Category: Cyber Security
-
Introduction to computer forensics and investigations
This post was republished to Triathlon John at 17:51:12 17/12/2014 Introduction to computer forensics and investigations These are my notes from the course provided by OpenLearn, they are not intended to provide guidance in a work environment and I accept no responsibility for how these are used – they are simply my notes made from…
-
Introduction to cyber security – Week 8, Managing security risks
Information as an asset Information is valuable but can be lost or stolen. Considering information as an asset allows creation of strategies for protecting info and minimising consequences of disaster. Information assets vary by organisations/individuals: Doctors surgery Medical records Contact lists Emails Employee records Manufacturer Order books Staff records Bank references Supplier & customer correspondence…
-
Introduction to cyber security – Week 7, When your defences fail
Identity theft Preventing identity theft – ensure AV software is up to date, do not respond to phising emails. Detecting identity theft Unexplained bank withdrawals or credit card charges Bills & other expected official letters don’t arrive Cards/cheques decline Notified that their information has been breached/compromised Connected by bank/credit card company about suspicious activity Loss…
-
Introduction to cyber security – Week 6, Network Security
Firewall basics Blocks dangerous communications from spreading across network, either from outside into a network or within the network. Can be dedicated hardware, part of router or integrated with OS. Compares addressing and protocol information of datagram to rules setup in firewall’s software. If datagram comes from a hacker and the rules say block unknown…
-
Introduction to cyber security – Week 5, Cryptography
Specialised area of mathematics concerned with protecting information. Anything that can be represented as 0s and 1s can be encrypted. Applications for cryptography include: Secure banking and payment systems Protecting conversations over mobile telephones Safeguarding wireless networks Securing files on hard disks and memory keys Authenticating electronic documents Electronic voting Securing media files – Digital…
-
Introduction to cyber security – Week 4, Networking and Communications
What is the internet? Hierarchy of individual networks – from LANs to telephone networks. A network of networks. Two key design factors: No central controlling computer. All machines would have the same authority. Information should be deliverable along any route thereby being able to bypass machines which are unavailable. No distinct route required. How data…
-
Introduction to cyber security – Week 3, Malware
Viruses Inserts copies of itself onto crucial parts of hard disk in applications and data. They are self-replicating and either start when the infected application starts each time or after starting once copy themselves and start each time the computer starts. Mainly written to harm users by destroying data, creating backdoors which can be exploited.…
-
Introduction to cyber security – Week 2, Authentiation
Passwords – what are they for? Identification and authentication – Systems need to uniquely identify each user and prevent impersonation. Risks and solutions Password sent in plain text Passwords sent over SSL are encypted. Password stored in plain text Hashed version of the password stored in database. Hashing is a one-way process, it cannot be…
-
Introduction to cyber security – Week 1, Threat Landscape
Terminology CIA – guiding principal Confidential – only to be read by right people Integrity – only changed by authorised people/processes Availability – available to read/use whenever we want Information assets Information asset could be customer data amongst other things Authentication – necessary to verify identity of source of request of information. Non-repudiation – ensuring…