SOLUTION: Kent State University Norton and McAfee Antivirus on Computer Security Discussion

Get Custom Essay on SOLUTION: Kent State University Norton and McAfee Antivirus on Computer Security Discussion

Let Our Team of Pofessional Writers Take Care of Your Paper.

Computer Security
Fundamentals
by Chuck Easttom
Chapter 9: Security Technology
Chapter 9 Objectives




Evaluate the effectiveness of a scanner
based on how it works
Choose the best type of firewall for a given
organization
Understand antispyware
Employ intrusion-detection systems to detect
problems on your system
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
2
Introduction


Preceding chapters have described computer
crime and computer security.
Now, look at the technical details:

Various security devices and software
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
3
Virus Scanners



Purpose: to prevent a virus from infecting the
system
Searches for the signature of a known virus
Scanners work in two ways:


Signature matching
Behavior matching
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
4
Virus Scanners (cont.)

Signature matching



List of all known virus definitions
Updating consists of replacing this file
AV scans host, network, and incoming emails for a match
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
5
Virus Scanners (cont.)

Behavior matching (Heuristics):





Attempts to write to the boot sector
Change system files
Automate e-mail software
Self-multiply
These are typical virus behaviors.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
6
Virus Scanners (cont.)

Ongoing virus scanners:


On-demand virus scanners:


Run constantly in the background
Run only when you launch them
Modern AV scanners offer both options.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
7
Virus-Scanning Techniques

E-mail and attachment scanning



Examine e-mail on the server, OR.
Scan the host computer before passing to the
e-mail program.
Download scanning

Scan downloaded files.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
8
Virus-Scanning Techniques
(cont.)

File scanning


Files on the host computer are checked
periodically.
Sandboxing

Isolating suspect files
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
9
Virus-Scanning Techniques
(cont.)

Active code scanning




Java applets and ActiveX
Visual effects
Can be vehicles for malicious code
Must be scanned
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
10
Commercial Antivirus Software

Kaspersky

AVG

McAfee
Norton

© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
11
Firewalls


A barrier between your network and the
outside world
Filters packets based on




Size
Source IP
Protocol
Destination port
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
12
Firewalls (cont.)



Need dedicated firewall between trusted
network and untrusted network.
Cisco is well known for its routers and
firewalls.
Firewalls can be hardware or software.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
13
Firewall Types and Components

There are several types of firewalls:



Packet Filter
Stateful Packet Inspection
Application
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
14
Firewall Configurations

Network host-based:



Software solution installed on an existing
operating system.
Weakness: It relies on the OS.
Must harden the existing operating system.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
15
Firewall Configurations (cont.)

Dual-homed host:


Installed on a server with at least two
network interfaces.
Systems inside and outside the firewall can
communicate with the dual-homed host, not
with each other.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
16
Firewall Configurations (cont.)

Router-based firewall



Commonly the first layer of protection
Usually a packet filter
Screened host


Combination firewall
A bastion host and a packet filter
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
17
Commercial and Free Firewall
Products



Zone Alarms
Cisco
Windows Defender
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
18
Firewall Logs





All firewalls log activity.
Logs can provide valuable information.
Can locate source of an attack.
Can prevent a future attack.
Network administrators regularly check for
data.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
19
Antispyware




Scans for spyware.
Checks for known spyware files, such as AV
software scans for known virus files.
Maintain a subscription service to keep
spyware file definitions up to date, or use
auto-update.
Be cautious about attachments and
downloads.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
20
Intrusion-Detection Software

Intrusion-detection software (IDS)


Inspects all inbound and outbound port activity
Scans for patterns that might indicate an
attempted break-in
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
21
Intrusion-Detection Software
(cont.)

IDS categorization



Misuse detection versus anomaly detection
Passive systems versus reactive systems
Network-based systems versus host-based
systems
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
22
Intrusion-Detection Software
(cont.)

Misuse detection versus anomaly detection

Misuse detection


Analyzes information it gathers and compares it
to known attack signatures
Anomaly detection


Looks for unusual behaviors
Behaviors that do not match pattern of normal
user access
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
23
Intrusion-Detection Software
(cont.)

Passive systems versus reactive systems

Passive systems


Upon detection, logs the information and sends
a signal
Reactive systems

Upon detection, logs off a suspicious user or
reprograms the firewall to block the suspicious
network traffic
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
24
Intrusion-Detection Software
(cont.)

Network-based systems versus host-based
systems

Network-based systems


Analyze network traffic
Host-based systems

Analyze activity of each individual host
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
25
Intrusion-Detection Software
(cont.)

IDS approaches




Preemptive blocking
Infiltration
Intrusion deflection
Intrusion deterrence
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
26
Intrusion-Detection Software
(cont.)

Preemptive blocking




Called banishment vigilance
Seeks to prevent intrusions before they
occur
Notes any sign of impending threats and
blocks the user or IP
Risk of blocking legitimate users
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
27
Intrusion-Detection Software
(cont.)

Infiltration




Not a software program.
The process of infiltrating hacker/cracker
online groups by security administrator.
Unusual .
Most administrators depend on security
bulletins.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
28
Intrusion-Detection Software
(cont.)

Intrusion deflection



Honeypot.
Set up an attractive, but fake, system.
Lure the attacker into the system and monitor
attacker’s activity.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
29
Intrusion-Detection Software
(cont.)

Intrusion deterrence

An attempt to make the system a less
palatable target.



First, attempt to make the system seem less
attractive—hide the valuable assets.
Then, make the system seem more secure than
it is—have warnings of monitoring and so on.
Make any potential reward seem more difficult
to attain than it actually is.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
30
Commercial IDS Providers



Many IDS vendors
You must determine which is best for your
business environment.
Snort:


www.snort.org
Open source
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
31
Authentication


PAP: Password Authentication Protocol is the
simplest form of authentication and the least
secure. Usernames and passwords are sent
unencrypted in plain text.
SPAP: Shiva Password Authentication
Protocol is an extension to PAP that does
encrypt the username and password that is
sent over the Internet.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
32
Au Authentication thentication

CHAP: Challenge Handshake Authentication
(Continued)

Protocol calculates a hash after the user has
logged in. Then it shares that hash with the
client system. Periodically the server asks the
client to provide that hash. (This is the challenge
part.)
Kerberos: Kerberos is used widely, particularly
with Microsoft operating systems. It was
invented at MIT and derives its name from the
mythical three-headed dog that was reputed to
guard the gates of Hades.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
33
VPN

Virtual Private Networks (VPN)



Virtual connection through the Internet
Packets are encrypted
Protocols



PPTP
L2TP
IPSec
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
34
VPNNetworks (cont.)

PPTP – Point-to-Point Protocol


Secure extension of PPP
Authenticates users



Extensible Authentication Protocol (EAP)
Challenge Handshake Authentication Protocol
(CHAP)
Encrypts packets

Microsoft Point-to-Point Encryption (MPPE)
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
35
VPN Networks (cont.)

L2TP – Layer 2 Tunneling Protocol

Five user authentication methods: CHAP and
EAP plus:



PAP – Password Authentication Protocol
SPAP – Shiva Password Authentication
Protocol
MS-CHAP – Microsoft-specific extension of
CHAP
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
36
VPN(cont.)

IPSec – Internet Protocol Security



Used by L2TP for encryption
Encrypts packet data and header
Prevents unauthorized retransmission of
packets
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
37
WiFiWEP
Wired Equivalent Privacy uses the stream cipher RC4 to
secure the data and a CRC-32 checksum for error
checking. Standard WEP uses a 40 bit key (known as
WEP-40) with a 24 bit initialization vector, to effectively
form 64 bit encryption. 128 bit WEP uses a 104 bit key with
a 24 bit IV.
Because RC4 is a stream cipher, the same traffic key must
never be used twice. The purpose of an IV, which is
transmitted as plain text, is to prevent any repetition, but a
24-bit IV is not long enough to ensure this on a busy
network. The way the IV was used also opened WEP to a
related key attack. For a 24-bit IV, there is a 50%
probability the same IV will repeat after 5000 packets.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
WiFi – ContWPA
Wi-Fi Protected Access. WPA uses Temporal Key Integrity
Protocol. TKIP is a 128-bit per-packet key, meaning that it
dynamically generates a new key for each packet.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
WWiFi – ContWPAPA2
WPA2 is based on the IEEE 802.11i standard.
It provides the following:
 The Advanced Encryption Standard (AES)
using the Counter Mode-Cipher Block
Chaining (CBC)-Message Authentication
Code (MAC) Protocol (CCMP) that provides
data confidentiality, data origin
authentication, and data integrity for wireless
frames.
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
WWiFi – ContWPAPA2
WPA3, which was released on 2018, has many
interesting features. Among its more interesting
new properties is that all traffic to and from the
wireless access point (WAP) is encrypted.
WPA3 also requires attackers to interact with
your Wi-Fi for every password guess they
attempt, which makes brute-force attacks less
likely to be successful..
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
Summary


Any network needs a firewall and proxy
server between the trusted and untrusted
networks.
Also consider IDS and antispyware,
© 2019 Pearson, Inc.
Chapter 9 Computer Security Technology
42

Purchase answer to see full
attachment

Calculate the price for this paper
Pages (550 words)
Approximate price: -

Try it now!

Calculate the price for this paper

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Best Quality Essays has stood as the world’s leading custom essay writing services providers. Once you enter all the details in the order form under the place order button, the rest is up to us.

Essays

Essay Writing Services

At Best Quality Essays, we prioritize on all aspects that bring about a good grade such as impeccable grammar, proper structure, zero-plagiarism and conformance to guidelines. Our experienced team of writers will help you completed your essays and other assignments.

Admissions

Admission and Business Papers

Be assured that you’ll definitely get accepted to the Master’s level program at any university once you enter all the details in the order form. We won’t leave you here; we will also help you secure a good position in your aspired workplace by creating an outstanding resume or portfolio once you place an order.

Editing

Editing and Proofreading

Our skilled editing and writing team will help you restructure you paper, paraphrase, correct grammar and replace plagiarized sections on your paper just on time. The service is geared toward eliminating any mistakes and rather enhancing better quality.

Coursework

Technical papers

We have writers in almost all fields including the most technical fields. You don’t have to worry about the complexity of your paper. Simply enter as much details as possible in the place order section.