Security+ Spring 2010 Lesson 81 (Information Security)



L E S S O N P L A N #79 Per. Name:

CLASS: Security+ DATE: Friday May 13th 2011

TOPIC: Information Security? AIM: What are the goals of the terms used in information security?

OBJECTIVES: Students will know the goals of information security.

NOTE:

H.W. # 79:

1) What are some steps you would take to secure information at a company you work for?

DO NOW:

Answer the Sample Test Questions:

1) The goal of information security is to protect

A) Procedures B) People C) Information D) Products

2) Each of the following is a characteristic of information except

A) Integrity B) Confidentiality C) Conformity D) Availability

3) ___________ involves assuring that only authorized parties can view information

A) Integrity B) Confidentiality C) Availability D) Informality

4) Computer information attacks by terrorists using computer technology and the Internet is called _____________

PROCEDURE:

Write the AIM and DO NOW.

Get students working!

Take attendance.

Go Over HW

Collect HW

Go over the Do Now

Sample Test Question:

1) Each of the following is intended to protect information, except

A) people B) policies C) equipment D) confidentiality

2) Which of the following are considered information?

A) Terminals B) Operating systems C) Company records D) Commercial software products

Assignment #1:

Below is a table of Information Security Terminology and associated examples:

|Term |Example |

|Asset |Car Radio/CD Player |

|Threat |Steal Car Radio/CD Player from Car |

|Threat Agent |Thief |

|Vulnerability |Unlocked Door |

|Exploit |Enter Car |

Using the above table as a guide, complete the table below by filling in the term in the left hand column associated with the example in the right hand column

|Term |Example |

| |Attacker, Virus |

| |Send virus to unprotected email server |

| |Employee Database |

| |Software defect |

| |Steal data |

State which is the threat and which is the threat agent.

________________ Embezzle Money

________________ Employee

Assignment #2:

Go to encyclopedia and look up Denial of Service (DoS), Distributed Attack. Distributed Denial of Service (DDoS). What is a distributed attack?

[pic]

Assignment #3:

Read the article at for more information.

Do a Denial of Service attack on yourself. At the command line type

Ping –t 127.0.0.1

You’ll be responding continuously with ICMP messages (until the ping is ended by typing -C

True or False:

_________ Attackers can now use hundreds or thousands of computers in an attack against a single computer or network making it impossible to stop an attack by identifying or blocking the source.

Assignment #4:

Answer the following sample test questions:

1) What does ICMP stand for?

A) Internet Computer Management Protocol

B) Internet Control Management Protocol

C) Internet Control Message Protocol

D) Internet Computer Message Protocol

2) Which of the following program uses ICMP?

A) DNS B) FTP C) Telnet D) ping

3) What kind of attack uses multiple computers to attack another computer?

A) Denial of Service B) Denial of System C) Distributed Denial of System D) Distributed Denial of Service

Sample Test Question:

1) Each of the following factors illustrates why information security is increasingly difficult, except

A) Faster computer processors B) Growing sophistication of attacks

C) Faster detection of weaknesses D) Distributed attacks

2) A type of software that repairs security flaws in an application is called

A) hot fix B) exploit C) repair D) patch

3) A company puts a __________ in place to protect against an attack.

A) risk B) safeguard C) vulnerability D) threat

4) A _________ is considered a breakdown in company protection

A) risk B) safeguard C) vulnerability D) threat

Assignment #5:

Look up Day Zero Attack at encyclopedia. What is a Day Zero Attack?

Fill In:

While most attacks today take advantage of vulnerabilities that someone has already uncovered, a(n) ____________________________

Occurs when a hacker discovers and exploits a previously unknown flaw

Assignment #6:

Go to Start, Programs, Windows Update, Scan for Update, Review and Install Update

Assignment #7:

Open System properties (could do it by right-clicking on My Computer, Properties). Go to Automatic Update Tab.

- Check Keep my Computer up to Date

- Check Download the updates automatically and notify me when they are ready to be installed.

Assignment #8:

What is the Microsoft Baseline Security Analyzer?

Go to technet/security/tools/mbsahome.mspx and install the MBSA.

Run the MBSA

Assignment #9:

List the port numbers for

- FTP _____________

- Telnet ___________

-Send email ________

- HTTP ___________

Attackers can get in through your system through open ports. Look online for a program called Shield Up. Install and run it. Use it to check which ports are open on your computer.

Go to Start, Run, CMD, then type NETSTAT -ano to get a list of active port connections from the command line

Do the same via GUI, by going to Task Manager then PID (you may have to add the PID column from View)

Assignment #10:

One of the most important lines of defense against hackers is to perform regular backups in the event that data is corrupted or lost. In this assignment, you will use the Windows XP Professional Backup utility to back up data on a personal computer to a floppy disk. Note that you usually back up ore more data using a CD, tape, hard disk or other high-capacity storage device, than you will use in this assignment.

1) Insert a blank formatted floppy disk into the floppy disk drive

2) Click Start, All Programs, Accessories, System Tools, Backup. If the Backup Wizard starts in Advanced Mode, click the Wizard Mode link to use the wizard and then click Next.

3) The Backup or Restore dialog box opens, displaying the question, “What do you want to do?” Click the Back Up Files and Settings option button, if necessary, and click, Next.

4) The What To Back Up dialog box opens, displaying the question, “What do you want to back up?” Click the Let Me Choose What to Back Up option button. Click Next

5) The Items To Back Up dialog box opens, where you select the drives, folders, or files that you want to back up. For this assignment, select one small file on the hard drive. In the left pane of the dialog box, click the plus sign (+) in front of My Computer to expand the file listing, and then click Local Disk (C:) (Do Not check the drive C check box). The contents of drive C appear in the right pane.

6) Scroll the right pane to locate the Autoexec.bat file, and then click the check box in front of it. A check mark also appears in the left pane in front of Local Disk (C:). This list of files on your C drive will be different

7) The Backup Type, Destination, and Name dialog box opens, which lets you select where you want to save the backup. For this assignment, be sure that 3[pic]Floppy (A:) is selected. Type Backup as the name for this backup file, if necessary. Click Next

If you were backing up to a device such as a tape, flash drive, or CD, you could click Browse and select the device here.

8) In the Completing the Backup or Restore Wizard dialog box, click the Advanced button to examine additional backup options

9)The Type of Backup dialog box opens, where you can choose the type of backup that fits your need. Make sure that Normal appears in the Select the type of backup text box. Click Next

10) The How to Back Up dialog box opens, which displays the different backup options and explanations. Because you are backing up one small file in this assignment, none of the options are necessary. Click Next.

11) The Backup Options dialog box opens, where you can append the new backup to an existing one or replace the existing backup. Because this is the first backup on the floppy disk, either option will work. Click Next

12) The When to Backup Dialog box opens, where you specify when to back up the selected files. Click the Now option button, if necessary, and then click Next. If you wanted this backup to run unattended at a later time, you could indicate that here by clicking Later. The Schedule Entry dialog box would be available with the current date and time. Clicking the Set Schedule button would allow you to set when the backup should start.

13) The final dialog box displays all the options selected. To start the backup, click Finish. The Backup Progress windows is dislayed as the backup progresses.

14) When the backup is complete, a summary appears. Click Close

Note: If files are damaged and need to be restored from the backup, start the Backup or Restore Wizard and click Restore files or settings.

Assignment #11:

Attackers frequently modify the ARP table to redirect communications from a valid device to an attacker’s computer as part of a TCP/IP hijacking attack. IN this Do Now, you view the ARP table on your computer and make modifications to it. Although an attacker would attempt to manipulate ARP tables on a centralized network device, this Do Now allows you to see how easy it is to perform this type of attack.

1) Start, Run, Cmd

2) Arp –a

3) Create a new ARP entry by typing

Arp –s 192.168.2.255 00-40-CA-56-55-59

4) Type arp –a (to see your new arp table)

5) Delete the entry by typing arp –d 192.168.2.255

6) Type arp –a (to see that the entry has been deleted)

Assignment #12:

Look up the following terms at encyclopedia:

1) Zombie

Assignment #13:

Go to . Look up TCP Handshake.

Go to and look up SYN flood attack.

Assignment #14:

Answer the following sample test questions:

1) Which of the following sends packets to a destination but never completes the third step of the TCP handshake?

A) DoS B) SYN Snoop C) SYN flood D) SYN flop

2) A hacker modifies the source address of a packet so that it appears to be from a different host. This is known as which of the following?

A) spoofing B) faking C) spooling D) masking

Assignment #15:

The three most important resources for a computer are memory, storage, and processor power. If you take any of the three away, the system is useless. The CPUHOG attack consumes most of a processor’s resources and causes a DoS by setting the process priority level to the highest level possible, which is 16. Windows will try to fix this problem, but in can only increase an application’s priority level to 15. As you may guess, CPUHOG will always have priority over other applications, including Task Manager. This could require a cold boot to restore the system’s functionality.

Access Task Manager by doing CTRL-ALT-DEL. Select the Processes tab and right-click on a process. Scroll down and you’ll see the Set Priority setting. Take a look at it but don’t change anything.

Assignment #16:

Answer the following sample test questions:

1) Which of the following is the most important computer resource?

A) processor B) disk space C) memory D) all of the above

2) What best describes CPUHOG?

A) A program that consumes most of the processor’s resources

B) A program that consumes most the memory’s resources

C) A program that consumes most of the hard drive’s resources

D) A program that consumes most of the computer’s resources

Assignment #17:

Another goal of a hacker is to gain access to a system without the user’s knowledge. Programs that allow this type of access are called Trojan Horses. A Trojan horse is a program that may seem desirable, but is actually harmful.

1) Which of the following best describes a Trojan?

A) A program that requires a host program to run

B) A program that does something other than what it appears to be intended to do

C) A program that contains a mistake in the programming code

D) A self-contained program that can replicate itself.

Assignment #18:

Password guessing is a technique to attempt to break easy passwords. In this assignment, you use the Advanced Word 2000 Password Recovery (AW2000PR) tool to perform different types of password-guessing techniques. AW2000PR recovers passwords to Microsoft Word documents using brute-force and dictionary attacks. You download a trial copy of AW2000PR in this assignment. The trial version of this software limits the Brute force method to passwords that are only four characters long, and the Dictionary method to recognized English words.

1) Start Microsoft Word, and open a new blank document

2) Click Tools on the menu bar and then click options

3) Click the Security tab

4) In the password options box, type 1234, and then click OK. Confirm the password.

5) In the new word document type weak. Save this document as weak.

6) Open another blank document. Click Tools on the menu bar. Click options. Click Security. In the password to open dialog box, type dictionary, and then click OK, and confirm the password.

7) In the new Word document, type dictionary. Save this document as dictionary.

8) Use your web browser to go to aw2000pr.html and download the free trial version of AW2000PR. Close your browser and install the program.

9) Start the program.

10) Enter or select the following options to recover the password for weak.doc

A) Open the waek.doc file. Click OK

B) Select Brute-force attack

C) 1 minimal length and 4 maximum length

D) Select 0-9, uncheck a-z

E) Click Start recovery

11) On your own, recover the password for dictionary.doc

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download