and attention
attention
A
A global
global policy
policy isis developed
developed byby aa
steering
steering committee
committee established
established for
for
 Information Security: Policies
and Procedures
Developing
Developing policies:
policies: Examples
Examplesof
ofpolicy
policystatements
statements

Exchanges
Exchanges of of information
information and and
software
software between
between aa company
company and and
any
any other
other organization
organization will
will be
be
controlled
controlled inin accordance
accordance with
with its
its
classification.
classification. The
The exchange
exchange of of
information
information will
will comply
comply with
with any
any
regulatory
regulatory policies.
policies.
To
To ensure
ensure protection
protection ofof corporate
corporate
information,
information, the
the owner
owner shall
shall use
use aa
formal
formal review
review process
process toto classify
classify
information into one of the
 Information Security: Policies
and Procedures
Information
Information Classification
Classification Policy
Policy
Why
Why classify?
classify?

 Among
Among the
the information
information available
available in
in the
the enterprise
enterprise
there
there are
are (approx.)
(approx.)
 10%
 10%confidential
confidential information
information
 80%
 80%internal
internal use
use information
information

 10%
10%public
publicinformation
information

 It
It would
would be
be aa big
big aa waste
waste of
of resources
resources to
to give
give the
the
same
same level
level of
of security
security for
for all
all the
the information
information

 You
You don’t
don’t put
put everything
everything you
you own
own inin aa safe!
safe!
What
What is
is aa confidential
confidential information
information

 Information,
Information, if if disclosed,
disclosed, could
could
 Violate
Violate privacy
privacyof of individuals
individuals
 Reduce
Reduce company’s
company’s competitive
competitive advantage
advantage
 Cause
Cause damage
damage to tothe
the organization
organization
 Information Security: Policies
and Procedures
Information
Information Classification
Classification Policy…
Policy…
Many
Many organizations
organizations classify
classify
information
information into
into different
different classes
classes of
of
security
security

 Part
Part of
of the
the asset
asset classification
classification policy
policy
An
An information
information or
or asset
asset classification
classification
process
process is is aa business
business decision
decision
process.
process. Examples
Examples of of information
information
classification
classification could
could be:
be:

 Top
Top Secret,
Secret, Confidential,
Confidential, Restricted,
Restricted,
Internal-Use,
Internal-Use, Public
Public

 Company
Company confidential
confidential Red,
Red, Company
Company
 Information Security: Policies
and Procedures
Information
Information Classification
Classification Policy…
Policy…
How
How toto develop
develop classification
classification levels
levels
(standards)
(standards)

 Discuss
Discuss with
with other
other organizations’
organizations’
specialists
specialists and
and learn
learn from
from their
their
experiences
experiences

 Discuss
Discuss with
with thethe management
management of of the
the
organization
organization

 Prepare
Prepare aa draft
draft and
and discuss
discuss itit with
with the
the
management
management

 Avoid
Avoid the
the temptation
temptation of of having
having tootoo many
many
levels
levels
 Information Security: Policies
and Procedures
Developing
Developing standards
standards
Standards
Standards define
define what
what is
is to
to be
be accomplished
accomplished in in
specific
specific terms
terms
Every
Every industry
industry hashas standards
standards that
that try
try to
to ensure
ensure
some
some quality
quality ofof product
product or or service,
service, oror enable
enable
interoperability
interoperability
Many
Many industry
industry standards
standards have have information
information
security
security issues
issues
 Ex.
Ex. Banking,
Banking, Healthcare
Healthcare
Some
Some of of the
the standards
standards become
become national
national
regulations
regulations and and organizations
organizations willwill have
have toto
follow
follow that
that
Organizations
Organizations can can also
also develop
develop their
their ownown
standards
standards (enterprise
(enterprise standards)
standards)
 Information Security: Policies
and Procedures
Developing
Developing standards…
standards…
Standards
Standards must
must be
be

 Reasonable
Reasonable

 Flexible
Flexible

 Current
Current

 Practical
Practical

 Applicable
Applicable

 Up-to-date
Up-to-date

 Reviewed
Reviewed regularly
regularly
Standards
Standards should
should enable
enable the
the
enterprise
enterprise to
to fulfill
fulfill its
its business
business
objectives
objectives while
while minimizing
minimizing the
the
 Information Security: Policies
and Procedures
Developing
Developing Procedures
Procedures
Developing
Developing aa procedure
procedure should
should be be faster
faster than
than
developing
developing aa policy
policy since
since itit does
does notnot need
need toto be
be
approved
approved by by management
management
The
The best
best way
way to
to write
write aa procedure
procedure isis to
to use
use aa technical
technical
writer
writer (different
(different from
from the
the subject
subject matter
matter expert
expert (SME)
(SME)
Procedure
Procedure writing
writing process
process

 Interview
Interviewwith
withthe
theSME
SME

 Preparation
Preparationofofaadraft
draft

 Review
Reviewofofthe
thedraft
draftby
bythe
theSME
SME

 Update
Updateofofthe
theprocedures
proceduresbased
basedon
onthe
thecomments
comments

 Final
Finalreview
reviewbybySME
SME

 Update of the procedures based on the comments
Update of the procedures based on the comments
 Testing
 Testingof
ofthe
theprocedures
procedures
 Publishing
 Publishingofofthe
theprocedures
procedures
Procedures
Procedures should
should also
also be
be reviewed
reviewed regularly
regularly
 Information Security: Policies
and Procedures
Selling
Selling policies,
policies, standards,
standards, and
and procedures
procedures
If
If youyou writewrite policies,
policies, standards,
standards, andand
procedures;
procedures; publishpublish them
them and
and do
do nothing
nothing
else,
else, itit is
is very
very probable
probable that
that nobody
nobody will
will use
use
them
them
You
You should
should therefore
therefore ensure
ensure acceptance
acceptance ofof
the
the policies,
policies, standards,
standards, and
and procedures
procedures at at
all
all levels
levels
Selling
Selling points
points

 Formal
Formal risk
risk analysis
analysis will
will show
show management
management how
how
important
important it it is
is to
to avoid
avoid the
the risks
risks using
using your
your
policies,
policies, standards,
standards, and
and procedures
procedures
 Examples
 Examples of of security
security problems
problems
 Examples
 Examples of of problems
problems created
created because
because of
of lack
lack of
of
 Information Security: Policies
and Procedures
Selling
Selling policies,
policies, standards,
standards, and
and procedures..
procedures..
You
You need
need support
support from
from management
management

 To
To achieve
achieve that
that
 You
 You need
need to to involve
involve themthem right
right from
from thethe
beginning
beginning so so that
that they
they understand
understand and and support
support
your
your work
work
 You
 You should
should make
make sure
sure that
that the
the management
management is is
aware
aware of
of the
the stake
stake atat hand
hand
 You
 You should
should show
show them
them that
that it
it answers
answers toto their
their
needs
needs
The
The employees
employees should
should be
be in
in the
the
process
process

 To
To achieve
achieve that
that
 You
 You should
should educate
educate the
the employees
employees about
about the
the
 Legal Issues and Information
Security
Computer
Computer Forensics
Forensics

Information
Information security
security and
and privacy
privacy often
often
become
become aa major
major issue
issue for
for law
law makers
makers
since
since it
it can
can touch
touch fundamental
fundamental rights
rights of
of
individuals
individuals
 Legal Issues and Information Security
(Computer Forensics)

Computer
Computer Forensics
Forensics

Computer
Computer Forensics
Forensics isis aa branch
branch of
of forensic
forensic science
science thatthat
deals
deals with
with the
the application
application of of computer
computer investigation
investigation and and
analysis
analysis techniques
techniques in
in the
the interests
interests of
of determining
determining potential
potential
legal
legal evidence.
evidence. Computer
Computer forensics
forensics isis also
also known
known as as digital
digital
forensics.
forensics.
Computer
Computer forensics
forensics has
has subsub branches
branches within
within itit such
such asas
firewall
firewall forensics,
forensics, network
network forensics,
forensics, database
database forensics
forensics
and
andmobile
mobiledevice
deviceforensics.
forensics.
 Legal Issues and Information Security
(Computer Forensics)

Computer
Computer Forensics
Forensics …
…
Steps
Stepstaken
takenininComputer
ComputerForensics
Forensicson
onthe
thesubject
subjectcomputer
computer

Protects the
 Protects the subject
subject computer
computer system
system during
during the
the forensic
forensic
examination
examination from from anyany possible
possible alteration,
alteration, damage,
damage, data data
corruption,
corruption,or orvirus
virusintroduction.
introduction.

 Discovers all
Discovers all files
files onon thethe subject
subject system.
system. This
This includes
includes
existing
existing normal
normal files,
files, deleted
deleted yet yet remaining
remaining files,
files, hidden
hidden
files,
files,password-protected
password-protectedfiles, files,and
andencrypted
encryptedfiles.
files.

 Recoversdiscovered
Recovers discovereddeleted
deletedfiles.
files.

 Reveals the
Reveals the contents
contents of of hidden
hidden files
files as
as well
well as
as temporary
temporary or or
swap
swap files
files used
used by by both
both thethe application
application programs
programs and and the
the
operating
operatingsystem.
system.

 Accessesthe
Accesses thecontents
contentsof ofprotected
protectedor orencrypted
encryptedfiles.
files.

 Analyzes all
Analyzes all possibly
possibly relevant
relevant data
data found
found inin special
special areas
areas of
of
aadisk.
disk.

 Prints out
Prints out an an overall
overall analysis
analysis of of the
the subject
subject computer
computer
system,
system, asas well
well as
as aa listing
listing ofof all
all possibly
possibly relevant
relevant files
files and
and
discovered file data.
 Legal Issues and Information
Security
Security
Securityattack
attackrelated
relatedkeywords:
keywords:

Blackout/ Brownout Logic Bomb Spoofing Attack

Brut Force Attack Malware Attack SQL Injection
Buffer Overflow Packet Sniffing SYN Attack
Cookie Poisoning Ping of Death Teardrop
Cracking Serge/Spike Traffic Analysis
DNS Poisoning Session Hijacking Trojan Horse
DoS/DDoS Smurf Attack Virus/Worm Attack
Eavesdropping SNMP Community Strings War Dialer
HTTP Tunnel Exploit Spam/Scam Wire Tapping