It security question
Information Technology Assignment
Prepared by (Student’s Name)
Topic 3: Encryption
The use of encryption assures one using either of the operating systems in place of immediate security and protection. It is important to note that encryption is a mechanism that uses a mathematical formula known as a cipher and a consequent key that is needed for converting readable information that is presented as plain text into a data that cannot be comprehended or rather cipher text (SANS, 2011). Something worth to note is that cipher is the fundamental concept behind the use of encryption while the key makes the data more unique. In fact, it will only be people with the unique key that can decipher information from the different operating systems (SANS, 2011). Keys used for this purpose are always composed of a long chain of numbers that are protected by a similar authentication feature like passwords and biometrics that might include fingerprints.
Primarily, the process of encryption is conducted in three ways that could include; the encryption of particular files; encryption of entire folders or even conducting encryption of entire hard drives (SANS, 2011). In truth, most of the existing operating systems that include Linux or windows only support one of these three options however; others can accommodate all of these forms of encryption. Research indicates that the encryption of the entire hard disk drive, which is popularly known as the full disk encryption (FDE) is deemed to be the most secure way of the three options provided above (SANS, 2011). Full Disk Encryption goes forward to encrypt all forms of data on a personal computer hard drive that also extends to possible temporary files present. Particularly so, full disk Encryption further simplifies the entire securitisation process since one does not have to decide on what to encrypt or not as every data falls within the threshold of encryption.
Information that is on transit is also on the risk of vulnerability hence a need to encrypt operating systems (SANS, 2011). A sender of information should understand that information that is not encrypted can be monitored and captured within an online platform. For this case, it is advised that the HTTPS form of encryption should be adopted or going ahead to link OS with only secured websites. This will technically mean that the overall traffic that exists between browser being used by the OS and the website at hand is entirely subjected to immediate encryption.
There are a good number of encryption software that has come up with the purpose of protecting and securing OS from possible attacks.
One of the most renowned encryption software is the Pretty Good Privacy (PGP) email encryption that was developed in the early 1990s (SANS, 2011). The software is far much preferred since it is open source in nature. It allows possible communication when each of the party is able to generate personal PGP key that is known as key pair that are distinctively split into public and secret key. In the event that a person has a public key, then they are supposed to either encrypt messages that can only be deciphered using a secret key or they can opt to verify distinctive signatures that were produced with the underlying secret keys (Lee, 2013). Having possession to the secret key can help one either to decrypt messages that were previously subjected to encryption while using public and engage in a digital signing of messages (Lee, 2013). On important aspect to note about secret keys is that they are primarily encrypted with a distinctive passphrase hence even in the event that a personal computer is compromised and the secret key accessed, the attacker will be compelled to get the passphrase prior to having access to the operating system at hand.
Topic 4: Secure Networks
It is crucial to note that the future securities of communities across the globe highly depends on the manner for which networks are deemed to be reliant the evolution of new technologies. New network technologies that could greatly incorporate the Internet propels the aspect of fragmentation into a subsection of loosely linked both open and closed societies that are overseen by distinct and unique set of principles (Hogben, 2007). It is ascertained that new network technologies on different societies are exposed to a high degree of unwarranted emergent behaviours, which has resulted to a difficulty especially in relation to efforts made to protect people against crime. The modern network systems are now being developed within an environment that focuses to allow interdependent systems of such processess as production; consumption and different control mechanism (Hogben, 2007). As a result of this new technological environment, there has been a significant rise in the perception related to risks and, also to absolutely new meanings and, interpretations of the overall security of a certain security feature of intense network developments. In fact, users are able to assess the degree of risk involved as either being more or less uncertain in relation to the future weight of consequences involved.
The crucial aspect related to network security challenges has continued to be invoked by most of the users that are relatively concerned with the improvising the potentiality of identity frauds, alterations that exist between both the private and public-related information requirements, and the overall role played by the society at large (Hogben, 2007). It also involves the distinct interfaces that exist between technological-based advancements and the society at large.
A perfect example of new technological network that has resulted to less security for societies is the recently developed social media platforms like Facebook, and Twitter. Research indicates that aspects related to identity theft and, also authentication is the new primary security issues that have come about as a result of social media networking sites (Hogben, 2007). There have been intensive propositions made for the usage of identity cards in these social networks but none of them have been implemented. In essence, social networks have been placed under uncertain situations that have failed to ascertain whether they fall within the monotholic proprietary or even open-based application software especially in the federal identity management space (Hogben, 2007). As a stringent component of the identity management systems; social networks like Facebook entails storage of personal data. It is deemed to be the largest repository of personal images on the internet, which is an indication that a significant number of personal profiles in the world are not held by the different government agencies but rather on data warehouses owned by different social networking providers. It thus goes without saying that social networks satisfy the Identity Management software application criterion however; it is largely dependent on an open source development framework (Hogben, 2007). The fact that social networks have the capacity to leverage extensive warehouses of personal information under their own control mechanism provides an imminent challenge to security as even most of the major terror attacks in history were dependent on this feature. A perfect example of this is during the Mumbai terror attack in India where terrorists used different search engines to identify the personal background of their hostages before making the decisions on who to kill and those to survive (Hogben, 2007). In fact, with the recent series of developments by such social network providers as Facebook and MySpace in the formulation of data-portability application initiatives interfaces(API) has allowed the possibility of incorporating a user’s social network profile data into external web applications hence allowing even more exposure and providing less security altogether.
Topic 5: Access Control
Yes. They should use passwords to protect their personal computers from walk-up attacks and they should ensure to employ stronger set of passwords for that purpose. Passwords are the most notable keys that permit access to the machine since they provide the popular way of proving one’s identity and thus, allow logging into the computer for accessing information (Renaud & De Angeli, 2004). In today’s’ world, cyber criminals have come up with efficient ways of automatic the capacity to guess and thus retrieve passwords from individuals. Therefore, in order to ensure maximum level of protection, it is crucial that these passwords are difficult to guess and retrieve but at the same time select one that is easily remembered. For a stronger set of password, it is recommended that it should have a minimum of one number and a word in Caps lock. It should have a minimum of a single symbol and should always have a minimum of 12 words.
Of particular interest to note, a stronger set of passwords is not enough since a user is expected to protect them. Passwords are efficient in making sure to provide intense security and confidentiality of data that is stored within the personal computer as whole (Renaud & De Angeli, 2004). They form the initial step towards protecting walk-up attacks and thereby intrusion of unwarranted access to private information. They protect personal level of information that should not be accessed anyone else expect the owner. The ability to set a strong set of passwords is of great benefit since weak ones can possibly allow viruses gaining access to personal computer and thereafter spread to the underlying SAN network (Renaud & De Angeli, 2004). An easy to retrieve set of password can further allow possible hackers to utilise computers to hack into other computers that are connected to a single point network platform. In fact, it is established that hackers can go way ahead to use personal e-mail accounts to send malicious messages to people in one’s contact.
As mentioned earlier on, the development of passwords should allow for easier retention mechanism. It is ascertained that even with the most perfect procedures in place; passwords can be accidentally shared or even get known by third-parties without the consent of the owner thereby weakening the level of security it is supposed to cover (Renaud & De Angeli, 2004). For that case, it is necessary that these passwords are changed from one time to another and on a regular basis. In essence, whenever creating a give password procedure, it is crucial to ascertain elements that can help foster its strength hence the relevance of adopting software security settings. One of the most crucial goals in security of personal computers lies in the designing of a distinct system that seeks to optimise the effective password space. Considering the fact that effective passwords spaces are established by a specific user behaviour, it should thus include a usability aspect as well, which seeks to ensure that users choose secured passwords that cannot sacrifice the entire usability of the system at hand. Research indicates that the most notable challenge attributed to measuring the efficiency of password space lies in establishing their respective proximity functionalities (Renaud & De Angeli, 2004). The FRR or rather False Rejection Rate; means that the underlying probability that the calculated score for two or more fingerprints emanating from a single set of finger is below the fixed matching minimum requirement and thereby, ascertained to be a false considered as non-match (Renaud & De Angeli, 2004). In fingerprinting scanning, FRR remains high whenever there is a failure to select the minimum threshold. To ensure a minimum False Rejection Rate, it is important that PC encompasses efficient systems that ensure to collect fingerprints in a sufficient and effective methodology.
Topic 6: Firewalls
It is important to note that malware are popularly known as malicious codes or software and is an executable file or even a distinct application that are directly injected into operating systems (Chiasson et al, 2008). They can take the form of Trojan horses, Root kits and Backdoors. It is specifically designed to intrude and thus compromise the operating systems’’ immediate level of confidentiality, integrity and even availability (Chiasson et al, 2008). In most cases, malware are executed on internal level of networks and it thereby avails full control of these operating systems to its developer when it is injected into the victim systems.
Detection of malware in operating systems can be conducted using a signature-focused works on the byte or binary patterns or even hashes (Chiasson et al, 2008). The immediate outcome that emanate from comparing between databases of signatures and a program goes ahead to depict it as either being a malware or even not. Malware authors engage in the creation of numerous versions of a given malware in order to possibly avoid the detection from the signature-based methodologies (Chiasson et al, 2008). In fact, the level of difficulty is ascertained whenever a newer version of the malware is developed to ensure the protection from possible intrusion. Detection can also be conducted using a behavioural-based detection approach that recognises malware by way of searching the codes or even through a virtual sandbox environment in order to establish possible malicious activity.
There have been lots of studies conducted to ascertain the ability of malware to bypass detection systems thereby compromising operating systems (Chiasson et al, 2008). The immediate concern rests on their functionality aspect of the malware to change itself and thereby prevent possible detection mechanisms in place.
One of the most known ways through malware bypass AV related products and mechanisms is by way of creating new set of malware. The new malware cannot be detected since it has renamed itself hence composed of unknown set of strings that none of the AV detection techniques can detect it and this is especially evident whenever there is a decrease of its overall suspicious behaviours (Chiasson et al, 2008). Bypass in this case is done through renaming of malware extensions but making sure to alter these extensions so that they revert back to their original format whenever the file is accessed by the victim at hand (Chiasson et al, 2008). For most cases, the best way for which this renaming malware technique is developed is by social engineering approaches. In contrast, this form of attack is highly dependent on the degree of strength of the AV at hand. The ability to rename file extensions and thereafter permit manipulation, a file header is considered to be the most notable way of ensuring bypass of the firewalls in place (Chiasson et al, 2008). There is no known reliable way of detecting a malware from penetrating the firewalls and thus, the user is expected to conduct efficient analysis activities of programs. In fact, the best way is to ensure to utilise a new system that focuses on detecting a new and unknown malware that is based on their relative behaviours in order to protect users’ personal computers.
Chiasson, A, Forget, A, Biddle, R & Van Oorschot, P.C. 2008, Influencing users towards better passwords: Persuasive cued Click-Points. British Computer Society. Retrived from http://cups.cs.cmu.edu/~aforget/Chiasson_HCI2008.pdf
Hogben, G. 2007. Security Issues in the Future of Social Networking, ENISA Position Paper. Retrieved on August 23, 2016 https://www.w3.org/2008/09/msnws/papers/Future_of_SN_Giles_Hogben_ENISA.pdf
Lee, M. 2013. Encryption Works: How to protect your privacy in the age of NSA Surveillance. Retrieved on August 23, 2016 from https://freedom.press/sites/default/files/encryption_works.pdf
Renaud, K. & De Angeli, A. 2004. My password is here! An investigation into visuo-spatial authentication mechanisms. Interacting with Computers, 16(6), 1017-1041
SANS. 2011. Understanding Encryption. The Monthly Security Awareness Newsletter for Computer Users. Retrieved on August 23, 2016 from https://www.txdps.state.tx.us/SecurityReview/SANS%20Newsletters/Ouch2011-07.pdf