SlideShare a Scribd company logo

Ch14 Desktop Protection

P
phanleson
Technology
1 of 18
Download to read offline
Lesson 14-Desktop Protection
Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Overview Desktop systems are a major source of information security risk for an organization. The risk comes from: Malicious code. The Internet. Physical tampering. Increase in the use of server services (Web, FTP, and SQL servers) on desktops.
Protect Against Malicious Code The organization should have mechanisms in place for identifying malicious code as it enters the organization via electronic mail. Anti-virus software should be installed on desktop computers. This software must be configured properly to provide the greatest protection.
Protect Against Malicious Code Issues with viruses, Trojan horses, and worms. Effective use of anti-virus software.
Issues with Viruses, Trojan Horses, and Worms Malicious code can greatly affect an organization. The time required to clean up after malicious code adds hidden costs. There are four primary mechanisms that deliver malicious code are e-mail, instant messenger, disks, and shared files. Employee access makes it difficult to stop the entry of malicious code. • 國防部外電腦遭病毒入侵 沒有機密外洩 (中廣新聞網,2005/11/28)
Issues with Viruses, Trojan Horses, and Worms The damage from malicious code ranges from deleted files to system downtime and lost bandwidth to lost business. In addition to loss in productivity, there is a risk of losing sensitive data.
Effective use of Anti-virus Software Anti-virus software identifies a virus by matching the program code with a known virus in its signature file. Now a days anti-virus software scan a file, whenever one is opened, executed, or copied. A number of malicious programs that can ride on documents are called macro viruses.
Effective use of Anti-virus Software Anti-virus software searches for malicious code by comparing the file it is examining with a database of signatures. These signatures provide the information that allows the software to identify which virus, worm, or Trojan horse corresponds to the code. Anti-virus software vendors update the signature database as and when new malicious programs are identified.
Use the Internet Connecting to the Internet. Sharing Files.
Connecting to the Internet Connections through a firewall provide some protection against hackers looking for vulnerable systems. Unlike dial-up connections, broadband (DSL and cable modems) are always-on connections. If a computer is attached to an always-on connection, it is sure to be found by a hacker.
Connecting to the Internet Desktops can be protected from attacks over Internet connections in the following ways: Anti-virus software that is updated frequently. Patching the systems and following proper configuration procedures. Using some type of firewall system. Home systems can be protected by any of the personal firewall products that are on the market.
Sharing Files There are two primary mechanisms for sharing files on the Internet from desktop computer systems are by using shares and using peer-to-peer file sharing programs. In offices, network file servers make all or part of their hard drives available for mapping across the Local Area Network. The same type of sharing can be performed across the Internet.
Sharing Files Once a folder or drive is opened for sharing, a hacker may find the share during a normal scan on the Internet. Peer-to-peer (P2P) programs such as Gnutella and Kazaa have found popularity because they can be used to share music files. A computer connected to a P2P network can share files with hundreds of other computers.
Sharing Files Once installed, the P2P program allows the user to identify which files are to be shared. Since these programs are downloaded from the Internet, they may contain code that allows other users to browse the entire hard drives.
Protect Against Physical Tampering Sensitive information is Encryption can be often carried on portable accomplished by: computer systems. Encrypting each file. 筆記型電腦失竊 9.8萬人的 Encrypting the entire 資料外洩 (CNET新聞專區, folder. 2005/3/30) Encrypting the entire One mechanism used to hard drive. protect the information on While traveling, ensure the system is to encrypt it. computer systems and data are not stolen.
Summary Desktop systems are a major source of information security risk for an organization. The organization should have mechanisms in place for identifying a malicious code as soon as it enters the organization.
Summary Connections through a firewall provide protection to some extent against hackers looking for vulnerable systems. Sensitive information is often carried on portable computer systems.

Recommended

Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threats
rashidalkamdah
 
Network Security
Network SecurityNetwork Security
Network Security
forpalmigho
 
Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasure
Edie II
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
Kudzai Rerayi
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutions
hassanmughal4u
 
Software theft
Software theftSoftware theft
Software theft
chrispaul8676
 
Network management and security
Network management and securityNetwork management and security
Network management and security
Ankit Bhandari
 

Recommended

Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threats
rashidalkamdah
 
Network Security
Network SecurityNetwork Security
Network Security
forpalmigho
 
Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasure
Edie II
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
Kudzai Rerayi
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutions
hassanmughal4u
 
Software theft
Software theftSoftware theft
Software theft
chrispaul8676
 
Network management and security
Network management and securityNetwork management and security
Network management and security
Ankit Bhandari
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
Dushyant Singh
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security risks
hazirma
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
Aamlan Saswat Mishra
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today
Velocity Network Solutions
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Windows network security
Windows network securityWindows network security
Windows network security
Information Technology
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer security
Computer securityComputer security
Computer security
fiza1975
 
Hacking
HackingHacking
Hacking
blues_mfi
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
IGZ Software house
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
Karwan Mustafa Kareem
 
Computer security overview
Computer security overviewComputer security overview
Computer security overview
CAS
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
sonuagain
 
Free Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFree Libre Open Source Software Development
Free Libre Open Source Software Development
Frederik Questier
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
 
Computer Security
Computer SecurityComputer Security
Computer Security
William Mann
 
Computer security risks
Computer security risksComputer security risks
Computer security risks
Aasim Mushtaq
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic concepts
Khoa Nguyen
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
phanleson
 
Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Risk
phanleson
 

More Related Content

What's hot

3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security risks
hazirma
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 

What's hot (20)

Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security risks
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Windows network security
Windows network securityWindows network security
Windows network security
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Computer security
Computer securityComputer security
Computer security
 
Hacking
HackingHacking
Hacking
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
 
Computer security overview
Computer security overviewComputer security overview
Computer security overview
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
 
Free Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFree Libre Open Source Software Development
Free Libre Open Source Software Development
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer security risks
Computer security risksComputer security risks
Computer security risks
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic concepts
 

Viewers also liked

Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
phanleson
 
Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Risk
phanleson
 
Ch18 Internet Security
Ch18 Internet SecurityCh18 Internet Security
Ch18 Internet Security
phanleson
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
phanleson
 
Ch09 Information Security Best Practices
Ch09 Information Security Best PracticesCh09 Information Security Best Practices
Ch09 Information Security Best Practices
phanleson
 

Viewers also liked (8)

Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
 
Ch07 Managing Risk
Ch07 Managing RiskCh07 Managing Risk
Ch07 Managing Risk
 
Ch11 Vpn
Ch11 VpnCh11 Vpn
Ch11 Vpn
 
Ch18 Internet Security
Ch18 Internet SecurityCh18 Internet Security
Ch18 Internet Security
 
Ch08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.comCh08 8 Information Security Process it-slideshares.blogspot.com
Ch08 8 Information Security Process it-slideshares.blogspot.com
 
Ch06 Policy
Ch06 PolicyCh06 Policy
Ch06 Policy
 
Ch12 Encryption
Ch12 EncryptionCh12 Encryption
Ch12 Encryption
 
Ch09 Information Security Best Practices
Ch09 Information Security Best PracticesCh09 Information Security Best Practices
Ch09 Information Security Best Practices
 

Similar to Ch14 Desktop Protection

Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
backdoor
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Form4 cd2
Form4 cd2Form4 cd2
Form4 cd2
smktsj2
 
Computer power point presentation
Computer power point presentationComputer power point presentation
Computer power point presentation
Pranjal Mishra
 

Similar to Ch14 Desktop Protection (20)

Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Societal Impacts Of IT (Class X)
Societal Impacts Of IT (Class X)Societal Impacts Of IT (Class X)
Societal Impacts Of IT (Class X)
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Mitppt
MitpptMitppt
Mitppt
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
Safe Computing At Home And Work
Safe Computing At Home And WorkSafe Computing At Home And Work
Safe Computing At Home And Work
 
Data security
Data securityData security
Data security
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
AI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from PatentsAI for Ransomware Detection & Prevention Insights from Patents
AI for Ransomware Detection & Prevention Insights from Patents
 
It kamus virus security glossary
It kamus virus security glossaryIt kamus virus security glossary
It kamus virus security glossary
 
Form4 cd2
Form4 cd2Form4 cd2
Form4 cd2
 
computer security
computer securitycomputer security
computer security
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Computer power point presentation
Computer power point presentationComputer power point presentation
Computer power point presentation
 
security By ZAK
security By ZAKsecurity By ZAK
security By ZAK
 
Information Technology - System Threats
Information Technology - System ThreatsInformation Technology - System Threats
Information Technology - System Threats
 

More from phanleson

Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XML
phanleson
 

More from phanleson (20)

Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
 
Authentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless ProtocolsAuthentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless Protocols
 
E-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server AttacksE-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server Attacks
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
HBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designHBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table design
 
HBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - OperationsHBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - Operations
 
Hbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBaseHbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBase
 
Learning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibLearning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlib
 
Learning spark ch10 - Spark Streaming
Learning spark ch10 - Spark StreamingLearning spark ch10 - Spark Streaming
Learning spark ch10 - Spark Streaming
 
Learning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLLearning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQL
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Cluster
 
Learning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark ProgrammingLearning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark Programming
 
Learning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your DataLearning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your Data
 
Learning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value PairsLearning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value Pairs
 
Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about LibertagiaHướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
 
Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XML
 
Lecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the WebLecture 4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the Web
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Ch14 Desktop Protection

  • 2. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
  • 3. Overview Desktop systems are a major source of information security risk for an organization. The risk comes from: Malicious code. The Internet. Physical tampering. Increase in the use of server services (Web, FTP, and SQL servers) on desktops.
  • 4. Protect Against Malicious Code The organization should have mechanisms in place for identifying malicious code as it enters the organization via electronic mail. Anti-virus software should be installed on desktop computers. This software must be configured properly to provide the greatest protection.
  • 5. Protect Against Malicious Code Issues with viruses, Trojan horses, and worms. Effective use of anti-virus software.
  • 6. Issues with Viruses, Trojan Horses, and Worms Malicious code can greatly affect an organization. The time required to clean up after malicious code adds hidden costs. There are four primary mechanisms that deliver malicious code are e-mail, instant messenger, disks, and shared files. Employee access makes it difficult to stop the entry of malicious code. • 國防部外電腦遭病毒入侵 沒有機密外洩 (中廣新聞網,2005/11/28)
  • 7. Issues with Viruses, Trojan Horses, and Worms The damage from malicious code ranges from deleted files to system downtime and lost bandwidth to lost business. In addition to loss in productivity, there is a risk of losing sensitive data.
  • 8. Effective use of Anti-virus Software Anti-virus software identifies a virus by matching the program code with a known virus in its signature file. Now a days anti-virus software scan a file, whenever one is opened, executed, or copied. A number of malicious programs that can ride on documents are called macro viruses.
  • 9. Effective use of Anti-virus Software Anti-virus software searches for malicious code by comparing the file it is examining with a database of signatures. These signatures provide the information that allows the software to identify which virus, worm, or Trojan horse corresponds to the code. Anti-virus software vendors update the signature database as and when new malicious programs are identified.
  • 10. Use the Internet Connecting to the Internet. Sharing Files.
  • 11. Connecting to the Internet Connections through a firewall provide some protection against hackers looking for vulnerable systems. Unlike dial-up connections, broadband (DSL and cable modems) are always-on connections. If a computer is attached to an always-on connection, it is sure to be found by a hacker.
  • 12. Connecting to the Internet Desktops can be protected from attacks over Internet connections in the following ways: Anti-virus software that is updated frequently. Patching the systems and following proper configuration procedures. Using some type of firewall system. Home systems can be protected by any of the personal firewall products that are on the market.
  • 13. Sharing Files There are two primary mechanisms for sharing files on the Internet from desktop computer systems are by using shares and using peer-to-peer file sharing programs. In offices, network file servers make all or part of their hard drives available for mapping across the Local Area Network. The same type of sharing can be performed across the Internet.
  • 14. Sharing Files Once a folder or drive is opened for sharing, a hacker may find the share during a normal scan on the Internet. Peer-to-peer (P2P) programs such as Gnutella and Kazaa have found popularity because they can be used to share music files. A computer connected to a P2P network can share files with hundreds of other computers.
  • 15. Sharing Files Once installed, the P2P program allows the user to identify which files are to be shared. Since these programs are downloaded from the Internet, they may contain code that allows other users to browse the entire hard drives.
  • 16. Protect Against Physical Tampering Sensitive information is Encryption can be often carried on portable accomplished by: computer systems. Encrypting each file. 筆記型電腦失竊 9.8萬人的 Encrypting the entire 資料外洩 (CNET新聞專區, folder. 2005/3/30) Encrypting the entire One mechanism used to hard drive. protect the information on While traveling, ensure the system is to encrypt it. computer systems and data are not stolen.
  • 17. Summary Desktop systems are a major source of information security risk for an organization. The organization should have mechanisms in place for identifying a malicious code as soon as it enters the organization.
  • 18. Summary Connections through a firewall provide protection to some extent against hackers looking for vulnerable systems. Sensitive information is often carried on portable computer systems.