Scribd Logo
Upload

Welcome to Scribd!

  • W2-Module 002

    Uploaded by

    Jitlee Papa
    8 views20 pages
    This chapter discusses threats, vulnerabilities, and attacks on networks. It begins with an overview of TCP/IP and the OSI model. It then defines threats as anything disrupting networks, vulnerabilities as weaknesses exploitable by threats, and attacks as actions exploiting vulnerabilities. Common network threats include malware like viruses and ransomware. Social engineering, denial of service attacks, password attacks, and SQL injection are also discussed. The chapter provides an introduction to key concepts around network security risks.

    Original Description:

    Original Title

    W2-Module 002 PPT

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This chapter discusses threats, vulnerabilities, and attacks on networks. It begins with an overview of TCP/IP and the OSI model. It then defines threats as anything disrupting networks, vulnerabilities as weaknesses exploitable by threats, and attacks as actions exploiting vulnerabilities. Common network threats include malware like viruses and ransomware. Social engineering, denial of service attacks, password attacks, and SQL injection are also discussed. The chapter provides an introduction to key concepts around network security risks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views20 pages

    W2-Module 002

    Uploaded by

    Jitlee Papa
    This chapter discusses threats, vulnerabilities, and attacks on networks. It begins with an overview of TCP/IP and the OSI model. It then defines threats as anything disrupting networks, vulnerabilities as weaknesses exploitable by threats, and attacks as actions exploiting vulnerabilities. Common network threats include malware like viruses and ransomware. Social engineering, denial of service attacks, password attacks, and SQL injection are also discussed. The chapter provides an introduction to key concepts around network security risks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    Chapter 2

    THREATS, VULNERABILITIES, AND


    ATTACKS

    Getting to know about threats, vulnerabilities, and


    attacks
    Learning Objectives

    At the end of this chapter, students will:

    ▪ Gives an overview about TCP/ IP

    ▪ Learn the difference between threats, vulnerabilities, and attacks.

    ▪ Have a better understanding about different types of threats in the


    network security

    ▪ Know the different categories of attacks and how they work.


    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    TCP/IP Overview
    What is Protocol
    ❑ It is a set of formal rules or standards that are widely used as a basis for
    communication.
    ❑ It is also intended to facilitate communications.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    TCP/IP Overview
    The OSI Reference Model
    ❑OSI stands for Open Systems
    Interconnection
    ❑Been developed by ISO or International
    Organization of Standardization in the year
    1984.
    ❑It consists of 7-layer architecture with each
    layer having a specific function to perform.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    TCP/IP Overview
    The OSI Reference Model

    • Application Layer- It sometimes called human-computer interaction layer,


    where applications can access the network services.
    • Presentation Layer- Ensures that data is in a usable format and is where
    data encryption, decryption occurs.
    • Session Layer- This layer is responsible for establishment and maintaining
    connections and authentication.
    • Transport Layer- It is an end-to-end layer used to transmit messages to a
    host. It is called as an end-to-end layer because it provides a point-to-point
    connection between the source host and destination host to deliver the
    services reliably.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    TCP/IP Overview (Continuation)
    The OSI Reference Model

    • Network Layer- This layer provides data routing paths where data will take
    for network communication.
    • Data Link- It facilitates data transfer between two devices on the SAME
    network and defines the format on the network.
    • Physical Layer- OSI layer that includes the physical equipment involved in
    the data transfer, such as the ethernet cables and network switches.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    Difference between Threat, Vulnerabilities and Attack


    Threat
    ▪ is anything that can interrupt the operation, functioning, integrity, or
    availability of a network or system.
    ▪ This can take any form and can be malicious, accidental, or simply an
    act of nature.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    Difference between Threat, Vulnerabilities and Attack


    Vulnerabilities
    ▪ is an integral weakness or bug in the design, configuration,
    implementation, or management of a network or a system that
    renders it vulnerable to a threat.
    ▪ Vulnerabilities are what make networks prone to information loss
    and downtime. Every network and system have some kind of
    vulnerability.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    Difference between Threat, Vulnerabilities and Attack


    Attack
    ▪ is an act that exploits a vulnerability or enacts a threat.
    ▪ Sending malicious input to an application or flooding a network in an
    attempt to deny service is an example of attack and there are two
    general categories of attacks, passive and active.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    Difference between Threat, Vulnerabilities and Attack


    Attack
    ▪ is an act that exploits a vulnerability or enacts a threat.
    ▪ Sending malicious input to an application or flooding a network in an
    attempt to deny service is an example of attack and there are two
    general categories of attacks, passive and active.
    1. Passive attacks- are very difficult to detect, because there is no obvious
    activity that can be monitored or detected. They are usually active for
    gathering information that can be used for future in active attacks.
    2. Active attacks- employ more obvious actions on the network or system.
    As a result, they can be easier to detect, but at the same time they can be
    much more disturbing to a network.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    COMMON NETWORK SECURITY THREATS


    Malware
    ▪ Sometimes called malicious software, is any program or file that is
    harmful to a computer user.
    ▪ It is software that intentionally designed to compromise or cause
    damage to a computer, server, client, or computer network.
    ▪ There are different types of malicious software; Virus, worm, trojan
    horses, adware, spyware and ransomware.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON NETWORK SECURITY THREATS
    Types of Malware

    ▪ Virus- It is a form of malware that is capable of copying or replicating


    itself and spreading to other computers.
    ▪ Worms- They typically cause harm to their host networks by consuming
    bandwidth and overloading web servers.
    ▪ Trojan horse- It is designed to appear as a legitimate program in order
    to gain access to a network or system.
    ▪ Spyware- Type of malware that functions by spying on user activities
    without their knowledge.
    ▪ Adware- It is a type of malware that automatically delivers
    advertisements to users.
    ▪ Ransomware- basically holds a computer system captive while
    demanding for a ransom
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    COMMON TYPES OF NETWORK SECURITY ATTACKS


    SOCIAL ENGINEERING
    ▪ Social engineering is the process of using social skills to encourage
    people to disclose access credentials or other important information
    to the attacker.
    ▪ They are tricking an employee into conceding security through social
    contact like a phone call or e-mail messages
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    SOCIAL ENGINEERING ATTACKS

    1. Impersonation- The utmost popular situations for social


    engineering attacks is when the hacker mimics another employee
    in the company.
    ▪ Hacker impersonates an administrator
    ▪ Hacker impersonates a user
    ▪ Hacker impersonates a management
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    SOCIAL ENGINEERING ATTACKS

    2. Phishing- is an exercise of sending emails that look to be from


    trusted sources with the goal of gaining personal information
    Hacker impersonates an administrator.

    3. Spam- Or Junk emails are any unsolicited and unwanted e-mail.

    4. Tailgating- It occurs when the hacker walks through a secured


    area by following someone who have an access and unlocked the
    doors for themselves
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    NETWORK ATTACKS

    1. DoS and DDoS Attacks


    ▪ Denial of Service - It overwhelms a system’s resources and
    attacker sends a large number of connection or information
    requests to a target. Since there are so many requests made,
    the target system becomes overloaded and cannot respond
    to legitimate requests for service.
    ▪ A DDoS or Distributed Denial of Service attack is also an
    attack on system’s resources, but it is launched from a large
    number of other host machines that are infected by any
    malicious software controlled by the attacker
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    NETWORK ATTACKS
    2. Man-in-the-middle attack- It is sometimes called TCP hijacking
    attack. This attack occurs when a hacker inserts itself between
    the communications of a client and a server
    3. IP Spoofing- is a technique used to gain unauthorized access to
    computers, wherein the intruder sends messages with a source
    IP address that has been forged to indicate that the messages are
    coming from a trusted host.
    4. Sniffer- is a program or device that can monitor and can be used
    for capturing data being transmitted over a network and analyzes
    network traffic where it can detect bottlenecks and problems on
    the network.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    PASSWORD ATTACKS
    1. Dictionary Attack- It involves the hacker using a program or
    software that has a list of most commonly used usernames in one
    text file or a list of words in a language dictionary that are to be
    tried using as a password in another file

    2. Brute-Force Attack- This attack uses any password-cracking


    software to mathematically calculate every possible password.

    3. Hybrid Attack- is another type of password attack that involves


    both password-cracking software using a dictionary file .
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS
    COMMON TYPES OF NETWORK SECURITY ATTACKS
    APPLICATION ATTACKS
    1. SQL Injection- SQL stands for Structured Query Language and it is
    commonly use to manipulate database by a programmers or
    developers. It is a type of an injection attack that makes it
    possible to insert and execute malicious SQL statements.
    2. Buffer Overflow- It is the most attack used in an application. A
    buffer is an area of memory used to store information that were
    sent to an application. This attack happens when the attacker or
    hacker sends too much information to the application causing it
    to buff and overflow.
    Chapter 2. THREATS, VULNERABILITIES, AND ATTACKS

    End of Module

    You might also like