Module 001 essential security terminologies

H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa Essential Security Terminologies  Authentication: is the process of determining “who are you ?”  Access Control: ensures that resources are

Trang 1

Engineered by Hackers Presented by Professionals

Essential Security Terminologies

Module 00

Trang 2

H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa

 Authentication: is the process of

determining “who are you ?”

 Access Control: ensures that resources are only

granted to those users who are entitled to them

 Access Control List (ACL): A mechanism that

implements access control for a system resource

by listing the identities of the system entities that

are permitted to access the resource

 Single Sign-On: allow users to get access to

multiple computers and applications without

learning many different passwords

Trang 3

 Authorization:

Authentication asks the question of "Who are

you?" whereas Authorization addresses the

question of "Are you allowed to do that?“

 Availability:

Availability is the need to ensure that the

business purpose of the system can be met

and that it is accessible to those who need

to use it.

Trang 4

 Confidentiality: Confidentiality is the need to ensure that

information is disclosed only to those who are authorized to view it.

 Encryption: Cryptographic transformation of data (called "plaintext")

into a form (called "cipher text") that conceals the data's original meaning

to prevent it from being known or used

 Decryption: Decryption is the process of transforming an encrypted

message into its original plaintext

 Security Policy: A set of rules and practices that specify or regulate how

a system or organization provides security services to protect sensitive and critical system resources

 Auditing: Auditing is the information gathering and analysis of assets to

ensure such things as policy compliance and security from vulnerabilities

Trang 5

 Integrity: Integrity is the need to ensure that information

has not been changed accidentally

 Certification Authority (CA): A Certificate Authority

(CA) is an organization that issues and manages security

credentials and public keys for message encryption and

decryption

• This is an essential part of a public key infrastructure (PKI)

Trang 6

 Vulnerability: is a weakness which allows

an attacker to reduce a system's information

assurance

 Threat: A potential for violation of security,

which exists that could breach security and

cause harm.

Trang 7

 Attack

 Reconnaissance: Reconnaissance is the phase of an

attack where an attackers finds new systems, maps out

networks, and probes for specific hosts, exploitable

vulnerabilities

 Packet sniffers: simply captures all of the packets of data that pass through a given network interface

 Ping sweeps: An attack that sends ICMP echo requests ("pings") to a range of IP addresses

 Port scans: A port scan is a series of messages sent

by someone attempting to break into a computer to learn which computer network services, each

associated with a "well-known" port number

 Internet information queries: can be used to gather information for future attacks

Trang 8

 Attack

 Access Attacks: Access attacks exploit known

vulnerabilities in services as FTP services, and web

services… to gain entry to web accounts,

confidential databases, and other sensitive information

 Password attack: refers to repeated attempts to identify a user account, password, or both

 Trust exploitation: An attacker uses privileges granted to a system in an unauthorized way

 Port redirection: that uses a compromised host to pass traffic through a firewall that would otherwise be blocked

Trang 9

 Attack

 Access Attacks: Access attacks exploit known

vulnerabilities in authentication services, FTP services,

and web services to gain entry to web accounts,

confidential databases, and other sensitive information

 Man-in-the-middle attack: An attacker is positioned in the middle of communications between two legitimate entities in order to read or modify the

data that passes between the two parties

 Buffer overflow: A program writes data beyond the allocated buffer memory

Trang 10

 Attack

• Denial of Service Attacks

 DOS: intentionally overload computers and/or

networks with garbage traffic for the purpose of preventing legitimate traffic from reaching its destination

 DDOS: are DoS attacks from multiple sources at the

same time

Trang 11

 Attack

• Malicious software Attacks

 Virus: is malicious software to execute a specific

unwanted function on a computer

 Worm: Worm executes arbitrary code and installs

copies of itself in the memory of the infected computer, which then infects other hosts

 Backdoor: tool installed after a compromise to give

an attacker easier access to the compromised system around any security mechanisms that are in place

 Trojan: allow hackers to obtain sensitive data as well

as cause harm to your machine

 Malware: A generic term for a number of different

types of malicious code

Trang 12

 Risk: threat with the level of vulnerability It

establishes the likelihood of a successful attack

 VPN: A VPN (Virtual Private Network) allows

secure communications over the public internet

 Firewall: system or group of systems that

enforces an access control policy between two

networks.

 IDS: An IDS gathers and analyzes information

from various areas within a computer or a

network to identify possible security breaches

 IPS: identify malicious activity, log information

about said activity, attempt to block/stop activity,

and report activity

Định dạng
Số trang	12
Dung lượng	632 KB