SlideShare ist ein Scribd-Unternehmen logo

Cscu module 06 internet security

Alireza Ghahrood
Alireza Ghahrood

آگاهی رسانی امنیت اطلاعات 2020-1399

Serviceleistungen
1 von 51
Downloaden Sie, um offline zu lesen
1 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Internet Security Simplifying Security. Module 6
Alireza Ghahrood Security Solution Provider : Cyber Space |BigData |Cloud |Virtualization www.about.me/alirezaghahrood | Cell :+98 (912) 1964383 |
OurView: Bolstering Internet Security Is Imperative On Monday, the Obama administration proposed a much‐needed international effort to bolster the security of the Internet. It’s needed because cyberspace has come to serve as both a communications miracle and, potentially, one of the greatest threats to our security in the 21st century. That description may seem like hyperbole as it pulls in two completely different directions. But there are justifications for both descriptions. The Internet is arguably the greatest technological breakthrough introduced to our society since the television. Perhaps that’s more hyperbole, unless you consider just how much of our world now is tied to online access and interconnectivity. The 2010 census noted that 68.7 percent of all U.S. households have Internet connections; a vast majority of businesses also use the Web for marketing or for inventory purposes, among other tools. Cyberspace has become a staple in our lives, even if you don’t have an Internet connection in your home or office. Our banking, our medical records, our credit and our businesses are all linked in some form to the Web. So, too, is much of our infrastructure, our communication and our national security. Odds are, there is something you want, rely on or need each day that is dependent on Internet connectivity for you to have it. That may not be a game‐changer in terms of how you live your life, but it’s definitely a sobering impact. 3 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . http://www.yankton.net May 18, 2011 1:15 AM CDT
4 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . MODULE OBJECTIVES Internet Security Internet Explorer Security Settings Mozilla Firefox Security Settings Google Chrome Security Settings Apple Safari Security Settings Instant Messaging (IMing) Searching on the Web Online Gaming and MMORPG Online Gaming Risks Security Practices Specific to Gaming Child Online Safety Role of Internet in Child Pornography Protecting Children from Online Threats How to Report a Crime? Internet Security Laws Internet Security Checklists
MODULE FLOW 5 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
Canada Ukraine Hungary 1.84% 1.97% 2.03% Top 10 Malware Hosting Countries http://www.findmysoft.com 6 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . INTERNET SECURITYInternet security involves protecting user data from unauthorized access and damage when connected to the Internet A proper browser configuration helps in preventing malware infection, protecting personal information, and preventing or limiting the damage from an cyber attack Online attack paths:  Emails  Instant messaging  Chat rooms  File sharing and downloads United States France 10% 39% Russia 8.72% Germany 5.87% China United Kingdom 2.68% 5.04% Poland 2.43%
INTERNET EXPLORER SECURITY SETTINGS 7 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Launch Internet Explorer, click the Tools button, and select Internet options Select the Security tab, which displays websites classified into four zones: 1. Internet 2. Local Intranet 3. Trusted sites 4. Restricted sites
Internet Explorer Security Settings: Internet Zone The Internet zone is for all the Internet websites except for those listed in the Trusted or Restricted zones Click Custom level to set the Internet zone security settings Disable or enable the required options Move the slider to change the security level Set the security level for the zone High to ensure higher security Maintaining the higher security level may degrade the performance of the browser Click OK to apply the settings 8 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Internet Explorer Security Settings: ActiveX ControlsActiveX controls are small programs that work over the Internet through the browser They include customized applications that are required to gather data, view select files, and run animations when the user visits websites Malware is downloaded onto the user system through ActiveX controls when he/she visits malicious websites Disable the ActiveX controls and plug‐ins options in the Security Settings window Enable the Automatic prompting for ActiveX controls option so that the browser prompts when there is a requirement of ActiveX controls and plug‐ins to be enabled Click OK to apply the settings 9 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
9 Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibite Internet Explorer Security Settings: Local Intranet Zone Local intranet zone covers the sites on intranet Steps to add websites to Local intranet zone:  Select Security  Local Intranet  Click Sites  Click the Advanced button  Enter the URL into Add this website to the zone column and click Add  Click OK to apply the settings cil d.
Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited.All Right 10 Internet Explorer Security Settings:Trusted Sites Zone The Trusted sites zone contains those websites that the users believe will not damage their computers or data  Select Security  Trusted sites  Click the Sites button  Enter the URL into Add this website to the zone column and click Add  Click OK to apply the settings l s R
11 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Internet Explorer Security Settings: Restricted ZoneThe Restricted sites zone restricts the access to the websites that might cause damage to a computer To add restricted websites to Restricted sites zone:  Select the Security tab and choose Restricted sites  Click the Sites button  Enter the site URL into the Add this website to the zone column to restrict the access  Click Add and then click OK to apply the settings
UNDERSTANDING COOKIES 13 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . A cookie is information that is provided by a web server to web browser and then sent back unchanged by the browser each time it accesses that server When the website is revisited, the browser sends the information back to it to help recognize the user This activity is invisible to the user and is generally intended to improve the web surfing experience (for example, at an online store)
The user can limit the information that is stored in a cookie A cookie is only a text file and cannot search a drive for information or carry a virus To configure cookie settings:  Choose Internet options from the Tools menu on the browser  Select the Privacy tab and use the slider to set the level at low, medium, medium‐high, or high  Block all or accept all cookies depending upon the requirement  Check the Turn on Pop‐up Blocker option to block the pop‐ups that appear while visiting some websites INTERNET EXPLORER PRIVACY SETTINGS 14 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibite 14 DELETING BROWSING HISTORY 1. Choose Internet options from the Tools menu on the browser 2. Go to the Browsing history section 3. Check the desired options in the Delete Browsing History dialog box 4. Click Delete to delete the browsing history cil d.
Do Not Allow the Browser to Remember any Password Internet Explorer Autocomplete Password prompt Firefox Remember Password prompt 16 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Setting Download options in Internet Explorer SECURING FILE DOWNLOADS 17 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . To configure the download settings for Internet Explorer, navigate to Tools  Internet options  go to Security tab Click the Custom Level button in the Security Settings window In the Downloads menu Enable the Automatic prompting to File downloads and File download options Click OK to save the settings
MOZILLA FIREFOX: SECURITY SETTINGS 18 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Launch the Mozilla Firefox browser Click the Tools menu item and select Options
MOZILLA FIREFOX: SECURITY SETTINGS 19 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Select Security from the Options window Check the option Warn me when sites try to install add‐ons so that the browser prompts before installing add‐ons to the browser Click the Exceptions button and enter the URL into Address of Website box and click Allow to specify which websites are allowed to install add‐ons Check the Block reported attack sites option to avoid visiting malicious websites Check the option Block reported web forgeries to actively check whether the site being visited is an attempt to steal personal information Uncheck the Remember passwords for sites option to prevent the browser from remembering the passwords for the login pages visited
19 Copyright © by EC-Counc All Rights Reserved. Reproduction is Strictly Prohibite MOZILLA FIREFOX: PRIVACY SETTINGS Select Privacy in the Options window The user can choose if Firefox remembers the browsing history Click clear your recent history Select the Time range to clear the history Check the options required to clear the history and click Clear Now il d.
Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights 20 SECURING FILE DOWNLOADS Do not accept file downloads from unknown members on the Internet  These downloads may contain malware that will degrade computer performance File are downloaded by default to My Documents  Downloads  The user may configure the browser settings so that he/she is prompted to specify the location to save the file Re
Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights 21 To configure the download settings for Mozilla Firefox, navigate to Tool  Options  General Check the option Always ask me where to save the file to allow the browser to ask before downloading a file and to specify the location to which it will be downloaded The browser directly downloads the file to the default location without any intimation if this option is unchecked Setting Download options in Mozilla Firefox SECURING FILE DOWNLOADS Re
INSTALLING PLUGINS 23 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 1 2 3 4 The Install Missing Plugins message appears while opening some websites Plug‐ins are required to display files, graphics or play a video on a webpage Check if the source of missing plug‐ins is trustworthy or not Scan the downloaded plug‐in using an antivirus software before installing it
Google Chrome Privacy and Security Settings Launch Google Chrome Click the icon, then select Options 24 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
GOOGLE CHROME: PRIVACY SETTINGS 25 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Click the Under the Hood tab in Google Chrome Options window Under Privacy, check the desired web services Check the Use DNS pre‐fetching to improve page load performance option DNS pre‐fetching stands for Domain Name System pre‐fetching  When the user visits a webpage, Google Chrome can look up or pre‐fetch the IP addresses of all links on the webpage Check the option Enable phishing and malware protection to prevent the browser from opening any malicious websites
25 Secure Sockets Layer (SSL) is an Internet protocol used by many websites to ensure safe data encryption and transmission The SSL setting in web browsers is turned on by default Some websites require older version of SSL 2.0; check the Use SSL 2.0 option in such conditions Check the check for server certificate revocation option to turn on real‐time verification for the validity of a website's certificate GOOGLE CHROME: SECURITY SETTINGS C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Launch the Safari browser To change the settings, select the icon and then select Preferences APPLE SAFARI: SECURITY SETTINGS C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 26
27 Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibit APPLE SAFARI: SECURITY SETTINGS  Select the Security tab in the preferences window  The Web Content section permits the user to enable or disable various forms of scripting and active content  It is recommended to accept cookies only from the sites visited  Checking this option allows the browser to warn the user before opening any website that is not secure cil ed.
Testing the Browser for Privacy Launch the Internet browser and navigate to http://privacy.net/ analyze/ to test the privacy Click Click here to take the browser test and analyze the privacy of your Internet connection 29 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
MODULE FLOW 30 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
INSTANT MESSAGING (IMING) 31 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Instant Messaging (IMing) allows the user to interact with other people on the Internet using a software application
INSTANT MESSAGING SECURITY ISSUES 32 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . IMWorm  A worm that harms the computer and locates all the contacts in the IM address book  The IMWorm tries to send itself to all the contacts in the user’s IM contact list Social Engineering  Social engineering depends on human interaction that involves tricking people through IM and getting their personal information Spam over IM( SPIM)  SPIM is spam delivered through IM instead of delivering it through email  IM systems such as Yahoo! Messenger, AIM, Windows Live Messenger, and chat rooms in social networking sites are popular targets for spammers
INSTANT MESSAGING SECURITY MEASURES 33 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Do not reveal personal information on IMs Do not accept links received from unknown people on IM Sign out of the IM application after using it Block the users who send unsolicited web‐links Always use strong passwords Do not check the Remember password option
Searching on theWeb Search engines display hundreds of results for a search query Not all the web page results obtained by the search engine are secure To add Add‐ons in the Mozilla Firefox browser, navigate to Tools Add‐ons  Get Add‐ons To filter the malicious search results, use an antivirus application as an add‐on to the browser and Enable it 34 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
MODULE FLOW 35 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
It has also become the target for attackers for the large amounts of money involved Online gaming has become a popular pastime, especially due to high‐speed Internet and MMORPGs are popular worldwide and the revenues for these games are well over a billion dollars emerging technology In the world of MMORPGs, also known as online games, players can meet other players, become friends, engage in a battle, fight against evil, and play Massively Multiplayer Online Role‐ Playing Game (MMORPG) is a type of computer role‐playing games in which a large number of players interact with one another within a virtual game world 36 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . ONLINE GAMING AND MMORPG
Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited. l s RAll Right 36 Interactions with potential fraudsters who may trick the gamer to reveal personal/financial information Computer intruders exploiting security vulnerabilities Online and real‐world predators Malware such as viruses, Trojan horses (Trojans), computer worms, and spyware ONLINE GAMING RISKS
Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. 37 INSECURE OR COMPROMISED GAME SERVERS AND GAME CODING If the software at the game server is compromised, the computers that are connected to the server can also be compromised Any game with a network connection has a risk involved The attacker may even use the vulnerabilities to crash the gaming server The vulnerabilities in the game server can be used by the attackers to:  Steal game passwords  Steal information from the gamers’ computers  Control the gamers’ computers remotely  Launch attacks on other computers  Install programs such as Trojans, adware, spyware The game code is generally not as well analyzed as the other software coding This may result in introducing unknown vulnerabilities onto the computer
Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited. l s RAll Right 38 Social Engineering Identity Theft Protection Schemes Cyber Prostitution Virtual Mugging SOCIAL RISKS The attackers may use the social interaction in the online game environment to attack the unprotected computers or to exploit security vulnerabilities
Attackers may trick the gamers into installing malicious software on their computers by social engineering They offer a bonus or help in the game in exchange for other players’ passwords or other information in the game forums on a game server The gamers who are looking for ways to make the play easier respond to such offers Attackers send phishing emails supposedly from the game server administrators, which will invite the player to authenticate his/her account via a website linked in the message SOCIAL ENGINEERING 40 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Note: Game Masters (GMs) of a game will never ask a gamer for his/her username and/or password
MESSAGE FROM A GAMER ABOUT A PASSWORD STOLEN BY A MALICIOUS PROGRAM 41 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . http://www.securelist.com
Organized crime has emerged in South Korean gaming community The criminal organizations force the gamers into protection schemes, where the gamers have to pay money (virtual or real) to avoid killing of the gamers’ characters and theft of the passwords Online games are being used for cyber prostitution where the customers/gamers pay money for cybersex In The Sims online, a Massively Multiplayer Online (MMO) game, a 17‐ year‐old developed a cyber “brothel”, where the gamers paid Sim‐money (Simoleans) for cybersex per minute The gamers’ accounts were eventually cancelled Virtual mugging was coined when some players of Lineage II used bots to defeat other gamers and take their items; these items were later put on sale in online auctions Protection Schemes PROTECTION SCHEMES, CYBER PROSTITUTION, AND VIRTUAL MUGGING 42 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Cyber Prostitution Virtual Mugging
42 All Rights Reserved. Repro http://www.securelist.com Stolen items such as passwords or virtual items are put on sale on websites, such as eBay, or on forums These are sold to other gamers for real or virtual money The cyber criminal may ask the gamer for ransom in return for this information HOW THE MALICIOUS USERS MAKE MONEY Copyright © by EC-Council duction is Strictly Prohibited.
Security Practices Specific to Gaming 44 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
21 Some games require the game to be run in Administrator mode  If that is the case, ensure that the game has been downloaded from a trusted website/vendor Free downloads of games may contain malicious software, including plugins to run the game  This software may be used to gain administrator level control of the computer Instead of using the administrator account, the gamer is advised to browse the Internet or play the games using a User Account, which may deny the attacker access to administrator rights 3 Recognize Administrator Mode Risks 45 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights Re 45 Some of the games played over the web require ActiveX or JavaScript to b enabled e Recognize Risks due to ActiveX and JavaScript
Play the Game, Only at the Game Site Play the games at the game site and save the Internet browsing for later Once done with playing the game, switch to the user account to browse the Internet This reduces the risk of visiting a malicious website when playing a game 47 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Play fire fr ing certain multiplayer games may require the wall settings to be changed to allow information om the game to get through to the gamers’ computers Every time the permissive settings are changed on the firewall, the risk of computer security concerns increases In the firewalls, the gamer can designate the fellow gamers’ IP addresses as trusted to avoid any interactions with the attacker Pay Attention to Firewall Management 48 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
MODULE FLOW 49 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
The risks involved when a child works online include: Misdirected searches Stealth sites and misleading URLs Online sexual harassment  Child pornography  Grooming  Cyberbullying RISKS INVOLVED ONLINE 50 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
Parents may take all the precautions to protect the child online, but all that could be negated when the child is unconsciously led to visit harmful sites When a user searches for websites, the search engines display the results using the meta variables Search engines use terms known as “meta variables” to index a website Porn site promoters add popular search terms to their meta variable list, to redirect the web traffic towards their site Porn sites may use the words “sports”, “school”, “movies”, etc., to lure children to their websites Unless a filtering software is used, the search engines cannot distinguish between the search requests of an adult and a child MISDIRECTED SEARCHES 51 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 1 2 3 4 5 6 Example: a sports website may be indexed by the meta terms “soccer”, “football”, “scores”, etc.

Empfohlen

Cscu module 02 securing operating systems
Cscu module 02 securing operating systemsCscu module 02 securing operating systems
Cscu module 02 securing operating systems
Alireza Ghahrood
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
Sejahtera Affif
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Cscu module 05 data backup and disaster recovery
Cscu module 05 data backup and disaster recoveryCscu module 05 data backup and disaster recovery
Cscu module 05 data backup and disaster recovery
Alireza Ghahrood
 

Empfohlen

Cscu module 02 securing operating systems
Cscu module 02 securing operating systemsCscu module 02 securing operating systems
Cscu module 02 securing operating systems
Alireza Ghahrood
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
Paige Rasid
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
Sejahtera Affif
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Cscu module 05 data backup and disaster recovery
Cscu module 05 data backup and disaster recoveryCscu module 05 data backup and disaster recovery
Cscu module 05 data backup and disaster recovery
Alireza Ghahrood
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
mateenzero
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
Alireza Ghahrood
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
MohammedYaseen638128
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyone
Yasir Nafees
 
IT security
IT securityIT security
IT security
Aman Jain
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
NetWatcher
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information security
SsendiSamuel
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
David Menken
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
Atlantic Training, LLC.
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
Wilmington University
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 
Cyber security
Cyber securityCyber security
Cyber security
Krishanu Ghosh
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
Rea & Associates
 
Cscu module 06 internet security
Cscu module 06 internet securityCscu module 06 internet security
Cscu module 06 internet security
Sejahtera Affif
 
Ce hv6 module 44 internet content filtering techniques
Ce hv6 module 44 internet content filtering techniquesCe hv6 module 44 internet content filtering techniques
Ce hv6 module 44 internet content filtering techniques
Vi Tính Hoàng Nam
 

Weitere ähnliche Inhalte

Was ist angesagt?

Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
Atlantic Training, LLC.
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
Randy Bowman
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
Atlantic Training, LLC.
 

Was ist angesagt? (20)

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Information Security Awareness for everyone
Information Security Awareness for everyoneInformation Security Awareness for everyone
Information Security Awareness for everyone
 
IT security
IT securityIT security
IT security
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information security
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
IT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community CollegeIT Security Awarenesss by Northern Virginia Community College
IT Security Awarenesss by Northern Virginia Community College
 
Cyber security
Cyber securityCyber security
Cyber security
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 

Ähnlich wie Cscu module 06 internet security

Cscu module 06 internet security
Cscu module 06 internet securityCscu module 06 internet security
Cscu module 06 internet security
Sejahtera Affif
 
Techniques For Making 21st Century Learning Tools Safer
Techniques For Making 21st Century Learning Tools SaferTechniques For Making 21st Century Learning Tools Safer
Techniques For Making 21st Century Learning Tools Safer
nerakmac
 
Internet privacy presentation
Internet privacy presentationInternet privacy presentation
Internet privacy presentation
Matthew Momney
 
Support article1224
Support article1224Support article1224
Support article1224
Breanna.org
 

Ähnlich wie Cscu module 06 internet security (20)

Cscu module 06 internet security
Cscu module 06 internet securityCscu module 06 internet security
Cscu module 06 internet security
 
Ce hv6 module 44 internet content filtering techniques
Ce hv6 module 44 internet content filtering techniquesCe hv6 module 44 internet content filtering techniques
Ce hv6 module 44 internet content filtering techniques
 
INT 1010 10-3.pdf
INT 1010 10-3.pdfINT 1010 10-3.pdf
INT 1010 10-3.pdf
 
Techniques For Making 21st Century Learning Tools Safer
Techniques For Making 21st Century Learning Tools SaferTechniques For Making 21st Century Learning Tools Safer
Techniques For Making 21st Century Learning Tools Safer
 
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internetCe hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
 
Hamza
HamzaHamza
Hamza
 
Internet PC Security by Khalil Jubran Mindspring Networks
Internet PC Security by Khalil Jubran Mindspring Networks Internet PC Security by Khalil Jubran Mindspring Networks
Internet PC Security by Khalil Jubran Mindspring Networks
 
Internet privacy presentation
Internet privacy presentationInternet privacy presentation
Internet privacy presentation
 
Web security by khubaib
Web security by khubaibWeb security by khubaib
Web security by khubaib
 
Cyber Safety
Cyber Safety Cyber Safety
Cyber Safety
 
La pecera 3
La pecera 3La pecera 3
La pecera 3
 
Delete Nationzoom
Delete NationzoomDelete Nationzoom
Delete Nationzoom
 
Internet
InternetInternet
Internet
 
Protecting yourself online - second edition - booklet
Protecting yourself online - second edition - bookletProtecting yourself online - second edition - booklet
Protecting yourself online - second edition - booklet
 
computer_security.ppt
computer_security.pptcomputer_security.ppt
computer_security.ppt
 
Hacker tool talk: maltego
Hacker tool talk: maltegoHacker tool talk: maltego
Hacker tool talk: maltego
 
Help Desk Signage
Help Desk SignageHelp Desk Signage
Help Desk Signage
 
How To Remove Browser Hijacker
How To Remove Browser HijackerHow To Remove Browser Hijacker
How To Remove Browser Hijacker
 
Comp 107 cep 8
Comp 107 cep 8Comp 107 cep 8
Comp 107 cep 8
 
Support article1224
Support article1224Support article1224
Support article1224
 

Mehr von Alireza Ghahrood

Manipulating Social Media to Undermine Democracy 2017 Final
Manipulating Social Media to Undermine Democracy 2017 Final Manipulating Social Media to Undermine Democracy 2017 Final
Manipulating Social Media to Undermine Democracy 2017 Final
Alireza Ghahrood
 
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
Alireza Ghahrood
 
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
Alireza Ghahrood
 
NATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
NATO - Robotrolling Report.NATO Strategic Communications Centre of ExcellenceNATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
NATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
Alireza Ghahrood
 
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINEDIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
Alireza Ghahrood
 
Optional Reading - Symantec Stuxnet Dossier
Optional Reading - Symantec Stuxnet DossierOptional Reading - Symantec Stuxnet Dossier
Optional Reading - Symantec Stuxnet Dossier
Alireza Ghahrood
 
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
Alireza Ghahrood
 
Power your businesswith risk informed decisions
Power your businesswith risk informed decisionsPower your businesswith risk informed decisions
Power your businesswith risk informed decisions
Alireza Ghahrood
 
Effectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
Effectively Manage and Continuously Monitor Tech and Cyber Risk and ComplianceEffectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
Effectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
Alireza Ghahrood
 
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
Alireza Ghahrood
 
Identity and Access Management Solutions for Financial Institutions
Identity and Access Management Solutions for Financial InstitutionsIdentity and Access Management Solutions for Financial Institutions
Identity and Access Management Solutions for Financial Institutions
Alireza Ghahrood
 

Mehr von Alireza Ghahrood (20)

Manipulating Social Media to Undermine Democracy 2017 Final
Manipulating Social Media to Undermine Democracy 2017 Final Manipulating Social Media to Undermine Democracy 2017 Final
Manipulating Social Media to Undermine Democracy 2017 Final
 
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
Countering Terrorism, Preventing Radicalization and Protecting Cultural Herit...
 
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
Fighting in the “Grey Zone”: Lessons from Russian Influence Operations in Ukr...
 
NATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
NATO - Robotrolling Report.NATO Strategic Communications Centre of ExcellenceNATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
NATO - Robotrolling Report.NATO Strategic Communications Centre of Excellence
 
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINEDIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
DIGITAL HYDRA: SECURITY IMPLICATIONS OF FALSE INFORMATION ONLINE
 
ANT Catalog
ANT CatalogANT Catalog
ANT Catalog
 
Optional Reading - Symantec Stuxnet Dossier
Optional Reading - Symantec Stuxnet DossierOptional Reading - Symantec Stuxnet Dossier
Optional Reading - Symantec Stuxnet Dossier
 
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
MIT Open Access Articles Why Employees (Still) Click on Phishing Links: An In...
 
http://www.neetuchoudhary.com/
http://www.neetuchoudhary.com/http://www.neetuchoudhary.com/
http://www.neetuchoudhary.com/
 
Power your businesswith risk informed decisions
Power your businesswith risk informed decisionsPower your businesswith risk informed decisions
Power your businesswith risk informed decisions
 
Effectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
Effectively Manage and Continuously Monitor Tech and Cyber Risk and ComplianceEffectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
Effectively Manage and Continuously Monitor Tech and Cyber Risk and Compliance
 
participatea in the identity management lifecycle
participatea in the identity management lifecycleparticipatea in the identity management lifecycle
participatea in the identity management lifecycle
 
implement access controls
implement access controlsimplement access controls
implement access controls
 
implement authentication mechanisms
implement authentication mechanismsimplement authentication mechanisms
implement authentication mechanisms
 
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
BancoEstado Accelerates Digital Transformation with Cloud-based MFA & Card Is...
 
Identity and Access Management Solutions for Financial Institutions
Identity and Access Management Solutions for Financial InstitutionsIdentity and Access Management Solutions for Financial Institutions
Identity and Access Management Solutions for Financial Institutions
 
Cscu module 12 information security and legal compliance
Cscu module 12 information security and legal complianceCscu module 12 information security and legal compliance
Cscu module 12 information security and legal compliance
 
Cscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theftCscu module 10 social engineering and identity theft
Cscu module 10 social engineering and identity theft
 
Cscu module 08 securing online transactions
Cscu module 08 securing online transactionsCscu module 08 securing online transactions
Cscu module 08 securing online transactions
 
Cscu module 07 securing network connections
Cscu module 07 securing network connectionsCscu module 07 securing network connections
Cscu module 07 securing network connections
 

Kürzlich hochgeladen

9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
nishacall1
 
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
DelhiMahipalpur
 
Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞
Ifra Zohaib
 
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book nowKolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
apshanarani255
 
Indore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort serviceIndore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort service
maheshsingh64440
 
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
diyaspanoida
 
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
riyadelhic riyadelhic
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Sheetaleventcompany
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
aakahthapa70
 
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
Sana Rajpoot
 
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book nowVaranasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
apshanarani255
 
Radhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts serviceRadhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts service
rahul222jai
 
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 60009891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
teencall080
 
Call Girls in B-18 Islamabad || 🔝 03274100048
Call Girls in B-18 Islamabad || 🔝 03274100048Call Girls in B-18 Islamabad || 🔝 03274100048
Call Girls in B-18 Islamabad || 🔝 03274100048
Ifra Zohaib
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Sana Rajpoot
 

Kürzlich hochgeladen (20)

RAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CALRAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
 
9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 18 (Delhi) Call Girl Service
 
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
Call Girls In Noida Free Ad 24/7 Hours Online Call 9310659962 Shot 2000 Night...
 
Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞
 
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book nowKolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
Kolkata 💋 Call Girl 9748763073 Call Girls in Kolkata Escort service book now
 
Indore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort serviceIndore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort service
 
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
 
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
 
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
 
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
Call Girls in Karachi || 03274100048 || 50+ Hot Sexy Girls Available 24/7
 
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book nowVaranasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
Varanasi Call Girl 78709*93772 Call Girls in Varanasi Escort service book now
 
Radhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts serviceRadhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts service
 
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 60009891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
 
Call Girls in B-18 Islamabad || 🔝 03274100048
Call Girls in B-18 Islamabad || 🔝 03274100048Call Girls in B-18 Islamabad || 🔝 03274100048
Call Girls in B-18 Islamabad || 🔝 03274100048
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
 
Rajkot Call Girls Contact Number +919358341802 Call Girls In Rajkot
Rajkot Call Girls Contact Number +919358341802 Call Girls In RajkotRajkot Call Girls Contact Number +919358341802 Call Girls In Rajkot
Rajkot Call Girls Contact Number +919358341802 Call Girls In Rajkot
 
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
 
Book_ A Project based approach CHAPTER 1 summary.pptx
Book_ A Project based approach CHAPTER 1 summary.pptxBook_ A Project based approach CHAPTER 1 summary.pptx
Book_ A Project based approach CHAPTER 1 summary.pptx
 

Cscu module 06 internet security

  • 1. 1 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Internet Security Simplifying Security. Module 6
  • 2. Alireza Ghahrood Security Solution Provider : Cyber Space |BigData |Cloud |Virtualization www.about.me/alirezaghahrood | Cell :+98 (912) 1964383 |
  • 3. OurView: Bolstering Internet Security Is Imperative On Monday, the Obama administration proposed a much‐needed international effort to bolster the security of the Internet. It’s needed because cyberspace has come to serve as both a communications miracle and, potentially, one of the greatest threats to our security in the 21st century. That description may seem like hyperbole as it pulls in two completely different directions. But there are justifications for both descriptions. The Internet is arguably the greatest technological breakthrough introduced to our society since the television. Perhaps that’s more hyperbole, unless you consider just how much of our world now is tied to online access and interconnectivity. The 2010 census noted that 68.7 percent of all U.S. households have Internet connections; a vast majority of businesses also use the Web for marketing or for inventory purposes, among other tools. Cyberspace has become a staple in our lives, even if you don’t have an Internet connection in your home or office. Our banking, our medical records, our credit and our businesses are all linked in some form to the Web. So, too, is much of our infrastructure, our communication and our national security. Odds are, there is something you want, rely on or need each day that is dependent on Internet connectivity for you to have it. That may not be a game‐changer in terms of how you live your life, but it’s definitely a sobering impact. 3 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . http://www.yankton.net May 18, 2011 1:15 AM CDT
  • 4. 4 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . MODULE OBJECTIVES Internet Security Internet Explorer Security Settings Mozilla Firefox Security Settings Google Chrome Security Settings Apple Safari Security Settings Instant Messaging (IMing) Searching on the Web Online Gaming and MMORPG Online Gaming Risks Security Practices Specific to Gaming Child Online Safety Role of Internet in Child Pornography Protecting Children from Online Threats How to Report a Crime? Internet Security Laws Internet Security Checklists
  • 5. MODULE FLOW 5 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
  • 6. Canada Ukraine Hungary 1.84% 1.97% 2.03% Top 10 Malware Hosting Countries http://www.findmysoft.com 6 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . INTERNET SECURITYInternet security involves protecting user data from unauthorized access and damage when connected to the Internet A proper browser configuration helps in preventing malware infection, protecting personal information, and preventing or limiting the damage from an cyber attack Online attack paths:  Emails  Instant messaging  Chat rooms  File sharing and downloads United States France 10% 39% Russia 8.72% Germany 5.87% China United Kingdom 2.68% 5.04% Poland 2.43%
  • 7. INTERNET EXPLORER SECURITY SETTINGS 7 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Launch Internet Explorer, click the Tools button, and select Internet options Select the Security tab, which displays websites classified into four zones: 1. Internet 2. Local Intranet 3. Trusted sites 4. Restricted sites
  • 8. Internet Explorer Security Settings: Internet Zone The Internet zone is for all the Internet websites except for those listed in the Trusted or Restricted zones Click Custom level to set the Internet zone security settings Disable or enable the required options Move the slider to change the security level Set the security level for the zone High to ensure higher security Maintaining the higher security level may degrade the performance of the browser Click OK to apply the settings 8 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 9. Internet Explorer Security Settings: ActiveX ControlsActiveX controls are small programs that work over the Internet through the browser They include customized applications that are required to gather data, view select files, and run animations when the user visits websites Malware is downloaded onto the user system through ActiveX controls when he/she visits malicious websites Disable the ActiveX controls and plug‐ins options in the Security Settings window Enable the Automatic prompting for ActiveX controls option so that the browser prompts when there is a requirement of ActiveX controls and plug‐ins to be enabled Click OK to apply the settings 9 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 10. 9 Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibite Internet Explorer Security Settings: Local Intranet Zone Local intranet zone covers the sites on intranet Steps to add websites to Local intranet zone:  Select Security  Local Intranet  Click Sites  Click the Advanced button  Enter the URL into Add this website to the zone column and click Add  Click OK to apply the settings cil d.
  • 11. Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited.All Right 10 Internet Explorer Security Settings:Trusted Sites Zone The Trusted sites zone contains those websites that the users believe will not damage their computers or data  Select Security  Trusted sites  Click the Sites button  Enter the URL into Add this website to the zone column and click Add  Click OK to apply the settings l s R
  • 12. 11 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Internet Explorer Security Settings: Restricted ZoneThe Restricted sites zone restricts the access to the websites that might cause damage to a computer To add restricted websites to Restricted sites zone:  Select the Security tab and choose Restricted sites  Click the Sites button  Enter the site URL into the Add this website to the zone column to restrict the access  Click Add and then click OK to apply the settings
  • 13. UNDERSTANDING COOKIES 13 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . A cookie is information that is provided by a web server to web browser and then sent back unchanged by the browser each time it accesses that server When the website is revisited, the browser sends the information back to it to help recognize the user This activity is invisible to the user and is generally intended to improve the web surfing experience (for example, at an online store)
  • 14. The user can limit the information that is stored in a cookie A cookie is only a text file and cannot search a drive for information or carry a virus To configure cookie settings:  Choose Internet options from the Tools menu on the browser  Select the Privacy tab and use the slider to set the level at low, medium, medium‐high, or high  Block all or accept all cookies depending upon the requirement  Check the Turn on Pop‐up Blocker option to block the pop‐ups that appear while visiting some websites INTERNET EXPLORER PRIVACY SETTINGS 14 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 15. Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibite 14 DELETING BROWSING HISTORY 1. Choose Internet options from the Tools menu on the browser 2. Go to the Browsing history section 3. Check the desired options in the Delete Browsing History dialog box 4. Click Delete to delete the browsing history cil d.
  • 16. Do Not Allow the Browser to Remember any Password Internet Explorer Autocomplete Password prompt Firefox Remember Password prompt 16 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 17. Setting Download options in Internet Explorer SECURING FILE DOWNLOADS 17 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . To configure the download settings for Internet Explorer, navigate to Tools  Internet options  go to Security tab Click the Custom Level button in the Security Settings window In the Downloads menu Enable the Automatic prompting to File downloads and File download options Click OK to save the settings
  • 18. MOZILLA FIREFOX: SECURITY SETTINGS 18 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Launch the Mozilla Firefox browser Click the Tools menu item and select Options
  • 19. MOZILLA FIREFOX: SECURITY SETTINGS 19 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Select Security from the Options window Check the option Warn me when sites try to install add‐ons so that the browser prompts before installing add‐ons to the browser Click the Exceptions button and enter the URL into Address of Website box and click Allow to specify which websites are allowed to install add‐ons Check the Block reported attack sites option to avoid visiting malicious websites Check the option Block reported web forgeries to actively check whether the site being visited is an attempt to steal personal information Uncheck the Remember passwords for sites option to prevent the browser from remembering the passwords for the login pages visited
  • 20. 19 Copyright © by EC-Counc All Rights Reserved. Reproduction is Strictly Prohibite MOZILLA FIREFOX: PRIVACY SETTINGS Select Privacy in the Options window The user can choose if Firefox remembers the browsing history Click clear your recent history Select the Time range to clear the history Check the options required to clear the history and click Clear Now il d.
  • 21. Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights 20 SECURING FILE DOWNLOADS Do not accept file downloads from unknown members on the Internet  These downloads may contain malware that will degrade computer performance File are downloaded by default to My Documents  Downloads  The user may configure the browser settings so that he/she is prompted to specify the location to save the file Re
  • 22. Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights 21 To configure the download settings for Mozilla Firefox, navigate to Tool  Options  General Check the option Always ask me where to save the file to allow the browser to ask before downloading a file and to specify the location to which it will be downloaded The browser directly downloads the file to the default location without any intimation if this option is unchecked Setting Download options in Mozilla Firefox SECURING FILE DOWNLOADS Re
  • 23. INSTALLING PLUGINS 23 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 1 2 3 4 The Install Missing Plugins message appears while opening some websites Plug‐ins are required to display files, graphics or play a video on a webpage Check if the source of missing plug‐ins is trustworthy or not Scan the downloaded plug‐in using an antivirus software before installing it
  • 24. Google Chrome Privacy and Security Settings Launch Google Chrome Click the icon, then select Options 24 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 25. GOOGLE CHROME: PRIVACY SETTINGS 25 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Click the Under the Hood tab in Google Chrome Options window Under Privacy, check the desired web services Check the Use DNS pre‐fetching to improve page load performance option DNS pre‐fetching stands for Domain Name System pre‐fetching  When the user visits a webpage, Google Chrome can look up or pre‐fetch the IP addresses of all links on the webpage Check the option Enable phishing and malware protection to prevent the browser from opening any malicious websites
  • 26. 25 Secure Sockets Layer (SSL) is an Internet protocol used by many websites to ensure safe data encryption and transmission The SSL setting in web browsers is turned on by default Some websites require older version of SSL 2.0; check the Use SSL 2.0 option in such conditions Check the check for server certificate revocation option to turn on real‐time verification for the validity of a website's certificate GOOGLE CHROME: SECURITY SETTINGS C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 27. Launch the Safari browser To change the settings, select the icon and then select Preferences APPLE SAFARI: SECURITY SETTINGS C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 26
  • 28. 27 Copyright © by EC-Coun All Rights Reserved. Reproduction is Strictly Prohibit APPLE SAFARI: SECURITY SETTINGS  Select the Security tab in the preferences window  The Web Content section permits the user to enable or disable various forms of scripting and active content  It is recommended to accept cookies only from the sites visited  Checking this option allows the browser to warn the user before opening any website that is not secure cil ed.
  • 29. Testing the Browser for Privacy Launch the Internet browser and navigate to http://privacy.net/ analyze/ to test the privacy Click Click here to take the browser test and analyze the privacy of your Internet connection 29 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 30. MODULE FLOW 30 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
  • 31. INSTANT MESSAGING (IMING) 31 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Instant Messaging (IMing) allows the user to interact with other people on the Internet using a software application
  • 32. INSTANT MESSAGING SECURITY ISSUES 32 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . IMWorm  A worm that harms the computer and locates all the contacts in the IM address book  The IMWorm tries to send itself to all the contacts in the user’s IM contact list Social Engineering  Social engineering depends on human interaction that involves tricking people through IM and getting their personal information Spam over IM( SPIM)  SPIM is spam delivered through IM instead of delivering it through email  IM systems such as Yahoo! Messenger, AIM, Windows Live Messenger, and chat rooms in social networking sites are popular targets for spammers
  • 33. INSTANT MESSAGING SECURITY MEASURES 33 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Do not reveal personal information on IMs Do not accept links received from unknown people on IM Sign out of the IM application after using it Block the users who send unsolicited web‐links Always use strong passwords Do not check the Remember password option
  • 34. Searching on theWeb Search engines display hundreds of results for a search query Not all the web page results obtained by the search engine are secure To add Add‐ons in the Mozilla Firefox browser, navigate to Tools Add‐ons  Get Add‐ons To filter the malicious search results, use an antivirus application as an add‐on to the browser and Enable it 34 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 35. MODULE FLOW 35 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
  • 36. It has also become the target for attackers for the large amounts of money involved Online gaming has become a popular pastime, especially due to high‐speed Internet and MMORPGs are popular worldwide and the revenues for these games are well over a billion dollars emerging technology In the world of MMORPGs, also known as online games, players can meet other players, become friends, engage in a battle, fight against evil, and play Massively Multiplayer Online Role‐ Playing Game (MMORPG) is a type of computer role‐playing games in which a large number of players interact with one another within a virtual game world 36 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . ONLINE GAMING AND MMORPG
  • 37. Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited. l s RAll Right 36 Interactions with potential fraudsters who may trick the gamer to reveal personal/financial information Computer intruders exploiting security vulnerabilities Online and real‐world predators Malware such as viruses, Trojan horses (Trojans), computer worms, and spyware ONLINE GAMING RISKS
  • 38. Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. 37 INSECURE OR COMPROMISED GAME SERVERS AND GAME CODING If the software at the game server is compromised, the computers that are connected to the server can also be compromised Any game with a network connection has a risk involved The attacker may even use the vulnerabilities to crash the gaming server The vulnerabilities in the game server can be used by the attackers to:  Steal game passwords  Steal information from the gamers’ computers  Control the gamers’ computers remotely  Launch attacks on other computers  Install programs such as Trojans, adware, spyware The game code is generally not as well analyzed as the other software coding This may result in introducing unknown vulnerabilities onto the computer
  • 39. Copyright © by EC-Counci eserved. Reproduction is Strictly Prohibited. l s RAll Right 38 Social Engineering Identity Theft Protection Schemes Cyber Prostitution Virtual Mugging SOCIAL RISKS The attackers may use the social interaction in the online game environment to attack the unprotected computers or to exploit security vulnerabilities
  • 40. Attackers may trick the gamers into installing malicious software on their computers by social engineering They offer a bonus or help in the game in exchange for other players’ passwords or other information in the game forums on a game server The gamers who are looking for ways to make the play easier respond to such offers Attackers send phishing emails supposedly from the game server administrators, which will invite the player to authenticate his/her account via a website linked in the message SOCIAL ENGINEERING 40 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Note: Game Masters (GMs) of a game will never ask a gamer for his/her username and/or password
  • 41. MESSAGE FROM A GAMER ABOUT A PASSWORD STOLEN BY A MALICIOUS PROGRAM 41 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . http://www.securelist.com
  • 42. Organized crime has emerged in South Korean gaming community The criminal organizations force the gamers into protection schemes, where the gamers have to pay money (virtual or real) to avoid killing of the gamers’ characters and theft of the passwords Online games are being used for cyber prostitution where the customers/gamers pay money for cybersex In The Sims online, a Massively Multiplayer Online (MMO) game, a 17‐ year‐old developed a cyber “brothel”, where the gamers paid Sim‐money (Simoleans) for cybersex per minute The gamers’ accounts were eventually cancelled Virtual mugging was coined when some players of Lineage II used bots to defeat other gamers and take their items; these items were later put on sale in online auctions Protection Schemes PROTECTION SCHEMES, CYBER PROSTITUTION, AND VIRTUAL MUGGING 42 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Cyber Prostitution Virtual Mugging
  • 43. 42 All Rights Reserved. Repro http://www.securelist.com Stolen items such as passwords or virtual items are put on sale on websites, such as eBay, or on forums These are sold to other gamers for real or virtual money The cyber criminal may ask the gamer for ransom in return for this information HOW THE MALICIOUS USERS MAKE MONEY Copyright © by EC-Council duction is Strictly Prohibited.
  • 44. Security Practices Specific to Gaming 44 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 45. 21 Some games require the game to be run in Administrator mode  If that is the case, ensure that the game has been downloaded from a trusted website/vendor Free downloads of games may contain malicious software, including plugins to run the game  This software may be used to gain administrator level control of the computer Instead of using the administrator account, the gamer is advised to browse the Internet or play the games using a User Account, which may deny the attacker access to administrator rights 3 Recognize Administrator Mode Risks 45 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 46. Copyright © by EC-Council served. Reproduction is Strictly Prohibited.All Rights Re 45 Some of the games played over the web require ActiveX or JavaScript to b enabled e Recognize Risks due to ActiveX and JavaScript
  • 47. Play the Game, Only at the Game Site Play the games at the game site and save the Internet browsing for later Once done with playing the game, switch to the user account to browse the Internet This reduces the risk of visiting a malicious website when playing a game 47 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 48. Play fire fr ing certain multiplayer games may require the wall settings to be changed to allow information om the game to get through to the gamers’ computers Every time the permissive settings are changed on the firewall, the risk of computer security concerns increases In the firewalls, the gamer can designate the fellow gamers’ IP addresses as trusted to avoid any interactions with the attacker Pay Attention to Firewall Management 48 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 49. MODULE FLOW 49 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . Browser Security Search Engine and IM Security Online Games Child Online Safety Internet Security Laws
  • 50. The risks involved when a child works online include: Misdirected searches Stealth sites and misleading URLs Online sexual harassment  Child pornography  Grooming  Cyberbullying RISKS INVOLVED ONLINE 50 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D .
  • 51. Parents may take all the precautions to protect the child online, but all that could be negated when the child is unconsciously led to visit harmful sites When a user searches for websites, the search engines display the results using the meta variables Search engines use terms known as “meta variables” to index a website Porn site promoters add popular search terms to their meta variable list, to redirect the web traffic towards their site Porn sites may use the words “sports”, “school”, “movies”, etc., to lure children to their websites Unless a filtering software is used, the search engines cannot distinguish between the search requests of an adult and a child MISDIRECTED SEARCHES 51 C O P Y R I G H T © B Y EC-COUNCIL A L L R I G H T S RESERVED. R E P R O D U C T IO N IS STRICTLY P R O H I B I T E D . 1 2 3 4 5 6 Example: a sports website may be indexed by the meta terms “soccer”, “football”, “scores”, etc.