System Security This assignment covers the fundamental principles of system security, including networking, networking security, as well as cyber security principles related to networking. It also discusses basic terminology of networks and network. Exercises, discussion questions, and review questions support the material. MODULE LEARNING OUTCOMES: • Explain the importance of system security • Describe the functions of firewalls, routers, and SSL • Explain the importance of antivirus software • Describe challenges of system security (Two pages) Watch the following videos. Write a paragraph on each video on what you learned. (each paragraph should be ¾ page) Computer security https://www.consumer.ftc.gov/media/video-0081-computer-security Protect your computer from malware https://www.consumer.ftc.gov/media/video-0056-protect-your-computermalware Security and Wi-Fi Networks https://www.consumer.ftc.gov/media/video-0080-public-wi-fi-networks Learning Points: System Security • A computer system consists of many components • Most importantly o Operating system o Application software o Networking o Users Operating System Security • Main security functions o User identification o Handle access to resources o Monitor and record user activity o Ensure proper communication with other computers and devices Built-in Security • Most operating systems come with default security levels • Increasing the security level is called hardening • More security functionality can be added by the user • Backups • Stay up-to-date, for example see https://www.sans.org/the-sevenmost-dangerous-new-attack-techniques Main System Security Practices • Be proactive o Review and update software and hardware o Set update protocols to conduct updates automatically o Use antivirus software o Conduct complete scans frequently o Be cautious sharing files and devices Networking • TCP/IP is a suite of protocols governing communication of devices on TCP/IP networks • TCP’s main responsibility is o overall management for the communication • IP’s main responsibility is o determining if incoming data has reached the destination or must be forwarded • HTTP is the data transfer protocol of the World Wide Web o includes security technologies such as SSL (Secure Sockets Layer), showing in the address bar as HTTPS:// Network Perimeter Security Devices • Routers o Main function is to interconnect networks o Have some security functionality, such as screening against suspicious IP addresses • Proxy Servers • o Sit between a client and an untrusted system o Prevent systems from having direct access Firewalls o Screen traffic entering and leaving a computer network o Most operating systems provide software firewalls Wireless Networks • Uses radio waves instead of wires • Advantage over wired networks o Convenience o Mobility o Cost (no need for wires) • Hotspots o Access points providing internet access o Often free (e.g. airports, coffee shops) • Home wireless networks o Unprotected wireless networks are vulnerable to anyone in range of the network o Ensure that ▪ Access is restricted ▪ Default passwords have been changed ▪ Change passwords frequently ▪ Encrypt data on your network • WEP (wireless encryption protocol), less secure • WPA (wi-fi protected access), more secure than WEP Users • Ensure that each user has his/her own username • Authorize user access, ensure users have accounts representative of the access privileges they should have • Educate users to use strong passwords o Change passwords periodically o Use phrases o Include letters, numbers, punctuation, uppercase, lowercase • Train users (ONE page) Active Learning Activities: Which of the following do you consider the top vulnerability of today and why? Check https://www.sans.org/the-seven-mostdangerous-new-attack-techniques . then • • • Read the vulnerabilities to get a general overview, choose one vulnerability and then write a one-page description of the vulnerability, its potential impact, and countermeasure recommendations to mitigate the risk. Include information from at least one additional source. (Two pages) • Research at least three different anti-virus software products available from commercial vendors. • Create a summary of your research including the name of the product, the vendor, a brief description, and a summary of the main features. • Decide on one product and justify your selection.
Purchase answer to see full attachment