Ch 01

What is Information Security?

Well-informed sense of assurance that the information risks and controls are in balance
The protection of information and its critical elements, including systems and hardware that use,
store, and transmit that information
Tools: policy, awareness, training, education and technology are necessary

What is Security?
The state of being free from danger or threat
To be protected from adversaries
Layers of Security:
Physical Security
Personal Security
Communication Security
Network Security
Operations Security

Critical Characteristics of Information

Availability Integrity
Accuracy Utility
Authenticity Possession
Confidentiality

Components of an Information System

It is the entire set of software, hardware, data, people and procedures necessary to use information
as a resource in the organization

Balance Security & Access

Security should be considered a balance between protection and availability
To achieve balance, the level of security must allow reasonable access, yet protect against threats

4 Important Functions of Information Security (Organization)

Protect the organizations ability to function
Enables the safe operation of applications implemented on the organizations IT systems
Protects the data the organization collects and uses
Safeguards the technology assets in use at the organization

Threats
A threat is an object, person, or other entity that represents a constant danger to an asset
Ch 02
Computer Security
The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability and confidentiality of information system
resources

Key Security Concepts

Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for
protecting personal privacy and proprietary information
Integrity
Guarding against improper information modification or destruction, including ensuring
information nonrepudiation and authenticity
Availability
Ensuring timely and reliable access to and use of information

Vulnerability
State of being exposed to the possibility of being attacked
Intentional attacks on computing resources and networks persist for a number of reasons
Complexity of computer software and newly emerging hardware and software combinations make
computer and the network susceptible to intrusion
Security Threats
Trojan Horse Programs
Installed without the knowledge of the user
Modify & delete files / Transmitting files to the intruder / Installing programs & viruses
Back door & Remote administration program
Give remote access to the computer from anywhere on the Internet
Denial of Service (DoS)
Multiple systems flood the bandwidth or resources of a targeted system
Being an intermediary for another attack
Client computer is used to launch mostly Denial of Service attacks on other computers
Unprotected Windows shares
Malicious code can be stored in unprotected Windows share for propagation
Mobile code (Java / JavaScript / ActiveX)
Web browser can be used to run malicious code on the client computer
Cross-site scripting
Malicious script can be sent and stored by a web developer on a website to be downloaded by
an unsuspecting surfer
Email spoofing
Tricks the users in believing that the email originated from a certain user such as an
administrator although it actually originated from a hacker
Email-borne viruses
Malicious code is often distributed through email as attachments
Hidden file extensions
An attachment may have a hidden file extension
Chat clients
Internet chat applications such as instant messaging applications involved in the exchange of
information including files that way contain malicious executable codes
Packet sniffing
Packet sniffer programs capture the contents of packets that may include passwords and other
sensitive information that could later be used for compromising the client computer
Encryption of network traffic provides one of the defences against sniffing
Ch 03 & Ch 04 - The Hacking Cycle
Information Gathering
Footprinting
Identify locations, domain names, IP address ranges, email addresses, dial-in phone numbers,
system used, administrator names, network topology
Using public information
Without physical & network connection to the target
Information Search
General search engines (Yahoo / Google)
Who is service
Vulnerabilities database
Social media
Social Engineering
Non-technical kind of intrusion that relies heavily on human interaction
Often involves tricking other people to break normal security procedures
Fingerprinting (Scanning)
Network Topology
- Identify network topology with network connection or physical access to the target
- Ping / Traceroute
Operating System
- Identify operating system (type / version / patch level) with network connection or physical
access to the target
- Banners / TCP/IP stack fingerprinting / SNMP
Services
- Identify services (active hosts / ports) with network connection or physical access to the
target

Scanning
Determine if the system is alive (Ping)
Scan for ports on the system (Nmap)
Further interrogate the target (leverage the Nmap scripting engine)
Scan system for vulnerabilities

Identification of Vulnerabilities
Vulnerabilities
Insecure configuration
Weak password
- Default password / Brute force / Social engineering / Listening to traffic
Unpatched vulnerabilities in services / operating systems / applications
Possible vulnerabilities in services / operating system
Insecure programming
- SQL injection
Weak access control
- Use the application logic / SQL injection
Exploit the Vulnerabilities
Obtain as much information from the target asset
Gaining normal access
Escalation of privileges
Obtaining access to other connected systems
Last ditch effort Denial of Service

Types of Attacks
Network Infrastructure Attack
Connecting to the network through modem
Weaknesses in TCP/IP
Flooding the network to cause DoS
Operating System Attacks
Attacking authentication systems
Exploiting protocol implementations
Exploiting insecure configuration
Breaking file system security
Application Specific Attacks
Exploiting implementations of HTTP, SMTP protocols
Gaining access to application databases
SQL injection
Spamming

Gaining Access
Enough data has been gathered at this point to make an informed attempt to access the target
Techniques:
Password eavesdropping
File share brute forcing
Password file grab
Buffer overflows